[DSi] bfCL v0.4, le portage de l'outil TWLbf en OpenCL

 

 

How it works:

You've seen how the encryption routine goes;

hash the emmc cid, add the block offset to the hashed cid, encrypt the hashed cid + block offset with the key derived from the Console ID with AES ECB, take the encrypted data, xor it with the plaintext block, the result of the xor is written to NAND.

 

working backwards:

xor a known plaintext NAND block with it's encrypted couterpart. You've now recovered the AES-ECB encrypted block. Guess a Console ID, generate a key, try to use it to decrypt the ECB encrypted block. If it was correct, you should have recovered the CID hash + block offset. Subtract the block offset to recover the emmc cid hash. You can check it was correct by using simply going through the normal encryption steps, but on another block. (I've hardcoded a block and it's offset into my code atm, for ease of testing). If the block you just encrypted using the derived "emmc cid hash" xor'd with the plaintext matches the second block you're using, you've recovered the actual emmc cid hash. From there you just bruteforce the emmc cid values, hash them and compare to the emmc cid hash you recovered.

 

EDIT: about the console ID template input. Yeah, I'm aware, I just copied my console ID (since I'm using a known one for testing) and added zeros in the non-constant places, for some reason. Dunno why, it was likely just the fact that it was a late-night coding session when I initially entered it, and all my subsequent tests just used the initial values ¯\_(ツ)_/¯