Hacking Can someone describe the guide steps in plain English

markmcrobie · Jan 20, 2017

I have used 3ds.guide and it worked perfectly, but purely out of curiosity can someone explain what the steps actually do, and what the software you use during the guide does? Just briefly, as I said, just for curiosity/to help me understand what's going on - the guide is awesome and I followed it easily step by step, but it would be good to have an understanding of what's being done and why.

For example:

What do DSP Dump, hourglass9, godmode, etc all actually do?

Why do we downgrade to 2.1 at one step
Etc

Thanks!

Sent from my iPhone using Tapatalk Pro

konsolenumbau.expert · Jan 20, 2017

When I remember tight on every page at the top there is a little explanation of what is happening in the following steps.

Gesendet von meinem SM-G935F mit Tapatalk

Patxinco · Jan 20, 2017

Iirc, hourglass9 is to get a backup of your nand in case if needed after all the steps.
godmode9 lets you access system titles you cannot access otherwise.
and we downgrade to 2.1 cause is the last system version when your unique OTP is not secured and you have access to an exploitable browser which you use to extract your OTP.

Iirc, of course

EthanAddict · Jan 20, 2017

markmcrobie said:
I have used 3ds.guide and it worked perfectly, but purely out of curiosity can someone explain what the steps actually do, and what the software you use during the guide does? Just briefly, as I said, just for curiosity/to help me understand what's going on - the guide is awesome and I followed it easily step by step, but it would be good to have an understanding of what's being done and why.

For example:

What do DSP Dump, hourglass9, godmode, etc all actually do?

Why do we downgrade to 2.1 at one step
Etc

Thanks!

Sent from my iPhone using Tapatalk Pro

OK, here you have it:
1) We do DSP Dump to have audio in homebrew.
2) Hourglass9 is a noob-friendly version of Decrypt9, having only the basic functions, like nand dumping, restoring etc.
3) Godmode9 is a payload that reads folders in sdcard, sysnand, emunand etc, and features a hex editor to edit files.
4) We downgrade to 2.1 because there was a flaw, because the system didn't clear the 0x11 keyslot, which allowed us to get the console-unique OTP via a spider exploit(browser exploit).

capito27 · Jan 20, 2017

EthanAddict said:
OK, here you have it:
1) We do DSP Dump to have audio in homebrew.
2) Hourglass9 is a noob-friendly version of Decrypt9, having only the basic functions, like nand dumping, restoring etc.
3) Godmode9 is a payload that reads folders in sdcard, sysnand, emunand etc, and features a hex editor to edit files.
4) We downgrade to 2.1 because there was a flaw, because the system didn't clear the 0x11 keyslot, which allowed us to get the console-unique OTP via a spider exploit(browser exploit).

the 4th explanation is totally unrelated to why we can read the OTP, up to 2.1, the CFG_SYSPROT9 config register only had it's first bit set (as in, bootrom9 lock mechanism), but its second bit, the one locking access to the OTP area, was not set, so we could still read the OTP area from arm9 code execution up to 2.1, with later versions, the second bit is properly set, and the OTP region can't be accessed until shutdown of the system.

Zidapi · Jan 21, 2017

capito27 said:
the 4th explanation is totally unrelated to why we can read the OTP, up to 2.1, the CFG_SYSPROT9 config register only had it's first bit set (as in, bootrom9 lock mechanism), but its second bit, the one locking access to the OTP area, was not set, so we could still read the OTP area from arm9 code execution up to 2.1, with later versions, the second bit is properly set, and the OTP region can't be accessed until shutdown of the system.

In English he said! :rofl2:

Hacking Can someone describe the guide steps in plain English

Well-Known Member

Well-Known Member

Riding a Shooting Star

An investment to nothingness

Well-Known Member

Well-Known Member

Similar threads

Popular threads in this forum