At present, the fastest progress abroad is to read the header database of 3DS games, but there are still bugs. In addition, it is difficult to crack the encryption key on the SD side of the demo version.
At present, the known situation is as follows
1. Nintendo has made multiple encryption in the game ROM, and the header data is different from the game main data and other encryption keys (if any).
2. Basic encryption format (seemingly? ) is SHA-2+RSA, and the keys that have been found are all 256 bits.
3. There is an independent anti-dump in the cassette (seemingly? ) chip, this chip also has the unique identification signature of N3DS, maybe there will be the unique identity signature of this game.
4. The files in the SD card are each encrypted with a different key. For example, the demo version consists of. cmd,. app and. tmd. At present, only some. tmd keys have been found in foreign cracking circles.
I referred to an article by Bus
The author is JinWoo Choi (please reprint it, but please indicate the author)
What his article said is roughly like this. In the Nintendo mainframe era before N3DS, the system anti-piracy verification program didn't work after the game was running, but in the N3DS era, the anti-piracy verification program could interfere with the game running and check some signatures. If it was illegal, the game process would be shut down at any time. In this action, the relationship between the game and the system is just like the relationship between Windows and Office. Windows doesn't quit when Office is running, and Windows can check the legality of the program online (N3DS doesn't need to be networked). Therefore, the current Office21 cracking can only be verified by the built-in server, and it can't be exhausted by the encryption verification mechanism of Windows.
the problem of p>N3DS is similar to this place. That is, we can't follow the built-in encryption and verification mechanism of N3DS, either find the verification key or bypass the encryption of N3DS by any means. Finding the verification key should be the mode of the old burn-in card, which I personally think is absolutely not feasible. Because each cassette has a unique encryption chip inside, this part can't be verified by N3DS encryption.
to bypass encryption, the mainstream opinion at present is to soften the brush. It is estimated that players in the 199s don't know what a soft brush is. = = Soft brush is mainly used in NDS and NDSL hosts, because they can insert both NDS and GBA cards at the same time. Soft brush is to brush into a self-made system, then convert the NDS game ROM into a format that the system can run, and then insert it into the GBA card to run. I don't know the specific principle (after all, I'm a post-9s generation). Theoretically, it should be feasible to use this method on N3DS.
Unfortunately, there is a problem, that is, there is no second rewriting method for the N3DS system except the system's own update.
some people may ask, how about using the SD card? I have done experiments on this problem (although I was severely sprayed in GBATemp), and there is also a problem. No matter what changes are made to the files on the SD card, the corresponding icon and title text of Home Menu will not disappear. That is to say, these are stored in the system, and they must be changed by brushing the system. There are also some sayings about hiding data, which I don't quite understand. Can someone explain it to me?
So, as you can see, there is a problem here. To pass the anti-piracy mechanism of N3DS, it is necessary to brush the computer, but there are no effective measures to brush the computer at present. The mainframe of DS system is always difficult to brush, and N3DS is even more difficult.
Some people say that I don't have a Wii by using the Wii soft-brush method, but judging from the measures given on the network, it seems that Wii can take all the programs of. wad, and after upgrading the 3.4 shielding, it can still run. wad with Zelda's vulnerability, and Wii actually supports changing files at will, which is much more operable than N3DS.
the current paradox of N3DS is this: if you want to play piracy, you must brush your computer first, but n3ds will not allow programs that have not passed the verification of its system to run, that is, you can't run them if you plug them in later, that is, you can't brush your computer.
Of course, there is no solution. One of them is to build a server that can download programs. This requires us to understand the file structure of SD. I don't know the technology of virtual server, but it should be no problem to use ordinary computers. But this measure can't bring any services that need to be paid, and no one will want to do it.
I think N3DS will be cracked in the end, maybe not by any historical way. Why can't we figure it out now? Because in history, I have never encountered a handheld device that is so dead. If we must take the road of profit, the final cracking method must be unprecedented in history.
just say a few words at last.
1.N3DS can't BAN computers. Please see the top post of GBATemp for details.
2. At present, there are GBATemp and 3dbrew (Google by Yourself) as the main foreign websites to discuss N3DS cracking. GBATemp is a group of technical gods, so it is recommended that those who have no qualifications should not go. The latter website is currently the fastest developing website for N3DS cracking in foreign countries, and it is a Wiki. If you have nothing to do, you may find some inspiration.