Hacking The status of Gateway and A9LH

[Asia81]

holly fuck.
work so fine

--------------------- MERGED ---------------------------

@liomajor I guess you could even do your own thread, like that much more peole will see it

 

[cearp]

@liomajor, do you expect there will be a working payload.bin that we can load normally without have to worrying about 'reinstalling' another a9lh implementation? (i can see it's not that difficult, i'm just curious)
something we can easily just put on the sd card just like decrypt9, bootanim9 etc?
or the way gw works, is that not possible?

 

[pscytheology]

@liomajor, do you expect there will be a working payload.bin that we can load normally without have to worrying about 'reinstalling' another a9lh implementation? (i can see it's not that difficult, i'm just curious)
something we can easily just put on the sd card just like decrypt9, bootanim9 etc?
or the way gw works, is that not possible?

@RednaxelaNnamtra tried it a few pages back... There is some issue with the arm11 loading or something.

 

[cearp]

@RednaxelaNnamtra tried it a few pages back... There is some issue with the arm11 loading or something.

so that's an problem with gw's stuff, so i doubt we can fix that... - if i understand it right?
that's annoying

 

[CreAtor135]

holly fuck.
work so fine

--------------------- MERGED ---------------------------

@liomajor I guess you could even do your own thread, like that much more peole will see it

I put it in the OP.

 

[angelus kun]

someone could help me please? im making a backup of my RedNand with otp helper before getting the OTP file but the RedNand size is 1240 MB but my sysnand backup is 1979 MB so, something is wrong?
EDIT: my system new 3ds

 

[Kazuma77]

Hey thanks. I trieded and it works fine. GW on default and bootmanager on B.
The only think that is annoying is the red screen on start. Would it help to use a no screen int payload?

--------------------- MERGED ---------------------------



But I think it's the last befor public release.
Ps when is the next vid coming?

Probably not. IIRC this is a no init build. The official GW version does this too.

 

[Temptress Cerise]

Same red screen on an o3DS USA console as some others have reported. Using the files @liomajor provided.

But thanks for sharing the files liomajor! At least glad to see it working for some people. <3

 

[Asia81]

Not really, it was my case.
sys 1.8g, emu 1.2g

"Because" I sent my N3DS to repair some weeks ago, they changed something, the motherboard I guess

 

[angelus kun]

Not really, it was my case.
sys 1.8g, emu 1.2g

"Because" I sent my N3DS to repair some weeks ago, they changed something, the motherboard I guess

but my new 3ds is barely new

 

[Temptress Cerise]

someone could help me please? im making a backup of my RedNand with otp helper before getting the OTP file but the RedNand size is 1240 MB but my sysnand backup is 1979 MB so, something is wrong?
EDIT: my system new 3ds

That's normal. Read the FAQ.
Link: https://github.com/Plailect/Guide/wiki/FAQ
"Q:What is the difference between RedNAND and EmuNAND?
A: RedNAND and EmuNAND are both different types of NAND redirection with small differences in the way they are handled behind the scenes. The main advantage to using RedNAND instead of EmuNAND is that RedNAND will always use the smallest NAND size the device offers, regardless of the size of the SysNAND chip. For example, a New 3DS user with a 1.8GB internal NAND chip will only have to use 1.2GB for all RedNAND backups."

 

[angelus kun]

That's normal. Read the FAQ.
Link: https://github.com/Plailect/Guide/wiki/FAQ
"Q:What is the difference between RedNAND and EmuNAND?
A: RedNAND and EmuNAND are both different types of NAND redirection with small differences in the way they are handled behind the scenes. The main advantage to using RedNAND instead of EmuNAND is that RedNAND will always use the smallest NAND size the device offers, regardless of the size of the SysNAND chip. For example, a New 3DS user with a 1.8GB internal NAND chip will only have to use 1.2GB for all RedNAND backups."

oh, thank you

 

[RednaxelaNnamtra]

so that's an problem with gw's stuff, so i doubt we can fix that... - if i understand it right?
that's annoying

It could be possible that knowing where gw writes the entrypoint will be enough to fix this problem, but maybe we will also need to disable or enable some things again to let it work(for example I think we are disabling interrupts on ARM11 in our payloads).
Clearing and dumping the arm11 code could help for this(for example through an a11 payload that copies the area to FCRAM, from where arm9 will read it on next boot.

 

[SirByte]

so that's an problem with gw's stuff, so i doubt we can fix that... - if i understand it right?
that's annoying

I say let's wait until the final comes out (and give it a couple of days to make sure it's final and we won't see 4.0.1 within the week). To get GW's payload to work with the standard Luma A9LH is going to be quite a bit of work I guess as from the comments so far it looks like GW stores way more stuff on NAND.

As for entrypoints, it's been a while since I did any ASM but on MOS 6502 you had to relocate stuff sometimes so if it was designed to run from $4000 you could make it to run from $5000 by adjusting all the addresses (e.g. JMP $4120 became JMP $5120 etc). Except of course for hardware registers etc. but you knew where those were so left those alone.

And that's provided we're (with 'we' I mean the devs here of course) able to decrypt/de-obfuscate the GW stuff far enough to make the necessary changes so it can be turned into a SafeA9LH / Luma payload.

 

[pscytheology]

Probably not. IIRC this is a no init build. The official GW version does this too.

It's the screen init version, I think. I turned off the show splash image on no-screen-init option, and it still shows up. Splash brightness control is also not working.

 

[urherenow]

Well, this is frustrating. I get the red screen+power off on my N3DS using the stage 1 that uses the A button. Tried to chainload the bootgw.bin and see the top screen duplicated (and off center) on the bottom and freeze with a black screen. Tried using both 3.7.1 and 4.0a Launcher.dat files.

 

[Stack3r]

So i updated my a9lh with stage 1 and stage 2(x+y) and it said it was successful, now when i turn my system on i just get a red screen. What did i do?
Edit: When i put the launcher.dat it boots up to the gateway menu, how can i change it back to booting up luma3ds?

 

[liomajor]

Per default it loads arm9loaderhax.bin, did you press XY and receive red screen or does it without pressing anything?

 

[Stack3r]

Per default it loads arm9loaderhax.bin, did you press XY and receive red screen or does it without pressing anything?

It red screens without pressing anything, when i put the launcher.dat it loads to gateway automatically

 

[liomajor]

Did you switch stage 2 payloads?

Place a copy of Luma3DS's arm9loaderhax.bin in \a9lh and try booting with X+A.

\a9lh\arm9loaderhax.bin