How on earth was Super Mario Odyssey decrypted and dumped? by simonmkwii at 10:49 AM EST on January 19, 2018
This has been baffling me for the past week!
I managed to get the xci cartridge dump for Super Mario Odyssey, and I have been asking around on ways to decrypt and extract the files and have come out empty handed!
All I know is that I need a way to extract the RomFS from the XCI, and then I need a body key to decrypt the contents.
How would I decrypt it and where would I get this key?
But. The main part is the dump has to be decrypted by the console itself. Not on a PC. So all of the scene releases that are encrypted are useless right now. Same story when we first started ripping 3DS games. Everything had to be hardware decrypted first.
It’s not a secret. You just need right the knowledge and tools. The documentation is available and the resources are there. ALL FIRMWARES ARE EXPLOITABLE if you know how to do it. Dump the game on 1.0.0, get the keys from a 3.0.whatever console or whatever firmware is needed, decrypt on PC. Rinse and repeat. Just like SciresM said, it’s called patience dude. That’s why you got banned from ReSwitched’s discord server after probing way too much and admitting to piracy in front of them despite being warned multiple times and eventually kick banned. I don’t appreciate you rolling up in here demanding things from people like you’re hot stuff. You don’t make the rules around here.
Simon. You don't deserve anything, judging from that tone. You want the dumps? Do what bxaimc said. Learn the documentation. Grab the tools. Dump the files.
Right now, you sound super entitled to everything.
@Simon it's easy. Hang your Switch like a piñata with the game you wanna dump files from loaded. Then you whack it with a USB-C charging cable until it dumps every file.
It could take a while and is life threatening due to exhaustion and overwork, so that's why it's been secret for a while.
Super Mario Odyssey is a 3.0.1 title. There are currently no public ways to get at the keys for 3.0.1 crypto. Effectively, you would need a bootrom exploit to dump your Secure Boot Key and tsec key to get the package1 and master keys.
For the 1.0.0-2.3.0 keys, you could use Team Xecutor's key to decrypt package1.1 and package2/TrustZone and then use the leaked 1.0 master key to get the actual NCA keys.
See also http://switchbrew.org/index.php?title=Cryptosystem
simon don't bother, you're not going to get anywhere currently. SciresM dumped Odyssey and provided the files to various people so they could have the audio/models/whatever. Just be happy we have anything from it, tbh.
edited 5:57 PM EST February 5, 2018
by RebeccaSugar at 10:35 PM EST on February 5, 2018
"Hang your Switch like a piñata with the game you wanna dump files from loaded. Then you whack it with a USB-C charging cable until it dumps every file."
THIS WORKS!!!! HOLY SHIT, I'M MAKING A YOUTUBE VIDEO, BUT I AM NOT GIVING YOU CREDIT. MY IDEA, MINE!
by NintenComet at 11:44 PM EST on February 7, 2018
@Simon If you want the decrypted files, use the tools. If you want to understand how the tools work, look at the source code. In order to create these tools, one must have an in-depth understanding of computer technology and hardware security. Exploiting firmware isn't something you can learn from a single forum post.