Hacking Pasta CFW - A CFW that allows unsigned CIA to be installed on Old and New 3DS! (required ninjhax)

Status
Not open for further replies.
Idaho

Idaho

Well-Known Member
Member
Level 8
Joined
Oct 3, 2013
Messages
885
Trophies
1
Age
29
XP
1,418
Country
France
daxtsu said:
Actually, I just re-read it and that should work, yeah. A bit slower than just opening a command prompt though. Either way should give the desired result. :)
Click to expand...

I don't even know how to create an empty file on Windows with CLI whereas I'm an IT tech, it's amazing all the things you can do with just clicks and logic with this OS ^^
 
  • Like
Reactions: Margen67
urherenow

urherenow

Well-Known Member
Member
Level 13
Joined
Mar 8, 2009
Messages
4,809
Trophies
2
Age
48
Location
Japan
XP
3,716
Country
United States
cearp said:
ok, i will give more information.
pbt lets you used pirated gba games. better now...? :)
of course pbt patches signature checks, that's the whole reason for it's release, it's just basically an improved 4.5 leaked cfw. if there were not sig patches... then how are people playing pirated stuff on it... lol
Click to expand...
Honestly didn't know that. I've been using Gateway and Ninjhax (and also RXtools for some stuff) and wasn't able to do anything with PBT that I couldn't already manage...
 
  • Like
Reactions: Margen67
SLiV3R

SLiV3R

3DS Friend Code: 0473-9069-2206
Member
Level 9
Joined
Jan 9, 2006
Messages
2,319
Trophies
2
Website
soundcloud.com
XP
1,847
Country
Can someone please make a noob step by step guide?

I have
N3DS 9.2
Downloaded the archive provided, unziped it's contents to the root of the SD card of my N3DS.
start Cubic Ninja
start Brahma, load and execute the payload ("arm9payload.bin")
Im on PASTA CFW MENY. Selected 9.2 firmware, and press start to launch the CFW..
Then start FBI. Installed an CIA (PAZARU)
Successful install of CIA
Then nothing????
(In start meny there are actually an icon that appears and then dissapears after an half second... What is that?)
 
  • Like
Reactions: Margen67
d0k3

d0k3

3DS Homebrew Legend
Member
Level 13
Joined
Dec 3, 2004
Messages
2,786
Trophies
1
XP
3,896
Country
Germany
I just took a look at the source code, and I almost feel cheated (joking, no shitstorm please!). All the magic is in these 6 short lines of code (this is for N3DS v9.0-v9.2, and the code for the other 3 options is equally short):
Code: 
u8 patch[]={0x6D, 0x20, 0xCE, 0x77};
u32 *dest=0x08052FD8;
memcpy(dest,patch,4);
u8 patch1[]={0x5A, 0xC5, 0x73, 0xC1};
u32 *dest1=0x08058804;
memcpy(dest1,patch1,4);
I'd have expected a cracked GW launcher or hundreds of lines of code ;). Anyways, great work capito27!

So... is this permanent, meaning if I cold restart the system the patch will stay? I guess no, but if it isn't, I wonder, how will SYSNAND handle the illegit .CIAs when the patch is not loaded? Will they just not show up? And what if you have legit / bought .CIAs installed alongside 'illegit' ones? Also, is this risky in terms of possible bricks? What if you select the wrng option for your console?
 
  • Like
Reactions: Margen67 and mid-kid
tyrran

tyrran

Well-Known Member
Newcomer
Level 3
Joined
May 17, 2008
Messages
84
Trophies
0
XP
360
Country
United States
SLiV3R said:
Can someone please make a noob step by step guide?

I have
N3DS 9.2
Downloaded the archive provided, unziped it's contents to the root of the SD card of my N3DS.
start Cubic Ninja
start Brahma, load and execute the payload ("arm9payload.bin")
Im on PASTA CFW MENY. Selected 9.2 firmware, and press start to launch the CFW..
Then start FBI. Installed an CIA (PAZARU)
Successful install of CIA
Then nothing????
(In start meny there are actually an icon that appears and then dissapears after an half second... What is that?)
Click to expand...



After finishing installing via FBI, you have to re-launch PastaCFW one more time. I know it's redundant but it's what works.
 
  • Like
Reactions: Margen67 and SLiV3R
urherenow

urherenow

Well-Known Member
Member
Level 13
Joined
Mar 8, 2009
Messages
4,809
Trophies
2
Age
48
Location
Japan
XP
3,716
Country
United States
d0k3 said:
I just took a look at the source code, and I almost feel cheated (joking, no shitstorm please!). All the magic is in these 6 short lines of code (this is for N3DS v9.0-v9.2, and the code for the other 3 options is equally short):
Code: 
u8 patch[]={0x6D, 0x20, 0xCE, 0x77};
u32 *dest=0x08052FD8;
memcpy(dest,patch,4);
u8 patch1[]={0x5A, 0xC5, 0x73, 0xC1};
u32 *dest1=0x08058804;
memcpy(dest1,patch1,4);
I'd have expected a cracked GW launcher or hundreds of lines of code ;). Anyways, great work capito27!

So... is this permanent, meaning if I cold restart the system the patch will stay? I guess no, but if it isn't, I wonder, how will SYSNAND handle the illegit .CIAs when the patch is not loaded? Will they just not show up? And what if you have legit / bought .CIAs installed alongside 'illegit' ones? Also, is this risky in terms of possible bricks? What if you select the wrng option for your console?
Click to expand...

The patch will not stay and there is no risk of a brick. It only patches what's in memory. If you brick, it's because of something else you did like installing an O3DS firmware file on an N3ds or vice versa, or deleting a firmware file with fbi, etc.

The real question is... how to translate this bit from NTR debugger "write(0x10DD28, (0x00, 0x20, 0x08, 0x60, 0x70, 0x47), pid=0x25)" to add to the above code? If someone could do that, we'd also have eshop access and such, wouldn't we?
 
  • Like
Reactions: Margen67, Alkéryn and kactusss
capito27

capito27

Well-Known Member
OP
Member
Level 7
Joined
Jan 19, 2015
Messages
874
Trophies
0
XP
1,230
Country
Swaziland
urherenow said:
The patch will not stay and there is no risk in a brick. It only patches what's in memory. If you brick, it's because of something else you did like installing an O3DS firmware file on an N3ds or vice cersa, or deleting a firmware file with fbi, etc.

The real question is... how to translate this bit from NTR debugger "write(0x10DD28, (0x00, 0x20, 0x08, 0x60, 0x70, 0x47), pid=0x25)" to add to the above code? If someone could do that, we'd also have eshop access and such, wouldn't we?
Click to expand...

The issue with ntr, in my opinion, is that firm isn't a process, so it can't be done (I might be wrong tho.
 
  • Like
Reactions: Margen67 and kactusss
innercy

innercy

Well-Known Member
Member
Level 5
Joined
Oct 22, 2006
Messages
787
Trophies
0
XP
703
Country
^ i think creating dummy file is not an issue. there are various ways. it should be stated in 1st post. one of them is create using text file which already mention a couple page back. to summarize:
#In Windows open Notepad. Click File, Save As...
#Change File name to title.db and update.db, Select All Files (*.*) in Save as type.
 
urherenow

urherenow

Well-Known Member
Member
Level 13
Joined
Mar 8, 2009
Messages
4,809
Trophies
2
Age
48
Location
Japan
XP
3,716
Country
United States
capito27 said:
The issue with ntr, in my opinion, is that firm isn't a process, so it can't be done (I might be wrong tho.
Click to expand...
What do you mean? NTR does it. Already, we can load pasta, then load NTR using a .cia of CN, and access eshop. I was just thinking there must be a way to avoid the NTR step altogether.
 
  • Like
Reactions: Margen67
cearp

cearp

瓜老外
Developer
Level 19
Joined
May 26, 2008
Messages
8,737
Trophies
2
XP
8,572
Country
Tuvalu
urherenow said:
Honestly didn't know that. I've been using Gateway and Ninjhax (and also RXtools for some stuff) and wasn't able to do anything with PBT that I couldn't already manage...
Click to expand...

well yeah pbt is good for installing personal legit cias and pirating gba and dsiware. we could not install perfect backups of our content using gw
which are the same special unique features that pasta cfw has :)
 
  • Like
Reactions: Margen67
Status
Not open for further replies.

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Hardware  New Nintendo 3DS XL Louvre

What's the best 3DS emulator (especially after Citra's shutdown)?

can't download system files on citra because im "not connected to the internet"

So what's the current state of hacking and freeshop?

Hacking Homebrew  Animal Crossing New Leaf (ACNL) help: data corrupt??

gacube emeleter

Hacking  Can you install a legit cia and keep the game? + Question about 3ds modding

Pokemon Ultra Sun/Moon from piracy site doesn't work

General chit-chat
Help Users
    K3Nv2 @ K3Nv2: @AncientBois awake hide your kids +1