4dsdev
Views: 613,562 Main | Rules/FAQ | Memberlist | Active users | Last posts | Calendar | Stats | Online users | Search 11-20-17 06:47 AM
Guest:

Main - Posts by 54634564


54634564
Posted on 11-14-15 06:25 PM, in DSi banner.sav? (rev. 11 of 11-16-15 11:33 PM) Link | #719
[image][image][image][image]

In the Brain Age express games, these are called 'SubBanner'. Here's the layout of the SubBanner folder in one of the game's ROM filesystem:
SubBanner
| icon_sub_bnr.zbi
| nou.zbi
|
+---Character
| Number.zcg
|
\---ColorPalette
Banner.zcl
icon_sub_bnr.zbi and nou.zbi are icons(compressed). The other two files are a graphic containing numbers and its palette(also compressed). I guess the game builds the icon that gets used for banner.sav out of that icon and the number graphic.

The format for the icons is slightly different from the icons built into the ROMs.
There's the version at 0x00, some 2 byte value at 0x08, room for 8 image frames at 0x20, room for 8 palettes at 0x1020, then animation frame info at 0x1120.

I'm going to check these games out on my 3DS and see if I can get them to make a banner. If they do, I'll extract one for you. Although, I'd imagine it'd be the exact same format as the icons above, just with modified frames.


---------------
EDIT: Ok, extracted a banner.sav for the Brain Age Express Sudoku game.

Its location in the NAND was 'title\00030004\4b4e3945\data\banner.sav'

Here's a GIF of its animation:[image]
Compare that to the raw icon from the ROM's FS at the top of my post. It has just had a '2' overlaid on some frames.

And here's the banner.sav: https://www.mediafire.com/?1meim3c09avxc7f
Format is as I predicted, exactly the same as what I described earlier. Looks like the file is larger, but I think everything from 0x11A0 onwards is just 'decrypted' junk(as in, it was probably 0xFFs on the NAND. Didn't bother checking).

Hope it's OK to share this here.

54634564
Posted on 11-16-15 08:21 PM, in DSi banner.sav? (rev. 3 of 11-16-15 08:25 PM) Link | #736
On my 3DS at least, once the banner.sav exists it replaces the game's own icon anywhere you can see it. Like on the home menu and the DSi data management screen.

54634564
Posted on 11-23-15 04:47 PM, in Decrypting the NAND title.db / import.db (rev. 3 of 11-23-15 05:01 PM) Link | #764
Posted by profi200
It's not in the rules but no one will answer if it get's used for purposes we don't like.

You are welcome to ask other things.

Wow, when did you become admin here profi? Congrats on the promotion!

That's it, d0k3. Might as well just delete your posts, can't discuss this. So saith lord profi200.


On a serious note...I don't think people have looked into these files too extensively. That's the reason you probably won't be getting any answers, not any "moral" stuff.
Hell, yellows8 thought there was extra crypto on the tickets in tickets.db up until late last year(there isn't):
http://3dbrew.org/w/index.php?title=Title_Database&action=historysubmit&diff=9857&oldid=8384

54634564
Posted on 11-23-15 11:09 PM, in Decrypting the NAND title.db / import.db (rev. 6 of 11-23-15 11:19 PM) Link | #767
d0k3, I just saw your GBAtemp post:
"...The seemingly corrupted parts also happen to be nicely aligned to certain 'round' (ie with zeros at the end) offsets..."

Check those spots in the files on the encrypted NAND, they're probably blocks of 0xFF(never been written to). When you decrypt the NAND, you 'decrypt' these blocks of 0xFF and they end up looking like garbage/encrypted data.


To show an example, see this image: http://i.imgur.com/RdklqTF.png
Top is from decrypted NAND, bottom encrypted.
0xB0E00 is at 0x4E00 into my ticket.db.

54634564
Posted on 12-07-15 01:20 PM, in What is this file's format? Link | #822
Posted by Mikle0x
Yeah sorry, someone who wants to stay anon., got this file I-don't-know-where, and had no clue about it either.


They have to know where they got the file from. I seriously doubt it just poofed into existence on their hard drive.

54634564
Posted on 12-14-15 12:06 PM, in Get BOOTROM/Key Scrambler? Link | #830
Posted by StapleButter
...
Dumping the boot ROM is probably impossible without a hardware attack. It permanently disables itself on the way out. Maybe a carefully timed glitch could cause the lockdown instruction to be skipped. This would require measuring how long the boot ROM takes to do its thing, ensuring the timing is reliable (it could be different every time), assuming the lockdown instruction is the last one to be executed...


According to the first entry here:
http://3dbrew.org/wiki/3DS_System_Flaws#Hardware

It should be slightly easier than trying to glitch out one specific instruction. Looks like you have a small window of time right after the bootrom starts running to cause a hardware glitch and gain code execution.

Wonder if anyone has done it yet and just not publicly announced it.

54634564
Posted on 06-21-16 05:43 PM, in DSi Font File Format Link | #1047
Definitely has Japanese. Highlighted here are the katakana and hiragana syllabaries used in Japanese:
[image]

Shortly after that highlighted bit, you have the large block of kanji. Most kanji are shared with other Asian languages, but I'm not seeing stuff like the Hangul used in Korean. Chinese and Korean units probably have their own font.


Main - Posts by 54634564

Page rendered in 0.046 seconds. (2048KB of memory used)
MySQL - queries: 22, rows: 74/74, time: 0.031 seconds.
[powered by Acmlm] Acmlmboard 2.064 (2015-10-07)
© 2005-2008 Acmlm, Xkeeper, blackhole89 et al.