Hacking So without getting flamed to hell for this. Regarding why the 3ds isn't kernel haxed on 11.0

Quantumcat

Quantumcat

Dead and alive
Member
Level 21
Joined
Nov 23, 2014
Messages
15,144
Trophies
0
Location
Canberra, Australia
Website
boot9strap.com
XP
11,094
Country
Australia
bbcali89 said:
I'm aware this was more of a WHY topic. a development of sorts and more of a general question about why 3ds development has halted pretty much.

I assume in part because of the new vita hack
Click to expand...
You wouldn't consider this halted if you'd been around in the void between Gateway on 4.x and Smealum's 9.2 Ninjhax. A new secondary exploit comes out like every month nowadays.
 
astronautlevel

astronautlevel

Well-Known Member
Member
Level 15
Joined
Jan 26, 2016
Messages
4,128
Trophies
2
Location
Maryland
Website
ataber.pw
XP
5,008
Country
United States
Well, memchunkhax 2.1 wasn't technically patched iirc, but it was made near-unworkable due to canaries being added into the kernel11.

In addition, the process9 checks mean that even with an arm11 kernel exploit, we won't be able to downgrade. There are already a number of arm11 exploits that have been discovered privately (my favorite being slowhax, which takes over an hour to execute). However, the developer has decided not to release these exploits yet as he wants to finish an arm9 exploit before he releases anything.
 
  • Like
Reactions: Temptress Cerise, Deleted User, N7Kopper and 1 other person
bbcali89

bbcali89

Well-Known Member
OP
Member
Level 5
Joined
Sep 16, 2013
Messages
418
Trophies
0
Age
35
Location
Chicago
XP
755
Country
United States
astronautlevel said:
Well, memchunkhax 2.1 wasn't technically patched iirc, but it was made near-unworkable due to canaries being added into the kernel11.

In addition, the process9 checks mean that even with an arm11 kernel exploit, we won't be able to downgrade. There are already a number of arm11 exploits that have been discovered privately (my favorite being slowhax, which takes over an hour to execute). However, the developer has decided not to release these exploits yet as he wants to finish an arm9 exploit before he releases anything.
Click to expand...
this is interesting news.
 
Swiftloke

Swiftloke

Hwaaaa!
Member
Level 8
Joined
Jan 26, 2015
Messages
1,772
Trophies
1
Location
Nowhere
XP
1,506
Country
United States
astronautlevel said:
Well, memchunkhax 2.1 wasn't technically patched iirc, but it was made near-unworkable due to canaries being added into the kernel11.

In addition, the process9 checks mean that even with an arm11 kernel exploit, we won't be able to downgrade. There are already a number of arm11 exploits that have been discovered privately (my favorite being slowhax, which takes over an hour to execute). However, the developer has decided not to release these exploits yet as he wants to finish an arm9 exploit before he releases anything.
Click to expand...
Mmph! Thanks for showing me nedwills YouTube, subscribed.
Slowhax xD
But to contribute something useful, I can confirm that the actual time of check to time of use vulnerability is still unpatched, but as far as I know it's been made basically unusable with Ninty's meddling. (I don't know exactly how they did that, but I know they did.)
 
Last edited by Swiftloke,
N7Kopper

N7Kopper

Lest we forget... what Nazi stood for.
Member
Level 8
Joined
Aug 24, 2014
Messages
976
Trophies
0
Age
30
XP
1,297
Country
United Kingdom
Quantumcat said:
You wouldn't consider this halted if you'd been around in the void between Gateway on 4.x and Smealum's 9.2 Ninjhax. A new secondary exploit comes out like every month nowadays.
Click to expand...
Calling this a void is pretty silly, especially considering that - as discussed - we do have a downgrade exploit on current firmware. Just because it's TWL_FIRM and not NATIVE_FIRM, doesn't mean it's not latest firmware.

I kinda want to just show the scene of a few years ago how damn easy it is for me to jump from playing an out-of-region Federation Force into Mother 3 Fan Translation 1.2 and see them get green with envy... or get triggered because Samus isn't the protagonist of FedForce.
 
  • Like
Reactions: astronautlevel and Deleted User
rondoh70

rondoh70

Well-Known Member
Member
Level 3
Joined
Sep 1, 2011
Messages
334
Trophies
0
Age
26
Location
new york
XP
287
Country
United States
Ive been thinking about the hard coded list thing. Do we have enough control of the memory to change pointers or the values related to that list?
 
Urbanshadow

Urbanshadow

Well-Known Member
Member
Level 9
Joined
Oct 16, 2015
Messages
1,578
Trophies
0
Age
33
XP
1,723
Country
rondoh70 said:
Ive been thinking about the hard coded list thing. Do we have enough control of the memory to change pointers or the values related to that list?
Click to expand...
Nope. The memory where this values are is so obviously out of the user scope or the gspwn-able zone. Also, the memory portion must be accesed directly in physical memory addresses (arm9) and not pointers or virtual addresses mode (arm11/userland).

That's why it's easier to replace a firm to a lower one (which would not use said list) by a modified nand backup than to rewrite the list.

And, if you get to rewrite the list also means you have arm9 control, so a downgrade would not make any sense (just for a9lh installs) since you can already cfw.
 
Last edited by Urbanshadow,
  • Like
Reactions: Deleted User, Quantumcat and astronautlevel

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew  A new way to experience StreetPass

Is it possible...?

Hacking Hardware  New Nintendo 3DS XL Louvre

Hardware  Why does my 3DS take so long to turn off?

Emulation  i have citra, i have my aes keys installed, how do i get the home menu

What's the best 3DS emulator (especially after Citra's shutdown)?

Hacking Misc  VCRUNTIME140.dll UCRTBASED.dll Master Thread

Tutorial  How to fix 007-2001

General chit-chat
Help Users
    K3Nv2 @ K3Nv2: https://youtube.com/shorts/vKQN3UiNNHY?si=fP6ZlFe-DhQf9SW7