Kodewerx https://www.kodewerx.org/forum/ |
|
Codebreaker DS codetypes. https://www.kodewerx.org/forum/viewtopic.php?f=11&t=227 |
Page 1 of 3 |
Author: | lemmayoshi [ Fri Oct 27, 2006 8:06 pm ] |
Post subject: | Codebreaker DS codetypes. |
I've been talking to CMX on IRC lately, and he's been telling me bunches about the CBDS . Code: Some code types are 5-bits each, so some bitwise arithmetic will be required to "build" certain codes. (Like 32-bit increment codes, for example.)
--------------------------------------- Auto Game Recognizer With Encryption (Code Type 0x0000) --------------------------------------- 0000YYYY XXXXXXXX YYYY = Game's Header CRC16 XXXXXXXX = Game's Nintendo ID --------------------------------------- Auto Game Recognizer Without Encryption (Code Type 0x8000) --------------------------------------- 8000YYYY XXXXXXXX YYYY = Game's Header CRC16 XXXXXXXX = Game's Nintendo ID ------------------------------------- 8-Bit Constant Write (Code Type 0x00) ------------------------------------- 0XXXXXXX 000000YY 00 = Code Type Or Byte XXXXXXX = Address YY = 8-bit Value -------------------------------------- 16-Bit Constant Write (Code Type 0x10) -------------------------------------- 1XXXXXXX 0000YYYY 10 = Code Type Or Byte XXXXXXX = Address YYYY = 16-bit Value -------------------------------------- 32-Bit Constant Write (Code Type 0x20) -------------------------------------- 2XXXXXXX YYYYYYYY 20 = Code Type Or Byte XXXXXXX = Address YYYYYYYY = 32-bit Value --------------------------------------------- 8/16-Bit Increment/Decrement (Code Type 0x30) --------------------------------------------- 3XXXXXXX 000UYYYY 30 = Code Type Or Byte XXXXXXX = Address U = Bit-type Write, 0 for 8-Bit & 1 for 16-Bit YYYY = 8/16-bit Value to increment by NOTE: YYYY is signed so it can do increment and decrement ------------------------------------------- 32-Bit Increment/Decrement (Code Type 0x38) ------------------------------------------- 3XXXXXXX YYYYYYYY 38 = Code Type Or Byte XXXXXXX = Address YYYYYYYY = 32-bit Value to increment by NOTE: YYYYYYYY is signed so it can do increment and decrement --------------------------------------------- Serial Repeat Constant Write (Code Type 0x40) --------------------------------------------- 4XXXXXXX TWWWZZZZ YYYYYYYY VVVVVVVV 40 = Code Type Or Byte XXXXXXX = Address T = Bit-type Write, 0 for 32-Bit, 1 for 16-Bit & 2 for 8-Bit WWW = Number of times to repeat ZZZZ = Increase Address by (Multiply by data size (1 << (2 - T))) YYYYYYYY = Start Value VVVVVVVV = Increase Value by Example: This code: 42010000 00050001 <-- 0001 * 4 = 0004 to Increase Address by 63636363 00000000 Is the same as: 22010000 63636363 22010004 63636363 22010008 63636363 2201000C 63636363 22010010 63636363 --------------------------- Copy Bytes (Code Type 0x50) --------------------------- 5XXXXXXX YYYYYYYY ZZZZZZZZ 00000000 50 = Code Type Or Byte XXXXXXX = Address to copy to YYYYYYYY = Number of bytes to copy ZZZZZZZZ = Address to copy from ----------------------------- Pointer Code (Code Type 0x60) ----------------------------- 6XXXXXXX YYYYYYYY ZZZZZZZZ BCTUVVVV 60 = Code Type Or Byte XXXXXXX = Pointer Address YYYYYYYY = 8/16/32-Bit Value ZZZZZZZZ = Offset to add to the Pointer Address B = Bit-type Write, 0 for 8-bit, 1 for 16-Bit & 2 for 32-Bit C = Condition Enabled, 0 for disabled, 1 for enabled T = Condition type to check against 0 = If equal to VVVV 1 = If not equal to VVVV 2 = If lesser than VVVV 3 = If greater than VVVV 4 = If AND VVVV equal to 0000 5 = If AND VVVV not equal to 0000 6 = If AND VVVV equal to VVVV 7 = If AND VVVV not equal to VVVV U = Bit-type Load, 0 for 8-Bit & 1 for 16-Bit VVVV = Conditional Value to check against ----------------------------------------------- 8/16-Bit Special Bitwise Write (Code Type 0x70) ----------------------------------------------- 7XXXXXXX 00TBYYYY 70 = Code Type Or Byte XXXXXXX = Address T = Operation type, 0 for OR, 1 for AND, 2 for XOR B = Bit-type Write, 0 for 8-Bit & 1 for 16-Bit YYYY = 8/16-Bit Value ---------------------------------------------- 32-Bit Write On Bootup-Hook 1 (Code Type 0xA0) ---------------------------------------------- AXXXXXXX YYYYYYYY A0 = Code Type Or Byte XXXXXXX = Address YYYYYYYY = Value ---------------------------------------------- 32-Bit Write On Bootup-Hook 2 (Code Type 0xA8) ---------------------------------------------- AXXXXXXX YYYYYYYY A8 = Code Type Or Byte XXXXXXX = Address YYYYYYYY = Value ----------------------------------------- 16-Bit Conditional Check (Code Type 0xD0) ----------------------------------------- DXXXXXXX ZZTUYYYY D0 = Code Type Or Byte XXXXXXX = Address ZZ = Lines to skip, 00 means 01 by default T = Condition type to check against 0 = If equal to YYYY 1 = If not equal to YYYY 2 = If lesser than YYYY 3 = If greater than YYYY 4 = If AND YYYY equal to 0000 5 = If AND YYYY not equal to 0000 6 = If AND YYYY equal to YYYY 7 = If AND YYYY not equal to YYYY U = Bit-type Load, 0 for 16-Bit & 1 for 8-Bit YYYY = Conditional Value to check against ----------------------------------- Enable Code-Hook 1 (Code Type 0xF0) ----------------------------------- FXXXXXXX TYYYYYYY F0 = Code Type Or Byte XXXXXXX = Hook Address T = Type of Hook to use 0 = Hook almost any 2 opcodes, LDR PC,= 1 = Hook almost any BL opcode, BL function 2 = Hook almost any .long address, DC.D ADDR ; BX 3 = Hook almost any BX Register opcode, BX Ry YYYYYYY = Cheat Engine Address ----------------------------------- Enable Code-Hook 2 (Code Type 0xF8) ----------------------------------- FXXXXXXX TPPPPPPP F8 = Code Type Or Byte XXXXXXX = Cheat Engine Hook Address T = Type of Hook to use 0 = Hook almost any 2 opcodes, LDR PC,= 1 = Hook almost any BL opcode, BL function 2 = Hook almost any .long address, DC.D ADDR ; BX 3 = Hook almost any BX Register opcode, BX Ry PPPPPPP = Parameters that will be used later |
Author: | Parasyte [ Fri Oct 27, 2006 8:16 pm ] |
Post subject: | |
Fixed 'type 40' description. |
Author: | Jeaton [ Sat Oct 28, 2006 3:52 pm ] |
Post subject: | |
Sweet, when will the Codebreaker DS be out? |
Author: | lemmayoshi [ Sat Oct 28, 2006 4:13 pm ] |
Post subject: | |
Next week or the week after. |
Author: | James0x57 [ Sat Oct 28, 2006 4:50 pm ] |
Post subject: | |
Cool! How much $s? |
Author: | lemmayoshi [ Sat Oct 28, 2006 11:41 pm ] |
Post subject: | |
He hasn't told me, ask him in IRC. |
Author: | npcguy:P [ Mon Oct 30, 2006 7:05 pm ] |
Post subject: | |
Ooooo, maybe they'll have some type of trainer making kit along with it "hopes" |
Author: | dlong [ Mon Oct 30, 2006 7:29 pm ] |
Post subject: | |
Not for awhile. CMX says two months at least. But the Krew may get free CB DS's. And no, you aren't "Krew". |
Author: | James0x57 [ Mon Oct 30, 2006 8:12 pm ] |
Post subject: | |
I would appreciate the hell out of that! *crosses fingers* |
Author: | dlong [ Fri Nov 10, 2006 10:05 am ] |
Post subject: | |
Rune cut and pasted this to GSC.... this is funny because he is incapable of understanding the majority of it. He also copied AR DS's info... what a loser. |
Author: | Dualscreenman [ Fri Nov 10, 2006 10:42 am ] |
Post subject: | |
Rune phails at life... Oh well... not like anyone there has the hacking talents to use them. |
Author: | Parasyte [ Thu Dec 07, 2006 1:39 pm ] |
Post subject: | |
CMX is sending out CB DS samples tomorrow. So if you're into NDS hacking, get in touch with him on IRC soon. There is a limited number, so please only accept the offer if you are REALLY interested in getting into NDS hacking and you think it may be something to get you going. If not, leave them for some of the other skilled hackers. (This offer only applies to Kodewerx forum members. Keep that in mind.) ~ That's all! ~ |
Author: | James0x57 [ Thu Dec 07, 2006 2:35 pm ] |
Post subject: | |
*Jumps to IRC* |
Author: | kenobi [ Thu Dec 07, 2006 2:55 pm ] |
Post subject: | |
I was going to come to IRC too, but I realized the only thing I'll do with the CB is trying to hack the CB (or why not the AR) but definitly not the games, so I don't think I 'deserve' one free. So I'll just buy one someday - if it ever comes out in a store near me... |
Author: | lemmayoshi [ Thu Dec 07, 2006 3:06 pm ] |
Post subject: | |
Kenobi, you deserve one. Even if you don't hack it. Git on IRC. |
Author: | Parasyte [ Mon Dec 11, 2006 10:59 pm ] |
Post subject: | |
I've dumped and decrypted (and decompressed) the main CB DS executable with a little program I wrote. Haven't quite located the code decryption stuff yet, but it's in there somewhere. When I get to it, I'll create a decrypter (and maybe encrypter) in PHP. |
Author: | James0x57 [ Mon Dec 11, 2006 11:41 pm ] |
Post subject: | |
Awesome! I sure would love to do something like that. Maybe I could write the encrypter? That'd be cool, if you wouldn't mind. |
Author: | misfire [ Thu Dec 14, 2006 12:14 pm ] |
Post subject: | |
Parasyte wrote: I've dumped and decrypted (and decompressed) the main CB DS executable with a little program I wrote. Haven't quite located the code decryption stuff yet, but it's in there somewhere. When I get to it, I'll create a decrypter (and maybe encrypter) in PHP.
I guess after GCNcrypt/MAXcrypt made by you and CB2crypt from me, it's your turn again. Good luck, I'm sure you'll have as much fun as I had while cracking the CB for PS2. Any special reason for writing the decryptor in PHP? |
Author: | Dualscreenman [ Thu Dec 14, 2006 1:13 pm ] |
Post subject: | |
Easy website integration? |
Author: | misfire [ Thu Dec 14, 2006 4:16 pm ] |
Post subject: | |
Either that or maybe he uses PHP so no one can see the actual crypto routines. Looks like there's some cooperation with CMX. |
Author: | Parasyte [ Thu Dec 14, 2006 5:43 pm ] |
Post subject: | |
No, the last I talked to him about it, he did not mind the encryption getting broken. I decided on PHP because I am evil and don't want lamers from other sites taking our work and hosting it for themselves. Cheap, yes, but even more effective. |
Author: | James0x57 [ Thu Dec 14, 2006 8:49 pm ] |
Post subject: | |
I didn't even realize that advantage, nice! |
Author: | Darkness Falls [ Tue Dec 26, 2006 5:55 pm ] |
Post subject: | Re: Codebreaker DS codetypes. |
Code: --------------------------------------- Auto Game Recognizer (Code Type 0x0000) --------------------------------------- E000YYYY XXXXXXXX E = Mode (0 = Encrypted Codes 8 =Raw code) [Put an 8 to allows CodeBreakerDS to rake Raw codes] YYYY = Game's Header CRC16 XXXXXXXX = Game's Nintendo ID lemmayoshi wrote: I've been talking to CMX on IRC lately, and he's been telling me bunches about the CBDS :).
Code: --------------------------------------- Auto Game Recognizer (Code Type 0x0000) --------------------------------------- 0000YYYY XXXXXXXX YYYY = Game's Header CRC16 XXXXXXXX = Game's Nintendo ID |
Author: | Skiller [ Wed Dec 27, 2006 12:20 am ] |
Post subject: | Re: Codebreaker DS codetypes. |
Darkness Falls wrote: Code: --------------------------------------- Auto Game Recognizer (Code Type 0x0000) --------------------------------------- E000YYYY XXXXXXXX E = Mode (0 = Encrypted Codes 8 =Raw code) [Put an 8 to allows CodeBreakerDS to rake Raw codes] YYYY = Game's Header CRC16 XXXXXXXX = Game's Nintendo ID i see someone stubled apon the CMP forum to find that there is an extra bit of data at the start of the Auto Game Recognizer that enables CB to take raw .. this should be intresting .. good to see someothers jumping on the New Handhelds band wagon .. now if only we could all get along Parasyte it will cool to see your Php ver of CBDS converter .. another good thing of it being online would be no one would have to download it as well . this is one thing alot of ppl like since u can just direct them to a URL and they can work the Converter .. and not need to download something .. looking forword to seeing it .. |
Author: | Parasyte [ Mon Jan 08, 2007 8:39 pm ] |
Post subject: | |
Here are some universal Activator codes which will work on all games: Activator 1 (GBA buttons): D4000130 xx40yyyy For xx: Number of lines to skip For yyyy: 0001: A 0002: B 0004: Select 0008: Start 0010: Right 0020: Left 0040: Up 0080: Down 0100: R 0200: L Activator 2 (NDS buttons): D27FFFA8 xx40yyyy For xx: Number of lines to skip For yyyy: 0400: X 0800: Y 2000: Debug Button (not available on commercial NDS) 8000: NDS not folded To combine one or more buttons together, use bitwise OR: (A | B) = (0001 | 0002) = 0003 |
Author: | James0x57 [ Mon Jan 08, 2007 9:30 pm ] |
Post subject: | |
Yay! |
Author: | dlong [ Mon Jan 22, 2007 8:04 pm ] |
Post subject: | |
If I'm reading this right, you can't do a 32-bit increment of 0x0001 to 0x1FFFF? Can someone with 1337 disassembly skills *cough*kenobi*cough* verify this? Or maybe CMX will show up? |
Author: | kenobi [ Tue Jan 23, 2007 12:55 am ] |
Post subject: | |
Well the ASM for the 0x38 code type is pretty straight : ldr r3,[r2] add r3,r1,r3 str r3,[r2] R1 being the plain 32bits 'value' of the code, R2 being its address (without the code type). So I don't see why there would be any limitation. Now I guess the info of the 0x38 code type should say '32bit Value to increment by' instead of '8/16-bit Value to increment by' to avoid any confusion... |
Author: | dlong [ Tue Jan 23, 2007 6:25 am ] |
Post subject: | |
Well, here's my point: 8-bit/16-bit increment: 3XXXXXXX 000UYYYY 32-bit increment 3XXXXXXX YYYYYYYY The address portion matches exactly! So if you have a value of, say 00011234, is it a 16-bit increment of 0x1234, or a 32-bit increment of 0x00011234? |
Author: | Parasyte [ Tue Jan 23, 2007 8:28 am ] |
Post subject: | |
Actually, bit 27 determines if the increment is 32-bit or not. (Some code types are 5-bits each.) 32001234 00011234 :: 16-bit increment of 0x1234 to address 0x02001234 3A001234 00011234 :: 32-bit increment of 0x00011234 to address 0x02001234 Get it? |
Page 1 of 3 | All times are UTC - 8 hours [ DST ] |
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |