Add TWL Cart support to NTR Cart Dumping...

[ApacheThunder]

Normmatt appears to have taken the liberty of adding TWL cart support to the NTR cart dumper you recently added:

https://gist.github.com/Normmatt/fe9c0308b6bec86443f9e94620b7aeff

It's in the form of a gist though. So I'll leave it to you to sort out the changes. :P

This should add support to allow dumping of DSi Enhanced games. I have not personally tested this however. My build environment is too out of date right now for me to compile this. :P

[YodaDaCoda]

I compiled and had someone in Discord test - it failed to dump Pokemon Black 2 with

Error reading secure data
Invalid secure area. (37898C54 34196416)

[ApacheThunder]

Yeah Normmatt is still cleaning it up. It's nearly there now. But minor corruption in the DSi Secure area and some junk data in the 0x1000 that needs to be removed. For NTR mode only stuff, it's already functional, but for the sake of having proper dumps, it's best to wait till the DSi extended area gets dumped correctly. :D

[ApacheThunder]

Normmatt has updated it. It now dumps TWL carts correctly. This is ready to be added. :D

[YodaDaCoda]

The new revision in the gist is the same diff as previous, copied below itself.

[d0k3]

Added in https://github.com/d0k3/Decrypt9WIP/commit/0d5a05f76646a03a518f31c74cf05213d4539942 Please test!

[JustForNothing]

Dumped Pokemon Platinium and Pokemon W2 successfully (both work on desmume) But "Invalid secure area.(F3D59990 687A6856)" for PokemonW2 Also DSTWO (not +) dump failed

Tested with the lastest commit

[d0k3]

Alright, could someone also test dumping a regular (non-DSi) DS cart? Just to make sure nothing is broken

[YodaDaCoda]

Using 0d5a05f76646a03a518f31c74cf05213d4539942

Failed to dump Pokemon Black, Pokemon White (TWL). Successfully dumped Pokemon SoulSilver (NTR).

Pokemon White log

Selected: [Dump NTR/TWL Cart (full)]
Cartridge ID: C001FFC2
Cartridge Type: NTR
Product name: POKEMON W
Product ID: IRAO01
Cartridge data size: 256MB
Cartridge used size: 195MB
Cartridge dump size: 256MB
Invalid SecureCartID. (B6884E00 != C001FFC2)
Error reading secure data
Dump NTR/TWL Cart (full): failed!

Press B to return, START to reboot.

Pokemon Black log:

Selected: [Dump NTR/TWL Cart (full)]
Cartridge ID: C001FFC2
Cartridge Type: NTR
Product name: POKEMON B
Product ID: IRBO01
Cartridge data size: 256MB
Cartridge used size: 195MB
Cartridge dump size: 256MB
Invalid SecureCartID. (B6884E00 != C001FFC2)
Error reading secure data
Dump NTR/TWL Cart (full): failed!

[JustForNothing]

Just tested Pokemon White, and I have the same error

[ghost]

The gist is at 4 revisions now.

At two revisions (the current d9 commit), it dumped biggest loser US and system flaw correctly according to dat-o-matic checksums

[ApacheThunder]

It dumped my Sonic Classic Collections cart correctly last night. (it will say there was an error reading DSi Secure area, but will dump anyway. There is a problem with the detection routine and Normmatt decided to leave that as is.

Not sure if he's done more work on it since I went to bed though. The build he sent me was fully functional in terms of dumping the TWL cart I did have. :P

[ghost]

"the gist is at 4 revisions now" - he did make changes after the d9 release.

[mariogamer2]

Sorry to be noobiest :),but when saying NTR,what is it? (NDS codename?) Same thing for TWL.

[ApacheThunder]

NTR is the code name used for DS/DS Lite. TWL is the code name for the DSi. ;) Also being that this has been implemented, I will close this issue now. :D

[YodaDaCoda]

I can confirm that the lastest gist revision (rev 4 at time of writing) does not dump TWL carts. Neither does revision 0d5a05f76646a03a518f31c74cf05213d4539942 in this repository.

Gist revision 3 doesn't apply (git apply gives errors). Revision 2 is revision 1 pasted twice. Revision 1 doesn't dump either.

I have not experienced what @ApacheThunder describes where it gives an error but dumps anyway.

[ghost]

I can confirm that the lastest gist revision (rev 4 at time of writing) does not dump TWL carts. Neither does revision 0d5a05f in this repository. Gist revision 3 doesn't apply (git apply gives errors). Revision 2 is revision 1 pasted twice. Revision 1 doesn't dump either. I have not experienced what @ApacheThunder describes where it gives an error but dumps anyway.

Dumped 4 test carts fine for me, both rev 2 and 4. System Flaw TWL good Biggest Loser TWL/NTR good DQV NTR good Pokmn PL NTR good

Both revisions gave the same results.

[YodaDaCoda]

Could the console itself be a factor? I'm using an AL9H'd o3DSXL.

Perhaps the cart is a factor? Can someone else test with Pokemon B/W?

I have no problems dumping NTR carts, only TWL.

[ghost]

Could the console itself be a factor? I'm using an AL9H'd o3DSXL.

Perhaps the cart is a factor? Can someone else test with Pokemon B/W?

I have no problems dumping NTR carts, only TWL.

Could you try this guys build? It seems to work for me http://gbatemp.net/attachments/decrypt9wip-20160811-181557-zip.58748/

[YodaDaCoda]

@idgrepthat

As you suggested, I used the Decrypt9WIP.bin from that archive and I got the same result.

Full log from that session:

Initializing SD card... success
Build: Decrypt9WIP (2016/08/11)
Work directory: /files9
Game directory: /files9
sector0x96 Key: loaded, stored
0x03 KeyX & KeyY: automatically set up
0x25 KeyX: loaded, verified, set up
0x18 KeyX: already set up
0x1B KeyX: loaded, verified, set up
0x24 KeyY: loaded, set up
Finalizing Initialization...

Initialization: success!

Selected: [Dump NTR/TWL Cart (full)]
Cartridge ID: C001FFC2
Cartridge Type: NTR
Product name: POKEMON W
Product ID: IRAO01
Cartridge data size: 256MB
Cartridge used size: 195MB
Cartridge dump size: 256MB
Invalid SecureCartID. (B6884E00 != C001FFC2)
Error reading secure data
Dump NTR/TWL Cart (full): failed!

Press B to return, START to reboot.

Selected: [Dump NTR/TWL Cart (trim)]
Cartridge ID: C001FFC2
Cartridge Type: NTR
Product name: POKEMON W
Product ID: IRAO01
Cartridge data size: 256MB
Cartridge used size: 195MB
Cartridge dump size: 195MB
Invalid SecureCartID. (B6884E00 != C001FFC2)
Error reading secure data
Dump NTR/TWL Cart (trim): failed!

Press B to return, START to reboot.

[ApacheThunder]

Perhaps it's not detecting that Secure area valid properly. It had this issue with the DSi Secure Area. Normmatt simply allowed it to dump anyways by bypassing the abort triggered by the error.

Perhaps the same can be done in NTR cart dump section. This would also allow dumping some flashcart roms since they don't have valid secure areas.

[ghost]

Huh. 2ds 9.2 a9lh here. I suppose it's a problem with those games. ^ and what apache said.

[YodaDaCoda]

Following on from what @ApacheThunder said, I applied the following patch to revision 0d5a05f76646a03a518f31c74cf05213d4539942 and to rev4 of the gist.

Dumped Pokemon White, but in both cases the sha1sum of the dumped file does not match scene release and does not run in emulator.

diff --git a/source/decryptor/game.c b/source/decryptor/game.c
index bb87ada..8d02dc1 100644
--- a/source/decryptor/game.c
+++ b/source/decryptor/game.c
@@ -1712,7 +1712,7 @@ u32 DumpTwlGameCart(u32 param)

    if (!NTR_Secure_Init (buff, Cart_GetID(), 0)) {
        Debug("Error reading secure data");
        [-return-]{+//return+} 1;
    }

    Debug("");

[ApacheThunder]

Yoda, you have that build? Would like to test and see if it dumps my DS-Xtreme properly now that you disabled the secure area check. :D

[YodaDaCoda]

@ApacheThunder You can give it a try if you want...

D9WIP-twltest-201608121138.zip

Edit: that's the modified build from rev4 of the gist.

[ApacheThunder]

Thanks. I tested that build compared to the build Normmatt had me test last night. It still dumps my Sonic Classic Collection game correctly (boots in No$GBA in DSi mode). So not sure how others here aren't getting the same results.

As for the DS-X, it dumps with corruption in the arm9 region and beyond just as it does in wooddumper. :(

Fortunately I've dumped this cart by other means I just wanted to see if this will prove useful for other trouble some flashcarts. But it appears it will run into the same problem. Oddly NDS Backup Tool Wifi is the one that does dump the DS-X correctly. I have a card swapper device hence I'm able to use it. :P

[d0k3]

Alright, as this issue is still not 100% resolved, I'm reopening it now. Once there is some progress and this is reliable enough, please send me a pull request.

[ghost]

I saw people have issues dumping Pokemon White and Black. I used the latest precompiled version. Pokemon White dumped fine, Black didn't. It showed the same error like in the other comments. Both versions are PAL/German

[Dimensional]

I get the feeling that because these games are just DSi enhanced, they have essentially an NTR header with just extra code for the DSi features. Maybe this will require some sort of white list for false negatives of DSi games.

[d0k3]

This issue was open for a while, so, are there some more ideas? A whitelist is okay, but only if this is for just a handful of titles. And I'll still need to see how this works.

[Dimensional]

Given there aren't that many DSi-Enhanced games to begin with, I don't see the whitelist getting too big. Sadly, I have no clue where to start with how to make it work. Clearly each game has their own unique header. The only thing that needs to be done is verifying the DSi-only code, if it's encrypted.

[d0k3]

Hoping to get this discussion going again, here's an incomplete list of DSi enhanced titles: http://www.rfgeneration.com/blogs/pdrydia/DSi-enhanced-titles-an-incomplete-list-1969.php

It's more than you guys think. A whitelist is not really a good solution, I think. Can anyone add information here that would help?

[james-d-elliott]

I have a friend with all of the DS/DSi/3DS Pokemon games. If that helps in any way - I'm assuming if I use the dump private header option, I can then compare the headers and see if there are any obvious differences between them which may assist in identifying the DSi games?

[the4anoni]

How can i dump pokekon black via hourglass9 ?

[d0k3]

I'm pretty sure you guys already thought I gave up on this issue, but I'm actually still doing my homework on it. I did some research and I now at least somewhat understand how the NDS and DSi dumping process works.

What would really help me is:

• (1) a bad dump of a DSi enhanced or DSi only cart, as dumped by D9
• (2) the same cart dumped via GM9 (link to test build below)
• (3) a confirmed good dump of the same cart

Now, when I say confirmed good, CRC checking it with no-intro is not enough. You need a dump that can actually run in DSi mode (should be able to confirm via NDStool / no$GBA / certain flashcards), when the D9 / GM9 dump cannot.

Anyone able to provide this?

Link to GodMode9 test build: https://transfer.sh/nY07U/godmode9-20170114-173114.zip (just copy the dump from the C: drive)

[YodaDaCoda]

I'm using a Pokemon White cart, which is on the list of DSi games linked above.

Using the GM9 build you linked, the first time I open C: I get an error "Invalid SecureCartID (B6884E00 != C001FFC2)" and then no files in the list. If I back out and open C: again, I can see two "0 Byte" files named "POKEMON W.nds" and "POKEMON W.trim.nds". Opening them in the built-in hex editor shows they're empty. Copying them to the SDCard just gives me two 0-byte files of the same names.

[d0k3]

D9 does not dump it at all, right?

[YodaDaCoda]

Correct, using the latest release of D9 I get the exact same SecureCartID message and no file dumped.

[d0k3]

Alright... so, is there a known good dump of Pokemon White? You may try this test build: https://transfer.sh/zqnRj/godmode9-20170116-010022.zip

This will still show that prompt, but will allow you to dump nonetheless. If you can dump it, and if there is a known good one, we'd need to compare the two.

[YodaDaCoda]

I have a proper TWL dump of Pokemon White (verified using ndstool - see attached log - I'd appreciate if you could confirm?). I'll dump my cart using the test build linked above when I get home in about 4 hours.

How would you like to go about comparing the two?

Edit: Dumped. Awaiting your instructions.

[d0k3]

Thanks a lot!

I'll basically only need two segments of data from these dumped roms:

• 0x8000 byte @ 0x0000000 (header + secure area, first 0x8000 byte of file)
• 0x4000 byte @ 0xC403000 (modcrypt area)

The only difference between the two files should be in the modcrypt area, everything else should be identical (let me know if there are actually more differences).

As for the NDSTool log, I am not entirely sure. We have: "Segment3 CRC (0x3000-0x3FFF)0x0000 (INVALID)". It would be even better to have this run in no$GBA, in DSi mode. Can you show me the log for the improper dump, too?

[YodaDaCoda]

Mind if I email you?

[pixel-stuck]

@d0k3 ndstool, to quote WinterMute, isn't really DSi aware, so you'll always get that CRC mismatch on segment 3

On Mon, Jan 16, 2017, 6:02 AM William Pickering notifications@github.com wrote:

Mind if I email you?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/d0k3/Decrypt9WIP/issues/74#issuecomment-272832317, or mute the thread https://github.com/notifications/unsubscribe-auth/ADd1uGwDgVSnTPU9ow3AV6BIOwkC__bWks5rS05hgaJpZM4Jhv97 .

[YodaDaCoda]

Ok I changed to a Pokemon Black cart for reasons.

NDSTool logs: GM9 TWL

It's interesting to note that ndstool reports the same securearea crc for both, but reports it as being invalid for the gm9 dump.

I can't upload the file chunks, but...

• The header area is the same up until 0x4000 - they differ from 0x4000-0x8000.
• The modcrypt area is entirely different

I can't for the life of me seem to get no$gba to run a rom in DSi mode. I think I need different BIOS files or something.

[pixel-stuck]

@YodaDaCoda you need a NAND from a real DSi to use games in DSi mode...

[YodaDaCoda]

@dark-samus from what I understand, that would require a DSi-mode flashcard? I don't think I have the resources to pull that off.

[d0k3]

@YodaDaCoda email is okay, too, ofc.

[d0k3]

@YodaDaCoda - 0x4000....0x8000 is the NTR Secure area. There actually should never be anything wrong with that, and if it is borked, that would mean that not even NTR mode would work with that dump. This may be even worse than I thought... I assume the areas that were different were completely different and also not just something like switched or anything like that?

[pixel-stuck]

@YodaDaCoda nah, gamecarts can't access NAND (or at least no official gamecart can) you'd need a hardmod or DSiwarehax... Someone released a DSi NAND image in chat the other day (not on any forums)

[d0k3]

@YodaDaCoda - thanks for providing the chunks I asked for. The secure area is different because the "TWL" dump has it decrypted, while GM9 left it encrypted (cause the CycloDS does not like decrypted secure areas). The problem may even be identical for the modcrypt area.

Can you try again with this test build? https://transfer.sh/qXGh5/godmode9-20170117-104102.zip This will do the decryption that was previously left out.

[d0k3]

Okay, here's a newer test build, including a fix provided by @Normmatt. If you can, please test: https://transfer.sh/DHXy0/godmode9-20170118-012910.zip