Hacking [WIP] KARL3DS - Kernel access on N3DS via Ninjhax + Loadcode

[WulfyStylez]

I've done more than the white list. I also did the Nintendo zone list. I'll edit the post until I experiment with TWL. But I have no clue why anybody would want to spoof TWL (it's probably just a bad example) or how changing the .CIA version would break more than is already broken. The files are not downloaded as a .CIA. 3DNUS packs them into a .CIA and doesn't use a valid signing key to do so.

There is no 'CIA version'! There's a CIA revision number to specify the version of CIA it is (always 0x0000, there's only one revision of the CIA format), but that's it. CIAs are not signed, because all of the content within them is. Essentially: If you can't install a CIA on stock NATIVE_FIRM, it will break on loading. You avoid the signing checks on CIAs by installing them through a modified FIRM, but that does not make them usable on stock sysnand. End of story. Please stop spreading misinformation.

 

[shinyquagsire23]

Can we run use our Gateway cards while using this?
*please dont hurt me*

Maaaaan! You made me laugh.... for real!

BTW, I'd like to know that too... **please, don't hurt us **

Most certainly not, Gateway does their arm11 setup differently and we ain't porting their crap.

 

[Xenon Hacks]

Most certainly not, Gateway does their arm11 setup differently and we ain't porting their crap.

 

[mvmiranda]

Most certainly not, Gateway does their arm11 setup differently and we ain't porting their crap.

Alright!
It's Ok. This project looks promising! My Cubic Ninja is arriving Monday and I can't wait to use it
Also, I'm looking forward to use KARL...

 

[tony_2018]

its a struggle sometimes to get people to stop posting BS as if its FACT!
if people havent tried something, dont just say its safe....then again who am i to argue if people feeling like bricking their own system

Yeah..seriously whats up with that. "Stop recommending shit if you haven't tried" is what I'd say .

 

[memomo]

A little status update: We now have ARM11 kernel exec working 100% of the time from mset! We had to pretty much remake bootstrap from scratch to get it to work, and I made sure to make it super portable so we can port to spider very quickly in the future. The next thing to do is port firmlaunch-hax stuff to this, and we'll be done!

Any word for porting it to OOT ?

 

[WulfyStylez]

Any word for porting it to OOT ?

This code can get ported around to any entrypoint, so there's that.

 

[memomo]

This code can get ported around to any entrypoint, so there's that.

I hope you utilize all the available exploits and make it ready in the first public release so we don't have to wait

Anyway,thanks for your hard work

 

[Apache Thunder]

I assume you'll open source the new bootstrap? You already did with the previous one. Of coarse anything beyond this won't be open source.

 

[Loaffy]

A little status update: We now have ARM11 kernel exec working 100% of the time from mset! We had to pretty much remake bootstrap from scratch to get it to work, and I made sure to make it super portable so we can port to spider very quickly in the future. The next thing to do is port firmlaunch-hax stuff to this, and we'll be done!

Awesome to hear you guys are making significant progress. Good luck with porting the firmlaunch-hax stuff, though I'm sure you guys don't need it.

 

[urherenow]

So, with BBM, I am unable to install TWL_FIRM even when spoofing. It says "Program already exists. Import canceled." So yea... that was a bad example. Nobody is going to do that and brick their system.

Edit: but as far as I know (I saw no error) Big Red Menu DID import it, with a spoofed version number. And I just launched Metroid Fusion. So nothing bricked and TWL_FIRM works.

 

[WulfyStylez]

So, with BBM, I am unable to install TWL_FIRM even when spoofing. It says "Program already exists. Import canceled." So yea... that was a bad example. Nobody is going to do that and brick their system.

Edit: but as far as I know (I saw no error) Big Red Menu DID import it, with a spoofed version number. And I just launched Metroid Fusion. So nothing bricked and TWL_FIRM works.

Big Red Menu does not show error messages. You didn't import anything. Use a good CIA installer like FBI.

 

[urherenow]

Big Red Menu does not show error messages. You didn't import anything. Use a good CIA installer like FBI.

FBI won't install it either. Even the non-spoofed one. Also when I set destination to NAND (I tried both NAND and then SD just to humor myself... got the same error) It says "Free Space: 0 bytes (0.00MB).

I'll assume that thinking someone would read my post and try that, is a ridiculous notion. I'm going to move on and see what I can figure out installing a spoofed MSET instead. Although, Installing firmware 7.0 in its entirety using 3DNUS and BBM from sysnand 4.5 results in a broken system settings app anyway, and 7.1 and above with the same method give a black screen brick, with no spoofing involved.

 

[WulfyStylez]

FBI won't install it either. Even the non-spoofed one. Also when I set destination to NAND (I tried both NAND and then SD just to humor myself... got the same error) It says "Free Space: 0 bytes (0.00MB).

I'll assume that thinking someone would read my post and try that, is a ridiculous notion. I'm going to move on and see what I can figure out installing a spoofed MSET instead. Although, Installing firmware 7.0 in its entirety using 3DNUS and BBM from sysnand 4.5 results in a broken system settings app anyway, and 7.1 and above with the same method give a black screen brick, with no spoofing involved.

You cannot install a spoofed anything and use it on stock FIRM. Period.

 

[urherenow]

You cannot install a spoofed anything and use it on stock FIRM. Period.

WRONG, sir. I spoofed both the DS whitelist and the Nintendo Zone list and use them on both my O3DS and N3DS in sysnand. I'm sure some things could cause a brick but "Period" is a flat out LIE.

 

[WulfyStylez]

WRONG, sir. I spoofed both the DS whitelist and the Nintwndo Zone list and use them on both my O3DS and N3DS in sysnand. I'm sure some things could cause a brick put "Period" is a flat out LIE.

*ma'am. And maybe what's better to say is 'and have it work'. Both of those function by causing their respective lists to be unreadable, as has been said before by multiple people.

 

[urherenow]

*ma'am. And maybe what's better to say is 'and have it work'. Both of those function by causing their respective lists to be unreadable, as has been said before by multiple people.

So is it a whitelist or a blacklist? And how would it know attwifi was a Nintendo Zone if it couldn't read the list? My Nintendo Zone was working on sysnand without any connection configured! And I was getting Home Passes!

Edit: Oh, and my apologies. I obviously wasn't paying attention and didn't know you were a woman.

 

[Zidapi]

WRONG, sir. I spoofed both the DS whitelist and the Nintendo Zone list and use them on both my O3DS and N3DS in sysnand. I'm sure some things could cause a brick but "Period" is a flat out LIE.

Give it up. You don't know what you're talking about, you're just making a fool of yourself now.

 

[urherenow]

Give it up. You don't know what you're talking about, you're just making a fool of yourself now.

I don't know that I spoofed the whilelist and Nintendo zone versions and have them installed and working on my own sysnand? Don't be an ass hat. Video uploading.

And by the way, MSET refused to install as well using this method. So again, I doubt anybody will be able to brick anything because they read my earlier post (which I edited, but it doesn't matter since so many people quoted it anyway). For most things I usually tell people not to try it without backups and a hard mod (or the ability to hard mod if ever needed).

Edit: Video. Again, if the list is unreadable, then how come the N3DS detects an "attwifi" SSID as a Nintendo Zone? It certainly doesn't detect every unsecured connection as one...

 

[Zidapi]

So is it a whitelist or a blacklist? And how would it know attwifi was a Nintendo Zone if it couldn't read the list? My Nintendo Zone was working on sysnand without any connection configured! And I was getting Home Passes!

Edit: Oh, and my apologies. I obviously wasn't paying attention and didn't know you were a woman.

The flash card one is a list of blocked carts, so it's a blacklist.

The Nintendo zone one is a list of NZ ssids and is therefore a whitelist.

I don't know that I spoofed the whilelist and Nintendo zone versions and have them installed and working on my own sysnand? Don't be an ass hat. Video uploading.

And by the way, MSET refused to install as well using this method. So again, I doubt anybody will be able to brick anything because they read my earlier post (which I edited, but it doesn't matter since so many people quoted it anyway). For most things I usually tell people not to try it without backups and a hard mod (or the ability to hard mod if ever needed).

I'm not trying to be an asshat honestly, but you're an idiot. I'm not sure there's "non-asshat" way of making aware of you this.

As you've been told repeatedly by multiple people, spoofing breaks the signature forcing the 3DS to use it's fallback lists instead (the earliest revisions of each list).