Jump to content

Hacking the FE13 ROM...

shadowofchaos

By shadowofchaos
in Fan Projects

 Share

Recommended Posts

shadowofchaos Newbie

shadowofchaos

Posted
Posted (edited)

...man it's huge.

Both the US and the JPN version of the game.

...and I don't have the Gateway 3DS compatible to record with my Capture Card 3DSs simply because I've updated my consoles to download things from the eShop.

But even if I did, I wouldn't even know where to begin searching for data for skills, stats, and growth rates and such.

Any veterans willing to throw out some methods out there?

I want my Lunatic+ skills messing around when loading units.

Edit: I've just been told they're encrypted. So there's pretty much nothing *I* can do with it, at least.

Edited by shadowofchaos
Link to comment
Share on other sites
shadowofchaos Newbie

shadowofchaos

Posted
  • Author
Posted (edited)

wait, i thought the roms where encrypted?

Right. I forgot about the part where Gateway 3DS is a firmware exploit and tricks the 3DS hardware into launching it from the actual home menu instead of elsewhere like DS flash carts.

Edited by shadowofchaos
Link to comment
Share on other sites
Celice Newbie

Celice

Posted
Posted

wait, i thought the roms where encrypted?

The games themselves remain encrypted, yes. There is one fully-understood exploit allowing custom code to be ran on the system's RAM, which is enough to modify some of the hardware's software. Technically any further RAM modification is potentially possible via this method, as is intercepting data and loading custom stuff. Any permanent changes to the game file itself, however, is not possible as far as I've seen.

Link to comment
Share on other sites
cyron Newbie

cyron

Posted
Posted

The games themselves remain encrypted, yes. There is one fully-understood exploit allowing custom code to be ran on the system's RAM, which is enough to modify some of the hardware's software. Technically any further RAM modification is potentially possible via this method, as is intercepting data and loading custom stuff. Any permanent changes to the game file itself, however, is not possible as far as I've seen.

ok, so just to be clear we can change things but the changes have to be reloaded every time

Link to comment
Share on other sites
shadowofchaos Newbie

shadowofchaos

Posted
  • Author
Posted

The games themselves remain encrypted, yes. There is one fully-understood exploit allowing custom code to be ran on the system's RAM, which is enough to modify some of the hardware's software. Technically any further RAM modification is potentially possible via this method, as is intercepting data and loading custom stuff. Any permanent changes to the game file itself, however, is not possible as far as I've seen.

So, pretty much... so far...

The only thing that is rampant out on the internet in regards to 3DS... is piracy with that Gateway 3DS Flash Cart? I mean that thing only allows 1:1 copy loading.

Link to comment
Share on other sites
Celice Newbie

Celice

Posted
Posted

The Gateway just released their latest firmware update in beta earlier today. I don't know if it is included, but the Gateway team has explained that it will be possible to dump and backup any game you currently own--take that as piracy or buyer's insurance, especially with Nintendo's non-existent digital game policies. As well, the Gateway also offers region-free gaming, which is an incredibly nice perk (Dragon Quest Monsters remakes, Dragon Quest VII remake, that's more than enough to convince me).

It depends on how you qualify the internet. If you mean how a majority of its consumers are using the cart, then piracy. If you mean those who are actively seeking exploits or playing around with the hardware, like the dude who made the Portal DS homebrew, then they are doing far more. But we must expect such from a niche audience--not everyone will have the interest and the capability to do more than piracy with the Gateway.

ok, so just to be clear we can change things but the changes have to be reloaded every time

I think it's technically possible to have persistent RAM changes, and anything from the RAM that gets saved in a game's save file could also techincally be considered persistent (that part depends on if the game culls or otherwise affects saves in a specific manner; as an example, the latest Monster Hunter game on the 3DS already has a bunch of hacked items available for use).

Link to comment
Share on other sites
shadowofchaos Newbie

shadowofchaos

Posted
  • Author
Posted

I think it's technically possible to have persistent RAM changes, and anything from the RAM that gets saved in a game's save file could also techincally be considered persistent (that part depends on if the game culls or otherwise affects saves in a specific manner; as an example, the latest Monster Hunter game on the 3DS already has a bunch of hacked items available for use).

I'm just legitimately curious in regards to RAM modification. While I probably can't do it myself at this point just to screw around and kill time like I did with other FE games, I do enjoy reading about the process... or any information about things like that.

Care to share links or anything about that documented exploit?

Link to comment
Share on other sites
Celice Newbie

Celice

Posted
Posted (edited)

You can keep an eye on 3dbrew's wiki. Next to that, I just hear news across the scene, such as at sites like GBAtemp or some IRC rooms.

Contacting the Portal DS guy could also be done by checking out his website--he posted some custom content for the 3DS on his twitter at some point.

http://smealum.net/ASDS/

EDIT: smea posted a video a month back talking about having the system reference the SD card instead of the main system's storage. It's also, according to smea, a different process than what the Gateway team is working on.

Edited by Celice
Link to comment
Share on other sites
  • 4 weeks later...
Celice Newbie

Celice

Posted
Posted

I'm just legitimately curious in regards to RAM modification. While I probably can't do it myself at this point just to screw around and kill time like I did with other FE games, I do enjoy reading about the process... or any information about things like that.

Care to share links or anything about that documented exploit?

As an update, RAM dumping seems to be available to the general public now:

http://gbatemp.net/threads/merry-christmas-have-some-ram-dumping.359697/

A group of about 3 other people that I have been working with(who would like to remain anonymous for the time being) have been working on getting a working ROP Loader and RAM dumping since approximately the 18th. We've been rushing a little bit to get a BETA release ready for today. This is a messy release and isn't complete yet.

With all that being said, download the 3DS Toolkit v0.0.0.1 from here : http://www.fiercewaffle.com/softwareArticle.php?id=10

Currently the toolkit only supports RAM dumping, but we are working on more features.

Enjoy! (and don't complain)

Hopefully this might be of interest to you and others.

Link to comment
Share on other sites
shadowofchaos Newbie

shadowofchaos

Posted
  • Author
Posted

Unfortunately, all my 3DSs are updated to the latest firmware for Miiverse.

Oh well.

Besides, it's just dumping for now. I'm not really high on the tier list to be able to do anything with the information without being able to modify the memory instead of just copying from it.

Link to comment
Share on other sites
Crimson Red Newbie

Crimson Red

Posted
Posted

doubt thats possible

how big are the RAM dumps? are they encrypted or anything (I wouldn't expect them to be but idk how hacking has progressed since, I've only been lurking the 3DS scene)? and admittedly yeah without being able to actually modify RAM it'll be pretty hard to verify anything (can't even do a basic corruption test to try and break things just to identify what's what based on what breaks).

Link to comment
Share on other sites
  • 7 months later...
shadowofchaos Newbie

shadowofchaos

Posted
  • Author
Posted (edited)

Bumping the thread...

It looks like the ROM isn't going to be hacked yet... but it appears, as of recently (a few days), the 3DS homebrew channel is close to being released by smealum.

https://twitter.com/smealum

And it works for the recent firmware!

Here's to hoping for some RAM hacking for FE13 data!

tumblr_nalvibPtE71qzp9weo1_500.jpg

French coder Smealum is preparing to release a 3DS Homebrew Channel hack for 3DSes soon! Here’s why this project is awesome:

  • It works on the latest 3DS firmware, unlike previous hacks that require outdated versions from a year and a half ago
  • This will not load commercial or pirated 3DS ROMs, only homebrew applications and games (though it will be able to run emulators like this SNES one for 3DS)
  • It will support North American, European, and Japanese systems
  • While Smealum hasn’t implemented region unlocking yet, he says "playing games from other region should almost definitely be possible" — I expect this will be with imported cartridges, not ROMs
Smealum has previously said that 3DS owners will not need to use a flashcard to get the exploit to work. Much thanks to @gemesisDev for the photo above and to Octopus for the extra info.
Edited by shadowofchaos
Link to comment
Share on other sites
Celice Newbie

Celice

Posted
Posted

Yeah, smealum's been working quite hard to get this exploit fully working, and as he suspected, Nintendo didn't catch the exploit he used. He has confirmed the exploit works on 4.0 and higher, but it probably works on any firmware.

While he did not directly support any backup loading via this exploit, and has cautioned that this won't be possible, he did not outright rule that piracy and backup loading would not be possible using his exploit. His nearest comments were simply that he would not release the exploit until he felt it was secure.

We'll see what others find when they mine through smealum's work.

Link to comment
Share on other sites
VincentASM Newbie

VincentASM

Posted
Posted

Team Fail and another person have publicly demonstrated how to decrypt 3DS ROMs using the leaked SDK for the 3DS. Progress is being made, for those outside the know.

I think I saw the same thing; were they dumping stuff from Super Mario 3D Land?

Looks very exciting : )

Link to comment
Share on other sites
Celice Newbie

Celice

Posted
Posted

I think I saw the same thing; were they dumping stuff from Super Mario 3D Land?

Looks very exciting : )

Team Fail was messing around with Super Mario 3D Land's RAM for a bit, and also Mario Kart 8 with the recent RAM exploit on the WiiU. He recently (today) released a program that will look at any 3DS ROM and gather the necessary key for decrypting it.

smealum's exploit requires a specific game to into the system. All he has said is that it is an easily available game that is also cheap, and that it is also available on the eshop, though the latter will likely be removed until the exploit is fixed.

Are there any early 3DS titles that have DLC or other files saved on a SD card potentially? If not, then I figure it's gonna be related to naming something in a game in an unsupported way, which would be the entry point for smealum's work to wiggle in.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...