2017 brings with it a new server for the site. Any donations to support the ongoing costs of keeping this running will be greatly received. See this thread for more information.

Worlds first DSi Binary Executable -> ARM Assembly Conversion [DOWNLOAD]

Discussion in 'Nintendo Game Development' started by 7c00h, Mar 7, 2013.

  1. 7c00h

    7c00h Active Member

    Sep 17, 2012
    Likes Received:
    So a while back i posted onto the 3DSbrew reddit forum about how i was able to convert a DSi Binary Executable to a Linux ELF File.
    The Link is Here: http://www.reddit.com/r/3DSBrew/comments/16llbo/bin_elf_asm_linux_only/

    Anyways, After some research and hard work, i was able to get an assembly source of the DSiWare Application (Ended up having to modify the elf header slightly). the code itself has lots of undocumented, unstable and undefined instructions (Kinda common for game system executables, as they call other chips and OS Intrinsic processes).

    Here is the first 100 Lines of LOZ: Four Swords Anniversary Edition

    LOZPatched.elf: file format elf32-littlearm

    Disassembly of section .data:

    00000000 <_binary_4B595245_bin_start>:
    0: ae27ecbb mcrge 12, 1, lr, cr7, cr11, {5}
    4: 7a6bf138 bvc 1afc4ec <_binary_4B595245_bin_end+0xb4ab1c>
    8: 3f257212 svccc 0x00257212
    c: 8fa52691 svchi 0x00a52691
    10: 4c900e98 ldcmi 14, cr0, [r0], {152} ; 0x98
    14: 55265735 strpl r5, [r6, #-1845]! ; 0x735
    18: e419de41 ldr sp, [r9], #-3649 ; 0xe41
    1c: 3646b40a strbcc fp, [r6], -sl, lsl #8
    20: a68c55a7 strge r5, [ip], r7, lsr #11
    24: b42ace39 strtlt ip, [sl], #-3641 ; 0xe39
    28: acd03013 ldclge 0, cr3, [r0], {19}
    2c: fc2cbfd5 stc2 15, cr11, [ip], #-852 ; 0xfffffcac
    30: 843093e8 ldrthi r9, [r0], #-1000 ; 0x3e8
    34: 825ec90e subshi ip, lr, #229376 ; 0x38000
    38: c39af6c4 orrsgt pc, sl, #196, 12 ; 0xc400000
    3c: 99ab1296 stmibls fp!, {r1, r2, r4, r7, r9, ip}
    40: 4787df3f ; <UNDEFINED> instruction: 0x4787df3f
    44: 33b2aa44 ; <UNDEFINED> instruction: 0x33b2aa44
    48: 2fa68400 svccs 0x00a68400
    4c: 474788d1 ; <UNDEFINED> instruction: 0x474788d1
    50: 3ab50b01 bcc fed42c5c <_binary_4B595245_bin_end+0xfdd9128c>
    54: 94ee07b2 strbtls r0, [lr], #1970 ; 0x7b2
    58: fe8d3b6f vminnm.f64 d3, d13, d31
    5c: ae583fc1 cdpge 15, 5, cr3, cr8, cr1, {6}
    60: 7d1eb130 ldfvcd f3, [lr, #-192] ; 0xffffff40
    64: d3d0633c bicsle r6, r0, #60, 6 ; 0xf0000000
    68: ef7769c8 svc 0x007769c8
    6c: 69c48b3c stmibvs r4, {r2, r3, r4, r5, r8, r9, fp, pc}^
    70: 5f51e06e svcpl 0x0051e06e
    74: 0a30fc01 beq c3f080 <_binary_4B595245_bin_start+0xc3f080>
    78: 84656440 strbthi r6, [r5], #-1088 ; 0x440
    7c: 223526e4 eorscs r2, r5, #228, 12 ; 0xe400000
    80: 23b862ec ; <UNDEFINED> instruction: 0x23b862ec
    84: af8349b6 svcge 0x008349b6
    88: 5879ef0a ldmdapl r9!, {r1, r3, r8, r9, sl, fp, sp, lr, pc}^
    8c: bb0cf961 bllt 33e618 <_binary_4B595245_bin_start+0x33e618>
    90: 60284c0b eorvs r4, r8, fp, lsl #24
    94: fb829524 blx fe0a552e <_binary_4B595245_bin_end+0xfd0f3b5e>
    98: 759d7ca1 ldrvc r7, [sp, #3233] ; 0xca1
    9c: 7ac5b8a7 bvc ff16e340 <_binary_4B595245_bin_end+0xfe1bc970>
    a0: 1a68a29c bne 1a28b18 <_binary_4B595245_bin_end+0xa77148>
    a4: 7cb02f95 ldcvc 15, cr2, [r0], #596 ; 0x254
    a8: 58e3485e stmiapl r3!, {r1, r2, r3, r4, r6, fp, lr}^
    ac: c19b6977 orrsgt r6, fp, r7, ror r9
    b0: a5faff9a ldrbge pc, [sl, #3994]! ; 0xf9a ; <UNPREDICTABLE>
    b4: 9aaff75c bls febfde2c <_binary_4B595245_bin_end+0xfdc4c45c>
    b8: d0b1493c adcsle r4, r1, ip, lsr r9
    bc: 25e66bd4 strbcs r6, [r6, #3028]! ; 0xbd4
    c0: 2c80bf88 stccs 15, cr11, [r0], {136} ; 0x88
    c4: ef3b10b8 svc 0x003b10b8
    c8: 4db1ffa7 ldcmi 15, cr15, [r1, #668]! ; 0x29c
    cc: 5d9c02d3 lfmpl f0, 4, [ip, #844] ; 0x34c
    d0: 36d85547 ldrbcc r5, [r8], r7, asr #10
    d4: a9dd6705 ldmibge sp, {r0, r2, r8, r9, sl, sp, lr}^
    d8: f2d62ba8 vqdmlsl.s16 q9, d22, d24
    dc: 6186d29a ; <UNDEFINED> instruction: 0x6186d29a
    e0: 10079dc4 andne r9, r7, r4, asr #27
    e4: d2ddf820 sbcsle pc, sp, #32, 16 ; 0x200000
    e8: c8c8cf9c stmiagt r8, {r2, r3, r4, r7, r8, r9, sl, fp, lr, pc}^
    ec: 0e7d56ed cdpeq 6, 7, cr5, cr13, cr13, {7}
    f0: fe76e0d9 mrc2 0, 3, lr, cr6, cr9, {6}
    f4: 8abda331 bhi fef68dc0 <_binary_4B595245_bin_end+0xfdfb73f0>
    f8: 6832be28 ldmdavs r2!, {r3, r5, r9, sl, fp, ip, sp, pc}
    fc: b360c2a4 cmnlt r0, #164, 4 ; 0x4000000a
    100: d44f33c8 strble r3, [pc], #-968 ; 108 <_binary_4B595245_bin_start+0x108>
    104: 53ad6e64 ; <UNDEFINED> instruction: 0x53ad6e64
    108: 2aeaf9c7 bcs ffabe82c <_binary_4B595245_bin_end+0xfeb0ce5c>
    10c: 828c9c79 addhi r9, ip, #30976 ; 0x7900
    110: 49f7db2e ldmibmi r7!, {r1, r2, r3, r5, r8, r9, fp, ip, lr, pc}^
    114: fff3f2f8 ; <UNDEFINED> instruction: 0xfff3f2f8
    118: e026ea79 eor lr, r6, r9, ror sl
    11c: 93fb3871 mvnsls r3, #7405568 ; 0x710000
    120: e859e953 ldmda r9, {r0, r1, r4, r6, r8, fp, sp, lr, pc}^
    124: 24e88478 strbtcs r8, [r8], #1144 ; 0x478
    128: dbd56379 blle ff558f14 <_binary_4B595245_bin_end+0xfe5a7544>
    12c: e06f0241 rsb r0, pc, r1, asr #4
    130: 66343712 ; <UNDEFINED> instruction: 0x66343712
    134: 2a41576e bcs 1055ef4 <_binary_4B595245_bin_end+0xa4524>
    138: 385b5559 ldmdacc fp, {r0, r3, r4, r6, r8, sl, ip, lr}^
    13c: e833e245 ldmda r3!, {r0, r2, r6, r9, sp, lr, pc}
    140: 6802fbc6 stmdavs r2, {r1, r2, r6, r7, r8, r9, fp, ip, sp, lr, pc}
    144: d8c97940 stmiale r9, {r6, r8, fp, ip, sp, lr}^
    148: c6739880 ldrbtgt r9, [r3], -r0, lsl #17
    14c: d6d54ec3 ldrble r4, [r5], r3, asr #29
    150: e0ddc7fa ldrsh ip, [sp], #122 ; 0x7a
    154: 5a33174f bpl cc5e98 <_binary_4B595245_bin_start+0xcc5e98>
    158: 20c88529 sbccs r8, r8, r9, lsr #10
    15c: d0b08249 adcsle r8, r0, r9, asr #4
    160: 741d3c05 ldrvc r3, [sp], #-3077 ; 0xc05
    164: 1770d291 ; <UNDEFINED> instruction: 0x1770d291
    168: f49cc762 ; <UNDEFINED> instruction: 0xf49cc762
    16c: 3dd1bb63 vldrcc d27, [r1, #396] ; 0x18c
    170: ccf3fff8 ldclgt 15, cr15, [r3], #992 ; 0x3e0
    174: 30919cb9 ; <UNDEFINED> instruction: 0x30919cb9
    178: 409de519 addsmi lr, sp, r9, lsl r5
    17c: b3ae1c1f ; <UNDEFINED> instruction: 0xb3ae1c1f
    180: 84a6c664 strthi ip, [r6], #1636 ; 0x664
    184: b9c912df stmiblt r9, {r0, r1, r2, r3, r4, r6, r7, r9, ip}^
    188: 5989516e stmibpl r9, {r1, r2, r3, r5, r6, r8, ip, lr}
    18c: d9ba0f56 ldmible sl!, {r1, r2, r4, r6, r8, r9, sl, fp}
    190: 3d6289d2 stclcc 9, cr8, [r2, #-840]! ; 0xfffffcb8

    You can download the Assembly Source here: http://www.sendspace.com/file/4yppdd
    You'll need to know ARM Assembly to understand this, but feel free to look. the file is huge though (Roughly 214 MB). Enjoy!
  2. tmbinc

    tmbinc Spirited Member

    Oct 10, 2006
    Likes Received:
    I don't know if this is a troll attempt (if so then yes, i fell for it) - and if not, I don't want to sound discouraging, but:

    This is bullshit. Yay, you used objcopy to take an encrypted binary and add an elf header, and then forced poor little objdump to disassemble those randomly-looking bytes. The binary is still encrypted, the elf header is bogus anyway, and the disassembly is as good as disassembly of /dev/urandom.
  3. pstrick1

    pstrick1 Site Supporter

    Aug 6, 2007
    Likes Received:

    A post so bad it caused a user who hasn't posted in 7 years to log back in.
  4. Fudge

    Fudge Spirited Member

    May 5, 2012
    Likes Received:
    From what I can tell it is bullshit, it's also tmbinc so I'm even more convinced.
  5. subbie

    subbie Moderator Staff Member

    Feb 25, 2005
    Likes Received:
    I knew something looked fishy but this really pointed it out to me.

    58: fe8d3b6f vminnm.f64 d3, d13, d31

Share This Page