SilicaAndPina

Members
  • Content Count

    20
  • Joined

  • Last visited

  • Days Won

    2

SilicaAndPina last won the day on November 14

SilicaAndPina had the most liked content!

Community Reputation

39 Excellent

3 Followers

About SilicaAndPina

  • Rank

  • Birthday August 29

Profile Information

  • Gender
    Not Telling
  • Interests
    Reverse Engineering ..?

My Tamagotchis

  • My Collection
    V5, TamaGo(v7)
  • Favorite Tamagotchi
    v5 (because childhood)
  • Favorite Tamagotchi Character
    MAME tchi

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Oh all the languages are there, there accessed by flashvars. it seems- it loads a locale file *.ace? not sure what the format is but it looks zlib-compressed in mmog.cebd we have them defined here: <lang> <!-- Path of the one .ace file to load --> <!-- :: Values :: --> <!-- relative path, root is the project's bin folder --> <!-- You will need to replace the ${lang} token by the current language at runtime. --> <var name="localization_section_path" value="config/ace/resource/#lang#/localization_section.ace"/> <!-- Path of ace files to load --> <!-- :: Values :: --> <!-- relative path, root is the project's bin folder --> <var name="available" value="de,en,es,fr,nl,pl,pt,ru"/> <var name="default" value="en"/> <var name="de" value="config/loc/de/"/> <var name="en" value="config/loc/en/"/> <var name="es" value="config/loc/es/"/> <var name="fr" value="config/loc/fr/"/> <var name="it" value="config/loc/it/"/> <var name="nl" value="config/loc/nl/"/> <var name="pl" value="config/loc/pl/"/> <var name="pt" value="config/loc/pt/"/> <var name="ru" value="config/loc/ru/"/> <var name="debug" value="${debug.localization}" /> </lang> basically you just pass "lang=<language "name">" to flashvars and it loads with that some of you may have noticed theres an italian language thats defined but not avalible- i was curious so i edited the config to add it to the list and *this happened* anyway i addded a language selector to the site famita.ml/friends for easy usage .
  2. it all loads the same states that are all burned into the ROM anyway
  3. Tama-Go, seems like they just locked all the content that used to be there(is allready on the ROM) behind a paywall :-:
  4. there are a few "tamatown rewritten"-esq sites, here are some links: V5 & Friends: famita.ml V4/V3: alexgtama.tk V5 and Friends are fully playable. however V4/V3 is some stuffs thanks to not all swf's archived
  5. Oh boy Dream Town, this was a fun one first i would like to thank @Alex Grigoriou as he had downloaded all the Dream Town files before it went down, basically making this whole thing possible. But anyway you can play dream town @ http://famita.ml/friends/index.html Registering and Login saving stuff works, however codes for the actural Tamagotchi Friends dont (yet), If you have any problems please tell me so i can try fix it- im not entirely sure i rewrote every single script soo Technical notes (for nerds): This game might have not been developed by Bandai but rather outsourced to "Firma Studio" as all packages are marked "com.firmastudio" - interestingly firmastudio.com seems to be an architexture company not a game development one, now granted it is Dream TOWN but i dont think it falls under *.CEBD file format - there is only 1 SWF file acturally loaded by this, which is the loader itself. which loads other binaries and config files in the .CEBD file, which is compressed (gZIP) & encrypted (ARC4) SWF or XML files the main config file is called "mmog.cebd" which is XML and defines stuff like the login server and stuff. and the main binary is "tam.cebd" which is a SWF, i wrote a CEBD decryptor in C# .NET which you can find the src and binaries for here: Cebd_Decrypt its also built with the Starling Engine, the login server is default over unsecured HTTP (infact, it pretty much HAS to be over HTTP since it expects a direct IP and not a domain name, i think SSL on IP's is possible but you cant do it with Let's Encrypt ..), oh and the original server stored passwords in plaintext, when you did a "i forgot my pass" thing it would just give you your password. i acturally set mine up to do SHA512(password)^salt the password reset merely creates a new password for you and tells you that instead. :-: It was totallllly possible to cheat dream town (even the original one,) basically whenever you do anything it sends a request to the auth server (defined in mmog.cebd) basically you can just POST to <authserver>/inventory/add with a JSON like {"itemId":1,"quantity":4,"authId":<token>} and it just adds it to your inventory. Anyway, you can find the CGI scripts code for the login server here: DreamTown Repository, and the Client Files
  6. you suck at embedding flash files... http://famita.ml/friends/
  7. i prefer 5555 5555 - its ez to remember and is counted as a V5.5 Clebrity so royal ship games work too *though bandai actidentally made any non-region 0 famitama be able to play v5.5's games. though i doubt the item codes would work from them GP should though ...*
  8. UPDATE: You can now use login password created by actural connections v5 tamagotchi to "login" to the games - it will give you a logout password from that so you can unlock items & gotchi points - if you dont have a connections V5 you can use the password "0000 0000" or "5555 5555" for games on the royal ship, since apparently bandai made it so japanese famitama's cannot connect to the royal ship games..
  9. it seems more like a stage:index type thing to me, like how futabachi is 0:5 (because 0 = baby tamagotchi & 5 is the index, basically its the 6th baby (because we count from 0)) when it evolved into toddler status it became 1:1 which sorta backs up the theroy either way what it means doesnt matter, we have the 2 digits for what tama you have in login password, and we can use the smae 2 digits for creating logout ANYWAY~ my work here is done: v5 Password Generator: https://github.com/KuromeSan/V5-Password-Generator/tree/v1.0 Famitama.cgi re-write: https://github.com/KuromeSan/TamaTown/blob/master/V5/pc/cgi/Famitama.cgi btw my Tama & Earth EXPO rebuild now uses this code and you can login / logout with any v5 or v5.5
  10. I need to try this code on other regions.. if you have a famitama from another region please send me login password .-. also u forgot that region 5 is v5.5 / cleb according to this chart binary did:
  11. based on the "multiple variations" theroy- i wrote this python3 code: https://pastebin.com/Q15QFTGp there are some variables im not quite sure are for (maybe integretity checking?) but there not important lel it works anyway without knowing what they are still not entirely sure how items work (only item id 01 is valid apparently (maybe its acturally a quantity?)) it can generate login passwords from my logout passwords consistantly (atleast for me) anyone else wanna give it a try?, my tama's evolved from there baby state and it still worked. (went from 0,5 to 1,1 btw which backs up the stage:tama list theroy~) . i really just need ppl with other-region v5's to try it .
  12. Finally had the chance to try this on my V5 and well it seems i was right about the prize amount being specified by a single number for example (if you have a male futabatchi) 21000 00452 gives you 700GP 21000 00351 gives you 500GP Also, yes i was right about the "2" being a type identifier. 31000 00550 gave me a food item erh a cinamon roll sort of thing. idk its actural name. but anyway, first digit is type- 1 = no prize 2 = gotchi points 3 = gift / item ahahah next thing i need to work out is *login password* in theroy. login password should contain all the information needed to create a logout password, which is. what tam you have, and your region. (00, 01, 02, 03 etc) Login password is different every time, luckily we can still create them today here are some examples from my Futabatchi(M) in Oceiana Region (1) 10070 01540 10060 01530 01035 01000 01085 10500 01035 01000 Notice how they all have those required values? my V5 is region 1 and the tamagotchi i have is 0,5 all these passwords have a 5 and a 0 somewhere just in differnet places, also the checksum is different (if there even is a checksum on login password, 0+0+1+5+5+1+0+2+0 = 14, 14 mod 10 = 4. soo thats wrong) looking at this i allready have an idea, it seems like theres 2 3 formats if the first digit is 1 then the tama index'es are on the 2nd part in position 0 and 1 see how on these (both begin with 1) 10070 01540 & 10060 01530 both have "015" which gives us the current tamagotchi (0,5) and also the region "1" however if its 0 then its on the first part with 01035 10x5 again has all the information it would need atleast thats what i thought until i got 01000 00157 but wait a minute.. 0+1+0+0+0+0+0+1+5 = 7 mod 10 its still 7 wew maybe thats anoher format where if the check byte matches then its got like "015" right at the end :-: IDK this is complicated but im guessing that was to stop people using tamaown without a tamagotchi honesly i need more login codes from other tama's and regions so with that. if you have a V5 (thats not oceania region or a Futabatchi) please just go generate a bunch of login passwords so i can see better how region is encoded
  13. I worked a bit out about the v5 password generation using this list tells me alot, first that only thing that matters is what tamagotchi you have (and its gender) 21000 < this is obviously your tamagotchi region where 0 = japan, 1 = oceania 2 = america 3 = europe (i think v5 celebrity had like 4?) maybe 2 is like type "give GP" or something. 10554 < the pattern i noticed here was x05x maybe 05 is the prize number (05 being 1000GP) and its like x05x where the 2 x's represent what tama you have. so "15" (another theroy i had is this is some sort of list maybe the first is like what stage its in (baby, toddler, teen, adult, etc) and then the 2nd one is which of those it is . not sure) now then whats this 4 at the end? well its a checksum of the rest of the code, like a litteral checksum it is the sum of the entire code (minus the check digit) modulo 10 2+1+0+0+0+1+0+5+5 = 14 14 mod 10 = 4 check byte is 4, so the code is 21000 10554 :0 thou hast been reversed? maybe im wrong about how "your current tamagotchi" is encoded it seems like a weird way to do it
  14. it fails to load normally because it tries to GET http://famitama.com/pc/cgi/Famiif.php at startup it expects a webform-encoded response with "ResponseCode=OK" ^ if littearlly any request fails (not 200/OK status) it goes to the "Tamatown is experiencing downtime" message- (btw- that address is hardcoded into the SWF file and is not a realitive address .-. i had to change the assembly to point to famata.ml instead~ though you can also just edit your hosts file to make famitama.com point to your own server. but thats not noob-friendly.) side note, it acturally was GET-ing /crossdomain.xml first which drove me mad. i had no idea why it was trying to download crossdomain.xml nowhere in the actionscript does it say to do that. but it turns out its just Adobe's answer to cross-origin policys i kept looking thorugh the code wondering wtf was wrong until i eventurally just googled "crossdomain.xml" and i felt really stupid XD- Oh btw i just updated the site to give """logout password"""s (realy it just randomly selects one of the "special" codes from this list: but hey its something right? XD) the v5 logout password doesnt look that complicated tbh.
  15. So i noticed that nearly all of the FamiTama SWF's where on the web archive. (with the exception being the ones related to the Tama Theater and annoyingly chara/*) with that i rebuilt the site and got it mostly-functional i put the files on my webserver: you have to enable flash player for it to work though http://famita.ml/pc/index.html Only thing that doesnt work is login/logout passwords with the actural V5 Tamagotchi, (it just accepts every login password as valid and doesnt give anything for logout) as the passwords where generated on the server side. you'd need to dump the V5's ROM to reverse how it worked and just learn the secrets in general ... the only modification is to famitama_shell.swf which was to change "famitama.com" to "famita.ml" though the original files are also on there and can be used if you edit your etc/hosts file . oh, i also rewrote some of the server-side scripts (such as game_rollarcoaster.php - used for saving images from the "Perfect Rollarcoaster Image" game. i might try implement the survey's too, should be possible... i thought of giving out the V5's "special" promo codes (the v5 codes that can be used regardless of username or login password..) in place of logout passwords (atleast.. until its known how logout is generated) .. but have not done that yet.. EDIT: the survey votes are now counted. (nerds can see my terrible php code here) :-: anyway~ go say who best tama is