Hacking cias on a 3ds with a 10.1+ firmware

Quantumcat

Dead and alive
Member
Joined
Nov 23, 2014
Messages
15,144
Trophies
0
Location
Canberra, Australia
Website
boot9strap.com
XP
11,094
Country
Australia
Well, you know, English is like the number 1 easiest language in the world, people who don't know English is because they're not even trying, also your English is pretty broken. So you're one to talk.

--------------------- MERGED ---------------------------

Ok, this thread was a mistake.
Your English is pretty broken, yourself. You used "is" with a plural subject. Anyway I am pretty sure English is one of the hardest languages to learn due to the lack of rules. German would have to be the easiest.
 
  • Like
Reactions: Zidapi

ironmaster49

Well-Known Member
Member
Joined
Aug 9, 2015
Messages
764
Trophies
0
XP
254
Country
The CID is write-once as per the eMMC/SD specification. But that one guy who desoldered and swapped the CPU and NAND from an American N3DS XL to a Japanese N3DS proved further that the NAND keyX is hardcoded specifically against a single NAND in the bootrom, and the bootrom cannot be read from or written to.
Oh all right thanks, you answered my question, so the bootrom cannot be read from at all? Not via any hardware OR software method? And can NAND backups be edited to match the bootrom of a 3ds if we somehow can get the bootrom? I read the bootrom is destroyed on boot and that's why you can't read it with software unless you can get a hack loaded before the bootrom is destroyed and maybe that's why correct me if im wrong. Thanks for answering.
 
Last edited by ironmaster49,

shinyquagsire23

SALT/Sm4sh Leak Guy
Member
Joined
Nov 18, 2012
Messages
1,977
Trophies
2
Age
26
Location
Las Vegas
XP
3,765
Country
United States
Oh all right thanks, you answered my question, so the bootrom cannot be read from at all? Not via any hardware OR software method? And can NAND backups be edited to match the bootrom of a 3ds if we somehow can get the bootrom? I read the bootrom is destroyed on boot and that's why you can't read it with software unless you can get a hack loaded before the bootrom is destroyed and maybe that's why correct me if im wrong. Thanks for answering.
I wouldn't say destroyed as much as it's locked out from reading extremely early in boot, but yeah that's the general idea. And I suppose if you could figure out how the keyX links to the keyY (ie it's calculated from something or if it's purely random) you could work with that, but assuming bootrom isn't exactly something I'd count on very soon if at all.
 

ironmaster49

Well-Known Member
Member
Joined
Aug 9, 2015
Messages
764
Trophies
0
XP
254
Country
Yeah man. Kernel exploit found
Yeah it was found ages ago. For 9.2 and under of course if that's what you mean. If not and you saw one for 9.3-9.9-10.1 that was released recently link it here :) and if its just that arm11 access project by massexplosion213 and if it has been updated if that's what you mean.
Is this thread seriously still open? :wtf:
Yes, to trolls and to other people that desperately want cfw on 10.1 :D

Edit: i think you mean this Justin: http://gbatemp.net/threads/unconfirmed-arm11-kernel-vulnerability-under-10-0-0-x.398953/
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
    BigOnYa @ BigOnYa: 3 hours on a riding lawn mower, my butt is numb and my whole body is still vibrating. Gonna be a...