Views: 1,610,085 | Main | Rules/FAQ | Memberlist | Active users | Last posts | Calendar | Stats | Online users | Search | 11-23-24 10:19 AM |
Guest: |
0 users reading Injecting other apps over Health & Safety? | 1 bot |
Main - Homebrew discussion - Injecting other apps over Health & Safety? | Hide post layouts | New reply |
Syphurith |
| ||
Member Normal user Level: 18 Posts: 31/59 EXP: 26096 Next: 3801 Since: 10-26-15 Last post: 3236 days ago Last view: 3186 days ago |
Posted by d0k3 Eh.. Yes if that is added to decrypt9 that could be super convinient. However i think release a easy-to-use PC edition with xorpad decryption/encryption may be a starter kit for guys. At least 3dstool did quite a bulk of dirty work.. Ha. Still, i don't know if you have finally succeeded in the injection to your N3DS.. So i think using this PC edition to be a alpha/beta, and the code could be taken to decrypt9. |
d0k3 |
| ||
Member Normal user Level: 20 Posts: 49/75 EXP: 38205 Next: 4234 Since: 06-04-15 Last post: 3252 days ago Last view: 3000 days ago |
Posted by Syphurith I'll try it this evening (my timezone, obviously) and will write about it afterwards. Moving everything to Decrypt9 would be too much, but... o I'll add one feature to extract & decrypt the H&S app from SysNAND o Generating the .app to inject would have to be handled on PC, obviously o And I'll add another feature to encrypt & inject the new app and also adapt the TMD in the process Not super convenient, but convenient enough, I think. Because of the decryption / encryption / xorpad generation, this can't be done without real hardware and Decrypt9 or similar anyways. If you have some ideas how to streamline it differently, that would be very good, too, as I don't want to force people to use Decrypt9. |
Syphurith |
| ||
Member Normal user Level: 18 Posts: 32/59 EXP: 26096 Next: 3801 Since: 10-26-15 Last post: 3236 days ago Last view: 3186 days ago |
Posted by d0k3 Thanks for your effort.. Really. Do you remember how they convert those 3DS/CXI to CIA? Just generate the xorpad, and put the files in correct location, and let tools handle the work. Also, you can get a file totally legal from CDN. Its decrypted CXI content can generate a good xorpad. What i expected is: 1.User reads the manual to know what .app and .tmd he should get from the decrypted NAND/Decrypt9/other. 2.User puts the files in folder, and use generation xorpad tool. Then he uses decrypt9 or other for the xorpads. 3.User puts the xorpads in xorpads folder, and start the execution. 4.User gets the valid product from tool. He then puts the files to good location of SD card, following manual. 5.User then uses the decrypt9/other to done the injection. Or for decrypt9 users: they just put the files in correct location, it would look for the overwritten app, and backup, generate, inject. All-In-One solution. But still, why i listed all those as above? 1.You can not expect such unsigned contents without signature patched to work. Yes i know those generated ones NCCH signature - FAIL. 2.If the main part is done offline, they may have a better choice. Most of them already know "NOT UPDATE" - yup - so the APP and TMD version would be kept for a long time. They may want to try another APP for it if they like. Once injected failed, they can re-generate another with ease. 3.We can not say the tools would always work. So once something wrong happens a PC version might be quite easy to debug. 4.Yes CIA, CXI can be decrypted in decrypt9 super easily. However there are still guys used to use the xorpads. 5.Once the PC is likely stable, you can get a better base for your decrypt9 feature, and offer decrypt9 users a better option. Like 'Premium'. You don't have to. I've already set up decrypt9 to boot via MSET. Let theirselves find this is better, they would spread the finding. |
Syphurith |
| ||
Member Normal user Level: 18 Posts: 33/59 EXP: 26096 Next: 3801 Since: 10-26-15 Last post: 3236 days ago Last view: 3186 days ago |
I've found a relationship to a common error.
As you know sometimes injected the generated app, the H&S shows no banner. This is actually caused by a wrong crypto mark. To be used there, you have to made the injection app Encrypted. However, in NCCH file, 0x01BF. The mark should be cleared to "Crypto:Secure(0)" or else it would show "Crypto:None". This is due to 3dstool implementation, it sometimes just throws this mark away. I know how you might think about it. Oh no. It wouldn't load a wrong crypto, nor a decrypted one. And, even it is without the romfs.bin it could still run - if the original injection app requires no romfs.bin. So dummy romfs.bin is not really that needed. Finally I've got some correct injection apps. The tool is here: |
d0k3 |
| ||
Member Normal user Level: 20 Posts: 50/75 EXP: 38205 Next: 4234 Since: 06-04-15 Last post: 3252 days ago Last view: 3000 days ago |
Posted by Syphurith Thanks a ton for pointing that out! But, at 0x1BF in the NCCH header, there is nothing ("reserved area", see here). Did you mean 0x18F? As for the NodeJS version... does that require any additional stuff installed? To be pretty blunt, I'm hoping @Shadowtrance makes that GUI once we have that thing running stable enough . |
Syphurith |
| ||
Member Normal user Level: 18 Posts: 34/59 EXP: 26096 Next: 3801 Since: 10-26-15 Last post: 3236 days ago Last view: 3186 days ago |
Posted by d0k3 Yes my mistake. It was 0x18F exactly. \cia\FBI.cia
I am now fixing it to let it auto rename those in ori so it would proceed as normal.
\ori\0004001000020300-2050.0000.00000002 # Extracted from decrypted 0004001000020300-2050.cia \ori\tmd \xor\0004001000020300.Main.exefs_norm.xorpad # Xorpads generated from \ori\0004001000020300-2050.0000.00000002 \xor\0004001000020300.Main.exheader.xorpad \xor\0004001000020300.Main.romfs.xorpad Now, I have its v5 edition, To run this package, you would need Nodejs executable. You can get one from nodejs.org/dist/latest/. ie. x64 windows, get https://nodejs.org/dist/latest/win-x64/node.exe Once you get it, place the executable along side with the extracted contents, with the do.js. And just do.bat. For Linux, open a console there and 'node do'. Note: surely you would have to place the original H&S to ori (doesn't matter whether that is encrypted or not or even extracted from CIA), inject CIA to cia, and H&S xorpads to xor. It doesn't matter if there are more xorpads than the target H&S in the xor folder. It would display what it actually called, and shows the result. Oh yes, most users love the GUI. Even RxTools is getting weird. |
Syphurith |
| ||
Member Normal user Level: 18 Posts: 35/59 EXP: 26096 Next: 3801 Since: 10-26-15 Last post: 3236 days ago Last view: 3186 days ago |
Oh man i'm feeling shame when i upload those again and again to fix some stupid bugs.
The old ones messed up the names with multiple contents. Newest here: Multiple contents would be generated in good names. I mean in their original IDs in the TMD. So you might want to have a try. It finally get to a stage. Whoa. ShadowTrance have injected FBI successfully into N3DS, which isn't supported by old rxTools and Riku packages. Hope ShadowTrance can make a good UI for all these steps. |
Shadowtrance |
| ||
Newcomer Normal user Level: 3 Posts: 1/1 EXP: 57 Next: 71 Since: 11-04-15 Last post: 3307 days ago Last view: 3293 days ago |
Yeah I'm slowly (attempting) to write a GUI version, most of the node script makes no sense to me at all though. haha So kinda stalled a bit at the moment.
Someone want to translate it to something i can actually make sense of? yeah i don't get js at all... Even the latest node script translated to batch would help to be honest. |
d0k3 |
| ||
Member Normal user Level: 20 Posts: 51/75 EXP: 38205 Next: 4234 Since: 06-04-15 Last post: 3252 days ago Last view: 3000 days ago |
@Syphurith, compared to my latest Windows .bat script - what is changed in your newest nodeJS script? Is it only the xorpad encryption, or is it more? |
Syphurith |
| ||
Member Normal user Level: 18 Posts: 36/59 EXP: 26096 Next: 3801 Since: 10-26-15 Last post: 3236 days ago Last view: 3186 days ago |
Posted by Shadowtrance Indeed you can just run it with something. Then BEFORE it finishes and let you close it, just take a look at all its output. Posted by d0k3 Not only the xorpad encryption. 1. It supports multiple contents. Yes, at least for N3DS users. 2. Maybe multiple platform supports. Should work with linux, when "node do" and proper tools prepared. 3. Auto fix the Crypto keys to Secure (0). 4. Removed dummy romfs generation (commented). Since i found it still works for me.. |
d0k3 |
| ||
Member Normal user Level: 20 Posts: 52/75 EXP: 38205 Next: 4234 Since: 06-04-15 Last post: 3252 days ago Last view: 3000 days ago |
I didn't think about the xorpad problem, either. You could make your script generate the ncchinfo.bin on it's own, it's actually pretty easy.
Btw, you already saw it anyways, but everyone keeping an eye on this thread: Posted by d0k3 on GBAtemp.org |
Syphurith |
| ||
Member Normal user Level: 18 Posts: 37/59 EXP: 26096 Next: 3801 Since: 10-26-15 Last post: 3236 days ago Last view: 3186 days ago |
Posted by d0k3 I've seen the post there. Let me show the update version: http://pan.baidu.com/s/1hqEsBWw |
Main - Homebrew discussion - Injecting other apps over Health & Safety? | Hide post layouts | New reply |
Page rendered in 0.045 seconds. (2048KB of memory used) MySQL - queries: 28, rows: 87/87, time: 0.006 seconds. Acmlmboard 2.064 (2018-07-20) © 2005-2008 Acmlm, Xkeeper, blackhole89 et al. |