[Rumor] Soundhax might be portable to DSi

Discussion in 'NDS - Emulation and Homebrew' started by Ryccardo, Dec 27, 2016.

  1. Bubsy Bobcat

    Bubsy Bobcat vegtebales

    Member
    1,448
    5,514
    Jul 8, 2015
    Zimbabwe
    Welp, if this turns to be possible then I may finally have a reason to buy another DSi (since mine disappeared out of nowhere and just doesn't exist at all now probably). The only things I'm really fussed about (if we can get kernel access or whatever) is being able to overclock my DS games and boot DSi games on a DS mode cart in DSi mode. Also installing DSiWare ROMs with a program similar to FBI would be wonderful too if it was possible, seeing how the DSi Shop is closing in March.
     


  2. MarioMasta64

    MarioMasta64 welcome~

    Member
    1,490
    297
    Dec 21, 2016
    United States
    sudokuhax works same on 3ds as it does on dsi
     
  3. Bubsy Bobcat

    Bubsy Bobcat vegtebales

    Member
    1,448
    5,514
    Jul 8, 2015
    Zimbabwe
    I know but like I said in March you won't be able to download any of the exploit games from the DSi Shop since it'll be shut down then. Also Sudokuhax can only run homebrew applications, no retail DS/DSi games or DSiWare
     
  4. MarioMasta64

    MarioMasta64 welcome~

    Member
    1,490
    297
    Dec 21, 2016
    United States
    sudoku is still up.
     
  5. Bubsy Bobcat

    Bubsy Bobcat vegtebales

    Member
    1,448
    5,514
    Jul 8, 2015
    Zimbabwe
    Yes I know it's still up now, but it won't be when the DSi shop is shut down for good in a couple of months. It'd be nice to still install DSiWare on the home menu when the shop is gone forever.
     
  6. Rubberduckycooly

    Rubberduckycooly Advanced Member

    Newcomer
    60
    26
    Nov 21, 2016
    does anyone here have/know where i can find a DSi nand backup? becasue i want to research the sound app for bug and exploits
     
  7. MarioMasta64

    MarioMasta64 welcome~

    Member
    1,490
    297
    Dec 21, 2016
    United States
    im guessing you dont have a 3ds
     
  8. Bubsy Bobcat

    Bubsy Bobcat vegtebales

    Member
    1,448
    5,514
    Jul 8, 2015
    Zimbabwe
    I do have a 3DS, but I'm saying it would be nice to install games on the console they were originally for when the shop is long gone (especially since DS games don't look too great on a 3DS).
     
    x65943 likes this.
  9. MarioMasta64

    MarioMasta64 welcome~

    Member
    1,490
    297
    Dec 21, 2016
    United States
    you could look into cfw for 3DS and install DSiWare with .cia
     
  10. Bubsy Bobcat

    Bubsy Bobcat vegtebales

    Member
    1,448
    5,514
    Jul 8, 2015
    Zimbabwe
    I'd take it that you're not good at reading things
    [​IMG]
     
  11. MarioMasta64

    MarioMasta64 welcome~

    Member
    1,490
    297
    Dec 21, 2016
    United States
    mostly i dont sleep enough
     
  12. Rubberduckycooly

    Rubberduckycooly Advanced Member

    Newcomer
    60
    26
    Nov 21, 2016
    does anyone know what tool is used to view code from DSi apps?
     
  13. Rubberduckycooly

    Rubberduckycooly Advanced Member

    Newcomer
    60
    26
    Nov 21, 2016
    i talked to ned about whether or not he looked at the DSi sound app and he had! but he said that the code was different, so if a dsi soundhax was to be made it probaly would require a new custom .m4a file, he also said that he hadn't looked into it but he thinks the chances of there being some bugs (similar or not) in the code is VERY HIGH!
    (just thought this info might be of use to someone)

    so if anyone got their hands on a decrypted nand dump and PM'ed it to me i would go through it to see if i can find some bugs in the code!
     
    Last edited by Rubberduckycooly, Jan 3, 2017
  14. windwakr

    windwakr GBAtemp Fan

    Member
    480
    108
    Sep 13, 2009
    United States
    You don't really need a NAND dump, you can download+decrypt the DSi Sound app with NUS Downloader. You'll need to get the DSi common key and put it in a file called 'dsikey.bin'.
     
    Last edited by windwakr, Jan 3, 2017
  15. Platinum Lucario

    Platinum Lucario GBAtemp Fan

    Member
    416
    179
    May 17, 2014
    But also, dumping the entire NAND can also help with finding other bugs in the data, so that other exploits can be made (such as in Nintendo DSi Camera, or some other app). It's not just the apps, the files in the system section of the NAND will also need to be examined, to see where the exploits can lead to.
     
  16. Flashed

    Flashed GBAtemp Regular

    Member
    165
    25
    Feb 3, 2016
    Madrid
    Yellows8 we need you!!!!!!
     
    Platinum Lucario likes this.
  17. Ryccardo
    OP

    Ryccardo WiiUaboo

    Member
    2,501
    1,102
    Feb 13, 2015
    Italy
    Imola
    First, nice to see this finally escalated into like-minded people and constructive discussion...
    Surely you mean titlekeys? getting the titleid is ridiculously easy for commercial DSiware - just backup it to SD and check the 4-letter folder name created under /private/dsi/ (for example if KAAV, convert KAAV from ascii characters to hex = 4B414156, then the titleid is 00030004-4B414156) :)

    Even then, a titlekey can be ripped out of a ticket, which can be extracted from the nand of a console which owns the title (not saying they're not important!)

    Again the real problem is not being able to download the titles themselves (if they're also removed from the CDN)
    And (while that could probably be researched and simulated) the fact you can't uninstall/backup titles the official way without creating a shop account...!

    We already have one (although it's illegal to share, and probably only works as-is on dev consoles) - TwlNMenu; however, apart from having to invent such a software, there are 2 big other problems:

    1- access rights: despite what happened in practice, physical games can access sd/nand and viceversa but only if an appropriate bit is set. No big deal though if you have access to a digital game exploit

    2- signatures: any ticket created with titleid+titlekey (or even a complete original ticket hacked to be installable on all consoles) would be unsigned, so while installable (as the DSi doesn't have an actual operating system preventing unauthorized things, the above mentioned access rights are done in hardware) they would be rejected by the home launcher...
     
  18. Platinum Lucario

    Platinum Lucario GBAtemp Fan

    Member
    416
    179
    May 17, 2014
    Excellent! I'm glad we're actually talking about the problems that we're facing, so then we can actually overcome those obstacles.

    So from what I can see, the titleIDs are actually made of the hex values of the actual game code. It really does make sense now, I never knew that until now. And yeah, we could be able to somehow preserve the DSi titlekeys while Nintendo's CDN is still up and running for DSi, before they remove all the files from there.

    As for the access rights, I'm pretty sure you said that it's no big deal if you have access to a digital game exploit (which if Nintendo DSi Sound can be exploited), then we'd get access to almost everything on the console itself, at ARM9i/ARM7i Kernel level.

    As for signatures, I'm glad you've brought it up, because that is something that really needs to be researched. If we can somehow create a signature in which the hardware can accept, then we'll have no problems in installing titles. If there was some program that can also create a fake signature as well, anything will be possible.
     
  19. Rubberduckycooly

    Rubberduckycooly Advanced Member

    Newcomer
    60
    26
    Nov 21, 2016
    ok i have downloaded the sound app! but i have one problem, i dont know what program to use to view the code... as a hex editor shows mostly random symbols.

    what is the best program to view the code?
    (or what program does ned use to view code?)
     
  20. Flashed

    Flashed GBAtemp Regular

    Member
    165
    25
    Feb 3, 2016
    Madrid
    I think HxD Editor should be the best one. The thing is that propbably is encrypted... good luck!