Homebrew [33c3] Console Hacking 2016 (3DS/WiiU) talk Dec 27-30: smea, derrek, nedwill, naehrwert

[I_AM_L_FORCE]

We can write our own FIRMs, no exploit required to boot.

But for an average joe with Arm9Loaderhax, would it be worth switching in the future?

 

[metroid maniac]

@Apache Thunder can you tell me what level of code execution we need for bootromhax? Userland, arm11 or arm9? Thanks in advance.

Based on my understanding, you only need access to NAND so you can write something sensible to FIRM.
Which means arm9 hax in CTR mode, or any plain hax in TWL (DSiWare) mode.

So can we decrypt roms with pc now? Will Citra able to run encrypted roms?

After bootrom's keys are released.

 

[Deleted User]

MrNbaYoh released a secondary hax today and ned told about soundhax which is primary, so two hax today

Well, painthax is not very useful, it's just a little christmasploit

 

[Mrrraou]

Also gotta love "you also have to exploit a userland process but we're not talking about that." Still better than "we did a thing and got ROP" but eh, idk.

i loved the "but it's just the wii u anyway" tbh

 

[Noober]

So, still can't downgrade like a human being. Lazy bums, nothing good.

 

[Kartik]

So, still can't downgrade like a human being. Lazy bums, nothing good.

We got something way better than downgrades

 

[Blue]

Let hope that with these new Hax overlords we can unban systems from Ninty's network!

Pokemon SuMo? lol

 

[zoogie]

MrNbaYoh released a secondary hax today and ned told about soundhax which is primary, so two hax today

You're right about painthax, but soundhax being DIY is kinda disappointing.

 

[Tenshi_Okami]

So, still can't downgrade like a human being. Lazy bums, nothing good.

No more downgrading. No more otp fetching. No more bricks.

All you need now is a way to write to nand. This is 10x better than arm9loaderhax.

 

[Mrrraou]

You're right about painthax, but soundhax being DIY is kinda disappointing.

tbh i like it, i wanna implement it, sounds fun and i'll learn actual stuff. i don't understand why you're complaining lol
i mean, what is disappointing is that the bootrom dumping vuln was known for many years on 3dbrew and that no one has exploited it publicly lol

 

[gnmmarechal]

bootrom bois!

 

[Noober]

@Tenshi_Okami

Where is tutorial how to do this? xD

 

[metroid maniac]

so fast hax will allow you to downgrade with out a dsiware game

fasthax does exactly what slowhax does, but faster and (presumably) on 11.2.

 

[zoogie]

tbh i like it, i wanna implement it, sounds fun and i'll learn actual stuff. i don't understand why you're complaining lol
i mean, what is disappointing is that the bootrom dumping vuln was known for many years on 3dbrew and that no one has exploited it publicly lol

It's disappointing because it could be patched before it's implemented. That would really suck.

Anyway, I know you're pretty good so I'm glad to hear you're working on it.

 

[Tenshi_Okami]

@Tenshi_Okami

Where is tutorial how to do this? xD

the exploit was just released(as in talked about), we have to wait for someone to implement it and release it (if they do lol)

 

[Gnarmagon]

@Plailect We need a Guide for Fasthax :d

 

[einhuman197]

I feel sorry for arm9loaderhax. It was so good. It made my year nice. And now it's replaced by something better. I've started with hex editing and flickering payload () without screen init and now it's gone. Rip a9lh 2016-2016 ;(

 

[iAqua]

*cough https://github.com/plutooo/wiiu cough*

 

[hacksn5s4]

problem is it looks like you need an arm 11 exploit to get boot rom hax or a hard mode so if they patch fast hax it won't work on lasted firware

 

[Arubaro]

What will happen to 3ds.guide now? 100% rework again