VincentASM

FE: Awakening Hacking Topic

Recommended Posts

I can repack it... but it freezes on load. Must be the exheader or the .rsf file? How did the one guy who renamed everything repack it? I try exinjector to reinsert the header, but if that's the case, the rom won't even display on Gateway's loader.

Share this post


Link to post
Share on other sites

http://www.maxconsole.com/maxcon_forums/threads/285574-3DS-To-CIA-Converter-v4-0

So...

I played around with the bat and found this nifty little hidden option:

Feature.png

I followed the commented out code and... well...

...It repacked it. Decrypted it and everything. I just replaced the files with the ones by SciresM's modified RomFS Extractor with the proper names.

And generated its own RSF file.

Like... why is this fully working and commented out?

Gonna test out the ROM now.

Edited by shadowofchaos

Share this post


Link to post
Share on other sites

Maybe it's experimental or broken?

Well, anything's worth a try at this stage : P

Otherwise, I could try mass PMing anybody who compiled a CIA in the previous topic.

Share this post


Link to post
Share on other sites

Hey!

I don't mean to interrupt your works or anything, nor do I know if this is the correct place to ask, but what does this particularly mean? What are you trying to achieve here? (I keep rereading this and it sounds jerk. Not meaning to be jerky or anything, I'm just confused as to what the endgame here is, since I don't know of any 3DS emulator yet :c)

Share this post


Link to post
Share on other sites

Hey!

I don't mean to interrupt your works or anything, nor do I know if this is the correct place to ask, but what does this particularly mean? What are you trying to achieve here? (I keep rereading this and it sounds jerk. Not meaning to be jerky or anything, I'm just confused as to what the endgame here is, since I don't know of any 3DS emulator yet :c)

Citra 3DS is maturing quickly. Realtime emulation is currently possible on a couple games thanks to the opengl renderer/hardware solution.

Share this post


Link to post
Share on other sites

I'm still looking at a way to repack the ROM or into a CIA...

But a random question...

When you ripped the voice clips, Vincent, could you repack those?

I might want to replace the Japanese Atashi 1 with the Atashi 2.

...simply because Belinda's MU uses Voice 1 in English (mapped to Atashi 1), but on my JP copy, she uses Atashi 2.

Edited by shadowofchaos

Share this post


Link to post
Share on other sites

I just used a dumper; I don't think I saw an option to repack.

That said, bcsar files are just uncompressed archives, so it should be easy to edit them in theory. Maybe there are even tools to repack them that I don't know of.

I think the biggest problem may be trying to identify which voice is which and trying to edit the dozens of voice clips o__o

You should just remake Belinda XD

Edited by VincentASM

Share this post


Link to post
Share on other sites

I'm not sure. I was just following the instructions of the first post. If a separate tool is needed to decrypt the file first, can you link to that?

It's been a while since I decrypted my ROM, so I'm not sure if the process has been simplified now.

This was the tutorial I followed last time, I believe. I also have the xorpad for the American ROM already, but I'd need somewhere good to upload a GB file (not on SF).

Luckily, xorpads are now obsolete, thanks to rxTools. It let's you decrypt things straight off the 3ds's SD card through the browser exploit, and it works on anything between firmwares 2.0 and 9.2.

Also, just to note, I think xorpads are in the same boat as roms copyright- and sharing-wise, at least according to GBAtemp.

Share this post


Link to post
Share on other sites

Nice. Sadly my 3DS is on 9.6 or something right now, so I can't make use of it. Maybe if I got a preowned or cheap 3DS somehow...

Kind of unrelated... I want to look into data-mining Codename S.T.E.A.M., just in case it supports future FE Amiibos or something, but dunno if it's worth the time.

Share this post


Link to post
Share on other sites

Luckily, xorpads are now obsolete, thanks to rxTools. It let's you decrypt things straight off the 3ds's SD card through the browser exploit, and it works on anything between firmwares 2.0 and 9.2.

Also, just to note, I think xorpads are in the same boat as roms copyright- and sharing-wise, at least according to GBAtemp.

My problem isn't decrypting.

My problem is repacking.

Share this post


Link to post
Share on other sites

I lost a weekend to trying to repack my ROM backup of FE:A with Vincent's modified Static. My problem seems to be based around the RSF/exheader. I've done the various guides on building an RSF, both by hand and using rsfgen.exe and rsfgen.py. No dice. I even tired running a few different Make CIA packages and grabbing the RSF they use during the process. The only thing I learned is that those RSF files look very different than the hand made ones but fail just as consistently when I toss them through makerom. Sorry for lacking specifics, I'm at work right now. If I can get this thing repacked I can test on GW, but seriously I am hitting a wall.

Does anyone have a solid RSF for Awakening? Even one that was used to make a CIA version should work.

Thanks!

Share this post


Link to post
Share on other sites

Has anyone tried using Citra to boot FE13 yet? It's still far from playable, but it's getting a surprising number of games to boot and even run past titlescreens.

Share this post


Link to post
Share on other sites

I can run roms on my 3ds but I wanted to know, isit possible to run modified ones? I know gateway has put some restrictions on what you can run. I'm sure cia can work though. I will volunteer if you manage to repack the roms.

Share this post


Link to post
Share on other sites

There are UNDUBs out there already. Like Persona Q.

It's just horrendously impractical what I can take to just repack a ROM.

Like I'm not even modifying or inserting Vincent's file yet.

I'm just trying to get it to an executable CIA.

...might just have to stick to the RAM hacking browser option there.

Share this post


Link to post
Share on other sites

I can run roms on my 3ds but I wanted to know, isit possible to run modified ones? I know gateway has put some restrictions on what you can run. I'm sure cia can work though. I will volunteer if you manage to repack the roms.

Yes. There's a Russian translation of Link Between Worlds, for example.

https://www.youtube.com/watch?v=imixbHhHmCg

Edited by Celice

Share this post


Link to post
Share on other sites

Kazowar has released a "digital AR" app for 3ds. http://gbatemp.net/threads/spider-arcode.383937/

includes ram dumper and explanation on how to use.

I look forward to new finds.

(hopefully inventory editor?)

Got this to work dumping. Time to start searching for values

Edit:

tumblr_nlvsci2coz1rmzb08o1_1280.png

tumblr_inline_nlvs965eiD1rb9mmp_500.png

https://www.youtube.com/watch?v=IUAh4d9luYU

Awwwww yeeeah!

I have concluded that the character slots are 0x110 in length.

I have found that the Character table changes offsets depending on if you have spotpass/DLC.

Without Spotpass or DLC on SD Card:

Slot 1 HP: 14C5327

With DLC and Spotpass:

Slot 1 HP: 160ADCF

Edited by shadowofchaos

Share this post


Link to post
Share on other sites

Got this to work dumping. Time to start searching for values

*snip*

So from what I see just looking at it, it also uses the Internet Browser. The FE13 you loaded, was it by an actual cart? Or was it a digital version. Does it work with a physical cart?

I'm always repeating myself, but I really wonder how hair color is saved for a MU (or even Spotpass characters).

Edited by Jacien

Share this post


Link to post
Share on other sites

So from what I see just looking at it, it also uses the Internet Browser. The FE13 you loaded, was it by an actual cart? Or was it a digital version. Does it work with a physical cart?

It works for retail carts, digital copies, and pirate carts like Gateway.

Share this post


Link to post
Share on other sites

Nice. Even better, I can use it too XD

Hmm, I think I see the skill bytes: 13 00 5B 00 20 64 00 4C 00.

[spoiler=Skill digits]105
0x00 None
0x01 HP +5
0x02 Strength +2
0x03 Magic +2
0x04 Skill +2
0x05 Speed +2
0x06 Defence +2
0x07 Resistance +2
0x08 Hit rate +10
0x09 Hit rate +20
0x0A Avoid +10
0X0B Movement +1
0X0C Locktouch
0X0D Veteran
0X0E Aptitude
0X0F Discipline
0x10 Armsthrift
0x11 Dual Support+
0x12 Dual Strike+
0x13 Dual Guard+
0x14 Rightful King
0x15 Odd Rhythm
0x16 Even Rhythm
0x17 Quick Start
0x18 Slow Start
0x19 Lucky 7
0x1A Zeal
0X1B Outdoor Fighter
0X1C Indoor Fighter
0X1D Tantivy
0X1E Focus
0X1F Gamble
0x20 Wrath
0x21 Prescience
0x22 Patience
0x23 Underdog
0x24 Charm
0x25 Solidarity
0x26 Demoiselle
0x27 Hex
0x28 Anathema
0x29 Healtouch
0x2A Relief
0X2B Renewal
0X2C Deliverer
0X2D Defender
0X2E Acrobat
0X2F Pass
0x30 Swordfaire
0x31 Lancefaire
0x32 Axefaire
0x33 Bowfaire
0x34 Tomefaire
0x35 Dance
0x36 Special Dance
0x37 Rally Strength
0x38 Rally Magic
0x39 Rally Skill
0x3A Rally Speed
0X3B Rally Luck
0X3C Rally Defence
0X3D Rally Resistance
0X3E Rally Movement
0X3F Rally Spectrum
0x40 Swordbreaker
0x41 Lancebreaker
0x42 Axebreaker
0x43 Bowbreaker
0x44 Tomebreaker
0x45 Wyrmsbane
0x46 Beastbane
0x47 Lethality
0x48 Aether
0x49 Astra
0x4A Sol
0x4B Luna
0x4C Ignis
0x4D Vengeance
0x4E Vantage
0X4F Pavise
0X50 Aegis
0X51 Counter
0X52 Miracle
0X53 Despoil
0X54 Galeforce
0x55 Lifetaker
0x56 Conquest
0x57 Shadowgift
0x58 Dragonskin
0x59 Hawkeye
0x5A Luck +4
0X5B Luna+
0x5C Vantage+
0x5D Pavise+
0x5E Aegis+
0X5F Rightful God
0x60 All Stats +2
0x61 Paragon
0x62 Iote Shield
0x63 Limit Breaker
0x64 Resistance +10
0x65 Aggressor
0x66 Rally Heart
0x67 Bond
0x68 Outrealm

5B in my list looks wrong though, but my list is just a guess based on the icon order.

Edited by VincentASM

Share this post


Link to post
Share on other sites

I added skills 5B to 5F in that order. The Outrealm Skill is Limit Breaker, I believe.

[spoiler=Nice skills...]skill-hack1.png

EDIT:

Oh, I see the inventory now. It's just before the skills and includes the number of uses afterwards. Eg. Orsin's Hatchet is 50 00 08 00, where 50 is the item and 08 is the uses.

EDIT2:

Incomplete item list because I wasn't carrying much : P

0x00
0x01
0x02
0x03
0x04
0x05
0x06
0x07
0x08
0x09
0x0A
0X0B
0X0C
0X0D
0X0E
0X0F
0x10
0x11
0x12
0x13
0x14
0x15
0x16
0x17 Ragnell (player)
0x18
0x19
0x1A Soothing Sword
0X1B Glass Sword
0X1C Superior Edge
0X1D
0X1E
0X1F
0x20
0x21
0x22
0x23
0x24
0x25
0x26
0x27
0x28
0x29
0x2A Spear
0X2B
0X2C
0X2D
0X2E
0X2F Gradivus
0x30
0x31
0x32
0x33
0x34 Shockstick
0x35 Glass Lance
0x36 Superior Lance
0x37
0x38
0x39
0x3A
0X3B
0X3C
0X3D
0X3E
0X3F
0x40
0x41 Tomahawk
0x42
0x43
0x44
0x45
0x46
0x47
0x48 Helswath
0x49
0x4A
0x4B
0x4C
0x4D
0x4E Superior Axe
0X4F
0X50 Orsin's Hatchet
0X51
0X52
0X53
0X54
0x55
0x56
0x57
0x58
0x59 Longbow
0x5A
0X5B
0x5C
0x5D
0x5E
0x5F
0x60
0x61
0x62 Glass Bow
0x63 Superior Bow
0x64
0x65
0x66
0x67
0x68
0x69
0x6A
0x6B
0x6C
0x6D
0x6E
0x6F
0x70
0x71
0x72
0x73
0x74
0x75
0x76 Book of Naga
0x77
0x78
0x79
0x7A
0x7B
0x7C
0x7D Mire
0x7E
0x7F
0x80 Superior Jolt
0x81
0x82
0x83
0x84 Aversa's Night
0x85
0x86
0x87
0x88
0x89
0x8A
0x8B Rescue
0x8C
0x8D
0x8E
0x8F
0x90 Catharsis
0x91
0x92 Dragonstone+
0x93
0x94
0x95
0x96
0x97
0x98
0x99
0x9A Elixir
0x9B
0x9C
0x9D
0x9E
0x9F
0xA0
0xA1
0xA2
0xA3
0xA4
0xA5
0xA6
0xA7 Seraph Robe
0xA8 Energy Drop
0xA9 Spirit Dist
0xAA Secret Book
0xAB Speedwing
0xAC Goddess Icon
0xAD Dracoshield
0xAE Talisman
0xAF
0xB0
0xB1 Arms Scroll
0xB2 Master Seal
0xB3 Second Seal
0xB4
0xB5
0xB6
0xB7
0xB8
0xB9
0xBA Tiki's Tear
0xBB Seed of Trust
0xBC
0xBD Rift Door
0xBE Supreme Emblem

Edited by VincentASM

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.