Compare commits
25 Commits
Author | SHA1 | Date |
---|---|---|
Bluzume | fee51c075a | |
Bluzume | 9a860232b2 | |
Bluzume | 399ee390ec | |
Bluzume | 4ba45cb957 | |
Bluzume | 86beb6d197 | |
Bluzume | 1eacddeb09 | |
SilicaAndPina | 628e91efe8 | |
Bluzume | 490ebad2f4 | |
Bluzume | ee0e4f8c8d | |
Bluzume | 72fce1c6ab | |
Bluzume | c10ca1ee8b | |
Bluzume | 3919db2167 | |
Bluzume | b719a14cf3 | |
Bluzume | 3d412f576f | |
Bluzume | 52156e0445 | |
Bluzume | c790692345 | |
Bluzume | 141492307f | |
Bluzume | e42b16a8f5 | |
Bluzume | 1c637b4316 | |
Bluzume | b72083dfe2 | |
Bluzume | 994c87e95f | |
Bluzume | 8142e5f0c0 | |
Bluzume | b92a181093 | |
Bluzume | 7ca4f660cc | |
Bluzume | 2107028bd3 |
23
README.md
|
@ -1,2 +1,25 @@
|
||||||
# eCDP-Serial-Code
|
# eCDP-Serial-Code
|
||||||
|
*Dont want to download anything? try using my web interface(tm): https://ecdp.cbps.xyz/.*
|
||||||
|
|
||||||
Generates "Serial Code" for the rarest DS Game ever; eCDP !
|
Generates "Serial Code" for the rarest DS Game ever; eCDP !
|
||||||
|
|
||||||
|
Windows and Linux Binaries: https://github.com/KuromeSan/eCDP-Serial-Code/releases/latest
|
||||||
|
|
||||||
|
# Other implementations:
|
||||||
|
|
||||||
|
-- Python
|
||||||
|
|
||||||
|
Turns out "LazyDogP" was reversing it around the same time i was, writing his own implementation in python, ulthough i beat him to it by 2 days,
|
||||||
|
mine was completed on Nov 25, 2020 (sometime before midnight probably, on commit https://github.com/KuromeSan/eCDP-Serial-Code/commit/01a79303ac327262b3bf775bead79afe08821f19)
|
||||||
|
|
||||||
|
his was completed on Nov 27, 2020, ulthough he lost the race he didnt know he was competing in but still a good reversing effort,
|
||||||
|
https://gist.github.com/lazydogP/57c431cc7fddb5b969559c4c8cd8c881
|
||||||
|
|
||||||
|
mine acturally worked like 50% of the time the day before that but im not counting that because it wasnt 100% success.
|
||||||
|
|
||||||
|
-- JavaScript
|
||||||
|
|
||||||
|
One of the users on the eCDP Speedrunning discord called "User670" ported the algorithm to JavaScript, based on LazyDogP's version
|
||||||
|
since python is closer to JS than C is .. so i am now using his version for the Web Interface rather than running my C Code via php exec()
|
||||||
|
like i was doing before, its slightly faster, and more secure to do it this way too since i dont risk someone finding a way to break out of the exec()
|
||||||
|
and run arbitary code.. so yeah.
|
||||||
|
|
After Width: | Height: | Size: 154 B |
After Width: | Height: | Size: 14 KiB |
After Width: | Height: | Size: 12 KiB |
After Width: | Height: | Size: 16 KiB |
After Width: | Height: | Size: 15 KiB |
|
@ -0,0 +1,77 @@
|
||||||
|
body{
|
||||||
|
background-color: black;
|
||||||
|
background-image: linear-gradient(to bottom, rgba(255, 0, 0, 0.70), rgba(0, 0, 0, 0.70)),url('bg.gif');
|
||||||
|
background-repeat: repeat;
|
||||||
|
text-align:center;
|
||||||
|
}
|
||||||
|
.keygen{
|
||||||
|
display: inline-block;
|
||||||
|
top: 15%;
|
||||||
|
|
||||||
|
position: relative;
|
||||||
|
padding:20px;
|
||||||
|
width:50%;
|
||||||
|
text-align:center;
|
||||||
|
background-image: linear-gradient(#00e000, green);
|
||||||
|
color: white;
|
||||||
|
border-radius: 5px;
|
||||||
|
animation: scroll 50s infinite linear;
|
||||||
|
}
|
||||||
|
|
||||||
|
.macAddr{
|
||||||
|
width: 60px;
|
||||||
|
padding: 12px 20px;
|
||||||
|
margin: 8px 0;
|
||||||
|
border-radius: 100%;
|
||||||
|
background-image: linear-gradient(black, #2a2a2b);
|
||||||
|
color:white;
|
||||||
|
}
|
||||||
|
|
||||||
|
.button{
|
||||||
|
width: 60%;
|
||||||
|
margin-top:50px;
|
||||||
|
padding:12px;
|
||||||
|
border-radius: 4px;
|
||||||
|
background-image: linear-gradient(yellow, #ad9f02);
|
||||||
|
color: black;
|
||||||
|
}
|
||||||
|
.dice{
|
||||||
|
width: 40px;
|
||||||
|
height: 40px;
|
||||||
|
border: 0px;
|
||||||
|
float: right;
|
||||||
|
background: url(dice.gif);
|
||||||
|
background-size:cover;
|
||||||
|
cursor: default;
|
||||||
|
}
|
||||||
|
.dice:hover{
|
||||||
|
background: url(dice-hover.gif);
|
||||||
|
background-size:cover;
|
||||||
|
cursor: pointer;
|
||||||
|
}
|
||||||
|
.dice:active{
|
||||||
|
background: url(dice-click.gif);
|
||||||
|
background-size:cover;
|
||||||
|
cursor: pointer;
|
||||||
|
}
|
||||||
|
.entry{
|
||||||
|
width: 56%;
|
||||||
|
padding-top:12px;
|
||||||
|
padding-bottom:12px;
|
||||||
|
padding-left:12px;
|
||||||
|
border-radius: 4px;
|
||||||
|
background-image: linear-gradient(black, #2a2a2b);
|
||||||
|
color:white;
|
||||||
|
}
|
||||||
|
.leaveOffering{
|
||||||
|
text-align:center;
|
||||||
|
width:100%;
|
||||||
|
padding: 20px;
|
||||||
|
color: white;
|
||||||
|
font-size: 140%;
|
||||||
|
font-weight: bold;
|
||||||
|
}
|
||||||
|
.askRonald{
|
||||||
|
float:left;
|
||||||
|
padding-right: 3%;
|
||||||
|
}
|
|
@ -0,0 +1,261 @@
|
||||||
|
// Keygen for McDonald's eCDP (eCrew Development Program),
|
||||||
|
// a Nintendo DS software to train employees.
|
||||||
|
// This keygen is for the only dumped Japanese version of eCDP.
|
||||||
|
// ROM: https://archive.org/details/mcdonalds-japan-ecdp-rom-training-nintendo-ds-cartridge-dump
|
||||||
|
|
||||||
|
// Usage: Select the third option in main menu, enter two 6-digit numbers as you like,
|
||||||
|
// and use this script to calculate the third code.
|
||||||
|
|
||||||
|
// Web/JavaScript port info:
|
||||||
|
// This is based on LazyDog's keygen in Python, located at the URL below:
|
||||||
|
// https://gist.github.com/lazydogP/57c431cc7fddb5b969559c4c8cd8c881
|
||||||
|
//
|
||||||
|
// I know there is one that beats him by 2 days
|
||||||
|
// (https://github.com/KuromeSan/eCDP-Serial-Code ),
|
||||||
|
// but that one is written in C which I hardly understand in the first place,
|
||||||
|
// and also uses some library that I have no idea what that is.
|
||||||
|
// At least this Python one I can understand.
|
||||||
|
|
||||||
|
|
||||||
|
function toUnsigned(n){
|
||||||
|
if(n>=0)return n;
|
||||||
|
return 4294967296+n;
|
||||||
|
}
|
||||||
|
|
||||||
|
function rol(n, rotation){
|
||||||
|
// Original rol function has an optional parameter "width" that defaults
|
||||||
|
// to 32. I'm gonna hard code it because the only instance of this
|
||||||
|
// function call doesn't include this parameter, ... and the fact that
|
||||||
|
// new JS standards kinda make me feel confused about what you can and
|
||||||
|
// can't do in JS.
|
||||||
|
var width=32;
|
||||||
|
rotation%=width;
|
||||||
|
if(rotation==0){
|
||||||
|
return n;
|
||||||
|
}
|
||||||
|
n&=(2**width-1);
|
||||||
|
// Apparently bitwise operators treat numbers as a **signed** 32-bits
|
||||||
|
// Did conversion to match the Python
|
||||||
|
return toUnsigned((n<<rotation) | (n>> (width-rotation)));
|
||||||
|
}
|
||||||
|
|
||||||
|
function gen_index(sum_offset, length){
|
||||||
|
if(length==0){
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
if(length <= sum_offset){
|
||||||
|
var count=0x1c;
|
||||||
|
var seed=sum_offset>>4;
|
||||||
|
if(length <= seed>>0xc){
|
||||||
|
count-=0x10;
|
||||||
|
seed=seed>>0x10;
|
||||||
|
}
|
||||||
|
if(length <= seed>>4){
|
||||||
|
count-=8;
|
||||||
|
seed=seed>>8;
|
||||||
|
}
|
||||||
|
if(length<=seed){
|
||||||
|
count-=4;
|
||||||
|
seed=seed>>4;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Did someone say bitwise sucks in Python?
|
||||||
|
// It sucks here too
|
||||||
|
// Some bitwise replaced with equivalent regular maths because
|
||||||
|
// maths can handle numbers larger than 32 bits while
|
||||||
|
// bitwise can't
|
||||||
|
sum_offset=rol(sum_offset, count);
|
||||||
|
sum_offset*=2;
|
||||||
|
//carry=(sum_offset&(2**32))!=0;
|
||||||
|
carry=Math.floor(sum_offset/(2**32))%2
|
||||||
|
for(var i=count; i<32; i++){
|
||||||
|
seed= seed*2 + (2**32-length);
|
||||||
|
if(carry){
|
||||||
|
seed+=1;
|
||||||
|
}
|
||||||
|
carry=Math.floor(seed/(2**32))%2
|
||||||
|
seed%=(2**32)
|
||||||
|
if(!carry){
|
||||||
|
seed+=length;
|
||||||
|
seed%=(2**32)
|
||||||
|
}
|
||||||
|
sum_offset*=2;
|
||||||
|
carry=Math.floor(sum_offset/(2**32))%2;
|
||||||
|
sum_offset%=(2**32)
|
||||||
|
}
|
||||||
|
// why is there a `pass` in the original? There is no block to pass
|
||||||
|
return seed;
|
||||||
|
}else{
|
||||||
|
return sum_offset;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function gen_index_2(sum_offset, length){
|
||||||
|
return sum_offset%length;
|
||||||
|
}
|
||||||
|
|
||||||
|
function calc_shorten_index(input_merge){
|
||||||
|
var hex_char="0123456789ABCDEF";
|
||||||
|
var sum_offset=0;
|
||||||
|
for(var c of input_merge){
|
||||||
|
sum_offset+=hex_char.indexOf(c);
|
||||||
|
}
|
||||||
|
return gen_index(sum_offset, 7);
|
||||||
|
// and here's another `pass`
|
||||||
|
}
|
||||||
|
|
||||||
|
function shuffle(input_merge, shuffle_index){
|
||||||
|
var shuffle_map = [
|
||||||
|
[0x01,0x0A,0x16,0x04,0x07,0x18,0x0C,0x10,0x05,0x17,0x09,0x03,0x12,0x08,0x15,0x13,0x0B,0x02,0x0F,0x0D,0x11,0x0E,0x06,0x14],
|
||||||
|
[0x07,0x0C,0x0E,0x11,0x09,0x16,0x10,0x06,0x14,0x0D,0x01,0x02,0x12,0x08,0x13,0x0B,0x0F,0x0A,0x18,0x15,0x04,0x05,0x03,0x17],
|
||||||
|
[0x0F,0x04,0x09,0x03,0x06,0x07,0x11,0x12,0x15,0x16,0x02,0x08,0x05,0x17,0x0C,0x0D,0x01,0x18,0x0B,0x14,0x0E,0x10,0x13,0x0A],
|
||||||
|
[0x02,0x0A,0x0E,0x12,0x0B,0x03,0x0C,0x06,0x13,0x07,0x11,0x09,0x15,0x18,0x10,0x17,0x14,0x0F,0x04,0x01,0x05,0x08,0x16,0x0D],
|
||||||
|
[0x0B,0x02,0x09,0x16,0x14,0x01,0x12,0x11,0x15,0x06,0x0F,0x17,0x07,0x10,0x0C,0x0E,0x08,0x18,0x13,0x03,0x0A,0x0D,0x04,0x05],
|
||||||
|
[0x09,0x0F,0x05,0x0D,0x16,0x15,0x12,0x11,0x03,0x0A,0x04,0x10,0x0E,0x14,0x02,0x01,0x13,0x0C,0x06,0x0B,0x17,0x18,0x07,0x08],
|
||||||
|
[0x12,0x02,0x0C,0x09,0x0D,0x0E,0x04,0x07,0x16,0x14,0x17,0x01,0x11,0x03,0x10,0x15,0x08,0x0A,0x05,0x13,0x0B,0x18,0x0F,0x06]
|
||||||
|
];
|
||||||
|
var shuffle_method=shuffle_map[shuffle_index];
|
||||||
|
var shuffled_str="";
|
||||||
|
for(var i=0; i<0x18; i++){
|
||||||
|
shuffled_str+=input_merge[shuffle_method[i]-1];
|
||||||
|
}
|
||||||
|
return shuffled_str;
|
||||||
|
}
|
||||||
|
|
||||||
|
function hex2ints(hex_str){
|
||||||
|
var result=[];
|
||||||
|
for(var i=0; i<6; i++){
|
||||||
|
result.push(parseInt("0x"+hex_str.slice(4*i, 4*i+4)));
|
||||||
|
// JS parseInt recognizes 0x hex numbers, but can't otherwise handle
|
||||||
|
// other bases
|
||||||
|
}
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
function ints_encrypt(numbers){
|
||||||
|
// never mind the bitwise nonsenses
|
||||||
|
var key=0x3e0f83e1; //good news it's 32 bits
|
||||||
|
result=[];
|
||||||
|
for(var i=0; i<6; i++){
|
||||||
|
var r0=Math.floor(numbers[i]/(2**0x1f));
|
||||||
|
var mul=key*numbers[i]; //wait how many bits are we getting here?
|
||||||
|
var r2= mul%(2**32);
|
||||||
|
var r6= Math.floor(mul/(2**32));
|
||||||
|
r6=r0+r6>>3;
|
||||||
|
mul=0x21*r6;
|
||||||
|
r0=mul%(2**32);
|
||||||
|
r2=Math.floor(mul/(2**32));
|
||||||
|
r6=numbers[i]-r0;
|
||||||
|
result.push(r6+1);
|
||||||
|
}
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
function ints2str(numbers){
|
||||||
|
var chars="123456789ABCDEFGHJKLMNPQRSTUVWXYZ";
|
||||||
|
var s="";
|
||||||
|
for(var i of numbers){
|
||||||
|
s+=chars[i-1];
|
||||||
|
}
|
||||||
|
return s;
|
||||||
|
}
|
||||||
|
|
||||||
|
function calc_serial_code(mac_code, code1, code2){
|
||||||
|
var full_code=mac_code.toUpperCase()+code1+code2;
|
||||||
|
var shorten_index=calc_shorten_index(full_code);
|
||||||
|
var shuffle_str=shuffle(full_code, shorten_index);
|
||||||
|
var shuffle_numbers=hex2ints(shuffle_str);
|
||||||
|
var encrypted_numbers=ints_encrypt(shuffle_numbers);
|
||||||
|
var serial_code=ints2str(encrypted_numbers);
|
||||||
|
return serial_code;
|
||||||
|
}
|
||||||
|
|
||||||
|
// starting here is not present in the original code
|
||||||
|
// made these for web and such
|
||||||
|
function input_sanitizer(mac_code, code1, code2){
|
||||||
|
var mac=""
|
||||||
|
for(var c of mac_code){
|
||||||
|
if(("0123456789AaBbCcDdEeFf").indexOf(c)!=-1){
|
||||||
|
mac+=c
|
||||||
|
}
|
||||||
|
}
|
||||||
|
var c1=""
|
||||||
|
for(var c of code1){
|
||||||
|
if(("0123456789").indexOf(c)!=-1){
|
||||||
|
c1+=c
|
||||||
|
}
|
||||||
|
}
|
||||||
|
var c2=""
|
||||||
|
for(var c of code2){
|
||||||
|
if(("0123456789").indexOf(c)!=-1){
|
||||||
|
c2+=c
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if(mac.length!=12 || c1.length!=6 || c2.length!=6){
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
return calc_serial_code(mac, c1, c2)
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* SilicaAndPina Code start here
|
||||||
|
*/
|
||||||
|
|
||||||
|
window.addEventListener("load", function() {
|
||||||
|
dsiMacs = [dsiMac0, dsiMac1, dsiMac2, dsiMac3, dsiMac4, dsiMac5];
|
||||||
|
});
|
||||||
|
|
||||||
|
|
||||||
|
function placeOffering()
|
||||||
|
{
|
||||||
|
var macAddress = "";
|
||||||
|
dsiMacs.forEach(function(i){ macAddress += i.value });
|
||||||
|
|
||||||
|
var sId = storeId.value;
|
||||||
|
var mId = managementId.value;
|
||||||
|
var key = input_sanitizer(macAddress, sId, mId)
|
||||||
|
if(key != "")
|
||||||
|
offering.innerText = "Donald McDonald speaks with a cryptic message: "+key;
|
||||||
|
else
|
||||||
|
offering.innerText = "Donald McDonald looks at you, disgusted, throwing your Big Mac right back at you.";
|
||||||
|
}
|
||||||
|
|
||||||
|
function getRandomInt(min, max) {
|
||||||
|
min = Math.ceil(min);
|
||||||
|
max = Math.floor(max);
|
||||||
|
return Math.floor(Math.random() * (max - min + 1)) + min;
|
||||||
|
}
|
||||||
|
|
||||||
|
function randomizeStoreNumber()
|
||||||
|
{
|
||||||
|
storeId.value = getRandomInt(0,999999).toString().padStart(6, "0");
|
||||||
|
}
|
||||||
|
|
||||||
|
function randomizeManagerNumber()
|
||||||
|
{
|
||||||
|
managementId.value = getRandomInt(0,999999).toString().padStart(6, "0");
|
||||||
|
}
|
||||||
|
|
||||||
|
function numbersOnly(elem)
|
||||||
|
{
|
||||||
|
elem.value = elem.value.replace(/[^0-9]/g, '');
|
||||||
|
}
|
||||||
|
function clickjack()
|
||||||
|
{
|
||||||
|
playAudio.play();
|
||||||
|
}
|
||||||
|
function detectChanges(index)
|
||||||
|
{
|
||||||
|
var elem = dsiMacs[index];
|
||||||
|
elem.value = elem.value.toUpperCase().replace(/[^A-F0-9]/g, '');
|
||||||
|
|
||||||
|
if(elem.value.length >= elem.maxLength)
|
||||||
|
{
|
||||||
|
if(index+1 < dsiMacs.length)
|
||||||
|
{
|
||||||
|
dsiMacs[index+1].select();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
After Width: | Height: | Size: 111 KiB |
|
@ -0,0 +1,38 @@
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<title> McKeygen - Serial Key Generator for eCDP</title>
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=0.2">
|
||||||
|
<link rel="stylesheet" type="text/css" href="ecdp.css">
|
||||||
|
<script src="ecdp.js"></script>
|
||||||
|
</head>
|
||||||
|
|
||||||
|
<body onclick="clickjack()">
|
||||||
|
<audio autoplay loop id="playAudio">
|
||||||
|
<source src="BG_09.mp3">
|
||||||
|
</audio>
|
||||||
|
|
||||||
|
<div class="keygen">
|
||||||
|
<img src="donald.jpg" class="askRonald" width="228" height="406">
|
||||||
|
<div class="leaveOffering"> Leave an offering for Donald McDonald </div>
|
||||||
|
DSi Mac Address:<br>
|
||||||
|
<input type="text" id="dsiMac0" class="macAddr" value="00" maxlength="2" onclick="dsiMac0.select();" oninput="detectChanges(0);"> :
|
||||||
|
<input type="text" id="dsiMac1" class="macAddr" value="00" maxlength="2" onclick="dsiMac1.select();" oninput="detectChanges(1);"> :
|
||||||
|
<input type="text" id="dsiMac2" class="macAddr" value="00" maxlength="2" onclick="dsiMac2.select();" oninput="detectChanges(2);"> :
|
||||||
|
<input type="text" id="dsiMac3" class="macAddr" value="00" maxlength="2" onclick="dsiMac3.select();" oninput="detectChanges(3);"> :
|
||||||
|
<input type="text" id="dsiMac4" class="macAddr" value="00" maxlength="2" onclick="dsiMac4.select();" oninput="detectChanges(4);"> :
|
||||||
|
<input type="text" id="dsiMac5" class="macAddr" value="00" maxlength="2" onclick="dsiMac5.select();" oninput="detectChanges(5);"><br>
|
||||||
|
Store Number:<br>
|
||||||
|
<input type="text" id="storeId" class="entry" maxlength="6" onclick="storeId.select();" oninput="numbersOnly(storeId);"><button onclick="randomizeStoreNumber();" class="dice"></button><br>
|
||||||
|
Store Management Number of DS Card:<br>
|
||||||
|
<input type="text" id="managementId" class="entry" value="000000" maxlength="6" onclick="managementId.select();" oninput="numbersOnly(managementId);"><button onclick="randomizeManagerNumber();" class="dice"></button><br>
|
||||||
|
<input type="submit" id="generate_password" class="button" value="Place Offering" onclick="placeOffering()"><br>
|
||||||
|
<div id="offering">Original by Silica, later ported to JavaScript by @User670.</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<script>
|
||||||
|
randomizeStoreNumber();
|
||||||
|
randomizeManagerNumber();
|
||||||
|
</script>
|
||||||
|
|
||||||
|
</body>
|
||||||
|
</html>
|
After Width: | Height: | Size: 1.6 KiB |
After Width: | Height: | Size: 15 KiB |
|
@ -0,0 +1,270 @@
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
char key[0xA8] = { 0x01,0x0A,0x16,0x04,0x07,0x18,0x0C,0x10,0x05,0x17,0x09,0x03,0x12,0x08,0x15,0x13,0x0B,0x02,0x0F,0x0D,0x11,0x0E,0x06,0x14,0x07,0x0C,0x0E,0x11,0x09,0x16,0x10,0x06,0x14,0x0D,0x01,0x02,0x12,0x08,0x13,0x0B,0x0F,0x0A,0x18,0x15,0x04,0x05,0x03,0x17,0x0F,0x04,0x09,0x03,0x06,0x07,0x11,0x12,0x15,0x16,0x02,0x08,0x05,0x17,0x0C,0x0D,0x01,0x18,0x0B,0x14,0x0E,0x10,0x13,0x0A,0x02,0x0A,0x0E,0x12,0x0B,0x03,0x0C,0x06,0x13,0x07,0x11,0x09,0x15,0x18,0x10,0x17,0x14,0x0F,0x04,0x01,0x05,0x08,0x16,0x0D,0x0B,0x02,0x09,0x16,0x14,0x01,0x12,0x11,0x15,0x06,0x0F,0x17,0x07,0x10,0x0C,0x0E,0x08,0x18,0x13,0x03,0x0A,0x0D,0x04,0x05,0x09,0x0F,0x05,0x0D,0x16,0x15,0x12,0x11,0x03,0x0A,0x04,0x10,0x0E,0x14,0x02,0x01,0x13,0x0C,0x06,0x0B,0x17,0x18,0x07,0x08,0x12,0x02,0x0C,0x09,0x0D,0x0E,0x04,0x07,0x16,0x14,0x17,0x01,0x11,0x03,0x10,0x15,0x08,0x0A,0x05,0x13,0x0B,0x18,0x0F,0x06 };
|
||||||
|
char* hex_values = "0123456789ABCDEF";
|
||||||
|
char* password_chars = "123456789ABCDEFGHJKLMNPQRSTUVWXYZ";
|
||||||
|
unsigned short output_vals[6];
|
||||||
|
|
||||||
|
void substitute(char* input, char* output, int multiply_by)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
char* keyChar;
|
||||||
|
|
||||||
|
i = 0;
|
||||||
|
keyChar = (char*)(multiply_by * 0x18 + (key));
|
||||||
|
for(int i = 0; i < 0x18; i++) {
|
||||||
|
output[i] = input[*keyChar + -1];
|
||||||
|
keyChar ++;
|
||||||
|
}
|
||||||
|
output[0x18] = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
int the_crazy_math_part(unsigned int val1, unsigned int val2, int carry, int start_at)
|
||||||
|
{
|
||||||
|
int c = carry;
|
||||||
|
|
||||||
|
long long r1 = 0xFFFFFFF9;
|
||||||
|
long long r0 = val1;
|
||||||
|
long long r3 = val2;
|
||||||
|
|
||||||
|
|
||||||
|
// yes this is just the asm implemented in C, dont @ me
|
||||||
|
|
||||||
|
for (int i = start_at; i < 0x20; i++)
|
||||||
|
{
|
||||||
|
// adcs r3,r1,r3,lsl 1h
|
||||||
|
r3 = (r1 + (r3 << 1)) + c; //same as r3 = (r3+(r1 * 2)) + c;
|
||||||
|
c = (r3 >> 32); // set c flag
|
||||||
|
r3 &= 0xFFFFFFFF;
|
||||||
|
|
||||||
|
// subcc r3,r3,r1
|
||||||
|
if (!c)
|
||||||
|
{
|
||||||
|
r3 = (r3 - r1);
|
||||||
|
r3 &= 0xFFFFFFFF;
|
||||||
|
}
|
||||||
|
|
||||||
|
// adcs r0,r0,r0
|
||||||
|
r0 = r0 + r0 + c; //Same as r0 = (r0 * 2) + c;
|
||||||
|
c = (r0 >> 32); // set c flag
|
||||||
|
r0 &= 0xFFFFFFFF;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
return r3;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
int find_multiplier(char* system_in)
|
||||||
|
{
|
||||||
|
int total_iterations = 0;
|
||||||
|
int ii = 0;
|
||||||
|
int next_var = 0;
|
||||||
|
|
||||||
|
char* system_in_base_ptr = system_in;
|
||||||
|
char* hex_values_ptr = hex_values;
|
||||||
|
for (int i = 0; i < strlen(system_in_base_ptr); i++)
|
||||||
|
{
|
||||||
|
char c = *system_in++;
|
||||||
|
char characters[2];
|
||||||
|
memset(characters, 0, 2);
|
||||||
|
characters[0] = c;
|
||||||
|
|
||||||
|
char* a2b = strstr(hex_values_ptr, characters);
|
||||||
|
next_var = a2b - (uintptr_t)hex_values_ptr;
|
||||||
|
if (!a2b)
|
||||||
|
next_var = 0;
|
||||||
|
total_iterations += next_var;
|
||||||
|
}
|
||||||
|
// step 2
|
||||||
|
|
||||||
|
unsigned int offset = 7;
|
||||||
|
|
||||||
|
if (offset <= total_iterations)
|
||||||
|
{
|
||||||
|
int c = 0;
|
||||||
|
int start_at = 0x1c;
|
||||||
|
unsigned int r3 = total_iterations >> 4;
|
||||||
|
if (offset <= r3 >> 0xC)
|
||||||
|
{
|
||||||
|
start_at -= 0x10;
|
||||||
|
r3 >>= 0x10;
|
||||||
|
}
|
||||||
|
if (offset <= r3 >> 0x10)
|
||||||
|
{
|
||||||
|
start_at -= 0x8;
|
||||||
|
r3 >>= 0x8;
|
||||||
|
}
|
||||||
|
if (offset <= r3)
|
||||||
|
{
|
||||||
|
start_at -= 0x4;
|
||||||
|
r3 >>= 0x4;
|
||||||
|
}
|
||||||
|
|
||||||
|
unsigned int r0 = total_iterations << (start_at & 0xFF);
|
||||||
|
|
||||||
|
|
||||||
|
c = ((long long int)r0 * 2) > 0xFFFFFFFF;
|
||||||
|
r0 = r0 * 2;
|
||||||
|
|
||||||
|
// printf("Starting Carry: %x\n", c);
|
||||||
|
|
||||||
|
|
||||||
|
return the_crazy_math_part(r0, r3, c, start_at);
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
unsigned int hex_to_bytes(char* input, int iterator)
|
||||||
|
{
|
||||||
|
char* iteration;
|
||||||
|
char* final_char;
|
||||||
|
int result;
|
||||||
|
int i;
|
||||||
|
char* current_char;
|
||||||
|
char* enc = hex_values;
|
||||||
|
result = 0;
|
||||||
|
i = 0;
|
||||||
|
current_char = input + iterator;
|
||||||
|
int ii = 0xc;
|
||||||
|
do {
|
||||||
|
char curChar[2];
|
||||||
|
memset(curChar, 0x00, 2);
|
||||||
|
curChar[0] = current_char[0];
|
||||||
|
|
||||||
|
iteration = strstr(enc, curChar);
|
||||||
|
final_char = iteration + -(intptr_t)enc;
|
||||||
|
if (iteration == (char*)0x0) {
|
||||||
|
final_char = (char*)0x0;
|
||||||
|
}
|
||||||
|
i = i + 1;
|
||||||
|
result = result + ((int)final_char << (ii & 0xff));
|
||||||
|
ii = ii - 4 & 0xffff;
|
||||||
|
current_char = current_char + 1;
|
||||||
|
} while (i < 4);
|
||||||
|
return result & 0xffff;
|
||||||
|
}
|
||||||
|
|
||||||
|
void generate_password(unsigned short* input, char* output)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
i = 0;
|
||||||
|
do {
|
||||||
|
output[i] = password_chars[input[i] - 1];
|
||||||
|
i = i + 1;
|
||||||
|
} while (i < 6);
|
||||||
|
output[i] = '\0';
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
int main(int argc, char* argv[])
|
||||||
|
{
|
||||||
|
char maccas_id[64];
|
||||||
|
char mannager_id[64];
|
||||||
|
char mac_address[64];
|
||||||
|
char formatted[64];
|
||||||
|
char encoded[64];
|
||||||
|
char final_key[100];
|
||||||
|
char total_output [64];
|
||||||
|
int iterator = 0;
|
||||||
|
int i = 0;
|
||||||
|
int ii = 0;
|
||||||
|
memset(mac_address, 0x00, 64);
|
||||||
|
memset(maccas_id, 0x00, 64);
|
||||||
|
memset(mannager_id, 0x00, 64);
|
||||||
|
|
||||||
|
if(argc >= 4){
|
||||||
|
strncpy(mac_address,argv[1],63);
|
||||||
|
strncpy(maccas_id,argv[2],63);
|
||||||
|
strncpy(mannager_id,argv[3],63);
|
||||||
|
goto run;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// printf("eCDP Serial Number Generator\n");
|
||||||
|
// printf("Credits: SilicaAndPina (Reversing, writing code), Rufis_ (ARM asm help)\n");
|
||||||
|
// printf("-- A backdoor on the worlds rarest DS game.\n");
|
||||||
|
|
||||||
|
|
||||||
|
entry:
|
||||||
|
|
||||||
|
|
||||||
|
// printf("Enter your NDS's Mac Address (ALL uppercase, no seperators): ");
|
||||||
|
fgets(mac_address, 64, stdin);
|
||||||
|
int len = 0;
|
||||||
|
|
||||||
|
len = strlen(mac_address)-1;
|
||||||
|
mac_address[len] = '\0'; // remove \n
|
||||||
|
if (len != 12)
|
||||||
|
goto entry;
|
||||||
|
|
||||||
|
|
||||||
|
// printf("Enter McDonalds 'Store Number' (first 6 digit entry): ");
|
||||||
|
fgets(maccas_id, 64, stdin);
|
||||||
|
|
||||||
|
len = strlen(maccas_id)-1;
|
||||||
|
maccas_id[len] = '\0';
|
||||||
|
if (len != 6)
|
||||||
|
goto entry;
|
||||||
|
|
||||||
|
|
||||||
|
// printf("Enter McDonalds 'Store Management Number of DS Card' (second 6 digit entry): ");
|
||||||
|
fgets(mannager_id, 64, stdin);
|
||||||
|
|
||||||
|
len = strlen(mannager_id)-1;
|
||||||
|
mannager_id[len] = '\0';
|
||||||
|
if (len != 6)
|
||||||
|
goto entry;
|
||||||
|
|
||||||
|
run:
|
||||||
|
snprintf(formatted, 64, "%s%s%s", mac_address, maccas_id, mannager_id);
|
||||||
|
// printf("Formatted Data: %s\n", formatted);
|
||||||
|
int multiplier = find_multiplier(formatted);
|
||||||
|
// printf("Multiplier: %x\n", multiplier);
|
||||||
|
substitute(formatted, encoded, multiplier);
|
||||||
|
// printf("Encoded Data: %s\n", encoded);
|
||||||
|
unsigned short password_values[6];
|
||||||
|
memset(password_values, 0x00, 6 * 2);
|
||||||
|
|
||||||
|
do {
|
||||||
|
int chr = hex_to_bytes(encoded, iterator);
|
||||||
|
i = ii + 1;
|
||||||
|
password_values[ii] = (unsigned short)chr;
|
||||||
|
iterator = iterator + 4;
|
||||||
|
ii = i;
|
||||||
|
} while (i < 6);
|
||||||
|
|
||||||
|
// printf("Password Values 1: ");
|
||||||
|
// for (int i = 0; i < 6; i++)
|
||||||
|
// {
|
||||||
|
// printf("%x ", password_values[i]);
|
||||||
|
// }
|
||||||
|
// printf("\n");
|
||||||
|
i = 0;
|
||||||
|
ii = 0;
|
||||||
|
do
|
||||||
|
{
|
||||||
|
i = ii;
|
||||||
|
int chr = password_values[ii++];
|
||||||
|
password_values[i] = chr % 33 + 1;
|
||||||
|
} while (ii < 6);
|
||||||
|
// printf("Password Values 2: ");
|
||||||
|
// for (int i = 0; i < 6; i++)
|
||||||
|
// {
|
||||||
|
// printf("%x ", password_values[i]);
|
||||||
|
// }
|
||||||
|
// printf("\n");
|
||||||
|
generate_password(password_values, final_key);
|
||||||
|
printf("%s\n", final_key);
|
||||||
|
|
||||||
|
|
||||||
|
// printf("\n\nThou hast been reversed!\n");
|
||||||
|
// getchar();
|
||||||
|
}
|
|
@ -0,0 +1,52 @@
|
||||||
|
body{
|
||||||
|
background-image: url("bg.gif");
|
||||||
|
background-repeat: repeat;
|
||||||
|
text-align:center;
|
||||||
|
}
|
||||||
|
.keygen{
|
||||||
|
display: inline-block;
|
||||||
|
top: 15%;
|
||||||
|
|
||||||
|
position: relative;
|
||||||
|
padding:20px;
|
||||||
|
width:50%;
|
||||||
|
text-align:center;
|
||||||
|
background-color: green;
|
||||||
|
color: white;
|
||||||
|
border-radius: 4px;
|
||||||
|
}
|
||||||
|
.macAddr{
|
||||||
|
width: 60px;
|
||||||
|
padding: 12px 20px;
|
||||||
|
margin: 8px 0;
|
||||||
|
border-radius: 100%;
|
||||||
|
background-color: black;
|
||||||
|
color:white;
|
||||||
|
}
|
||||||
|
|
||||||
|
.button{
|
||||||
|
width: 60%;
|
||||||
|
margin-top:50px;
|
||||||
|
padding:12px;
|
||||||
|
border-radius: 4px;
|
||||||
|
background-color: yellow;
|
||||||
|
}
|
||||||
|
.entry{
|
||||||
|
width: 60%;
|
||||||
|
padding:12px;
|
||||||
|
border-radius: 4px;
|
||||||
|
background-color: black;
|
||||||
|
color:white;
|
||||||
|
}
|
||||||
|
.leaveOffering{
|
||||||
|
text-align:center;
|
||||||
|
width:100%;
|
||||||
|
padding: 20px;
|
||||||
|
color: white;
|
||||||
|
font-size: 140%;
|
||||||
|
font-weight: bold;
|
||||||
|
}
|
||||||
|
.askRonald{
|
||||||
|
float:left;
|
||||||
|
padding-right: 3%;
|
||||||
|
}
|
After Width: | Height: | Size: 111 KiB |
|
@ -0,0 +1,48 @@
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<title> McKeygen - Serial Key Generator for eCDP</title>
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=0.2">
|
||||||
|
<link rel="stylesheet" type="text/css" href="ecdp.css">
|
||||||
|
</head>
|
||||||
|
|
||||||
|
<body>
|
||||||
|
<div class="keygen">
|
||||||
|
<img src="donald.jpg" class="askRonald" width="228" height="406">
|
||||||
|
<div class="leaveOffering"> Leave an offering for Ronald McDonald </div>
|
||||||
|
DSi Mac Address:<br>
|
||||||
|
<input type="text" id="dsiMac0" class="macAddr" value="00" maxlength="2"> :
|
||||||
|
<input type="text" id="dsiMac1" class="macAddr" value="00" maxlength="2"> :
|
||||||
|
<input type="text" id="dsiMac2" class="macAddr" value="00" maxlength="2"> :
|
||||||
|
<input type="text" id="dsiMac3" class="macAddr" value="00" maxlength="2"> :
|
||||||
|
<input type="text" id="dsiMac4" class="macAddr" value="00" maxlength="2"> :
|
||||||
|
<input type="text" id="dsiMac5" class="macAddr" value="00" maxlength="2"><br>
|
||||||
|
Store Number:<br>
|
||||||
|
<input type="text" id="storeId" class="entry" value="000000" maxlength="6" size="3"><br>
|
||||||
|
Store Management Number of DS Card:<br>
|
||||||
|
<input type="text" id="managementId" class="entry" value="000000" maxlength="6" size="3"><br>
|
||||||
|
<input type="submit" id="generate_password" class="button" value="Place Offering" onclick="placeOffering()"><br>
|
||||||
|
<div id="offering"></div>
|
||||||
|
</div>
|
||||||
|
<script>
|
||||||
|
|
||||||
|
function placeOffering()
|
||||||
|
{
|
||||||
|
query = "/password.php?mac0="+dsiMac0.value+"&mac1="+dsiMac1.value+"&mac2="+dsiMac2.value+"&mac3="+dsiMac3.value+"&mac4="+dsiMac4.value+"&mac5="+dsiMac5.value+"&store="+storeId.value+"&management="+managementId.value;
|
||||||
|
offering.innerText = "Contacting Ronald McDonald...";
|
||||||
|
xhr = new XMLHttpRequest();
|
||||||
|
xhr.open("GET",query,true);
|
||||||
|
xhr.onreadystatechange = function () {
|
||||||
|
if(xhr.readyState === XMLHttpRequest.DONE) {
|
||||||
|
var status = xhr.status;
|
||||||
|
if (status === 0 || (status >= 200 && status < 400)) {
|
||||||
|
offering.innerText = "Ronald McDonald speaks with a cryptic message: "+xhr.responseText;
|
||||||
|
} else {
|
||||||
|
offering.innerText = "Ronald McDonald looks at you, disgusted, throwing your BigMac right back at you.";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
};
|
||||||
|
xhr.send();
|
||||||
|
}
|
||||||
|
</script>
|
||||||
|
</body>
|
||||||
|
</html>
|
|
@ -0,0 +1,31 @@
|
||||||
|
<?php
|
||||||
|
if(isset($_GET["mac0"]) && isset($_GET["mac1"]) && isset($_GET["mac2"]) && isset($_GET["mac3"]) && isset($_GET["mac4"]) && isset($_GET["mac5"]) && isset($_GET['store']) && isset($_GET['management']))
|
||||||
|
{
|
||||||
|
$full_mac = "";
|
||||||
|
|
||||||
|
$full_mac .= $_GET["mac0"];
|
||||||
|
$full_mac .= $_GET["mac1"];
|
||||||
|
$full_mac .= $_GET["mac2"];
|
||||||
|
$full_mac .= $_GET["mac3"];
|
||||||
|
$full_mac .= $_GET["mac4"];
|
||||||
|
$full_mac .= $_GET["mac5"];
|
||||||
|
$full_mac = strtoupper($full_mac);
|
||||||
|
|
||||||
|
$management = $_GET['management'];
|
||||||
|
$store = $_GET['store'];
|
||||||
|
if((strlen($full_mac) == 12 && preg_match_all ("/^[A-F0-9]*$/",$full_mac)) && (strlen($management) == 6 && preg_match_all ("/^[0-9]*$/",$management)) && (strlen($store) == 6 && preg_match_all ("/^[0-9]*$/",$store)))
|
||||||
|
{
|
||||||
|
echo(exec("./eCDPSerialGenerator.elf ".escapeshellarg($full_mac)." ".escapeshellarg($store)." ".escapeshellarg($management)));
|
||||||
|
exit();
|
||||||
|
}
|
||||||
|
|
||||||
|
http_response_code(500);
|
||||||
|
echo("invalid query");
|
||||||
|
exit();
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
http_response_code(500);
|
||||||
|
echo("invalid request");
|
||||||
|
exit();
|
||||||
|
?>
|
|
@ -1,8 +1,9 @@
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
#include <Windows.h>
|
#include <stdint.h>
|
||||||
BYTE key[0xA8] = { 0x01,0x0A,0x16,0x04,0x07,0x18,0x0C,0x10,0x05,0x17,0x09,0x03,0x12,0x08,0x15,0x13,0x0B,0x02,0x0F,0x0D,0x11,0x0E,0x06,0x14,0x07,0x0C,0x0E,0x11,0x09,0x16,0x10,0x06,0x14,0x0D,0x01,0x02,0x12,0x08,0x13,0x0B,0x0F,0x0A,0x18,0x15,0x04,0x05,0x03,0x17,0x0F,0x04,0x09,0x03,0x06,0x07,0x11,0x12,0x15,0x16,0x02,0x08,0x05,0x17,0x0C,0x0D,0x01,0x18,0x0B,0x14,0x0E,0x10,0x13,0x0A,0x02,0x0A,0x0E,0x12,0x0B,0x03,0x0C,0x06,0x13,0x07,0x11,0x09,0x15,0x18,0x10,0x17,0x14,0x0F,0x04,0x01,0x05,0x08,0x16,0x0D,0x0B,0x02,0x09,0x16,0x14,0x01,0x12,0x11,0x15,0x06,0x0F,0x17,0x07,0x10,0x0C,0x0E,0x08,0x18,0x13,0x03,0x0A,0x0D,0x04,0x05,0x09,0x0F,0x05,0x0D,0x16,0x15,0x12,0x11,0x03,0x0A,0x04,0x10,0x0E,0x14,0x02,0x01,0x13,0x0C,0x06,0x0B,0x17,0x18,0x07,0x08,0x12,0x02,0x0C,0x09,0x0D,0x0E,0x04,0x07,0x16,0x14,0x17,0x01,0x11,0x03,0x10,0x15,0x08,0x0A,0x05,0x13,0x0B,0x18,0x0F,0x06 };
|
|
||||||
|
char key[0xA8] = { 0x01,0x0A,0x16,0x04,0x07,0x18,0x0C,0x10,0x05,0x17,0x09,0x03,0x12,0x08,0x15,0x13,0x0B,0x02,0x0F,0x0D,0x11,0x0E,0x06,0x14,0x07,0x0C,0x0E,0x11,0x09,0x16,0x10,0x06,0x14,0x0D,0x01,0x02,0x12,0x08,0x13,0x0B,0x0F,0x0A,0x18,0x15,0x04,0x05,0x03,0x17,0x0F,0x04,0x09,0x03,0x06,0x07,0x11,0x12,0x15,0x16,0x02,0x08,0x05,0x17,0x0C,0x0D,0x01,0x18,0x0B,0x14,0x0E,0x10,0x13,0x0A,0x02,0x0A,0x0E,0x12,0x0B,0x03,0x0C,0x06,0x13,0x07,0x11,0x09,0x15,0x18,0x10,0x17,0x14,0x0F,0x04,0x01,0x05,0x08,0x16,0x0D,0x0B,0x02,0x09,0x16,0x14,0x01,0x12,0x11,0x15,0x06,0x0F,0x17,0x07,0x10,0x0C,0x0E,0x08,0x18,0x13,0x03,0x0A,0x0D,0x04,0x05,0x09,0x0F,0x05,0x0D,0x16,0x15,0x12,0x11,0x03,0x0A,0x04,0x10,0x0E,0x14,0x02,0x01,0x13,0x0C,0x06,0x0B,0x17,0x18,0x07,0x08,0x12,0x02,0x0C,0x09,0x0D,0x0E,0x04,0x07,0x16,0x14,0x17,0x01,0x11,0x03,0x10,0x15,0x08,0x0A,0x05,0x13,0x0B,0x18,0x0F,0x06 };
|
||||||
char* hex_values = "0123456789ABCDEF";
|
char* hex_values = "0123456789ABCDEF";
|
||||||
char* password_chars = "123456789ABCDEFGHJKLMNPQRSTUVWXYZ";
|
char* password_chars = "123456789ABCDEFGHJKLMNPQRSTUVWXYZ";
|
||||||
unsigned short output_vals[6];
|
unsigned short output_vals[6];
|
||||||
|
@ -57,33 +58,6 @@ int the_crazy_math_part(unsigned int val1, unsigned int val2, int carry, int sta
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
char* find_pattern(char* enc, char* input)
|
|
||||||
{
|
|
||||||
int i;
|
|
||||||
int ii;
|
|
||||||
char* iii;
|
|
||||||
|
|
||||||
i = 0;
|
|
||||||
if (!*enc)
|
|
||||||
return 0;
|
|
||||||
while (1)
|
|
||||||
{
|
|
||||||
ii = 0;
|
|
||||||
iii = &enc[i];
|
|
||||||
while (input[ii] && *iii == input[ii])
|
|
||||||
{
|
|
||||||
++iii;
|
|
||||||
++ii;
|
|
||||||
}
|
|
||||||
if (!input[ii])
|
|
||||||
break;
|
|
||||||
if (!enc[++i])
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
return &enc[i];
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
int find_multiplier(char* system_in)
|
int find_multiplier(char* system_in)
|
||||||
{
|
{
|
||||||
int total_iterations = 0;
|
int total_iterations = 0;
|
||||||
|
@ -99,8 +73,8 @@ int find_multiplier(char* system_in)
|
||||||
memset(characters, 0, 2);
|
memset(characters, 0, 2);
|
||||||
characters[0] = c;
|
characters[0] = c;
|
||||||
|
|
||||||
char* a2b = find_pattern(hex_values_ptr, characters);
|
char* a2b = strstr(hex_values_ptr, characters);
|
||||||
next_var = a2b - (uintptr_t)hex_values_ptr;
|
next_var = (uintptr_t)a2b - (uintptr_t)hex_values_ptr;
|
||||||
if (!a2b)
|
if (!a2b)
|
||||||
next_var = 0;
|
next_var = 0;
|
||||||
total_iterations += next_var;
|
total_iterations += next_var;
|
||||||
|
@ -146,8 +120,8 @@ int find_multiplier(char* system_in)
|
||||||
|
|
||||||
unsigned int hex_to_bytes(char* input, int iterator)
|
unsigned int hex_to_bytes(char* input, int iterator)
|
||||||
{
|
{
|
||||||
byte* iteration;
|
char* iteration;
|
||||||
byte* final_char;
|
char* final_char;
|
||||||
int result;
|
int result;
|
||||||
int i;
|
int i;
|
||||||
char* current_char;
|
char* current_char;
|
||||||
|
@ -161,23 +135,24 @@ unsigned int hex_to_bytes(char* input, int iterator)
|
||||||
memset(curChar, 0x00, 2);
|
memset(curChar, 0x00, 2);
|
||||||
curChar[0] = current_char[0];
|
curChar[0] = current_char[0];
|
||||||
|
|
||||||
iteration = find_pattern(enc, curChar);
|
iteration = strstr(enc, curChar);
|
||||||
final_char = iteration + -(int)enc;
|
final_char = iteration + -(intptr_t)enc;
|
||||||
if (iteration == (char*)0x0) {
|
if (iteration == (char*)0x0) {
|
||||||
final_char = (char*)0x0;
|
final_char = (char*)0x0;
|
||||||
}
|
}
|
||||||
i = i + 1;
|
i = i + 1;
|
||||||
result = result + ((int)final_char << (ii & 0xff));
|
result = result + ((uintptr_t)final_char << (ii & 0xff));
|
||||||
ii = ii - 4 & 0xffff;
|
ii = ii - 4 & 0xffff;
|
||||||
current_char = current_char + 1;
|
current_char = current_char + 1;
|
||||||
} while (i < 4);
|
} while (i < 4);
|
||||||
return result & 0xffff;
|
return result & 0xffff;
|
||||||
}
|
}
|
||||||
|
|
||||||
void generate_password(unsigned short* input, char* output)
|
void generate_password(unsigned char* inbuf, char* output)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
i = 0;
|
i = 0;
|
||||||
|
unsigned short* input = (unsigned short*) inbuf;
|
||||||
do {
|
do {
|
||||||
output[i] = password_chars[input[i] - 1];
|
output[i] = password_chars[input[i] - 1];
|
||||||
i = i + 1;
|
i = i + 1;
|
||||||
|
@ -186,82 +161,93 @@ void generate_password(unsigned short* input, char* output)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
int main()
|
int decode(char* encoded, char* outbuf){
|
||||||
{
|
|
||||||
char maccas_id[64];
|
|
||||||
char mannager_id[64];
|
|
||||||
char mac_address[64];
|
|
||||||
char formatted[64];
|
|
||||||
char encoded[64];
|
|
||||||
char final_key[100];
|
|
||||||
char total_output [64];
|
|
||||||
int iterator = 0;
|
int iterator = 0;
|
||||||
int i = 0;
|
int i = 0;
|
||||||
int ii = 0;
|
int ii = 0;
|
||||||
|
|
||||||
printf("eCDP Serial Number Generator\n");
|
memset(outbuf, 0x00, 12);
|
||||||
printf("Credits: SilicaAndPina (Reversing, writing code), Rufis_ (ARM asm help)\n");
|
unsigned short* decoded = (unsigned short*) outbuf;
|
||||||
printf("-- A backdoor on the worlds rarest DS game.\n");
|
|
||||||
entry:
|
|
||||||
|
|
||||||
printf("Enter your NDS's Mac Address (without any seperators): ");
|
|
||||||
gets_s(mac_address, 64);
|
|
||||||
if (strlen(mac_address) != 12)
|
|
||||||
goto entry;
|
|
||||||
|
|
||||||
|
|
||||||
printf("Enter McDonalds Store Id (first 6 digit entry): ");
|
|
||||||
gets_s(maccas_id,64);
|
|
||||||
if (strlen(maccas_id) != 6)
|
|
||||||
goto entry;
|
|
||||||
|
|
||||||
|
|
||||||
printf("Enter McDonalds Manager Id (second 6 digit entry): ");
|
|
||||||
gets_s(mannager_id, 64);
|
|
||||||
if (strlen(mannager_id) != 6)
|
|
||||||
goto entry;
|
|
||||||
|
|
||||||
snprintf(formatted, 64, "%s%s%s", mac_address, maccas_id, mannager_id);
|
|
||||||
printf("Formatted Data: %s\n", formatted);
|
|
||||||
int multiplier = find_multiplier(formatted);
|
|
||||||
printf("Multiplier: %x\n", multiplier);
|
|
||||||
substitute(formatted, encoded, multiplier);
|
|
||||||
printf("Encoded Data: %s\n", encoded);
|
|
||||||
unsigned short password_values[6];
|
|
||||||
memset(password_values, 0x00, 6 * 2);
|
|
||||||
|
|
||||||
do {
|
do {
|
||||||
int chr = hex_to_bytes(encoded, iterator);
|
int chr = hex_to_bytes(encoded, iterator);
|
||||||
i = ii + 1;
|
i = ii + 1;
|
||||||
password_values[ii] = (unsigned short)chr;
|
decoded[ii] = (unsigned short)chr;
|
||||||
iterator = iterator + 4;
|
iterator = iterator + 4;
|
||||||
ii = i;
|
ii = i;
|
||||||
} while (i < 6);
|
} while (i < 6);
|
||||||
|
|
||||||
printf("Password Values 1: ");
|
|
||||||
for (int i = 0; i < 6; i++)
|
|
||||||
{
|
|
||||||
printf("%x ", password_values[i]);
|
|
||||||
}
|
|
||||||
printf("\n");
|
|
||||||
i = 0;
|
i = 0;
|
||||||
ii = 0;
|
ii = 0;
|
||||||
do
|
do
|
||||||
{
|
{
|
||||||
i = ii;
|
i = ii;
|
||||||
int chr = password_values[ii++];
|
int chr = decoded[ii++];
|
||||||
password_values[i] = chr % 33 + 1;
|
decoded[i] = chr % 33 + 1;
|
||||||
} while (ii < 6);
|
} while (ii < 6);
|
||||||
printf("Password Values 2: ");
|
|
||||||
for (int i = 0; i < 6; i++)
|
return 0;
|
||||||
{
|
}
|
||||||
printf("%x ", password_values[i]);
|
|
||||||
}
|
|
||||||
printf("\n");
|
int main(int argc, char* argv[])
|
||||||
generate_password(password_values, final_key);
|
{
|
||||||
|
char maccas_id[64];
|
||||||
|
char mannager_id[64];
|
||||||
|
char mac_address[64];
|
||||||
|
char formatted[190];
|
||||||
|
char encoded[64];
|
||||||
|
char final_key[100];
|
||||||
|
char total_output [64];
|
||||||
|
char decoded[12];
|
||||||
|
|
||||||
|
printf("eCDP Serial Number Generator\n");
|
||||||
|
printf("Credits: SilicaAndPina (Reversing, writing code), Rufis_ (ARM asm help)\n");
|
||||||
|
printf("-- A backdoor on the worlds rarest DS game.\n");
|
||||||
|
|
||||||
|
entry:
|
||||||
|
|
||||||
|
memset(mac_address, 0x00, 64);
|
||||||
|
memset(maccas_id, 0x00, 64);
|
||||||
|
memset(mannager_id, 0x00, 64);
|
||||||
|
int len = 0;
|
||||||
|
|
||||||
|
printf("Enter your NDS's Mac Address (ALL uppercase, no seperators): ");
|
||||||
|
fgets(mac_address, 64, stdin);
|
||||||
|
|
||||||
|
len = strlen(mac_address)-1;
|
||||||
|
mac_address[len] = '\0'; // remove \n
|
||||||
|
if (len != 12)
|
||||||
|
goto entry;
|
||||||
|
|
||||||
|
|
||||||
|
printf("Enter McDonalds 'Store Number' (first 6 digit entry): ");
|
||||||
|
fgets(maccas_id, 64, stdin);
|
||||||
|
|
||||||
|
len = strlen(maccas_id)-1;
|
||||||
|
maccas_id[len] = '\0';
|
||||||
|
if (len != 6)
|
||||||
|
goto entry;
|
||||||
|
|
||||||
|
|
||||||
|
printf("Enter McDonalds 'Store Management Number of DS Card' (second 6 digit entry): ");
|
||||||
|
fgets(mannager_id, 64, stdin);
|
||||||
|
|
||||||
|
len = strlen(mannager_id)-1;
|
||||||
|
mannager_id[len] = '\0';
|
||||||
|
if (len != 6)
|
||||||
|
goto entry;
|
||||||
|
|
||||||
|
run:
|
||||||
|
snprintf(formatted, 190, "%s%s%s", mac_address, maccas_id, mannager_id);
|
||||||
|
printf("Formatted Data: %s\n", formatted);
|
||||||
|
int multiplier = find_multiplier(formatted);
|
||||||
|
printf("Multiplier: %x\n", multiplier);
|
||||||
|
substitute(formatted, encoded, multiplier);
|
||||||
|
printf("Encoded Data: %s\n", encoded);
|
||||||
|
decode(encoded, decoded);
|
||||||
|
printf("Decoded: %s\n", decoded);
|
||||||
|
generate_password(decoded, final_key);
|
||||||
printf("Ronald McDonald Says your password is %s", final_key);
|
printf("Ronald McDonald Says your password is %s", final_key);
|
||||||
|
|
||||||
|
|
||||||
printf("\n\nThou hast been reversed!");
|
|
||||||
while (1) {};
|
|
||||||
}
|
}
|
||||||
|
|