I have a 3ds and it is at its latest version and I forgot the parental control pin is there anyway I can Disable these without talking to nintendo? I get a 10 digit inquiry number Will anyone help me get the master key? The low 5 decimal digits from the output u32 are then used for the master key. Because of the date being used in the algorithm, this results in the master key only being valid on a particular day, though this is trivially defeated by setting the system time to the correct date that the key was generated on. We would like to show you a description here but the site won’t allow us. Phone Parental Controls 3ds Master Key. October 10, 2017. Phone Parental Controls 3ds Master Key. Published by at March 31, 2018. Uncategorized; Tags. To use this feature with Nintendo DS / Nintendo DSi software phones. See the pdf and the collection of the individual charts linked below. Dear sir/madam My mobile.
System Settings allows you to manage various settings, use System Transfer, and use Data Management.
All applications(CTR/TWL) launched by System Settings are launched via APT:PrepareToDoApplicationJump/APT:DoApplicationJump, such as DS INTERNET and System Transfer.
Service | Last seen on version |
---|---|
fs:USER | v8202 |
gsp:Gpu | v8202 |
ndm:u | v8202 |
APT:A | v8202 |
ac:i | v8202 |
act:a | v8202 |
am:sys | v8202 |
boss:P | v8202 |
cam:s | v8202 |
cecd:s | v8202 |
cfg:nor | v8202 |
dsp::DSP | v8202 |
frd:a | v8202 |
gsp::Lcd | v8202 |
http:C | v8202 |
mic:u | v8202 |
news:s | v8202 |
nim:u | v8202 |
ns:s | v8202 |
nwm::EXT | v8202 |
nwm::INF | v8202 |
nwm::SOC | v8202 |
ptm:gets | v8202 |
ptm:sysm | v8202 |
soc:P | v8202 |
soc:U | v8202 |
ssl:C | v8202 |
y2r:u | v8202 |
qtm:s | v8202 |
cfg:i | v8202 |
hid:SPVR | v8202 |
Here you can manage 3DS extra data, and 3DSWare/'Software'.
When managing 3DS Software installed to the SD Card, the title.db is read by the core receiving AM commands. From the title.db file, AM gets a list of installed titles, title sizes and the name of the '.cmd' file for each title, which is used to check the authenticity of the title data(product code, title version, and if an electronic manaual is used, is also kept for each title, in the title.db, but won't be used by the Data Management Utility). For each title listed, it checks if the title is authentic(via the .cmd file). If the title passes authentication, Data Management decrypts/reads the ICN data from the executable NCCH(CXI) and displays it along with the archived title size. If a title doesn't pass authentication, a placeholder icon(light grey with a '?' in the center), name ('????????') and a size of zero are used. Deleting titles removes the title data from the title.db and import.db, and deletes the directory of the content.
Creating a KeyStore in JKS FormatThis section explains how to create a KeyStore using theJKS format as the database format for both the private key, and theassociated certificate or certificate chain. A CA must sign the certificate signing request (CSR).The CA is therefore trusted by the server-side application to whichthe Adapter is connected.Note –Itis recommended to use the default KeyStoreappserverdomainsconfigkeystore.jkswhere isthe directory where Java CAPS is installed and isthe name of your domain.To Generate a KeyStore.Perform the following command.keytool -keystore clientkeystore -genkey -alias client.Once prompted, enter the information required to generatea CSR. By default, as specifiedin the java.security file, keytool usesJKS as the format of the key and certificate databases (KeyStore andTrustStores). Blink failed to load generated key pair from keystore firefox.
See DSiWare Exports.
Most of the System Format is done with FS:InitializeCtrFileSystem. This command updates the high u64 of the keyY stored in movable.sed. Since this keyY was updated, the data stored on SD card(sdmc/Nintendo 3DS/<ID0>/<ID1>) and the data under nand/data/<ID0> is rendered useless, since that data used the old keyY. Since that data is no longer usable, the system then deletes the two above SD/NAND directories.
When you first enter the System Format menu, it will check if a NNID is linked. If there's a linked-NNID, it will then display: 'Are you ready to connect to the Internet to check whether data can be formatted'? Continuing will only result in connecting to wifi for checking in with Nintendo's servers, which may fail if the console is banned. Once that's done it will continue with the usual system-format messages; proceeding will result in the NNID cookie, potentially still present on NAND backups or multiboot scenarios, being invalidated until the next sign-in (at which point even old sessions will be valid again).
The system updater title is identical to the regular system settings, except only system update is accessible with this. On dev units, this title can only be launched under certain conditions.
On retail units, this title is accessible in scenarios where you have to update via the Internet to use certain 3DS software other than the home menu. i.e. using the eShop, on a system version less than the current one. When one selects 'Cancel' from here on retail, the system will shutdown. NS launches SAFE_MODE_FIRM for running this title, when the UPDATEFLAG is set during system boot.
Upon exit, the system reboots instead of simply returning to home menu.
The following refers to the functionality which generates the Parental Controls 'Master Key'.
System version, for the mset title | Parental controls reset functionality version | Inquiry number length | Notes |
---|---|---|---|
1.0.0-X - 6.3.0-X | v0 | 8 | Mostly inherited from the Wii/DSi algorithm which used CRC-32 (0xEDB88320) with custom XOR-out (0xAAAA). 0x14C1 was added to produce the final result. For the 3DS algorithm, only constants were changed: the polynomial was changed to 0xEDBA6320 and the addition constant became 0x1657. The input to either function is an ASCII string of the format '%02u%02u%04u' where the parameters are month, day, and low 4 digits of the inquiry number. The low 5 decimal digits from the output u32 are then used for the master key. Because of the date being used in the algorithm, this results in the master key only being valid on a particular day, though this is trivially defeated by setting the system time to the correct date that the key was generated on. This had a minor refactor in 6.0.0-X but is functionally identical. |
7.0.0-X - 7.1.0-X | v1 | 10 | Introduced a new scheme using HMAC-SHA-256. The HMAC key is loaded from mset .rodata, and differs between regions. The inquiry number was bumped from 8 digits to 10 digits, but the same function is used to generate the digits as in v0 (derived from MAC address). All digits of the inquiry number are now actually used in the master key derivation function, as the string format is now '%02u%02u%010u' (month, day, inquiry number). This buffer is hashed (as above), and a little-endian word is read from the start of the output hash. The low 5 decimal digits of this word are used as the master key. |
7.2.0-X - current | v2 | 10 | Extension of v1 featuring a number of changes which serve to obscure the HMAC key used. The HMAC key is now stored in a separate file stored in the CVer RomFS, called masterkey.bin. This is used to update the key independently of the mset title. In order to make this possible, a scheme was devised to encode the required key within the inquiry number - the first digit denotes region, and the next two digits represent the key version. These values match up with values stored in the masterkey.bin header. For compatibility with v1 (as inquiry number length did not change), the version values begin at 10 - when parsing an inquiry number, a 'version' of less than 10 should be handled as algorithm v1. The HMAC key is now also encrypted in masterkey.bin. This uses AES-128-CTR using a (normal) key in mset .rodata (which differs between regions), with the initial counter value also stored in masterkey.bin. At some point, Nintendo chose to 'abandon' the original JPN region ID (0), and moved to region ID 9 instead (which usually doesn't exist). It is unknown why they made this change, as the AES key used for both of these IDs is the same. |
The ExtData File System for System Settings is as follows:
File | Details | Size | FW Introduced | Plaintext |
---|---|---|---|---|
icon | Stubbed. Always image 00000002. | 0x4 Bytes | n/a | |
MsetExt.dat | DSiWare Exports Management | 0x960 Bytes | 2.0.0-2 | Download |
Backup.dat | SD Savedata Backups Management | 0xf5a0 Bytes | 6.0.0-11 | Download |
This keeps a record for the DSiWare Exports for a maximum of 300 exports. Each record is in the format:
OFFSET | SIZE | DESCRIPTION |
---|---|---|
0 | 4 | Game Code in Little Endian |
0x4 | 4 | Reserved |
All unused entries are filled with '0xff'.
This keeps a record for the 30 save data backup slots for SD Savedata Backups. Each entry corresponds to an individual backup slot.
Entry:
OFFSET | SIZE | DESCRIPTION |
---|---|---|
0x000 | 8 | Reserved |
0x8 | 0x800 (0x80*16) | 16 UTF-16 Title Strings |
0x808 | 8 | Title ID |
0x810 | 8 | Unknown |
0x818 | 8 | Total Save Data Size |
0x820 | 0x10 | Reserved |
System Settings can start at specific menus when certain parameters are given.
* - returns to settings menu instead of rebooting
Value | Action |
---|---|
0x01 | Initial setup (system not actually formatted, music plays earlier) |
0x10 | Internet Settings -> Connection Settings |
0x11 | Internet Settings -> Other Information |
0x6e | Internet Settings -> Connection Settings |
0x6f | Parental Controls |
0x70 | Parental Controls birthday entry |
0x71 | Data Management |
0x72 | 3DS Software Management |
0x73 | 3DS Extra Data Management |
0x74 | DSiWare Management |
0x75 | StreetPass Management |
0x76 | Internet Settings* |
0x77 | Other Settings, second-to-last page* |
0x78 | Touch Screen calibration |
0x79 | Circle Pad calibration |
0x7a | System Update |
0x7b | System Update |
0x7c | Format System Memory* |
mkey is a master key generator for the Parental Controls functionality on various consoles from a certain vendor. Currently, this includes the Wii, DSi, 3DS, Wii U and Switch.
This allows resetting Parental Controls (due to being locked out) without having to contact customer support.
If you would just like to use this, with no concern for the code or how it works, visit: https://mkey.salthax.org/
v2 support was initially implemented in October 2015, and has been serving the above page since December 2015. v1 and Wii U support was added in January 2016. v0 support was added in April 2016. v3/Switch support was added in July 2017. v4 support was added in April 2019.
Python and C implementations are available in this repository. These function very similarly.
Openssl generate rsa private key generator youtube. To generate private (d,n) key using openssl you can use the following command: openssl genrsa -out private.pem 1024 To generate public (e,n) key from the private key using openssl you can use the following command: openssl rsa -in private.pem -out public.pem -pubout.
As of writing, system support is good - all algorithms in use are supported, provided one can extract the necessary keys from the system firmware.
For some algorithm versions (especially 3DS v2) many keys are required from the system firmware in order to generate master keys. These can differ between regions and system versions. The best documentation for these is in the code, which covers the situation on all supported devices.
The v4 algorithm on the Switch and likely any future algorithms also require a console-unique device ID stored on the system that Nintendo can retrieve using the separate, visible serial number one must provide via the support call. The security in this relies upon the device ID being hard to obtain by simply using the device. This would make the generator more of an academic exercise rather than a practical tool.
Some 3DS-specific documentation on the algorithms seen so far can be found at: https://3dbrew.org/wiki/System_Settings#Parental_Controls_Reset
mkey is distributed under the AGPLv3 license, see LICENSE.
ctr.c, ctr.h, utils.c and utils.h are taken from ctrtool, which is licensed under MIT, see LICENSE-ctrtool.