Hacking Official Corbenik - Another CFW for advanced users (with bytecode patches!)

[The Catboy]

No not I ment is it like lumas payload er that serves it under as people say "brick protection" like is it possible to still boot into that menu and into Hourglass9 if I brick?

I am not sure I follow?
The payloads still boot before the homemenu boots much like any other bootloader. So if you brick your NAND, you can still boot into the bootloader and boot into the payloads.

 

[chaoskagami]

Quick question, when you boot menu similar to lumas chainloading it is the first to boot, correct? Just asking because I want to be prone to bricks. Also have been rocking Skeith for the day and it has been awesome. Great job man!

I'm not sure really what you're asking...? Whatever order things are chained in, they're loaded in. ARM9 stuff is always pre-firmware. So if you have things set up with Luma, it'd look like this:

a9lh -> Luma (/arm9loaderhax.bin) -> FIRM | chainloaded arm9 bin

And basically the same with Corbenik, just replace 'Luma'.

Also, you want to be prone to bricks? Typo, I hope? As long as you don't screw up FIRM0/FIRM1/CtrNand, you shouldn't brick. Make sure FIRM Protection is on.

 

[Deleted-379826]

I am not sure I follow?
The payloads still boot before the homemenu boots much like any other bootloader. So if you brick your NAND, you can still boot into the bootloader and boot into the payloads.

I'm not sure really what you're asking...? Whatever order things are chained in, they're loaded in. ARM9 stuff is always pre-firmware. So if you have things set up with Luma, it'd look like this:

a9lh -> Luma (/arm9loaderhax.bin) -> FIRM | chainloaded arm9 bin

And basically the same with Corbenik, just replace 'Luma'.

Also, you want to be prone to bricks? Typo, I hope? As long as you don't screw up FIRM0/FIRM1/CtrNand, you shouldn't brick. Make sure FIRM Protection is on.

Yes what crystal said that is what I ment! Sorry if I was confusing.

And no not a typo I ment the not too bad bricks like something with the homemenu or so where you can just boot into the Hourglass9 payload and restore!

 

[gnmmarechal]

Yes what crystal said that is what I ment! Sorry if I was confusing.

And no not a typo I ment the not too bad bricks like something with the homemenu or so where you can just boot into the Hourglass9 payload and restore!

You can boot into Hg9. Corbenik is an a9lh CFW just like Luma, its stuff runs before the Home Menu. Corbenik chainloads payloads just like Luma.

Sent from my Nokia 3310 using Tapatalk

 

[Deleted-379826]

You can boot into Hg9. Corbenik is an a9lh CFW just like Luma, its stuff runs before the Home Menu. Corbenik chainloads payloads just like Luma.

Sent from my Nokia 3310 using Tapatalk

Thanks, yeah that was exactly what I was asking. Sorry if I confused you guys.

 

[Gray_Jack]

@chaoskagami
Again I'm with some compiling issues AGAIN
So... my OS had died (as always I installed too much unstable stuff) and I reinstalled my OS and I think I didn't installed all the libraries that I had before, but I have the ones needed to compile corbenik, here is the error:

collect2: error: ld returned 1 exit status
Makefile:384: recipe for target 'corbenik' failed
make[1]: *** [corbenik] Error 1
make[1]: Leaving directory '/home/erikus/SOURCES/corbenik/source'
Makefile:342: recipe for target 'all-recursive' failed
make: *** [all-recursive] Error 1

thanks in advance

 

[TheCyberQuake]

Possibly a stupid question, and it may have already been answered but I'm not going to search through 70 pages, and the search bar turned up nothing for me. What is the minimum patches/options I can enable and still get emuNAND to boot? So far If I disable everything except basic options like autoboot and emuNAND then I can't get emuNAND to boot. So far the bare minimum I can do and still get a boot is Signature Fix, but I'm wondering if there is a way to not have to use that. The reason is I want to use as close to OFW a I possibly can on emuNAND for testing purposes (entry point testing, exploit tests, etc.)
Just as some additional info in case it matters, I am using an old3ds, 11.0 firmware with A9LH and attempting to boot to emuNAND which is freshly formatted, and unlinked from sysNAND
At this point I think I have to use Signature Fix, but I would like to know if there is a way not to, and if I have to the reason why I must use it to get emuNAND to boot.

Edit: Here is what I am getting from boot.log:

Spoiler

Config file loaded.
Loading firmware...
FIRM load triggered.
Loading NATIVE_FIRM
Loaded FIRM off filesystem
FIRM is decrypted
Found process9 offset
Ver: 00000052, 0
TWL_FIRM
Loaded FIRM off filesystem
FIRM is decrypted
Found process9 offset
Ver: 00000016, 0
AGB_FIRM
Loaded FIRM off filesystem
FIRM is decrypted
Found process9 offset
Ver: 0000000b, 0
Patching firmware...
VM exited without issue
reboot: proc9 mem @ 08028000
reboot: firmlaunch @ 240da5e8
reboot: fopen @ 08059d25
reboot: NATF @ 240da714
reboot: TWLF @ 240da718
reboot: AGBF @ 240da71c
reboot: rebc @ 240da700
emunand: free space @ 2407b1c0
emunand: size is 81344 bytes
emunand: read in emunand code
emunand: found NCSD magic for 0
emunand: layout is normal
emunand: nand is on sector 1
emunand: head is on sector 1
emunand: write @ 240cd730
emunand: read @ 240cd6f0
emunand: patched read/write calls
emunand: SDMMC code @ 080d8a70
emunand: mpu @ 2407c164
emunand: patched MPU settings
Copied FIRM.

Edit: Well I feel stupid, I forgot I modified a certain title to theme the Power Off screen, and that without signature patches home menu won't load with it being modified like that. I downloaded a fresh version with 3DNUS and installed it (title 0004003000008F02 v25600) and now it boots with no patches enabled.
Now I have my main sysNAND, a "OFW" redNAND, and a Dev firmware redNAND.
Now the only thing feature I would like to see added is the ability to save multiple configurations and easily load said multiple configurations. It would make it much faster for me to switch between my 3 very different NANDs

 

[chaoskagami]

@chaoskagami
Again I'm with some compiling issues AGAIN
So... my OS had died (as always I installed too much unstable stuff) and I reinstalled my OS and I think I didn't installed all the libraries that I had before, but I have the ones needed to compile corbenik, here is the error:

collect2: error: ld returned 1 exit status
Makefile:384: recipe for target 'corbenik' failed
make[1]: *** [corbenik] Error 1
make[1]: Leaving directory '/home/erikus/SOURCES/corbenik/source'
Makefile:342: recipe for target 'all-recursive' failed
make: *** [all-recursive] Error 1

thanks in advance

Please install libtool and rerun both ./autogen.sh and ./configure.

Edit: Well I feel stupid, I forgot I modified a certain title to theme the Power Off screen, and that without signature patches home menu won't load with it being modified like that. I downloaded a fresh version with 3DNUS and installed it (title 0004003000008F02 v25600) and now it boots with no patches enabled.
Now I have my main sysNAND, a "OFW" redNAND, and a Dev firmware redNAND.
Now the only thing feature I would like to see added is the ability to save multiple configurations and easily load said multiple configurations. It would make it much faster for me to switch between my 3 very different NANDs

Sorry it took so long to get to this, I've been swamped packing boxes to move. Glad you figured it out.

Yes, any changes you make to titles will break signatures, so theming the power off screen in HOME means you now require sigpatches to boot.

Saving preset configurations would certainly be doable (or even console-specific ones, I suppose) but I'd prefer to wait on deciding whether or not to implement that until configs are no longer binary blobs.

 

[TheCyberQuake]

Sorry it took so long to get to this, I've been swamped packing boxes to move. Glad you figured it out.

Yes, any changes you make to titles will break signatures, so theming the power off screen in HOME means you now require sigpatches to boot.

Saving preset configurations would certainly be doable (or even console-specific ones, I suppose) but I'd prefer to wait on deciding whether or not to implement that until configs are no longer binary blobs.

Either way (adding or not adding preset configs) Corbenik is definitely my new favorite CFW and I thank you greatly for it.
I'm actually going to be moving fairly soon as well, and I just started getting boxes packed.

 

[kezkez]

I have something odd. I turned on my 3ds after a while and I decided to try this, but I only get a black screen.
I'm using aurorawright's a9lh @528310f with no screeninit

EDIT: Nevermind, sd card is a bitch

 

[Gray_Jack]

Please install libtool and rerun both ./autogen.sh and ./configure.

Thanks!!
I thought I just needed to rerun ./configure after install libtool

 

[chaoskagami]

I have something odd. I turned on my 3ds after a while and I decided to try this, but I only get a black screen.
I'm using aurorawright's a9lh @528310f with no screeninit

EDIT: Nevermind, sd card is a bitch

I can't decide whether this is actually a thing or not since I've seen multiple people complaining when they're on AW's branch (but it's more CFW than a9lh at this point.)

If it was your SD, then okay.

Thanks!!
I thought I just needed to rerun ./configure after install libtool

The problem is that the configure script is generated wrong without libtool installed. For reference, you should ALWAYS re-run autogen.sh and configure when you pull - if I change the build procedure and you don't regenerate it, weird things will happen. I need more sanity checking.

 

[kezkez]

I can't decide whether this is actually a thing or not since I've seen multiple people complaining when they're on AW's branch (but it's more CFW than a9lh at this point.)

If it was your SD, then okay.

After reinserting the sd card it eventually booted, not sure if it's an actual issue or just the sd slot starting to die. Anyway, I'm not using the version with built-in CFW. I'm considering switching to delebile's

 

[TheCyberQuake]

After reinserting the sd card it eventually booted, not sure if it's an actual issue or just the sd slot starting to die. Anyway, I'm not using the version with built-in CFW. I'm considering switching to delebile's

I haven't checked in a while, but last time I looked around the only versions of A9LH that have CFW built in is ShadowNAND and an unofficially compiled version of astonautlevel's A9LH

 

[chaoskagami]

After reinserting the sd card it eventually booted, not sure if it's an actual issue or just the sd slot starting to die. Anyway, I'm not using the version with built-in CFW. I'm considering switching to delebile's

I think it's an actual issue, believe it or not, and actually went and reopened it on github. A few other people can repro it and I finally managed to as well, so I'm doubtful that it's a9lh or a failing SD's fault. Nonscreeninit a9lh seems to tickle it the wrong way, so try renaming to _si.bin and see if that improves the situation (at the cost of garbage which I'm going to fix)

--------------------- MERGED ---------------------------

I haven't checked in a while, but last time I looked around the only versions of A9LH that have CFW built in is ShadowNAND and an unofficially compiled version of astonautlevel's A9LH

Nope. There's three:
* Wolfvak's KGB: Unstable, he says as much
* ShadowNAND: As quoted.
* AuroraWright's yet-unnamed a9lh branch: Has sigpatches, firmprot and reboot on 3DS games - this is what you refer to as astronautlevel's.

 

[Wolfvak]

I think it's an actual issue, believe it or not, and actually went and reopened it on github. A few other people can repro it and I finally managed to as well, so I'm doubtful that it's a9lh or a failing SD's fault. Nonscreeninit a9lh seems to tickle it the wrong way, so try renaming to _si.bin and see if that improves the situation (at the cost of garbage which I'm going to fix)

--------------------- MERGED ---------------------------



Nope. There's three:
* Wolfvak's KGB: Unstable, he says as much
* ShadowNAND: As quoted.
* AuroraWright's yet-unnamed a9lh branch: Has sigpatches, firmprot and reboot on 3DS games - this is what you refer to as astronautlevel's.

Actually, KGB is stable and fully functional but it's not worked on anymore since there's so many tools to do the same thing it's ridiculous now.
Besides the fact that having to ask other people to test software for you is... sub-optimal, so to speak.
Gonna commit a few more changes and after that I'll consider it stable - that is, unless a new FIRM or 3DS model comes out which breaks everything, there will be no updates.

Sorry for slightly hijacking this thread

 

[gnmmarechal]

I think it's an actual issue, believe it or not, and actually went and reopened it on github. A few other people can repro it and I finally managed to as well, so I'm doubtful that it's a9lh or a failing SD's fault. Nonscreeninit a9lh seems to tickle it the wrong way, so try renaming to _si.bin and see if that improves the situation (at the cost of garbage which I'm going to fix)

--------------------- MERGED ---------------------------



Nope. There's three:
* Wolfvak's KGB: Unstable, he says as much
* ShadowNAND: As quoted.
* AuroraWright's yet-unnamed a9lh branch: Has sigpatches, firmprot and reboot on 3DS games - this is what you refer to as astronautlevel's.

uh. Because of the screen garbage, I'm now using Corbenik as /arm9loaderhax.bin (so no screeninit), and I never ran into said issue.

Or have I? The last time I manually compiled, it wouldn't boot. Which is one of the reasons why I left Corbenik-UN. Skeith works fine though.

 

[The Catboy]

Alright, I would like to mention that the screen gibberish and or black screen issues involving this CFW are not exclusive to this CFW. All CFW seem to be having problems with the mini-CFW version of A9LH. So I can safely say, it seems to be an issue related those branches.

 

[chaoskagami]

Well, on the upside the latest nightly should mitigate the garbage as well as fix the unreliability on nonscreeninit.

Turns out in the nightlies I made some stupid mistakes during a refactor - the framebuffer struct being missing would cause problems, which was always the case on nonscreeninit unless FCRAM persisted for long enough to be non-null. There was a few fprintfs pre-screeninit - which caused garbage on SI and immediate hardlocks on Non-SI.

Admittedly, that was a stupid mistake but I think the stable is unaffected by this as it was before that particular change. I made screen brightness an option - that was around when this was introduced since previously the config file was always loaded post-screeninit, and now it's loaded pre-screeninit. =_=

Remember; I never said nightlies were stable.

Alright, I would like to mention that the screen gibberish and or black screen issues involving this CFW are not exclusive to this CFW. All CFW seem to be having problems with the mini-CFW version of A9LH. So I can safely say, it seems to be an issue related those branches.

It's true that that's usually a problem. I've mitigated this by rebasing my screeninit code on newer Luma which does a GPU clear (and sidesteps the issue.) Garbage is gone. Permanently.

 

[gnmmarechal]

Well, on the upside the latest nightly should mitigate the garbage as well as fix the unreliability on nonscreeninit.

Turns out in the nightlies I made some stupid mistakes during a refactor - the framebuffer struct being missing would cause problems, which was always the case on nonscreeninit unless FCRAM persisted for long enough to be non-null. There was a few fprintfs pre-screeninit - which caused garbage on SI and immediate hardlocks on Non-SI.

Admittedly, that was a stupid mistake but I think the stable is unaffected by this as it was before that particular change. I made screen brightness an option - that was around when this was introduced since previously the config file was always loaded post-screeninit, and now it's loaded pre-screeninit. =_=

Remember; I never said nightlies were stable.



It's true that that's usually a problem. I've mitigated this by rebasing my screeninit code on newer Luma which does a GPU clear (and sidesteps the issue.) Garbage is gone. Permanently.

Cool stuff

Sent from my Nokia 3310 using Tapatalk