Hacking [PoC] 3DS Region Changing + proof

[SolidSnail55]

On second thought, patching VerifyRsaSha256 would actually allow people to spoof consoles (and do other things which I won't explicitly outline here since pirates are awful). However, it would also allow perfectly genuine consoles to get banned over as little as showing a serial number on eBay, and thus I'm not planning on publicly releasing anything to do this...

the UpdateCDN doesn't have a file to put on my 3ds? (or does it?)

 

[Apache Thunder]

On second thought, patching VerifyRsaSha256 would actually allow people to spoof consoles (and do other things which I won't explicitly outline here since pirates are awful). However, it would also allow perfectly genuine consoles to get banned over as little as showing a serial number on eBay, and thus I'm not planning on publicly releasing anything to do this...

I'm guessing that means being able to run unsigned CIA files without a Gateway among other things? (like using SaveDataFiler in classic mode and installing custom Home Menu theme via CIAs). Surely the good things one could do with this outweighs the potential for piracy. I'm one to believe that creating new technology/spreading knowledge out weighs the risks from those who might abuse that information. I really wish developers would stop using piracy as a reason not to release something.

But either way, that's your decision. I won't argue with you over it. We've seen that dead horse get beaten countless times here.

However I do understand not releasing it due to people stealing serials off unsuspecting ebay sellers and local Wal-Marts and spoofing them to play on banned consoles. This could adversely impact other users if the stolen serials also get banned as a result. (thus resulting in the legitimate users getting locked out of important features) . So that reason I would consider legitimate. Just know that a method of doing this will become public one way or another as we've seen in the past.

 

[klincheR]

keep us posted good work

 

[WulfyStylez]

Actually, since that was written before he had his "cfw" leak, it's possible GW patches that check now. I dunno, someone go check. I don't have GW and their payloads aren't worth the effort to RE. Either way, it won't be in my release unless I can prevent tampering with that file.

 

[AquaX101]

Any video guides made yet? One would be grately appreciated

 

[cearp]

Actually, since that was written before he had his "cfw" leak, it's possible GW patches that check now. I dunno, someone go check. I don't have GW and their payloads aren't worth the effort to RE. Either way, it won't be in my release unless I can prevent tampering with that file.

i tested it a few weeks ago, i emailed gw to see if they would patch it, i doubt it is patched now
you are making a release? cool, of what? (cfw?)

 

[Apache Thunder]

Actually, since that was written before he had his "cfw" leak, it's possible GW patches that check now. I dunno, someone go check. I don't have GW and their payloads aren't worth the effort to RE. Either way, it won't be in my release unless I can prevent tampering with that file.

If your CFW allows DevMan/BigRedMenu use, that much I would be happy with. I have no need to spoof console ids and I'm sure most won't either.

As I'm sure it's not patched by Gateway currently and patching it would allow modifying firmware and installing CIA based Home Menu themes. Things I can honestly live without. Themes I can install via extdata tool, so no problem there. And modifying firmware. I don't really need to do that either.

 

[WulfyStylez]

I'm trying to avoid the term CFW since it's more of a platform for researching the console at this point, and CFW has really poor connotations. But yeah, it's currently patched but may or may not be in public versions. Either way that's all I really want to say about it at the moment, lest I derail this thread.

 

[cearp]

I'm trying to avoid the term CFW since it's more of a platform for researching the console at this point, and CFW has really poor connotations. But yeah, it's currently patched but may or may not be in public versions. Either way that's all I really want to say about it at the moment, lest I derail this thread.

if you ever find a way to spoof the eshop id and the console id (not console serial, although id might come from the serial, i'm not sure) - then i would be very interested
if we could do that and still buy stuff on eshop, then the ids in the tickets would be zeros, and i guess we could make '100% legit' cias for anything

 

[liomajor]

USA eshop work + USA NNID=A SDSD card
USA eshop work+no NNID=B SDSD card（Bridge）
EUR no eshop+EUR NNID=C SDSD card

1.A card is properly identified ESHOP

2.In other B card, run eshop an error number 110

3.Shutdown

4.Run C card, run the eshop EUR
You can log in to work! ! !

I guessed it will be something like this, but i'm not sure how long it will work.

As for region related error 003-0399, the config tool helps to fix it by
changing the value to FF FF for internet agreements.

 

[TeconMoon]

This all looks really cool! I'll attempt changing the region of my 3DS(U) to Japanese using the info from my N3DS(J) just to see how this all works, and practice so someday I can hopefully get my Japanese N3DS running American firmware!

 

[cearp]

This all looks really cool! I'll attempt changing the region of my 3DS(U) to Japanese using the info from my N3DS(J) just to see how this all works, and practice so someday I can hopefully get my Japanese N3DS running American firmware!

you won't be able to take the information we need from your n3ds yes, sorry

 

[TeconMoon]

you won't be able to take the information we need from your n3ds yes, sorry

Oh oops, I probably mis-interpreted the complexity :x I was under the impression all I would need would be the serial number VS actual files off of it.

Oh well!

 

[SolidSnail55]

you won't be able to take the information we need from your n3ds yes, sorry

So, the files are out, but all it lacks is a tutorial?
Is UpdateCDN a CIA file? What do I do with the files on my 3ds?

 

[cearp]

So, the files are out, but all it lacks is a tutorial?
Is UpdateCDN a CIA file? What do I do with the files on my 3ds?

do you have 2 3ds consoles? one to take a file from, so the other can change to that region? are they 4.x?

 

[SolidSnail55]

do you have 2 3ds consoles? one to take a file from, so the other can change to that region? are they 4.x?

No, only one US 4.5 3ds with CFW, I need two? Thought I could get the other regions files from one 3ds (WulfyStylez told me)

 

[gamesquest1]

No, only one US 4.5 3ds with CFW, I need two? Thought I could get the other regions files from one 3ds (WulfyStylez told me)

you need donor info from the target region, so i would need a JPN secureinfo_A to copy to my EU console to make it register as a JPN console

because the secureinfo checks aren't patched by gateway i cant just edit mine to say its JPN as that breaks the signature, i need a legit signed secureinfo_A from a JPN console.

if/when gateway disable these checks in gateway mode they could probably just add a menu option on their launcher to enable region changing by just changing your systems region flag automatically, but for changing sysnand's region you will always need valid signed donor info

 

[SolidSnail55]

you need donor info from the target region, so i would need a JPN secureinfo_A to copy to my EU console to make it register as a JPN console

because the secureinfo checks aren't patched by gateway i cant just edit mine to say its JPN as that breaks the signature, i need a legit signed secureinfo_A from a JPN console.

if/when gateway disable these checks in gateway mode they could probably just add a menu option on their launcher to enable region changing by just changing your systems region flag automatically, but for changing sysnand's region you will always need valid signed donor info

Well... Guess this won't work for me (unless I can download firmware cia somewhere)

 

[cearp]

i didn't really put much effort into making a guide/little tool before because i didn't want to have endless questions from people who want to change to jpn region to download some weird game demo etc etc, even if gateway patch so we don't need a legit file, to do the region change you still need all the fw files to install, explaining how to do it is fine enough, but seeing some of the questions and threads created, some people really have no idea or do not try to think about things for themselves.
the best thing would be if we could spoof the region, and access other eshops, i'm not sure if that would be possible to access the usa shop with a eur nnid (for example)
so yeah, i don't personally want to make a guide/release thread because honestly i just don't want to have to deal with the noobs most people who had the knowledge could/have probably done this already (lol, i'm not some 3ds hacker dev, and i figured it out!), all the info is on this page anyway, so, good luck

 

[guitarheroknight]

What are the chances GW implements this to their card in the future, if its doable that is?