- Status
And how do you prevent Nintendo Engineers from downloading hack themselves and run it through their tools to see what it does ?
They have all keys and access they want, know how, engineers and so on.
Probably no. People that know memory chunk headers better than me are probably doing it as we're speaking.
and who is the memchunkhax people? (in that way their profile would be destroyed by views)
D
Deleted User
Guest
But there's no guarantee that memchunkhax2 is even being worked on though
Oh well, maybe I'll finally upgrade to a new3ds
firmlaunchhax was actually an arm9 kernel exploit that was used on 9.2 and lower that was patched on 9.5
No. There is a way to USE these keys, not to OBTAIN them.
I always appreciate your work/posts think you can go into more detail and share what you know?
--------------------- MERGED ---------------------------
rxTools is open source anyone can make a commit.
It requires hardware, you need the firmware blob to "decrypt" into a branch point, the problem is, the Kernel9 loader uses a hash derived from a per 3DS OTP (which you don't know) in other to decrypt keys stored in NAND, most particularly key #2 which you replace with a garbage key in the hope of obtaining the branch point mentioned above (used to get the Kernel9 loader to jump to your payload), since you can't predict the output, you can't generalize this hack as it needs trials and errors for each units, therefore requires a way to write the nand using hardware.
No, there isn't, you only gain code execution AFTER the Kernel9 loader runs, this means you can't read the OTP and keyslot 0x11 gets cleared, not to mention you would be replacing the NAND key #2 used to decrypt the new Kernel9 with garbage anyway (since that's required for this hack to work in the first place) good luck decrypting 9.6+ kernel9 this way...
There is not an "AES key of the console" what you can do is to calculate/bruteforce the constant used by the key scrambler and use that to generate missing KeyX for known normal (AES) keys + KeyY and of course bypass the keyscrambler all together.
You need to keep in mind that :
- there aren't a lot of normal keys in the wild, only the one used by NFC and used by the WiiU, so you won't be getting a lot of KeyX
- most of the keyX are set in write only keyslots (which can be used as arguments for the key scrambler) which are set by the bootrom and cannot be read, therefore you won't be able to get the normal key even if you do know KeyY and have the keyscrambler operations + constant figured out.
(You need keyX + keyY to generate a normal key, likewise you need Normal key + keyY to generate KeyX)
Wasn't it that Roxas stopped coding and he passed the work to the Pasta team?
That's not complicated.
When the flaw is exploited, the N3DS keys are loaded, but the 0x11 key used to generate them was cleared, so you can't generate the keys again. You can only use them (write-only keyslots).
Yes but anyone can make a commit https://github.com/roxas75/rxTools
this is getting off topic
--------------------- MERGED ---------------------------
And just like that my hopes and dreams have been crushed, guess im staying on 9.2 with 9.5 Emunand thanks for the info.
- Status
Similar threads
-
- Poll
-
@
K3Nv2:
What's the best way to ask assistances if they're single? Look at the belly and ask if he's around -
-
-
-
-
-
-
-
-
-
@
K3Nv2:
Don't know why chex mix has that one awesome piece then the rest feel like teeth breakers+1
-
@
BakerMan:
@BigOnYa He's St. Jerry The Goat Fucker, who, as the name implies, fucked a lot of goats.+1 -
-
-
-
-
-
-
-
-
-
-
-
-
