Kodewerx
https://www.kodewerx.org/forum/

Codebreaker DS codetypes.
https://www.kodewerx.org/forum/viewtopic.php?f=11&t=227		 Page 1 of 3
Author:  lemmayoshi [ Fri Oct 27, 2006 8:06 pm ]
Post subject:  Codebreaker DS codetypes.
I've been talking to CMX on IRC lately, and he's been telling me bunches about the CBDS :).

Code:
Some code types are 5-bits each, so some bitwise arithmetic will be required to "build" certain codes. (Like 32-bit increment codes, for example.)

---------------------------------------
Auto Game Recognizer With Encryption (Code Type 0x0000)
---------------------------------------
0000YYYY XXXXXXXX
   YYYY = Game's Header CRC16
        XXXXXXXX = Game's Nintendo ID

---------------------------------------
Auto Game Recognizer Without Encryption (Code Type 0x8000)
---------------------------------------
8000YYYY XXXXXXXX
   YYYY = Game's Header CRC16
        XXXXXXXX = Game's Nintendo ID

-------------------------------------
8-Bit Constant Write (Code Type 0x00)
-------------------------------------
0XXXXXXX 000000YY
00 = Code Type Or Byte
 XXXXXXX = Address
              YY = 8-bit Value

--------------------------------------
16-Bit Constant Write (Code Type 0x10)
--------------------------------------
1XXXXXXX 0000YYYY
10 = Code Type Or Byte
 XXXXXXX = Address
            YYYY = 16-bit Value

--------------------------------------
32-Bit Constant Write (Code Type 0x20)
--------------------------------------
2XXXXXXX YYYYYYYY
20 = Code Type Or Byte
 XXXXXXX = Address
        YYYYYYYY = 32-bit Value

---------------------------------------------
8/16-Bit Increment/Decrement (Code Type 0x30)
---------------------------------------------
3XXXXXXX 000UYYYY
30 = Code Type Or Byte
 XXXXXXX = Address
           U = Bit-type Write, 0 for 8-Bit & 1 for 16-Bit
            YYYY = 8/16-bit Value to increment by
NOTE: YYYY is signed so it can do increment and decrement

-------------------------------------------
32-Bit Increment/Decrement (Code Type 0x38)
-------------------------------------------
3XXXXXXX YYYYYYYY
38 = Code Type Or Byte
 XXXXXXX = Address
        YYYYYYYY = 32-bit Value to increment by
NOTE: YYYYYYYY is signed so it can do increment and decrement

---------------------------------------------
Serial Repeat Constant Write (Code Type 0x40)
---------------------------------------------
4XXXXXXX TWWWZZZZ
YYYYYYYY VVVVVVVV
40 = Code Type Or Byte
 XXXXXXX = Address
        T = Bit-type Write, 0 for 32-Bit, 1 for 16-Bit & 2 for 8-Bit
         WWW = Number of times to repeat
            ZZZZ = Increase Address by (Multiply by data size (1 << (2 - T)))
YYYYYYYY = Start Value
        VVVVVVVV = Increase Value by
 Example: This code:
 42010000 00050001 <-- 0001 * 4 = 0004 to Increase Address by
 63636363 00000000
 Is the same as:
 22010000 63636363
 22010004 63636363
 22010008 63636363
 2201000C 63636363
 22010010 63636363

---------------------------
Copy Bytes (Code Type 0x50)
---------------------------
5XXXXXXX YYYYYYYY
ZZZZZZZZ 00000000
50 = Code Type Or Byte
 XXXXXXX = Address to copy to
        YYYYYYYY = Number of bytes to copy
ZZZZZZZZ = Address to copy from

-----------------------------
Pointer Code (Code Type 0x60)
-----------------------------
6XXXXXXX YYYYYYYY
ZZZZZZZZ BCTUVVVV
60 = Code Type Or Byte
 XXXXXXX = Pointer Address
        YYYYYYYY = 8/16/32-Bit Value
ZZZZZZZZ = Offset to add to the Pointer Address
        B = Bit-type Write, 0 for 8-bit, 1 for 16-Bit & 2 for 32-Bit
         C = Condition Enabled, 0 for disabled, 1 for enabled
          T = Condition type to check against
              0 = If equal to VVVV
              1 = If not equal to VVVV
              2 = If lesser than VVVV
              3 = If greater than VVVV
              4 = If AND VVVV equal to 0000
              5 = If AND VVVV not equal to 0000
              6 = If AND VVVV equal to VVVV
              7 = If AND VVVV not equal to VVVV
           U = Bit-type Load, 0 for 8-Bit & 1 for 16-Bit
            VVVV = Conditional Value to check against

-----------------------------------------------
8/16-Bit Special Bitwise Write (Code Type 0x70)
-----------------------------------------------
7XXXXXXX 00TBYYYY
70 = Code Type Or Byte
 XXXXXXX = Address
          T = Operation type, 0 for OR, 1 for AND, 2 for XOR
           B = Bit-type Write, 0 for 8-Bit & 1 for 16-Bit
            YYYY = 8/16-Bit Value

----------------------------------------------
32-Bit Write On Bootup-Hook 1 (Code Type 0xA0)
----------------------------------------------
AXXXXXXX YYYYYYYY
A0 = Code Type Or Byte
 XXXXXXX = Address
        YYYYYYYY = Value

----------------------------------------------
32-Bit Write On Bootup-Hook 2 (Code Type 0xA8)
----------------------------------------------
AXXXXXXX YYYYYYYY
A8 = Code Type Or Byte
 XXXXXXX = Address
        YYYYYYYY = Value

-----------------------------------------
16-Bit Conditional Check (Code Type 0xD0)
-----------------------------------------
DXXXXXXX ZZTUYYYY
D0 = Code Type Or Byte
 XXXXXXX = Address
        ZZ = Lines to skip, 00 means 01 by default
          T = Condition type to check against
              0 = If equal to YYYY
              1 = If not equal to YYYY
              2 = If lesser than YYYY
              3 = If greater than YYYY
              4 = If AND YYYY equal to 0000
              5 = If AND YYYY not equal to 0000
              6 = If AND YYYY equal to YYYY
              7 = If AND YYYY not equal to YYYY
           U = Bit-type Load, 0 for 16-Bit & 1 for 8-Bit
            YYYY = Conditional Value to check against

-----------------------------------
Enable Code-Hook 1 (Code Type 0xF0)
-----------------------------------
FXXXXXXX TYYYYYYY
F0 = Code Type Or Byte
 XXXXXXX = Hook Address
        T = Type of Hook to use
            0 = Hook almost any 2 opcodes, LDR PC,=
            1 = Hook almost any BL opcode, BL function
            2 = Hook almost any .long address, DC.D ADDR ; BX
            3 = Hook almost any BX Register opcode, BX Ry
         YYYYYYY = Cheat Engine Address

-----------------------------------
Enable Code-Hook 2 (Code Type 0xF8)
-----------------------------------
FXXXXXXX TPPPPPPP
F8 = Code Type Or Byte
 XXXXXXX = Cheat Engine Hook Address
        T = Type of Hook to use
            0 = Hook almost any 2 opcodes, LDR PC,=
            1 = Hook almost any BL opcode, BL function
            2 = Hook almost any .long address, DC.D ADDR ; BX
            3 = Hook almost any BX Register opcode, BX Ry
         PPPPPPP = Parameters that will be used later
Author:  Parasyte [ Fri Oct 27, 2006 8:16 pm ]
Post subject: 
Fixed 'type 40' description.
Author:  Jeaton [ Sat Oct 28, 2006 3:52 pm ]
Post subject: 
Sweet, when will the Codebreaker DS be out?
Author:  lemmayoshi [ Sat Oct 28, 2006 4:13 pm ]
Post subject: 
Next week or the week after.
Author:  James0x57 [ Sat Oct 28, 2006 4:50 pm ]
Post subject: 
Cool! How much $s?
Author:  lemmayoshi [ Sat Oct 28, 2006 11:41 pm ]
Post subject: 
He hasn't told me, ask him in IRC.
Author:  npcguy:P [ Mon Oct 30, 2006 7:05 pm ]
Post subject: 
Ooooo, maybe they'll have some type of trainer making kit along with it :) "hopes"
Author:  dlong [ Mon Oct 30, 2006 7:29 pm ]
Post subject: 
Not for awhile. CMX says two months at least. But the Krew may get free CB DS's. And no, you aren't "Krew".
Author:  James0x57 [ Mon Oct 30, 2006 8:12 pm ]
Post subject: 
I would appreciate the hell out of that! *crosses fingers*
Author:  dlong [ Fri Nov 10, 2006 10:05 am ]
Post subject: 
Rune cut and pasted this to GSC.... this is funny because he is incapable of understanding the majority of it. He also copied AR DS's info... what a loser.
Author:  Dualscreenman [ Fri Nov 10, 2006 10:42 am ]
Post subject: 
Rune phails at life...

Oh well... not like anyone there has the hacking talents to use them.
Author:  Parasyte [ Thu Dec 07, 2006 1:39 pm ]
Post subject: 
CMX is sending out CB DS samples tomorrow. So if you're into NDS hacking, get in touch with him on IRC soon. There is a limited number, so please only accept the offer if you are REALLY interested in getting into NDS hacking and you think it may be something to get you going. If not, leave them for some of the other skilled hackers. (This offer only applies to Kodewerx forum members. Keep that in mind.)

~ That's all! ~
Author:  James0x57 [ Thu Dec 07, 2006 2:35 pm ]
Post subject: 
*Jumps to IRC*
Author:  kenobi [ Thu Dec 07, 2006 2:55 pm ]
Post subject: 
I was going to come to IRC too, but I realized the only thing I'll do with the CB is trying to hack the CB (or why not the AR) but definitly not the games, so I don't think I 'deserve' one free. So I'll just buy one someday - if it ever comes out in a store near me...
Author:  lemmayoshi [ Thu Dec 07, 2006 3:06 pm ]
Post subject: 
Kenobi, you deserve one. Even if you don't hack it. Git on IRC.
Author:  Parasyte [ Mon Dec 11, 2006 10:59 pm ]
Post subject: 
I've dumped and decrypted (and decompressed) the main CB DS executable with a little program I wrote. Haven't quite located the code decryption stuff yet, but it's in there somewhere. When I get to it, I'll create a decrypter (and maybe encrypter) in PHP.
Author:  James0x57 [ Mon Dec 11, 2006 11:41 pm ]
Post subject: 
Awesome! I sure would love to do something like that.

Maybe I could write the encrypter? That'd be cool, if you wouldn't mind.
Author:  misfire [ Thu Dec 14, 2006 12:14 pm ]
Post subject: 
Parasyte wrote:
I've dumped and decrypted (and decompressed) the main CB DS executable with a little program I wrote. Haven't quite located the code decryption stuff yet, but it's in there somewhere. When I get to it, I'll create a decrypter (and maybe encrypter) in PHP.

I guess after GCNcrypt/MAXcrypt made by you and CB2crypt from me, it's your turn again. ;)

Good luck, I'm sure you'll have as much fun as I had while cracking the CB for PS2.

Any special reason for writing the decryptor in PHP?
Author:  Dualscreenman [ Thu Dec 14, 2006 1:13 pm ]
Post subject: 
Easy website integration?
Author:  misfire [ Thu Dec 14, 2006 4:16 pm ]
Post subject: 
Either that or maybe he uses PHP so no one can see the actual crypto routines. Looks like there's some cooperation with CMX.
Author:  Parasyte [ Thu Dec 14, 2006 5:43 pm ]
Post subject: 
No, the last I talked to him about it, he did not mind the encryption getting broken. I decided on PHP because I am evil and don't want lamers from other sites taking our work and hosting it for themselves. Cheap, yes, but even more effective.
Author:  James0x57 [ Thu Dec 14, 2006 8:49 pm ]
Post subject: 
I didn't even realize that advantage, nice! :)
Author:  Darkness Falls [ Tue Dec 26, 2006 5:55 pm ]
Post subject:  Re: Codebreaker DS codetypes.
Code:
---------------------------------------
Auto Game Recognizer (Code Type 0x0000)
---------------------------------------
E000YYYY XXXXXXXX
E = Mode (0 = Encrypted Codes 8 =Raw code)
[Put an 8 to allows CodeBreakerDS to rake Raw codes]
YYYY = Game's Header CRC16
XXXXXXXX = Game's Nintendo ID



lemmayoshi wrote:
I've been talking to CMX on IRC lately, and he's been telling me bunches about the CBDS :).

Code:
---------------------------------------
Auto Game Recognizer (Code Type 0x0000)
---------------------------------------
0000YYYY XXXXXXXX
   YYYY = Game's Header CRC16
        XXXXXXXX = Game's Nintendo ID
Author:  Skiller [ Wed Dec 27, 2006 12:20 am ]
Post subject:  Re: Codebreaker DS codetypes.
Darkness Falls wrote:
Code:
---------------------------------------
Auto Game Recognizer (Code Type 0x0000)
---------------------------------------
E000YYYY XXXXXXXX
E = Mode (0 = Encrypted Codes 8 =Raw code)
[Put an 8 to allows CodeBreakerDS to rake Raw codes]
YYYY = Game's Header CRC16
XXXXXXXX = Game's Nintendo ID



i see someone stubled apon the CMP forum to find that there is an extra bit of data at the start of the Auto Game Recognizer that enables CB to take raw ..
this should be intresting .. good to see someothers jumping on the New Handhelds band wagon .. :)
now if only we could all get along :P
Parasyte it will cool to see your Php ver of CBDS converter ..
another good thing of it being online would be no one would have to download it as well . this is one thing alot of ppl like since u can just direct them to a URL and they can work the Converter .. and not need to download something .. :P looking forword to seeing it ..
Author:  Parasyte [ Mon Jan 08, 2007 8:39 pm ]
Post subject: 
Here are some universal Activator codes which will work on all games:

Activator 1 (GBA buttons):
D4000130 xx40yyyy

For xx:
Number of lines to skip

For yyyy:
0001: A
0002: B
0004: Select
0008: Start
0010: Right
0020: Left
0040: Up
0080: Down
0100: R
0200: L


Activator 2 (NDS buttons):
D27FFFA8 xx40yyyy

For xx:
Number of lines to skip

For yyyy:
0400: X
0800: Y
2000: Debug Button (not available on commercial NDS)
8000: NDS not folded


To combine one or more buttons together, use bitwise OR:

(A | B) = (0001 | 0002) = 0003
Author:  James0x57 [ Mon Jan 08, 2007 9:30 pm ]
Post subject: 
Yay!
Author:  dlong [ Mon Jan 22, 2007 8:04 pm ]
Post subject: 
If I'm reading this right, you can't do a 32-bit increment of 0x0001 to 0x1FFFF? Can someone with 1337 disassembly skills *cough*kenobi*cough* verify this? Or maybe CMX will show up?
Author:  kenobi [ Tue Jan 23, 2007 12:55 am ]
Post subject: 
Well the ASM for the 0x38 code type is pretty straight :

ldr r3,[r2]
add r3,r1,r3
str r3,[r2]

R1 being the plain 32bits 'value' of the code, R2 being its address (without the code type).
So I don't see why there would be any limitation.
Now I guess the info of the 0x38 code type should say '32bit Value to increment by' instead of '8/16-bit Value to increment by' to avoid any confusion...
Author:  dlong [ Tue Jan 23, 2007 6:25 am ]
Post subject: 
Well, here's my point:

8-bit/16-bit increment:
3XXXXXXX 000UYYYY

32-bit increment
3XXXXXXX YYYYYYYY

The address portion matches exactly!
So if you have a value of, say 00011234, is it a 16-bit increment of 0x1234, or a 32-bit increment of 0x00011234?
Author:  Parasyte [ Tue Jan 23, 2007 8:28 am ]
Post subject: 
Actually, bit 27 determines if the increment is 32-bit or not. (Some code types are 5-bits each.)

32001234 00011234 :: 16-bit increment of 0x1234 to address 0x02001234
3A001234 00011234 :: 32-bit increment of 0x00011234 to address 0x02001234

Get it?
Page 1 of 3 All times are UTC - 8 hours [ DST ]
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/