kinnay / nintendoclients Goto Github PK
View Code? Open in Web Editor NEWPython package to communicate with Switch, Wii U and 3DS servers
License: MIT License
Python package to communicate with Switch, Wii U and 3DS servers
License: MIT License
Title. (Too lazy to make a pull request)
Is there any method of getting the credentials required for the animal crossing script without rooting your Switch? (I have the new model and thus cannot root it)
It'd be great to be able to search for open islands without a Dodo Code. What is the process for that?
https://github.com/kinnay/NintendoClients/wiki/Telemetry-Servers lists only receive for data telemetry - it now seems https://fw-api.lp1.nso.nintendo.net/v1/events
is also used when enabled via sprofile, and events such as the following are sent:
{"type_name":"online_play","version":1,"occurred_at":1645484612,"application_id":"01006f8002326000"}
with {"message":"OK"}
as a response.
Also, "telemetry" is misspelt a few times ^^
Hello :-)
How can I get more game-specific key of other games for LAN protocol ? eg. key for Mario Kart 8 Deluxe.
Is there a way that I can do it myself ?
According to this reddit post, three files are neccessary for a level on your savefile:
I am aware you cam download the bcd of any arbitrary level online. How could I aquire the other two and, if not, could I use the default provided by creating a new level in the MM2 editor? Thank you.
It would be very useful for people who can no connect to Nintendo servers
with a Switch.
A lot of thanks
I want to get smm2 stage information, but there are no examples to get information from the server with switch platform.
I test example_mariokartdeluxe.py
with login.
backend = backend.BackEndClient("switch.cfg")
backend.configure(SMM2.ACCESS_KEY, SMM2.NEX_VERSION, SMM2.CLIENT_VERSION)
backend.connect(HOST, PORT)
backend.login(USERNAME,auth_info=?)
and say
nintendo.nex.common.RMCError: Authentication::ValidationFailed (0x80680007)
What do i need to do?
Thank you for your reply.
The scheduler runs in a separate thread and there is no way to avoid that. However, when I wrote the PRUDP client (and other classes) I didn't pay attention to thread safety. I should probably check if this can cause issues.
During a call to dauth.device_token(keys)
my code hangs at exactly this line. This code used to work a few weeks ago and I've updated the system and checked my keys file, but it inexplicably hangs here, not an error.
dauth = DAuthClient(keys)
dauth.set_certificate(cert, pkey)
dauth.set_system_version(SYSTEM_VERSION)
response = await dauth.device_token(dauth.BAAS)
device_token = response["device_auth_token"]
Hello, I have just read your repo on super mario 35 and the research you have done regarding how our consoles communicate with nintendo servers (and I would like to have your opinion on the pia (pear 2 pear) protocol ( when used for a connection to the NSO (Nintendo Switch Online))
if I understood correctly when our console connects to online on a game using the PIA protocol to play online
the console contacts the NEX server (Game Server) to request the available pools and attempt to connect to them
do you think it would be possible to recreate this protocol based on the research of the eagle server (an ips patch for change game server adress) to allow hacked consoles to communicate as if it were on the NSO without going through the nintendo servers
if possible this would be a major step forward especially if it does not depend on external hardware (compared to lan play)
Thank you in advance for your reply
I have been trying to implement as many functions as possible that return CourseInfo
, but one method in particular seems like a good candidate for more specific searches. search_objects
looks promising, but it returns a list of DataStoreMetaInfo
which don't have any associated types. I'm wondering if I can change data_type
in DataStoreSearchParam
to some constant that maps to levels and then convert the resulting meta_binary
in DataStoreMetaInfo
to CourseInfo
and if not whether a similar method can be put to use to get very particular searches.
I noticed that in the wiki, ACNH uses the match making protocol. I was wondering if one of the methods in the MMP would provide island data for a given dodo code.
Opening this issue just to keep track of any inaccuracies/issues I find in the wiki or new findings to be added to the wiki. Since I will be updating this issue every now and then I will keep it open
To start off it seems like on the 3DS NintendoLoginData
in the Secure Protocol is actually named AccountExtraInfo
. It contains the same data but just a different name in the AnyDataHolder
FollowingsLatestCourseSearchObject
in DataStore (SMM) says it uses a DataStoreSearchParam
and a <List>String
in it's request but the data I have doesn't seem to quite match that? It seems like all the data matches up in DataStoreSearchParam
except that it seems to lack the totalCountEnabled
and dataTypes
fields. I'm unsure if these are related to the NEX version or if it's a SMM-specific patch. If I omit these two fields then the data for FollowingsLatestCourseSearchObject
matches up perfectly
And finally when again using SMM it looks like GetObjectInfos
actually uses <List>DataStoreFileServerObjectInfo
in the response but your wiki doesn't say that SMM patches that method? I have not checked any other games which use the DataStore protocol so I don't know if this is just the wiki being wrong in general or yet another SMM-specific patch
I want to preface by saying, thank you! This project is absolutely fantastic! About the SMM2 example, you download the level into level.bin
. Is this file equivilent to one that can be parsed by simontime's decryptor or the partrick level editor? That is, is the file in bcd
format? Thank you!
Hi, I'd like to MITM my Switch in order to try and figure out how some of these APIs work. I set up Charles, configured my Switch to proxy to it, and added a patch which disables certificate verification. It's working, sorta. I'm told I need my Switch's client certificate to get more detailed logging of requests. How do I get that? I tried using SimonMKWii's scripts but got a NameError. Then I tried using CertNXtractionPack but Charles refuses to read the resulting PFX file (I tested Firefox just in case it's a Charles error, no dice there either). Can you recommend a better way to get my Switch's client certificate?
Currently, this repository implements everything that is required to access NEX services from a PC. Should it support other services as well? I've been thinking about this for a while.
First, some observations:
Also:
I'm not against adding support for other services, but I also want to avoid feature creep. And:
I've been thinking about creating a github organization. This would have the following benefits:
As far as I know, github automatically redirects the old repository when it is transferred to an organization, so existing links will remain intact.
If we do this, a few questions remain:
Just wanted to dump my thoughts here. If you want to share your opinion, leave a comment below.
Iโm trying to create a LAN server for splatoon 2, and I need some help :/
Hi, I'm using Charles right now to view websocket connections, but it doesn't do any sort of decoding and instead just shows raw bytes. How can I inspect the connection at a higher level?
I would love to be able to upload an arbitrary image and get back a pattern share code programmatically. Similarly to be able to download a pattern given a share code or list all patterns created by a given creator code. Basically everything the in-game kiosk can do.
Is it possible to route all websocket traffic through a SOCKS5 proxy using PySocks?
I was able to download game.bin by referring to gamebuilder.py. Thank you.
In the following line, the argument access_key was missing, so I added GBG.ACCESS_KEY.
It seems that the downloaded game.bin contains data such as jpeg and name. Is there a way to parse this?
On the wiki I see you document DataStore Codes, so I was wondering if applicationId
s might also be on the table for being properly documented? They are used a LOT in DataStore to get things like differing configuration settings, to changing what kind of data is sent with a response, to rating objects
For example in SMM:
CustomRankingByDataId
sends an applicationId
of 300000000 then it expects user Mii data to be sent back, not course dataGetApplicationConfigString
uses it to get different word black lists(?) (possibly for course names and Miiverse comments?)GetApplicationConfig
uses it to get different uint32 lists (unknown what they are for, but one seems to be a list of PIDs)RateCustomRanking
uses it heavily for rating objects with many different valuesI have seen the following applicationId
s used:
GetApplicationConfig
and RateCustomRanking
)GetApplicationConfig
)GetApplicationConfig
)GetApplicationConfig
)GetApplicationConfigString
)GetApplicationConfigString
)GetApplicationConfigString
)RateCustomRanking
)RateCustomRanking
)RateCustomRanking
)GetCustomRankingByDataId
and RateCustomRanking
)RateCustomRanking
)RateCustomRanking
)RateCustomRanking
)RateCustomRanking
)RateCustomRanking
)RateCustomRanking
)RateCustomRanking
)RateCustomRanking
)RateCustomRanking
)The wiki of this repository has almost 100 pages about the servers and protocols, but there is (aside from the example scripts) no documentation about the code. It would be nice to document the classes and their methods somewhere. Right now the only way to figure out the interfaces is to read the code, and it's not always clear which methods are supposed to be public or private. It would also be nice to have all the methods in one place, with clickable links if possible.
I don't have any experience with this. So far I have discovered Sphinx, MkDocs and pydoc. Seems like documentation is either written in markdown or docstrings. I think I'd prefer markdown because it's more flexible. Also, docstrings often increase the size of the code significantly, which might be harmful to its readability. On the other hand, docstrings are shown in python's help()
function.
After reading up on PRUDPLite I attempted to look at my own traffic for research purposes. However none of the packets found in WireShark match that of the structure described here.
None of the packets in my dump have a 0x80 header, however many (if not all) seem to use 32 AB 98 64
as a header. This is true between both MK8D and Splatoon2. Could Nintendo have possibly changed the format? Or is this something different? There's no WebSocket data in the WireShark dumps and it doesn't appear to be going over TCP either. On a whim I also checked PRUDP V0 and V1 (not expecting anything), and unsurprisingly those also did not work.
MK8D WireShark dump 1: https://drive.google.com/open?id=1GLyehZHR7lHMqW61YT4lOZSqyj7Pixzp
MK8D WireShark dump 2 (full dump of race): https://drive.google.com/open?id=1B32NYEWweKr9ZQsmucwljo0VOMt6vjKm
Splatoon2 WireShark dump: https://drive.google.com/open?id=15yJRtBUCxfJDZ7f9WRfLl_hXaaqi5ArJ
Is it possible to get the course replay data of:
In SMM2? Thank you!
Updates to https://github.com/Kinnay/NintendoClients/wiki/Data-Store-Protocol-(SMM)
#include "CommonTypes.bt"
struct Unknown_0x004a_request {
uint32 id; //observed values: 0x82, 0x81, 0x80
};
struct Unknown_0x004a_response {
uint32 size;
qBuffer data[size] <optimize=false>;
};
Please verify the actual usage of this URL: znc.srv.nintendo.net
I see a lot of short flows with low data to *.znc.srv.nintendo.net that do not appear to be voice chat flows.
Additionally, this reverse engineering project points to the URL being used for different functions in the online lounge, not necessarily related to voice: https://github.com/ZekeSnider/NintendoSwitchRESTAPI
Further clarity would be helpful.
Links are broken in the documentation.
I'm guessing that it was caused by the release of mkdocs 1.2.
i get Unlinked device when using donkey kong client. does anybody know why this happens?
INFO:anynet.http:Received HTTP response: 400
ERROR:nintendo.nnas:Account request returned status code 400
0110
Unlinked device
Hi, I recently noticed that example_mariokartdeluxe.py doesn't seem to work anymore. Did they possibly disable the guest login?
The error I get is nintendo.nex.common.RMCError: RendezVous::InvalidUsername (0x80030064)
Currently, the latest title version is hardcoded in games.py and must be updated manually whenever an update is released.
It would be nice if we could automate this. Maybe a bot can create a pull request whenever an update is released. I don't want to use my own client certificate though.
Maybe someone keeps a public database of Switch titles. If yes, check if it's good. Is it reasonably up to date?
The dauth server was updated (v6 -> v7). Figure out if anything has changed.
Today I was trying to get deliver_message
to work properly for SmmServer and I ran into a strange issue.
Here is my log (I just added some debug prints):
[2022-08-20 15:42:38] INFO: MessageDeliveryServer.deliver_message()
[2022-08-20 15:42:38] INFO: DataHolder.decode, stream: 0e0042696e6172794d65737361676500a7000000a30000000000000000002a000000000000001a94357701000000000000000000000000000000000000000000000001000000010000010000006a0000006800000000030000000000000002540be46100470072006100730073007900200050006c00610069006e00730020002800450078007400720065006d0065006c0079002000450061007300790029000000000000305f304b306800002372e3580e235ab002818e880000
[2022-08-20 15:42:38] INFO: DataHolder.decode, name: BinaryMessage, stream: a7000000a30000000000000000002a000000000000001a94357701000000000000000000000000000000000000000000000001000000010000010000006a0000006800000000030000000000000002540be46100470072006100730073007900200050006c00610069006e00730020002800450078007400720065006d0065006c0079002000450061007300790029000000000000305f304b306800002372e3580e235ab002818e880000
[2022-08-20 15:42:38] INFO: DataHolder.decode, sub1: a30000000000000000002a000000000000001a94357701000000000000000000000000000000000000000000000001000000010000010000006a0000006800000000030000000000000002540be46100470072006100730073007900200050006c00610069006e00730020002800450078007400720065006d0065006c0079002000450061007300790029000000000000305f304b306800002372e3580e235ab002818e880000, stream:
[2022-08-20 15:42:38] INFO: DataHolder.decode, sub2: 0000000000002a000000000000001a94357701000000000000000000000000000000000000000000000001000000010000010000006a0000006800000000030000000000000002540be46100470072006100730073007900200050006c00610069006e00730020002800450078007400720065006d0065006c0079002000450061007300790029000000000000305f304b306800002372e3580e235ab002818e880000, sub1:
[2022-08-20 15:42:38] INFO: Structure.decode, hierarchy: [<class 'nintendo.nex.common.Data'>, <class '__main__.UserMessage'>, <class '__main__.BinaryMessage'>]
[2022-08-20 15:42:38] INFO: UserMessage.load stream: 000000001a94357701000000000000000000000000000000000000000000000001000000010000010000
[2022-08-20 15:42:38] INFO: BinaryMessage.load stream: 6800000000030000000000000002540be46100470072006100730073007900200050006c00610069006e00730020002800450078007400720065006d0065006c0079002000450061007300790029000000000000305f304b306800002372e3580e235ab002818e880000
[2022-08-20 15:42:38] INFO: message: {"binary_body": [0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 2, 84, 11, 228, 97, 0, 71, 0, 114, 0, 97, 0, 115, 0, 115, 0, 121, 0, 32, 0, 80, 0, 108, 0, 97, 0, 105, 0, 110, 0, 115, 0, 32, 0, 40, 0, 69, 0, 120, 0, 116, 0, 114, 0, 101, 0, 109, 0, 101, 0, 108, 0, 121, 0, 32, 0, 69, 0, 97, 0, 115, 0, 121, 0, 41, 0, 0, 0, 0, 0, 0, 48, 95, 48, 75, 48, 104, 0, 0, 35, 114, 227, 88, 14, 35, 90, 176, 2, 129, 142, 136, 0, 0], "flags": 0, "id": 0, "life_time": 0, "message_recipient": [1, 0, 0, 0, 1, 0, 0, 1, 0, 0], "parent_id": 2000000026, "pid_sender": 1, "reception_time": {"value": 0}, "sender": null, "subject": null}
Overall the structure makes sense. I figured out the following structure:
AnyDataHolder
(name: BinaryMessage
, length, length, Structure
data)Structure
data: 00 00000000 00 2a000000 00000000 1a943577 01000000 0000000000000000 00000000 00000000 0000 0000 01000000 01000001 0000 006a 0000006800000000030000000000000002540be46100470072006100730073007900200050006c00610069006e00730020002800450078007400720065006d0065006c0079002000450061007300790029000000000000305f304b306800002372e3580e235ab002818e880000
This is composed of:
UserMessage
BinaryMessage
It looks like there is something wrong with the MessageRecipient
, perhaps the m_uiRecipientType
is a Uint16
?
That would make it:
0100 00000100 00010000
Which is type=1, principalId=65536, gatheringId=256 which seems more reasonable?
I want to provide modifications the following page: https://github.com/kinnay/NintendoClients/wiki/Mario-Kart-8-Protocol
Anyio recently reached version 2.0.0, with breaking changes. I fixed this by explicitly specifying the required anyio version in setup.py. However, I really want to update my code to be compatible with anyio 2.0.0 and higher at some point.
As far as I can tell, the library uses TLS but ignores server certificates. Since N's certificates are self signed, is it possible we could supply our own TLS fingerprints for at least ToFU-based verification?
PRUDP packets contain a source and destination port (just like regular TCP/UDP packets). These can be used to:
My current implementation does not support this however. It always establishes a new transport connection for each PRUDP connection, and only one PRUDP server can be hosted at a given TCP/UDP port.
For completeness sake, it would be nice to properly implement PRUDP ports. Unfortunately, this is very difficult.
Currently, the scheduler loops through all sockets and timers every 20 milliseconds to check if they're ready. This is probably not scalable. Even if the performance impact is not as bad as it seems, it just feels bad to waste resources like that. Maybe we can use select
?
Sorry to keep asking questions, but I wasn't able to find save 8000000000000010
in goldleaf, only 8000000000000001
and 8000000000000011
. Do you know where I could find and read it? Thank you.
There are a few differences between the source code of NintendoClients and the documentation which leads to certain undocumented differences
The ones which I have currently found deal with the type/flags and checksums
In https://github.com/Kinnay/NintendoClients/wiki/PRUDP-Protocol#v0-format it says that the "Type and flags" field is two bytes, however your source code shows a version which is one byte
Similarly the checksum is shown to only be one byte, but again your source code shows a version where there it is four bytes
From what I can tell these differing formats are not documented in the Wiki. There may be more as well, which I will leave here as comments if found, but at the moment I only have these 2
I noticed that the MM2 example only uses the ticket in one place:
response = aauth.auth_digital(
SMM2.TITLE_ID, SMM2.TITLE_VERSION,
device_token, ticket
)
Is there an equivalent aauth.auth_gamecard
to use with game cards? Thank you
Should be as simple as adding the new user agent and system version digest to dauth.py
, aauth.py
and baas.py
.
See title. Dump the account sysmodule and check if anything has changed. Apparently there is a new master key.
The error code documentation listed here https://github.com/Kinnay/NintendoClients/wiki/Wii-U-Error-Codes is very useful for understanding when to throw an error and why, however it remains very incomplete. On Wii U all the error codes and messages are stored in MSBT files. Using these we can get all known error codes and their messages
Attached is a complete list of all error codes and messages on the Wii U. While still incomplete, as not every error code has a message it seems, this is a substantial improvement
101-xxxx.md
102-xxxx.md
103-xxxx.md
104-xxxx.md
105-xxxx.md
106-xxxx.md
108-xxxx.md
109-xxxx.md
115-xxxx.md
118-xxxx.md
120-xxxx.md
124-xxxx.md
125-xxxx.md
126-xxxx.md
150-xxxx.md
151-xxxx.md
152-xxxx.md
155-xxxx.md
156-xxxx.md
157-xxxx.md
158-xxxx.md
161-xxxx.md
162-xxxx.md
165-xxxx.md
166-xxxx.md
167-xxxx.md
168-xxxx.md
199-xxxx.md
errors.md
The new system version is X-Nintendo-System-Version | 0260
- this should be updated in the appropriate Wii U scripts
https://github.com/Kinnay/NintendoClients/wiki/AC:NH-Server#post-apiv1auth_token
Where does the switch store this information? It would be handy to be able to retrieve it without performing a man-in-the-middle attack.
Hi
I tried to create "server" for Metroid Prime FF to look into the packets just for fun.
But I have a problem with the packet signature in PRUDP V1.
The connection with the 3DS seems a little bit simpler as opposed to the Wii U. It just connects to nasc.nintendowifi.net, sends a request and gets a response that inlucdes an IP (Key named locator in the response) that is base64 encoded and a token that I have no idea how it is encoded. After it closes the connection to nasc it directly sends a SYN PRUDP V1 packet to the Game Server. The game seems to just accept my SYN packet from my server without a signature but the CONNECT packet that follows it will not accept. My CONNECT response is the exactly the same as the one from the real server, except the packet signature and the session ID. But the session ID seems to be a random number anyway so it shouldn't cause the game to not accept my packet.
I guess the 3DS doesn't use a secure key to calculate the signature because there is no such thing as a secure server, except it is hidden in the token from the nasc.
So the real problem I'm facing is how can I get the access key of Metroid Prime FF. Do you have any idea?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.