Li
/
eCDP-Serial-Code
1
0
Fork 0
Code Issues Pull Requests Projects Releases 2 Wiki Activity
eCDP-Serial-Code/eCDPSerialGenerator/eCDPSerialGenerator.c

254 lines
6.9 KiB
C
Raw Permalink Blame History

#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <stdint.h>
char key[0xA8] = { 0x01,0x0A,0x16,0x04,0x07,0x18,0x0C,0x10,0x05,0x17,0x09,0x03,0x12,0x08,0x15,0x13,0x0B,0x02,0x0F,0x0D,0x11,0x0E,0x06,0x14,0x07,0x0C,0x0E,0x11,0x09,0x16,0x10,0x06,0x14,0x0D,0x01,0x02,0x12,0x08,0x13,0x0B,0x0F,0x0A,0x18,0x15,0x04,0x05,0x03,0x17,0x0F,0x04,0x09,0x03,0x06,0x07,0x11,0x12,0x15,0x16,0x02,0x08,0x05,0x17,0x0C,0x0D,0x01,0x18,0x0B,0x14,0x0E,0x10,0x13,0x0A,0x02,0x0A,0x0E,0x12,0x0B,0x03,0x0C,0x06,0x13,0x07,0x11,0x09,0x15,0x18,0x10,0x17,0x14,0x0F,0x04,0x01,0x05,0x08,0x16,0x0D,0x0B,0x02,0x09,0x16,0x14,0x01,0x12,0x11,0x15,0x06,0x0F,0x17,0x07,0x10,0x0C,0x0E,0x08,0x18,0x13,0x03,0x0A,0x0D,0x04,0x05,0x09,0x0F,0x05,0x0D,0x16,0x15,0x12,0x11,0x03,0x0A,0x04,0x10,0x0E,0x14,0x02,0x01,0x13,0x0C,0x06,0x0B,0x17,0x18,0x07,0x08,0x12,0x02,0x0C,0x09,0x0D,0x0E,0x04,0x07,0x16,0x14,0x17,0x01,0x11,0x03,0x10,0x15,0x08,0x0A,0x05,0x13,0x0B,0x18,0x0F,0x06 };
char* hex_values = "0123456789ABCDEF";
char* password_chars = "123456789ABCDEFGHJKLMNPQRSTUVWXYZ";
unsigned short output_vals[6];
void substitute(char* input, char* output, int multiply_by)
{
int i;
char* keyChar;
i = 0;
keyChar = (char*)(multiply_by * 0x18 + (key));
for(int i = 0; i < 0x18; i++) {
output[i] = input[*keyChar + -1];
keyChar ++;
}
output[0x18] = 0;
}
int the_crazy_math_part(unsigned int val1, unsigned int val2, int carry, int start_at)
{
int c = carry;
long long r1 = 0xFFFFFFF9;
long long r0 = val1;
long long r3 = val2;
// yes this is just the asm implemented in C, dont @ me
for (int i = start_at; i < 0x20; i++)
{
// adcs r3,r1,r3,lsl 1h
r3 = (r1 + (r3 << 1)) + c; //same as r3 = (r3+(r1 * 2)) + c;
c = (r3 >> 32); // set c flag
r3 &= 0xFFFFFFFF;
// subcc r3,r3,r1
if (!c)
{
r3 = (r3 - r1);
r3 &= 0xFFFFFFFF;
}
// adcs r0,r0,r0
r0 = r0 + r0 + c; //Same as r0 = (r0 * 2) + c;
c = (r0 >> 32); // set c flag
r0 &= 0xFFFFFFFF;
}
return r3;
}
int find_multiplier(char* system_in)
{
int total_iterations = 0;
int ii = 0;
int next_var = 0;
char* system_in_base_ptr = system_in;
char* hex_values_ptr = hex_values;
for (int i = 0; i < strlen(system_in_base_ptr); i++)
{
char c = *system_in++;
char characters[2];
memset(characters, 0, 2);
characters[0] = c;
char* a2b = strstr(hex_values_ptr, characters);
next_var = (uintptr_t)a2b - (uintptr_t)hex_values_ptr;
if (!a2b)
next_var = 0;
total_iterations += next_var;
}
// step 2
unsigned int offset = 7;
if (offset <= total_iterations)
{
int c = 0;
int start_at = 0x1c;
unsigned int r3 = total_iterations >> 4;
if (offset <= r3 >> 0xC)
{
start_at -= 0x10;
r3 >>= 0x10;
}
if (offset <= r3 >> 0x10)
{
start_at -= 0x8;
r3 >>= 0x8;
}
if (offset <= r3)
{
start_at -= 0x4;
r3 >>= 0x4;
}
unsigned int r0 = total_iterations << (start_at & 0xFF);
c = ((long long int)r0 * 2) > 0xFFFFFFFF;
r0 = r0 * 2;
printf("Starting Carry: %x\n", c);
return the_crazy_math_part(r0, r3, c, start_at);
}
return 0;
}
unsigned int hex_to_bytes(char* input, int iterator)
{
char* iteration;
char* final_char;
int result;
int i;
char* current_char;
char* enc = hex_values;
result = 0;
i = 0;
current_char = input + iterator;
int ii = 0xc;
do {
char curChar[2];
memset(curChar, 0x00, 2);
curChar[0] = current_char[0];
iteration = strstr(enc, curChar);
final_char = iteration + -(intptr_t)enc;
if (iteration == (char*)0x0) {
final_char = (char*)0x0;
}
i = i + 1;
result = result + ((uintptr_t)final_char << (ii & 0xff));
ii = ii - 4 & 0xffff;
current_char = current_char + 1;
} while (i < 4);
return result & 0xffff;
}
void generate_password(unsigned char* inbuf, char* output)
{
int i;
i = 0;
unsigned short* input = (unsigned short*) inbuf;
do {
output[i] = password_chars[input[i] - 1];
i = i + 1;
} while (i < 6);
output[i] = '\0';
return;
}
int decode(char* encoded, char* outbuf){
int iterator = 0;
int i = 0;
int ii = 0;
memset(outbuf, 0x00, 12);
unsigned short* decoded = (unsigned short*) outbuf;
do {
int chr = hex_to_bytes(encoded, iterator);
i = ii + 1;
decoded[ii] = (unsigned short)chr;
iterator = iterator + 4;
ii = i;
} while (i < 6);
i = 0;
ii = 0;
do
{
i = ii;
int chr = decoded[ii++];
decoded[i] = chr % 33 + 1;
} while (ii < 6);
return 0;
}
int main(int argc, char* argv[])
{
char maccas_id[64];
char mannager_id[64];
char mac_address[64];
char formatted[190];
char encoded[64];
char final_key[100];
char total_output [64];
char decoded[12];
printf("eCDP Serial Number Generator\n");
printf("Credits: SilicaAndPina (Reversing, writing code), Rufis_ (ARM asm help)\n");
printf("-- A backdoor on the worlds rarest DS game.\n");
entry:
memset(mac_address, 0x00, 64);
memset(maccas_id, 0x00, 64);
memset(mannager_id, 0x00, 64);
int len = 0;
printf("Enter your NDS's Mac Address (ALL uppercase, no seperators): ");
fgets(mac_address, 64, stdin);
len = strlen(mac_address)-1;
mac_address[len] = '\0'; // remove \n
if (len != 12)
goto entry;
printf("Enter McDonalds 'Store Number' (first 6 digit entry): ");
fgets(maccas_id, 64, stdin);
len = strlen(maccas_id)-1;
maccas_id[len] = '\0';
if (len != 6)
goto entry;
printf("Enter McDonalds 'Store Management Number of DS Card' (second 6 digit entry): ");
fgets(mannager_id, 64, stdin);
len = strlen(mannager_id)-1;
mannager_id[len] = '\0';
if (len != 6)
goto entry;
run:
snprintf(formatted, 190, "%s%s%s", mac_address, maccas_id, mannager_id);
printf("Formatted Data: %s\n", formatted);
int multiplier = find_multiplier(formatted);
printf("Multiplier: %x\n", multiplier);
substitute(formatted, encoded, multiplier);
printf("Encoded Data: %s\n", encoded);
decode(encoded, decoded);
printf("Decoded: %s\n", decoded);
generate_password(decoded, final_key);
printf("Ronald McDonald Says your password is %s", final_key);
}
Reference in New Issue View Git Blame Copy Permalink