Kodewerx

Our culture has advanced beyond all that you could possibly comprehend with one hundred percent of your brain.
It is currently Sat Jan 25, 2020 8:13 pm

All times are UTC - 8 hours [ DST ]




Post new topic Reply to topic  [ 69 posts ]  Go to page 1, 2, 3  Next
Author Message
PostPosted: Fri Oct 27, 2006 8:06 pm 
I've been talking to CMX on IRC lately, and he's been telling me bunches about the CBDS :).

Code:
Some code types are 5-bits each, so some bitwise arithmetic will be required to "build" certain codes. (Like 32-bit increment codes, for example.)

---------------------------------------
Auto Game Recognizer With Encryption (Code Type 0x0000)
---------------------------------------
0000YYYY XXXXXXXX
   YYYY = Game's Header CRC16
        XXXXXXXX = Game's Nintendo ID

---------------------------------------
Auto Game Recognizer Without Encryption (Code Type 0x8000)
---------------------------------------
8000YYYY XXXXXXXX
   YYYY = Game's Header CRC16
        XXXXXXXX = Game's Nintendo ID

-------------------------------------
8-Bit Constant Write (Code Type 0x00)
-------------------------------------
0XXXXXXX 000000YY
00 = Code Type Or Byte
 XXXXXXX = Address
              YY = 8-bit Value

--------------------------------------
16-Bit Constant Write (Code Type 0x10)
--------------------------------------
1XXXXXXX 0000YYYY
10 = Code Type Or Byte
 XXXXXXX = Address
            YYYY = 16-bit Value

--------------------------------------
32-Bit Constant Write (Code Type 0x20)
--------------------------------------
2XXXXXXX YYYYYYYY
20 = Code Type Or Byte
 XXXXXXX = Address
        YYYYYYYY = 32-bit Value

---------------------------------------------
8/16-Bit Increment/Decrement (Code Type 0x30)
---------------------------------------------
3XXXXXXX 000UYYYY
30 = Code Type Or Byte
 XXXXXXX = Address
           U = Bit-type Write, 0 for 8-Bit & 1 for 16-Bit
            YYYY = 8/16-bit Value to increment by
NOTE: YYYY is signed so it can do increment and decrement

-------------------------------------------
32-Bit Increment/Decrement (Code Type 0x38)
-------------------------------------------
3XXXXXXX YYYYYYYY
38 = Code Type Or Byte
 XXXXXXX = Address
        YYYYYYYY = 32-bit Value to increment by
NOTE: YYYYYYYY is signed so it can do increment and decrement

---------------------------------------------
Serial Repeat Constant Write (Code Type 0x40)
---------------------------------------------
4XXXXXXX TWWWZZZZ
YYYYYYYY VVVVVVVV
40 = Code Type Or Byte
 XXXXXXX = Address
        T = Bit-type Write, 0 for 32-Bit, 1 for 16-Bit & 2 for 8-Bit
         WWW = Number of times to repeat
            ZZZZ = Increase Address by (Multiply by data size (1 << (2 - T)))
YYYYYYYY = Start Value
        VVVVVVVV = Increase Value by
 Example: This code:
 42010000 00050001 <-- 0001 * 4 = 0004 to Increase Address by
 63636363 00000000
 Is the same as:
 22010000 63636363
 22010004 63636363
 22010008 63636363
 2201000C 63636363
 22010010 63636363

---------------------------
Copy Bytes (Code Type 0x50)
---------------------------
5XXXXXXX YYYYYYYY
ZZZZZZZZ 00000000
50 = Code Type Or Byte
 XXXXXXX = Address to copy to
        YYYYYYYY = Number of bytes to copy
ZZZZZZZZ = Address to copy from

-----------------------------
Pointer Code (Code Type 0x60)
-----------------------------
6XXXXXXX YYYYYYYY
ZZZZZZZZ BCTUVVVV
60 = Code Type Or Byte
 XXXXXXX = Pointer Address
        YYYYYYYY = 8/16/32-Bit Value
ZZZZZZZZ = Offset to add to the Pointer Address
        B = Bit-type Write, 0 for 8-bit, 1 for 16-Bit & 2 for 32-Bit
         C = Condition Enabled, 0 for disabled, 1 for enabled
          T = Condition type to check against
              0 = If equal to VVVV
              1 = If not equal to VVVV
              2 = If lesser than VVVV
              3 = If greater than VVVV
              4 = If AND VVVV equal to 0000
              5 = If AND VVVV not equal to 0000
              6 = If AND VVVV equal to VVVV
              7 = If AND VVVV not equal to VVVV
           U = Bit-type Load, 0 for 8-Bit & 1 for 16-Bit
            VVVV = Conditional Value to check against

-----------------------------------------------
8/16-Bit Special Bitwise Write (Code Type 0x70)
-----------------------------------------------
7XXXXXXX 00TBYYYY
70 = Code Type Or Byte
 XXXXXXX = Address
          T = Operation type, 0 for OR, 1 for AND, 2 for XOR
           B = Bit-type Write, 0 for 8-Bit & 1 for 16-Bit
            YYYY = 8/16-Bit Value

----------------------------------------------
32-Bit Write On Bootup-Hook 1 (Code Type 0xA0)
----------------------------------------------
AXXXXXXX YYYYYYYY
A0 = Code Type Or Byte
 XXXXXXX = Address
        YYYYYYYY = Value

----------------------------------------------
32-Bit Write On Bootup-Hook 2 (Code Type 0xA8)
----------------------------------------------
AXXXXXXX YYYYYYYY
A8 = Code Type Or Byte
 XXXXXXX = Address
        YYYYYYYY = Value

-----------------------------------------
16-Bit Conditional Check (Code Type 0xD0)
-----------------------------------------
DXXXXXXX ZZTUYYYY
D0 = Code Type Or Byte
 XXXXXXX = Address
        ZZ = Lines to skip, 00 means 01 by default
          T = Condition type to check against
              0 = If equal to YYYY
              1 = If not equal to YYYY
              2 = If lesser than YYYY
              3 = If greater than YYYY
              4 = If AND YYYY equal to 0000
              5 = If AND YYYY not equal to 0000
              6 = If AND YYYY equal to YYYY
              7 = If AND YYYY not equal to YYYY
           U = Bit-type Load, 0 for 16-Bit & 1 for 8-Bit
            YYYY = Conditional Value to check against

-----------------------------------
Enable Code-Hook 1 (Code Type 0xF0)
-----------------------------------
FXXXXXXX TYYYYYYY
F0 = Code Type Or Byte
 XXXXXXX = Hook Address
        T = Type of Hook to use
            0 = Hook almost any 2 opcodes, LDR PC,=
            1 = Hook almost any BL opcode, BL function
            2 = Hook almost any .long address, DC.D ADDR ; BX
            3 = Hook almost any BX Register opcode, BX Ry
         YYYYYYY = Cheat Engine Address

-----------------------------------
Enable Code-Hook 2 (Code Type 0xF8)
-----------------------------------
FXXXXXXX TPPPPPPP
F8 = Code Type Or Byte
 XXXXXXX = Cheat Engine Hook Address
        T = Type of Hook to use
            0 = Hook almost any 2 opcodes, LDR PC,=
            1 = Hook almost any BL opcode, BL function
            2 = Hook almost any .long address, DC.D ADDR ; BX
            3 = Hook almost any BX Register opcode, BX Ry
         PPPPPPP = Parameters that will be used later


Top
  
Reply with quote  
 Post subject:
PostPosted: Fri Oct 27, 2006 8:16 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:26 pm
Posts: 3765
Title: All in a day's work.
Fixed 'type 40' description.

_________________
I have to return some video tapes.

Feed me a stray cat.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sat Oct 28, 2006 3:52 pm 
Offline
Kommunist
Kommunist

Joined: Sun Oct 01, 2006 9:27 pm
Posts: 20
Sweet, when will the Codebreaker DS be out?


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sat Oct 28, 2006 4:13 pm 
Next week or the week after.


Top
  
Reply with quote  
 Post subject:
PostPosted: Sat Oct 28, 2006 4:50 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:46 pm
Posts: 2331
Location: *poof*
Title: The Mad Hacker
Cool! How much $s?

_________________
Image


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sat Oct 28, 2006 11:41 pm 
He hasn't told me, ask him in IRC.


Top
  
Reply with quote  
 Post subject:
PostPosted: Mon Oct 30, 2006 7:05 pm 
Offline
Kommunist
Kommunist

Joined: Tue Oct 03, 2006 6:17 pm
Posts: 98
Ooooo, maybe they'll have some type of trainer making kit along with it :) "hopes"

_________________
http://content.ytmnd.com/content/e/d/d/ ... ff4078.mp3


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon Oct 30, 2006 7:29 pm 
Not for awhile. CMX says two months at least. But the Krew may get free CB DS's. And no, you aren't "Krew".


Top
  
Reply with quote  
 Post subject:
PostPosted: Mon Oct 30, 2006 8:12 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:46 pm
Posts: 2331
Location: *poof*
Title: The Mad Hacker
I would appreciate the hell out of that! *crosses fingers*

_________________
Image


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Nov 10, 2006 10:05 am 
Rune cut and pasted this to GSC.... this is funny because he is incapable of understanding the majority of it. He also copied AR DS's info... what a loser.


Top
  
Reply with quote  
 Post subject:
PostPosted: Fri Nov 10, 2006 10:42 am 
Offline
Komrade
Komrade
User avatar

Joined: Mon Oct 02, 2006 5:56 pm
Posts: 1978
Title: Mr. Bitches
Rune phails at life...

Oh well... not like anyone there has the hacking talents to use them.

_________________
Image
Image
<EggWerx> MetalOverlord: Dsman and lemmayoshi will be used for taco meat, ask mo he knows me.
jleemero wrote:
Being required to learn Java for a Comp Sci MAJOR is like being required to shit on a lawnmower to be an astronaut.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Dec 07, 2006 1:39 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:26 pm
Posts: 3765
Title: All in a day's work.
CMX is sending out CB DS samples tomorrow. So if you're into NDS hacking, get in touch with him on IRC soon. There is a limited number, so please only accept the offer if you are REALLY interested in getting into NDS hacking and you think it may be something to get you going. If not, leave them for some of the other skilled hackers. (This offer only applies to Kodewerx forum members. Keep that in mind.)

~ That's all! ~

_________________
I have to return some video tapes.

Feed me a stray cat.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Dec 07, 2006 2:35 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:46 pm
Posts: 2331
Location: *poof*
Title: The Mad Hacker
*Jumps to IRC*

_________________
Image


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Dec 07, 2006 2:55 pm 
Offline
Kommunist
Kommunist

Joined: Tue Oct 10, 2006 9:32 am
Posts: 445
I was going to come to IRC too, but I realized the only thing I'll do with the CB is trying to hack the CB (or why not the AR) but definitly not the games, so I don't think I 'deserve' one free. So I'll just buy one someday - if it ever comes out in a store near me...


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Dec 07, 2006 3:06 pm 
Kenobi, you deserve one. Even if you don't hack it. Git on IRC.


Top
  
Reply with quote  
 Post subject:
PostPosted: Mon Dec 11, 2006 10:59 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:26 pm
Posts: 3765
Title: All in a day's work.
I've dumped and decrypted (and decompressed) the main CB DS executable with a little program I wrote. Haven't quite located the code decryption stuff yet, but it's in there somewhere. When I get to it, I'll create a decrypter (and maybe encrypter) in PHP.

_________________
I have to return some video tapes.

Feed me a stray cat.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon Dec 11, 2006 11:41 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:46 pm
Posts: 2331
Location: *poof*
Title: The Mad Hacker
Awesome! I sure would love to do something like that.

Maybe I could write the encrypter? That'd be cool, if you wouldn't mind.

_________________
Image


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Dec 14, 2006 12:14 pm 
Offline
Kommunist
Kommunist

Joined: Tue Oct 17, 2006 1:37 pm
Posts: 4
Location: Germany
Parasyte wrote:
I've dumped and decrypted (and decompressed) the main CB DS executable with a little program I wrote. Haven't quite located the code decryption stuff yet, but it's in there somewhere. When I get to it, I'll create a decrypter (and maybe encrypter) in PHP.

I guess after GCNcrypt/MAXcrypt made by you and CB2crypt from me, it's your turn again. ;)

Good luck, I'm sure you'll have as much fun as I had while cracking the CB for PS2.

Any special reason for writing the decryptor in PHP?


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Dec 14, 2006 1:13 pm 
Offline
Komrade
Komrade
User avatar

Joined: Mon Oct 02, 2006 5:56 pm
Posts: 1978
Title: Mr. Bitches
Easy website integration?

_________________
Image
Image
<EggWerx> MetalOverlord: Dsman and lemmayoshi will be used for taco meat, ask mo he knows me.
jleemero wrote:
Being required to learn Java for a Comp Sci MAJOR is like being required to shit on a lawnmower to be an astronaut.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Dec 14, 2006 4:16 pm 
Offline
Kommunist
Kommunist

Joined: Tue Oct 17, 2006 1:37 pm
Posts: 4
Location: Germany
Either that or maybe he uses PHP so no one can see the actual crypto routines. Looks like there's some cooperation with CMX.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Dec 14, 2006 5:43 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:26 pm
Posts: 3765
Title: All in a day's work.
No, the last I talked to him about it, he did not mind the encryption getting broken. I decided on PHP because I am evil and don't want lamers from other sites taking our work and hosting it for themselves. Cheap, yes, but even more effective.

_________________
I have to return some video tapes.

Feed me a stray cat.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Dec 14, 2006 8:49 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:46 pm
Posts: 2331
Location: *poof*
Title: The Mad Hacker
I didn't even realize that advantage, nice! :)

_________________
Image


Top
 Profile  
Reply with quote  
PostPosted: Tue Dec 26, 2006 5:55 pm 
Offline
Kommunist
Kommunist

Joined: Mon Oct 30, 2006 10:18 am
Posts: 2
Code:
---------------------------------------
Auto Game Recognizer (Code Type 0x0000)
---------------------------------------
E000YYYY XXXXXXXX
E = Mode (0 = Encrypted Codes 8 =Raw code)
[Put an 8 to allows CodeBreakerDS to rake Raw codes]
YYYY = Game's Header CRC16
XXXXXXXX = Game's Nintendo ID



lemmayoshi wrote:
I've been talking to CMX on IRC lately, and he's been telling me bunches about the CBDS :).

Code:
---------------------------------------
Auto Game Recognizer (Code Type 0x0000)
---------------------------------------
0000YYYY XXXXXXXX
   YYYY = Game's Header CRC16
        XXXXXXXX = Game's Nintendo ID


Top
 Profile  
Reply with quote  
PostPosted: Wed Dec 27, 2006 12:20 am 
Offline
Kommunist
Kommunist

Joined: Wed Dec 27, 2006 12:14 am
Posts: 20
Title: Codemaster
Darkness Falls wrote:
Code:
---------------------------------------
Auto Game Recognizer (Code Type 0x0000)
---------------------------------------
E000YYYY XXXXXXXX
E = Mode (0 = Encrypted Codes 8 =Raw code)
[Put an 8 to allows CodeBreakerDS to rake Raw codes]
YYYY = Game's Header CRC16
XXXXXXXX = Game's Nintendo ID



i see someone stubled apon the CMP forum to find that there is an extra bit of data at the start of the Auto Game Recognizer that enables CB to take raw ..
this should be intresting .. good to see someothers jumping on the New Handhelds band wagon .. :)
now if only we could all get along :P
Parasyte it will cool to see your Php ver of CBDS converter ..
another good thing of it being online would be no one would have to download it as well . this is one thing alot of ppl like since u can just direct them to a URL and they can work the Converter .. and not need to download something .. :P looking forword to seeing it ..


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon Jan 08, 2007 8:39 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:26 pm
Posts: 3765
Title: All in a day's work.
Here are some universal Activator codes which will work on all games:

Activator 1 (GBA buttons):
D4000130 xx40yyyy

For xx:
Number of lines to skip

For yyyy:
0001: A
0002: B
0004: Select
0008: Start
0010: Right
0020: Left
0040: Up
0080: Down
0100: R
0200: L


Activator 2 (NDS buttons):
D27FFFA8 xx40yyyy

For xx:
Number of lines to skip

For yyyy:
0400: X
0800: Y
2000: Debug Button (not available on commercial NDS)
8000: NDS not folded


To combine one or more buttons together, use bitwise OR:

(A | B) = (0001 | 0002) = 0003

_________________
I have to return some video tapes.

Feed me a stray cat.


Last edited by Parasyte on Fri May 18, 2007 5:30 pm, edited 3 times in total.

Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon Jan 08, 2007 9:30 pm 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:46 pm
Posts: 2331
Location: *poof*
Title: The Mad Hacker
Yay!

_________________
Image


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon Jan 22, 2007 8:04 pm 
If I'm reading this right, you can't do a 32-bit increment of 0x0001 to 0x1FFFF? Can someone with 1337 disassembly skills *cough*kenobi*cough* verify this? Or maybe CMX will show up?


Top
  
Reply with quote  
 Post subject:
PostPosted: Tue Jan 23, 2007 12:55 am 
Offline
Kommunist
Kommunist

Joined: Tue Oct 10, 2006 9:32 am
Posts: 445
Well the ASM for the 0x38 code type is pretty straight :

ldr r3,[r2]
add r3,r1,r3
str r3,[r2]

R1 being the plain 32bits 'value' of the code, R2 being its address (without the code type).
So I don't see why there would be any limitation.
Now I guess the info of the 0x38 code type should say '32bit Value to increment by' instead of '8/16-bit Value to increment by' to avoid any confusion...


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue Jan 23, 2007 6:25 am 
Well, here's my point:

8-bit/16-bit increment:
3XXXXXXX 000UYYYY

32-bit increment
3XXXXXXX YYYYYYYY

The address portion matches exactly!
So if you have a value of, say 00011234, is it a 16-bit increment of 0x1234, or a 32-bit increment of 0x00011234?


Top
  
Reply with quote  
 Post subject:
PostPosted: Tue Jan 23, 2007 8:28 am 
Offline
Krew (Admin)
Krew (Admin)
User avatar

Joined: Sun Oct 01, 2006 9:26 pm
Posts: 3765
Title: All in a day's work.
Actually, bit 27 determines if the increment is 32-bit or not. (Some code types are 5-bits each.)

32001234 00011234 :: 16-bit increment of 0x1234 to address 0x02001234
3A001234 00011234 :: 32-bit increment of 0x00011234 to address 0x02001234

Get it?

_________________
I have to return some video tapes.

Feed me a stray cat.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 69 posts ]  Go to page 1, 2, 3  Next

All times are UTC - 8 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group