Info@NationalCyberSecurity
Info@NationalCyberSecurity

Hack ROM to force a Language | GBAtemp.net | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker


So I noticed there was an Action Replay code to force a NDS game to load the required language: https://gbatemp.net/threads/force-the-ds-dsi-games-language-with-an-ar-code.478344/

I have figured out a way to hack the NDS rom to load the required language. No Action Replay codes needed. I’m aware that some tools like the TwilightMenu++ allow you to do this, but this is more useful if you are injecting a NDS rom into a NDS Wii U Virtual Console game (https://gbatemp.net/threads/wii-u-nintendo-ds-virtual-console-inject-guide.480668/).

To find out what languages a NDS game supports, I would recommend checking this website (https://www.advanscene.com/html/index.php). It sadly doesn’t explain if the language loaded is based on the firmware, or if the user can pick (sometimes both methods are used). That you have to find out yourself.

From the few roms I have tried, this method seems to work perfectly. I will use Super Princess Peach (Europe) as a demonstration. This game supports English, French, German, Spanish, and Italian, and loads the language that is based on the firmware setting (if language is set to Japanese, the game will load in English).

Download the tools:

Install Notepad++:
https://notepad-plus-plus.org/

1 – Extract the contents of the “Force Language Tools.7z” files.
2 – Place a copy of the NDS rom into the main “Force Language Tools” folder.

3 – Open DsSmuMe emulator: desmume-0.9.11-win32 > DeSmuME_0.9.11_x86.exe
4 – Click: Config > Firmware Settings

2.png

5 – Change “Language:” to the one you want to load.

3.png

6 – The required language will have loaded. In this example, Spanish has loaded, and there is no way select a different language in the game.

4.png

7 – Open: dsbuff_v1Final > dsbuff.exe
8 – Click “Browse…” and open the NDS rom.

5.png

9 – Click “Unpack”.

6.png

10 – Click on “Info” button next to the “Directory” text box.

7.png

11 – Locate and click on the “rom” folder.

Note: Make sure there is nothing inside the folder. If there is, then delete the contents.

8.png

12 – Click the “Green Tick” to unpack the contents.

9.png

13 – This will open a new folder. This is the contents of the rom.
14 – Make a copy of “arm9.bin” file.

10.png

15 – Place a copy of “arm9.bin” into the main folder.

11.png

16 – Open: no$gba > NO$GBA.EXE
17 – Click: Debug > Define Break/Condition

12.png

18 – Type in the following: [027FFCE4]?

13.png

19 – Click: Cartridge menu (FileName)
20 – Open the NDS rom.

14.png

21 – The game should freeze on the following instruction: add r0,r12,6h

15.png

22 – What we are interested in is the instruction above. It should be: ldrh r2,[r12,64h]

What it is doing is taking the R12 address, adding 64 hex bytes to the address, and storing the value stored at the new address into R2. So: 027FFC80 + hex(64) = 027FFCE4

That is the RAM offset that stores the language that is set in the firmware. What we are going to do is change the instruction to always load the required language value into R2.

Make a note of the address the “ldrh” is stored at. In this example: 020C98FC

15b.png

23 – In the main folder, open “compile.asm” in Notepad++.

16.png

24 – Take the address you made a note of in Step 22, and remove the 02 from the beginning.

For example: 020C98FC > 0C98FC

At Line 20, place the new address after the “0x”:

17.png

25 – At Line 22, change the “English” text to one of the following:

  • English
  • French
  • German
  • Spanish
  • Italian
  • Japanese
17.png

26 – Save the changes to the “compile.asm” file.
27 – Click on the “make.bat” file in the main folder.

18.png

28 – If you see this message, the instruction was changed.

19.png

29 – Click the “Pack” icon.
30 – Click on “Info” button next to the “ROM Contents” text box.

20.png

31 – Locate and click on “rom” folder.

21.png

32 – Click the “Green Tick” to pack the contents.

22.png

33 – Choose a location to save the new NDS rom to, and give it a new name.

23.png

34 – Use the DeSmuMe emulator to test the rom. Change the “Language” in the “Firmware Settings” to one that is different to the forced language.

24.png

35 – Now the forced language will always load.

25.png

Enjoy!

——————————————————–


Click Here For The Original Story From This Source.

.........................

National Cyber Security

FREE
VIEW