void NandDumper(){ File myFile; int isEmuNand = SYS_NAND; if(checkEmuNAND() && (isEmuNand = NandSwitch()) == UNK_NAND) return; isEmuNand--; ConsoleInit(); ConsoleSetTitle(L"%sNAND Dumper", isEmuNand ? "emu" : "sys"); unsigned char* buf = (void*)0x21000000; unsigned int nsectors = 0x200; //sectors in a row wchar_t ProgressBar[] = L"⬜⬜⬜⬜⬜⬜⬜⬜⬜⬜⬜⬜⬜⬜⬜⬜ "; unsigned int progress = 0; /* int BACKCOLOR = */ConsoleGetBackgroundColor(); //can be removed, left only to keep binaries the same if(FileOpen(&myFile, isEmuNand ? "rxTools/nand/EMUNAND.bin" : "rxTools/nand/NAND.bin", 1)){ print(L"Dumping...\n\n"); ConsoleShow(); int x, y; ConsoleGetXY(&x, &y); y += FONT_HEIGHT * 6; x += FONT_HWIDTH * 2; DrawString(BOT_SCREEN, ProgressBar, x, y, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); DrawString(BOT_SCREEN, L"Press Ⓑ anytime to abort", x, y + FONT_HEIGHT*2, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); for(int count = 0; count < NAND_SIZE/NAND_SECTOR_SIZE/nsectors; count++){ if(isEmuNand) sdmmc_sdcard_readsectors(count*nsectors, nsectors, buf); else sdmmc_nand_readsectors(count*nsectors, nsectors, buf); FileWrite(&myFile, buf, nsectors*NAND_SECTOR_SIZE, count*NAND_SECTOR_SIZE*nsectors); TryScreenShot(); if((count % (int)(NAND_SIZE/NAND_SECTOR_SIZE/nsectors/16)) == 0 && count != 0){ DrawString(BOT_SCREEN, PROGRESS_OK, x+(FONT_WIDTH*(progress++)), y, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); } unsigned int pad = GetInput(); if(pad & BUTTON_B) break; } if(isEmuNand){ sdmmc_sdcard_readsectors(checkEmuNAND()/0x200, 1, buf); FileWrite(&myFile, buf, 0x200, 0); } FileClose(&myFile); print(L"\nFinished dumping!\n"); ConsoleShow(); }else{ print(L"Failed to create the dump.\n"); ConsoleShow(); } print(L"\nPress Ⓐ to exit\n"); ConsoleShow(); WaitForButton(BUTTON_A); }
void DumpNandPartitions(){ int isEmuNand = checkEmuNAND() ? NandSwitch() : 0; if(isEmuNand == -1) return; char* p_name[] = { "twln.bin", "twlp.bin", "agb_save.bin", "firm0.bin", "firm1.bin", "ctrnand.bin" }; unsigned int p_size[] = { 0x08FB5200, 0x020B6600, 0x00030000, 0x00400000, 0x00400000, 0x2F3E3600}; unsigned int p_addr[] = { TWLN, TWLP, AGB_SAVE, FIRM0, FIRM1, CTRNAND }; int sect_row = 0x80; ConsoleInit(); ConsoleAddText(isEmuNand ? "EmuNAND Partitions Decryptor\n \n" : "NAND Partitions Decryptor\n \n"); for(int i = 3; i < 6; i++){ //Cutting out twln, twlp and agb_save. Todo: Properly decrypt them File out; sprintf(myString, isEmuNand ? "nand/emu_%s" : "nand/%s", p_name[i]); FileOpen(&out, myString, 1); sprintf(myString, "Dumping %s ...", p_name[i]); ConsoleAddText(myString); ConsoleShow(); for(int j = 0; j*0x200 < p_size[i]; j += sect_row){ sprintf(myString, "%08X / %08X", j*0x200, p_size[i]); int x, y; ConsoleGetXY(&x, &y); y += CHAR_WIDTH * 4; x += CHAR_WIDTH*2; DrawString(TOP_SCREEN, myString, x, y, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); if(isEmuNand) emunand_readsectors(j, sect_row, BUF1, p_addr[i]); else nand_readsectors(j, sect_row, BUF1, p_addr[i]); FileWrite(&out, BUF1, sect_row*0x200, j*0x200); } FileClose(&out); } ConsoleAddText("\nPress A to exit"); ConsoleShow(); WaitForButton(BUTTON_A); }
void AdvFileManagerShow(panel_t* Panel, int x){ //Title wchar_t tmp[_MAX_LFN]; swprintf(tmp, _MAX_LFN, L"%ls", Panel->dir); DrawString(screentmp, tmp, 15 + x, FONT_HEIGHT * 2, ConsoleGetTextColor(), TRANSPARENT); //FileList if (Panel->count != 0) { int n = 0; int divisions = Panel->count % 10 == 0 ? Panel->count / 10 : Panel->count / 10 + 1; int list[divisions]; for (n = 0; n<divisions; n++) { if (n == divisions - 1 && Panel->count % 10 != 0)list[n] = Panel->count - (Panel->count / 10) * 10; else list[n] = 10; } int i = 0; for (i = Panel->beginning; i < Panel->beginning + list[(Panel->pointer / 10)]; i++) { swprintf(tmp, _MAX_LFN, L"%ls %ls", (i == Panel->pointer && Panel->enabled == 1) ? strings[STR_CURSOR] : strings[STR_NO_CURSOR], Panel->files[i]); DrawString(screentmp, tmp, 15 + x, FONT_HEIGHT * 3 + FONT_HEIGHT * (i - Panel->beginning + 1), ConsoleGetTextColor(), TRANSPARENT); } } }
void NandDumper(){ File myFile; int isEmuNand = checkEmuNAND() ? NandSwitch() : 0; if(isEmuNand == -1) return; ConsoleInit(); ConsoleAddText(isEmuNand ? "EmuNAND Dumper\n" : "NAND Dumper\n"); unsigned char* buf = 0x21000000; unsigned int nsectors = 0x200; //sectors in a row char ProgressBar[] = "[ ]"; unsigned int progress = 1; int BACKCOLOR = ConsoleGetBackgroundColor(); if(FileOpen(&myFile, isEmuNand ? "/nand/EMUNAND.bin" : "/nand/NAND.bin", 1)){ ConsoleAddText("Dumping...\n"); ConsoleShow(); int x, y; ConsoleGetXY(&x, &y); y += CHAR_WIDTH * 6; x += CHAR_WIDTH*2; DrawString(TOP_SCREEN, ProgressBar, x, y, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); DrawString(TOP_SCREEN, "Press B anytime to abort", x, y + CHAR_WIDTH*2, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); for(int count = 0; count < NAND_SIZE/NAND_SECTOR_SIZE/nsectors; count++){ if(isEmuNand) sdmmc_sdcard_readsectors(count*nsectors, nsectors, buf); else sdmmc_nand_readsectors(count*nsectors, nsectors, buf); FileWrite(&myFile, buf, nsectors*NAND_SECTOR_SIZE, count*NAND_SECTOR_SIZE*nsectors); TryScreenShot(); if((count % (int)(NAND_SIZE/NAND_SECTOR_SIZE/nsectors/25)) == 0 && count != 0){ DrawString(TOP_SCREEN, "-", x+(CHAR_WIDTH*(progress++)), y, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); } unsigned int pad = GetInput(); if(pad & BUTTON_B) break; } if(isEmuNand){ sdmmc_sdcard_readsectors(checkEmuNAND()/0x200, 1, buf); FileWrite(&myFile, buf, 0x200, 0); } FileClose(&myFile); ConsoleAddText("\nFinished dumping!"); ConsoleShow(); }else{ ConsoleAddText("Failed to create the dump"); ConsoleShow(); } ConsoleAddText("\nPress A to exit"); ConsoleShow(); WaitForButton(BUTTON_A); }
void DumpNandPartitions(){ ConsoleSetTitle(strings[STR_DUMP], strings[STR_NAND_PARTITIONS]); int isEmuNand = SYS_NAND; if(checkEmuNAND() && (isEmuNand = NandSwitch()) == UNK_NAND) return; isEmuNand--; ConsoleInit(); ConsoleSetTitle(strings[STR_DUMP], strings[STR_NAND_PARTITIONS]); print(strings[STR_PROCESSING], isEmuNand ? strings[STR_EMUNAND] : strings[STR_SYSNAND]); wchar_t* p_name[] = { L"twln.bin", L"twlp.bin", L"agb_save.bin", L"firm0.bin", L"firm1.bin", L"ctrnand.bin" }; wchar_t* p_descr[] = { strings[STR_TWLN], strings[STR_TWLP], strings[STR_AGB_SAVE], strings[STR_FIRM0], strings[STR_FIRM1], strings[STR_CTRNAND] }; unsigned int p_size[] = { 0x08FB5200, 0x020B6600, 0x00030000, 0x00400000, 0x00400000, getMpInfo() == MPINFO_KTR ? 0x41D2D200 : 0x2F3E3600 }; unsigned int p_addr[] = { TWLN, TWLP, AGB_SAVE, FIRM0, FIRM1, CTRNAND }; int sect_row = 0x80; wchar_t tmp[_MAX_LFN]; for(int i = 3; i < 6; i++){ //Cutting out twln, twlp and agb_save. Todo: Properly decrypt them File out; swprintf(tmp, _MAX_LFN, L"rxTools/nand/%ls%ls", isEmuNand ? L"emu_" : L"", p_name[i]); FileOpen(&out, tmp, 1); print(strings[STR_DUMPING], p_descr[i], tmp); ConsoleShow(); for(int j = 0; j*0x200 < p_size[i]; j += sect_row){ swprintf(tmp, _MAX_LFN, L"%08X / %08X", j*0x200, p_size[i]); int x, y; ConsoleGetXY(&x, &y); y += FONT_HEIGHT * 3; x += FONT_HWIDTH*2; ConsoleShow(); DrawString(BOT_SCREEN, tmp, x, y, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); if(isEmuNand) emunand_readsectors(j, sect_row, BUF1, p_addr[i]); else nand_readsectors(j, sect_row, BUF1, p_addr[i]); FileWrite(&out, BUF1, sect_row*0x200, j*0x200); } FileClose(&out); } print(strings[STR_PRESS_BUTTON_ACTION], strings[STR_BUTTON_A], strings[STR_CONTINUE]); ConsoleShow(); WaitForButton(BUTTON_A); }
void DumpNandPartitions(){ int isEmuNand = SYS_NAND; if(checkEmuNAND() && (isEmuNand = NandSwitch()) == UNK_NAND) return; isEmuNand--; char* p_name[] = { "twln.bin", "twlp.bin", "agb_save.bin", "firm0.bin", "firm1.bin", "ctrnand.bin" }; unsigned int p_size[] = { 0x08FB5200, 0x020B6600, 0x00030000, 0x00400000, 0x00400000, 0x2F3E3600}; unsigned int p_addr[] = { TWLN, TWLP, AGB_SAVE, FIRM0, FIRM1, CTRNAND }; int sect_row = 0x80; ConsoleInit(); ConsoleSetTitle(L"%sNAND Partitions Decryptor", isEmuNand ? "emu" : "sys"); char tmp[256]; wchar_t wtmp[256]; for(int i = 3; i < 6; i++){ //Cutting out twln, twlp and agb_save. Todo: Properly decrypt them File out; sprintf(tmp, "rxTools/nand/%s%s", isEmuNand ? "emu_" : "", p_name[i]); FileOpen(&out, tmp, 1); print(L"Dumping %s ...\n", p_name[i]); ConsoleShow(); for(int j = 0; j*0x200 < p_size[i]; j += sect_row){ swprintf(wtmp, sizeof(wtmp)/sizeof(wtmp[0]), L"%08X / %08X", j*0x200, p_size[i]); int x, y; ConsoleGetXY(&x, &y); y += FONT_HEIGHT * 3; x += FONT_HWIDTH*2; DrawString(BOT_SCREEN, wtmp, x, y, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); if(isEmuNand) emunand_readsectors(j, sect_row, BUF1, p_addr[i]); else nand_readsectors(j, sect_row, BUF1, p_addr[i]); FileWrite(&out, BUF1, sect_row*0x200, j*0x200); } FileClose(&out); } print(L"\nPress Ⓐ to exit\n"); ConsoleShow(); WaitForButton(BUTTON_A); }
int InstallData(char* drive){ static const FirmInfo agb_info = { 0x8B800, 0x4CE00, 0x08006800, 0xD600, 0xE200, 0x08020000}; static const FirmInfo twl_info = { 0x153600, 0x4D200, 0x08006800, 0xD600, 0xE200, 0x08020000}; FIL firmfile; unsigned int progressWidth, progressX; wchar_t progressbar[8] = {0,}; wchar_t *progress = progressbar; int i; progressWidth = getMpInfo() == MPINFO_CTR ? 7 : 3; progressX = (BOT_SCREEN_WIDTH - progressWidth * FONT_WIDTH) / 2; for (i = 0; i < progressWidth; i++) wcscat(progressbar, strings[STR_PROGRESS]); print(L"%ls", progressbar); ConsolePrevLine(); //Create the workdir sprintf(tmpstr, "%s:%s", drive, DATAFOLDER); f_mkdir(tmpstr); //Read firmware data if (f_open(&firmfile, "firmware.bin", FA_READ | FA_OPEN_EXISTING) != FR_OK) return CONF_NOFIRMBIN; wcsncpy(progress, strings[STR_PROGRESS_OK], wcslen(strings[STR_PROGRESS_OK])); progress += wcslen(strings[STR_PROGRESS_OK]); DrawString(BOT_SCREEN, progressbar, progressX, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); //Create decrypted native_firm f_read(&firmfile, WORKBUF, NAT_SIZE, &tmpu32); uint8_t* n_firm = decryptFirmTitle(WORKBUF, NAT_SIZE, 0x00000002, 1); wcsncpy(progress, strings[STR_PROGRESS_OK], wcslen(strings[STR_PROGRESS_OK])); progress += wcslen(strings[STR_PROGRESS_OK]); DrawString(BOT_SCREEN, progressbar, progressX, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); getFirmPath(tmpstr, getMpInfo() == MPINFO_KTR ? TID_KTR_NATIVE_FIRM : TID_CTR_NATIVE_FIRM); if(FileOpen(&tempfile, tmpstr, 1)){ FileWrite(&tempfile, n_firm, NAT_SIZE, 0); FileClose(&tempfile); }else { f_close(&firmfile); return CONF_ERRNFIRM; } wcsncpy(progress, strings[STR_PROGRESS_OK], wcslen(strings[STR_PROGRESS_OK])); progress += wcslen(strings[STR_PROGRESS_OK]); DrawString(BOT_SCREEN, progressbar, progressX, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); if (getMpInfo() != MPINFO_CTR) goto end; //Create AGB patched firmware f_read(&firmfile, WORKBUF, AGB_SIZE, &tmpu32); uint8_t* a_firm = decryptFirmTitle(WORKBUF, AGB_SIZE, 0x00000202, 1); if (!a_firm && checkEmuNAND()) { /* Try to get the Title Key from the EmuNAND */ a_firm = decryptFirmTitle(WORKBUF, AGB_SIZE, 0x00000202, 2); if (!a_firm) { /* If we cannot decrypt it from firmware.bin because of titlekey messed up, it probably means that AGB has been modified in some way. */ //So we read it from his installed ncch... FindApp(0x00040138, 0x00000202, 1); char* path = getContentAppPath(); if (!FileOpen(&tempfile, path, 0) && checkEmuNAND()) { /* Try with EmuNAND */ FindApp(0x00040138, 0x00000202, 2); path = getContentAppPath(); if (!FileOpen(&tempfile, path, 0)) { f_close(&firmfile); return CONF_ERRNFIRM; } } FileRead(&tempfile, WORKBUF, AGB_SIZE, 0); FileClose(&tempfile); a_firm = decryptFirmTitleNcch(WORKBUF, AGB_SIZE); } } if (a_firm) { if (applyPatch(a_firm, "/rxTools/system/patches/ctr/agb_firm.elf", &agb_info)) return CONF_ERRPATCH; getFirmPath(tmpstr, TID_CTR_TWL_FIRM); if(FileOpen(&tempfile, tmpstr, 1)){ FileWrite(&tempfile, a_firm, AGB_SIZE, 0); FileClose(&tempfile); }else { f_close(&firmfile); return CONF_ERRNFIRM; } wcsncpy(progress, strings[STR_PROGRESS_OK], wcslen(strings[STR_PROGRESS_OK])); progress += wcslen(strings[STR_PROGRESS_OK]); } else { wcsncpy(progress, strings[STR_PROGRESS_FAIL], wcslen(strings[STR_PROGRESS_FAIL])); progress += wcslen(strings[STR_PROGRESS_FAIL]); //If we get here, then we'll play without AGB, lol } DrawString(BOT_SCREEN, progressbar, progressX, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); //Create TWL patched firmware f_read(&firmfile, WORKBUF, TWL_SIZE, &tmpu32); uint8_t* t_firm = decryptFirmTitle(WORKBUF, TWL_SIZE, 0x00000102, 1); if(t_firm){ if (applyPatch(t_firm, "/rxTools/system/patches/ctr/twl_firm.elf", &twl_info)) return CONF_ERRPATCH; getFirmPath(tmpstr, TID_CTR_TWL_FIRM); if(FileOpen(&tempfile, tmpstr, 1)){ FileWrite(&tempfile, t_firm, TWL_SIZE, 0); FileClose(&tempfile); //FileCopy("0004013800000102.bin", tmpstr); }else { f_close(&firmfile); return CONF_ERRNFIRM; } wcsncpy(progress, strings[STR_PROGRESS_OK], wcslen(strings[STR_PROGRESS_OK])); progress += wcslen(strings[STR_PROGRESS_OK]); }else{ wcsncpy(progress, strings[STR_PROGRESS_FAIL], wcslen(strings[STR_PROGRESS_FAIL])); progress += wcslen(strings[STR_PROGRESS_FAIL]); } DrawString(BOT_SCREEN, progressbar, progressX, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); sprintf(tmpstr, "%s:%s/data.bin", drive, DATAFOLDER); if(FileOpen(&tempfile, tmpstr, 1)){ FileWrite(&tempfile, __DATE__, 12, 0); FileWrite(&tempfile, __TIME__, 9, 12); FileClose(&tempfile); }else { f_close(&firmfile); return CONF_CANTOPENFILE; } wcsncpy(progress, strings[STR_PROGRESS_OK], wcslen(strings[STR_PROGRESS_OK])); progress += wcslen(strings[STR_PROGRESS_OK]); DrawString(BOT_SCREEN, progressbar, progressX, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); end: f_close(&firmfile); return 0; }
int InstallData(char* drive){ FIL firmfile; char* progressbar = "[ ]"; char* progress = progressbar+1; print("%s", progressbar); ConsolePrevLine(); //Create the workdir sprintf(tmpstr, "%s:%s", drive, DATAFOLDER); f_mkdir(tmpstr); f_chmod(tmpstr, AM_HID, AM_HID); //Read firmware data if(f_open(&firmfile, "firmware.bin", FA_READ | FA_OPEN_EXISTING) == FR_OK){ //... We'll see }else return CONF_NOFIRMBIN; *progress++ = '.'; DrawString(BOT_SCREEN, progressbar, 130, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); //Create patched native_firm f_read(&firmfile, WORKBUF, NAT_SIZE, &tmpu32); u8* n_firm = decryptFirmTitle(WORKBUF, NAT_SIZE, 0x00000002); u8* n_firm_patch = GetFilePack("nat_patch.bin"); applyPatch(n_firm, n_firm_patch); u8 keyx[16] = {0}; if(GetSystemVersion() < 3){ FileOpen(&tempfile, KEYFILENAME, 0); FileRead(&tempfile, &keyx[0], 16, 0); FileClose(&tempfile); } *progress++ = '.'; DrawString(BOT_SCREEN, progressbar, 130, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); for(int i = 0; i < NAT_SIZE; i+=0x4){ if(!strcmp((char*)n_firm + i, "Shit")){ if(1){ memcpy((char*)n_firm + i, rxmode_emu_label, 4); }else{ memcpy((char*)n_firm + i, rxmode_sys_label , 4); } } if(!strcmp((char*)n_firm + i, "InsertKeyXHere!") && keyx[0] != 0){ memcpy(n_firm + i, keyx, 16); } if(*((unsigned int*)(n_firm + i)) == 0xAAAABBBB){ *((unsigned int*)(n_firm + i)) = (checkEmuNAND() / 0x200) - 1; } } *progress++ = '.'; DrawString(BOT_SCREEN, progressbar, 130, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); sprintf(tmpstr, "%s:%s/0004013800000002.bin", drive, DATAFOLDER); if(FileOpen(&tempfile, tmpstr, 1)){ FileWrite(&tempfile, n_firm, NAT_SIZE, 0); FileClose(&tempfile); //FileCopy("0004013800000002.bin", tmpstr); }else return CONF_ERRNFIRM; *progress++ = '.'; DrawString(BOT_SCREEN, progressbar, 130, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); //Create AGB patched firmware f_read(&firmfile, WORKBUF, AGB_SIZE, &tmpu32); u8* a_firm = decryptFirmTitle(WORKBUF, AGB_SIZE, 0x00000202); u8* a_firm_patch = GetFilePack("agb_patch.bin"); if(a_firm){ applyPatch(a_firm, a_firm_patch); sprintf(tmpstr, "%s:%s/0004013800000202.bin", drive, DATAFOLDER); if(FileOpen(&tempfile, tmpstr, 1)){ FileWrite(&tempfile, a_firm, AGB_SIZE, 0); FileClose(&tempfile); }else return CONF_ERRNFIRM; *progress++ = '.'; }else{ //If we cannot decrypt it from firmware.bin becouse of titlekey messed up, it probably means that AGB has been modified in some way. //So we read it from his installed ncch... FindApp(0x00040138, 0x00000202, 1); char* path = getContentAppPath(); FileOpen(&tempfile, path, 0); FileRead(&tempfile, WORKBUF, AGB_SIZE, 0); FileClose(&tempfile); a_firm = decryptFirmTitleNcch(WORKBUF, AGB_SIZE); if(a_firm){ applyPatch(a_firm, a_firm_patch); sprintf(tmpstr, "%s:%s/0004013800000202.bin", drive, DATAFOLDER); if(FileOpen(&tempfile, tmpstr, 1)){ FileWrite(&tempfile, a_firm, AGB_SIZE, 0); FileClose(&tempfile); }else return CONF_ERRNFIRM; *progress++ = '.'; }else{ *progress++ = 'x'; //If we get here, then we'll play without AGB, lol } } DrawString(BOT_SCREEN, progressbar, 130, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); //Create TWL patched firmware f_read(&firmfile, WORKBUF, TWL_SIZE, &tmpu32); u8* t_firm = decryptFirmTitle(WORKBUF, TWL_SIZE, 0x00000102); u8* t_firm_patch = GetFilePack("twl_patch.bin"); if(t_firm){ applyPatch(t_firm, t_firm_patch); sprintf(tmpstr, "%s:%s/0004013800000102.bin", drive, DATAFOLDER); if(FileOpen(&tempfile, tmpstr, 1)){ FileWrite(&tempfile, t_firm, TWL_SIZE, 0); FileClose(&tempfile); //FileCopy("0004013800000102.bin", tmpstr); }else return CONF_ERRNFIRM; *progress++ = '.'; }else{ *progress++ = 'x'; } DrawString(BOT_SCREEN, progressbar, 130, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); sprintf(tmpstr, "%s:%s/data.bin", drive, DATAFOLDER); if(FileOpen(&tempfile, tmpstr, 1)){ FileWrite(&tempfile, __DATE__, 12, 0); FileWrite(&tempfile, __TIME__, 9, 12); FileClose(&tempfile); }else return CONF_CANTOPENFILE; *progress++ = '.'; DrawString(BOT_SCREEN, progressbar, 130, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); f_close(&firmfile); return 0; }
int ProcessCTR(char* path){ PartitionInfo myInfo; File myFile; char myString[256]; //In case it is needed... if(FileOpen(&myFile, path, 0)){ ConsoleInit(); ConsoleAddText(TITLE); unsigned int ncch_base = 0x100; unsigned char magic[] = { 0, 0, 0, 0, 0}; FileRead(&myFile, magic, 4, ncch_base); if(magic[0] == 'N' && magic[1] == 'C' && magic[2] == 'S' && magic[3] == 'D'){ ncch_base = 0x4000; FileRead(&myFile, magic, 4, ncch_base+0x100); if(!(magic[0] == 'N' && magic[1] == 'C' && magic[2] == 'C' && magic[3] == 'H')){ FileClose(&myFile); return 2; } }else if(magic[0] == 'N' && magic[1] == 'C' && magic[2] == 'C' && magic[3] == 'H'){ ncch_base = 0x0; }else{ FileClose(&myFile); return 2; } ctr_ncchheader NCCH; unsigned int mediaunitsize = 0x200; FileRead(&myFile, &NCCH, 0x200, ncch_base); //ConsoleAddText(path); ConsoleAddText(NCCH.productcode); unsigned int NEWCRYPTO = 0, CRYPTO = 1; if(NCCH.flags[3] != 0) NEWCRYPTO = 1; if(NCCH.flags[7] & 4) CRYPTO = 0; if(NEWCRYPTO){ ConsoleAddText("\nCryptoType : 7.X Key security"); }else if(CRYPTO){ ConsoleAddText("\nCryptoType : Secure"); }else{ ConsoleAddText("\nCryptoType : None"); ConsoleAddText("Decryption completed!"); FileClose(&myFile); ConsoleShow(); return 3; } ConsoleShow(); u8 CTR[16]; if(getle32(NCCH.extendedheadersize) > 0){ ConsoleAddText("Decrypting ExHeader..."); ConsoleShow(); ncch_get_counter(NCCH, CTR, 1); FileRead(&myFile, BUFFER_ADDR, 0x800, ncch_base + 0x200); myInfo.buffer = BUFFER_ADDR; myInfo.size = 0x800; myInfo.keyslot = 0x2C; myInfo.ctr = CTR; myInfo.keyY = NCCH.signature; DecryptPartition(&myInfo); FileWrite(&myFile, BUFFER_ADDR, 0x800, ncch_base + 0x200); } if(getle32(NCCH.exefssize) > 0){ ConsoleAddText("Decrypting ExeFS..."); ConsoleShow(); ncch_get_counter(NCCH, CTR, 2); myInfo.buffer = BUFFER_ADDR; myInfo.keyslot = NEWCRYPTO ? 0x25 : 0x2C; myInfo.ctr = CTR; myInfo.keyY = NCCH.signature; size_t bytesRead = FileRead(&myFile, BUFFER_ADDR, getle32(NCCH.exefssize) * mediaunitsize, ncch_base + getle32(NCCH.exefsoffset) * mediaunitsize); myInfo.size = bytesRead; ProcessExeFS(&myInfo); //Explanation at function definition FileWrite(&myFile, BUFFER_ADDR, getle32(NCCH.exefssize) * mediaunitsize, ncch_base + getle32(NCCH.exefsoffset) * mediaunitsize); } if(getle32(NCCH.romfssize) > 0){ ConsoleAddText("Decrypting RomFS..."); ConsoleShow(); ncch_get_counter(NCCH, CTR, 3); myInfo.buffer = BUFFER_ADDR; myInfo.keyslot = NEWCRYPTO ? 0x25 : 0x2C; myInfo.ctr = CTR; myInfo.keyY = NCCH.signature; for(int i = 0; i < getle32(NCCH.romfssize) * mediaunitsize / BLOCK_SIZE; i++){ sprintf(myString, "%i%%", (int)((i*BLOCK_SIZE)/(getle32(NCCH.romfssize) * mediaunitsize/ 100))); int x, y; ConsoleGetXY(&x, &y); y += CHAR_WIDTH * 4; x += CHAR_WIDTH*22; DrawString(TOP_SCREEN, myString, x, y, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); size_t bytesRead = FileRead(&myFile, BUFFER_ADDR, BLOCK_SIZE, ncch_base + getle32(NCCH.romfsoffset) * mediaunitsize + i*BLOCK_SIZE); myInfo.size = bytesRead; DecryptPartition(&myInfo); add_ctr(myInfo.ctr, bytesRead/16); FileWrite(&myFile, BUFFER_ADDR, BLOCK_SIZE, ncch_base + getle32(NCCH.romfsoffset) * mediaunitsize + i*BLOCK_SIZE); } } NCCH.flags[7] |= 4; //Disable encryption NCCH.flags[3] = 0; //Disable 7.XKey usage FileWrite(&myFile, &NCCH, 0x200, ncch_base); if(ncch_base == 0x4000) FileWrite(&myFile, ((u8*)&NCCH) + 0x100, 0x100, 0x1100); //Only for NCSD FileClose(&myFile); ConsoleAddText("Decryption completed!"); ConsoleShow(); return 0; }else return 1; }
int InstallData(char* drive){ static const FirmInfo native_info = { 0x66000, 0x84A00, 0x08006800, 0x35000, 0x31000, 0x1FF80000, 0x15B00, 0x16700, 0x08028000}; static const FirmInfo agb_info = { 0x8B800, 0x4CE00, 0x08006800, 0, 0, 0, 0xD600, 0xE200, 0x08020000}; static const FirmInfo twl_info = { 0x153600, 0x4D200, 0x08006800, 0, 0, 0, 0xD600, 0xE200, 0x08020000}; FIL firmfile; wchar_t *progressbar = L"⬜⬜⬜⬜⬜⬜⬜"; wchar_t *progress = progressbar+0; print(L"%ls", progressbar); ConsolePrevLine(); //Create the workdir sprintf(tmpstr, "%s:%s", drive, DATAFOLDER); f_mkdir(tmpstr); //Read firmware data if (f_open(&firmfile, "firmware.bin", FA_READ | FA_OPEN_EXISTING) != FR_OK) return CONF_NOFIRMBIN; *progress++ = PROGRESS_OK; DrawString(BOT_SCREEN, progressbar, PROGRESS_X, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); //Create patched native_firm f_read(&firmfile, WORKBUF, NAT_SIZE, &tmpu32); u8* n_firm = decryptFirmTitle(WORKBUF, NAT_SIZE, 0x00000002, 1); if (applyPatch(n_firm, "/rxTools/system/patches/native_firm.elf", &native_info)) return CONF_ERRPATCH; u8 keyx[16] = {0}; if(GetSystemVersion() < 3){ if (!FileOpen(&tempfile, KEYFILENAME, 0)) { f_close(&firmfile); return CONF_CANTOPENFILE; } FileRead(&tempfile, &keyx[0], 16, 0); FileClose(&tempfile); } *progress++ = PROGRESS_OK; DrawString(BOT_SCREEN, progressbar, PROGRESS_X, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); for(int i = 0; i < NAT_SIZE; i+=0x4){ if(!strcmp((char*)n_firm + i, "InsertKeyXHere!") && keyx[0] != 0){ memcpy(n_firm + i, keyx, 16); } if(*((unsigned int*)(n_firm + i)) == 0xAAAABBBB){ *((unsigned int*)(n_firm + i)) = (checkEmuNAND() / 0x200) - 1; } } *progress++ = PROGRESS_OK; DrawString(BOT_SCREEN, progressbar, PROGRESS_X, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); sprintf(tmpstr, "%s:%s/0004013800000002.bin", drive, DATAFOLDER); if(FileOpen(&tempfile, tmpstr, 1)){ FileWrite(&tempfile, n_firm, NAT_SIZE, 0); FileClose(&tempfile); }else { f_close(&firmfile); return CONF_ERRNFIRM; } *progress++ = PROGRESS_OK; DrawString(BOT_SCREEN, progressbar, PROGRESS_X, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); //Create AGB patched firmware f_read(&firmfile, WORKBUF, AGB_SIZE, &tmpu32); u8* a_firm = decryptFirmTitle(WORKBUF, AGB_SIZE, 0x00000202, 1); if (!a_firm && checkEmuNAND()) { /* Try to get the Title Key from the EmuNAND */ a_firm = decryptFirmTitle(WORKBUF, AGB_SIZE, 0x00000202, 2); if (!a_firm) { /* If we cannot decrypt it from firmware.bin because of titlekey messed up, it probably means that AGB has been modified in some way. */ //So we read it from his installed ncch... FindApp(0x00040138, 0x00000202, 1); char* path = getContentAppPath(); if (!FileOpen(&tempfile, path, 0) && checkEmuNAND()) { /* Try with EmuNAND */ FindApp(0x00040138, 0x00000202, 2); path = getContentAppPath(); if (!FileOpen(&tempfile, path, 0)) { f_close(&firmfile); return CONF_ERRNFIRM; } } FileRead(&tempfile, WORKBUF, AGB_SIZE, 0); FileClose(&tempfile); a_firm = decryptFirmTitleNcch(WORKBUF, AGB_SIZE); } } if (a_firm) { if (applyPatch(a_firm, "/rxTools/system/patches/agb_firm.elf", &agb_info)) return CONF_ERRPATCH; sprintf(tmpstr, "%s:%s/0004013800000202.bin", drive, DATAFOLDER); if(FileOpen(&tempfile, tmpstr, 1)){ FileWrite(&tempfile, a_firm, AGB_SIZE, 0); FileClose(&tempfile); }else { f_close(&firmfile); return CONF_ERRNFIRM; } *progress++ = PROGRESS_OK; } else { *progress++ = PROGRESS_FAIL; //If we get here, then we'll play without AGB, lol } DrawString(BOT_SCREEN, progressbar, PROGRESS_X, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); //Create TWL patched firmware f_read(&firmfile, WORKBUF, TWL_SIZE, &tmpu32); u8* t_firm = decryptFirmTitle(WORKBUF, TWL_SIZE, 0x00000102, 1); if(t_firm){ if (applyPatch(t_firm, "/rxTools/system/patches/twl_firm.elf", &twl_info)) return CONF_ERRPATCH; sprintf(tmpstr, "%s:%s/0004013800000102.bin", drive, DATAFOLDER); if(FileOpen(&tempfile, tmpstr, 1)){ FileWrite(&tempfile, t_firm, TWL_SIZE, 0); FileClose(&tempfile); //FileCopy("0004013800000102.bin", tmpstr); }else { f_close(&firmfile); return CONF_ERRNFIRM; } *progress++ = PROGRESS_OK; }else{ *progress++ = PROGRESS_FAIL; } DrawString(BOT_SCREEN, progressbar, PROGRESS_X, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); sprintf(tmpstr, "%s:%s/data.bin", drive, DATAFOLDER); if(FileOpen(&tempfile, tmpstr, 1)){ FileWrite(&tempfile, __DATE__, 12, 0); FileWrite(&tempfile, __TIME__, 9, 12); FileClose(&tempfile); }else { f_close(&firmfile); return CONF_CANTOPENFILE; } *progress++ = PROGRESS_OK; DrawString(BOT_SCREEN, progressbar, PROGRESS_X, 50, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); f_close(&firmfile); return 0; }
void NandDumper(){ ConsoleSetTitle(strings[STR_DUMP], strings[STR_NAND]); File myFile; int isEmuNand = SYS_NAND; if(checkEmuNAND() && (isEmuNand = NandSwitch()) == UNK_NAND) return; isEmuNand--; ConsoleInit(); ConsoleSetTitle(strings[STR_DUMP], strings[STR_NAND]); unsigned char* buf = (void*)0x21000000; unsigned int nsectors = 0x200; //sectors in a row wchar_t tmpstr[STR_MAX_LEN]; wchar_t ProgressBar[41] = {0,}; for(int i=0; i<PROGRESS_WIDTH; i++) wcscat(ProgressBar, strings[STR_PROGRESS]); unsigned int progress = 0; wchar_t filename[_MAX_LFN]; swprintf(filename, _MAX_LFN, L"rxTools/nand/%sNAND.bin", isEmuNand ? L"EMU" : L""); if(FileOpen(&myFile, filename, 1)){ print(strings[STR_DUMPING], isEmuNand ? strings[STR_EMUNAND] : strings[STR_SYSNAND], filename); ConsoleShow(); int x, y; ConsoleGetXY(&x, &y); y += FONT_HEIGHT * 6; x += FONT_HWIDTH * 2; DrawString(BOT_SCREEN, ProgressBar, x, y, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); swprintf(tmpstr, STR_MAX_LEN, strings[STR_PRESS_BUTTON_ACTION], strings[STR_BUTTON_B], strings[STR_CANCEL]); DrawString(BOT_SCREEN, tmpstr, x, y + FONT_HEIGHT*2, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); for(int count = 0; count < getNandSize()/NAND_SECTOR_SIZE/nsectors; count++){ if(isEmuNand) sdmmc_sdcard_readsectors(count*nsectors, nsectors, buf); else sdmmc_nand_readsectors(count*nsectors, nsectors, buf); FileWrite(&myFile, buf, nsectors*NAND_SECTOR_SIZE, count*NAND_SECTOR_SIZE*nsectors); TryScreenShot(); if((count % (int)(getNandSize()/NAND_SECTOR_SIZE/nsectors/PROGRESS_WIDTH)) == 0 && count != 0){ DrawString(BOT_SCREEN, strings[STR_PROGRESS_OK], x+(FONT_WIDTH*(progress++)), y, ConsoleGetTextColor(), ConsoleGetBackgroundColor()); } unsigned int pad = GetInput(); if (pad & BUTTON_B) { FileClose(&myFile); goto end; } } if(isEmuNand){ sdmmc_sdcard_readsectors(checkEmuNAND()/0x200, 1, buf); FileWrite(&myFile, buf, 0x200, 0); } FileClose(&myFile); print(strings[STR_COMPLETED]); ConsoleShow(); }else{ print(strings[STR_FAILED]); ConsoleShow(); } end: print(strings[STR_PRESS_BUTTON_ACTION], strings[STR_BUTTON_A], strings[STR_CONTINUE]); ConsoleShow(); WaitForButton(BUTTON_A); }