Sono's SooS
Just some random stuff which may be highly educational to read. Rarely some personal rants too.
Background color
Background image
Font Type
Font Size
    MarcusD Idk I never make this kind of blogs (I think), I just felt like doing a random blog because idk lol.

    I seem to have been spamming "I have never [insert activity here] on this laptop before" since almost two days, which made me think why I have never done such things before. Just to name a few:
    - "I have never heard [insert black midi file name] on this laptop before because I wasn't able to load it"
    - "I have never heard this laptop sound this good before"
    - "I have never seen Windows 7 have support for emojis, even though this laptop doesn't have all Win7 updates installed"
    - "I have never thought that this Celeron could handle black midis this well".
    As you can see, it amazes me how an underpowered fanless dual-core Celeron lappy can surprise me. Makes me wonder...

    Also, the air where the school is is so bad that my entire nose and throat got "corroded" on friday; so badly that I got a fever. I didn't know beer can make the fever almost completely go away :O It also made my pain a bit less worse.

    Oh also, fuck OEM Realtek drivers, stock Realtek drivers are where it's at! The only tricky part is killing the service which gets installed before rebooting to apply the driver properly, otherwise it'll uninstall itself on next reboot. As I said, "I have never heard this laptop sound this good before" :P

    ...dat bass tho'
    MarcusD Note: this entry contains strong opinions and strong language. Everything said in this blog post is real, and might shock some people. If you're faint at heart or you're not open to opinions, please ^W
    It's also important to note that even though this blog post is a rant in format, it's still intended to be educational to make your life better and less lethal.

    In a few days something terrible happened. Something very terrible and almost lethal. This dangerous thing happened purely due to one's stupidity (as the title suggests, their head was stuck very deep in between their sitting muscles).
    "How?", you may ask. Let me tell you...

    You have your own right to behave like a wide back side opening, thinking that you are the center of the universe, or that you are a highly respected drama queen, and you don't need the filthy peasants' help because you are infinitely smart and you can solve everything on your own, even if the process ends up being destructive due to lack of patience (because everything is filthy piece of shit when something is not working in a way you want it to that exact instant you interact with it).

    But once it starts to affect your physical or mental health in any way (other than turning into a salt mine due to anger towards the "filthy garbage"), it's time to temporarily (or even better, permanently) pull your head out of your rectum and tell your situation to someone who you trust the most. No, you're not allowed to get away with the "I don't trust anyone" bullshit, and at this point you're forced to tell someone, even if the one you trust the most is a "filthy peasant". If you keep behaving like the queen of female dogs, you'll be in more trouble much worse than your current situation.

    If you still think that you're the most intelligent creature in existance, you're actually the opposite. And be grateful that you only lost the ability to speak and you can't move your entire right side, and be still capable of living after having your brain be phyiscally destroyed almost in its entirety. Even female Terminators are vulnerable, no exceptions. This includes people who survive lvl20 blood sugar and 183/120Hgmm blood pressure on a normal living basis without noticable bad side effects. If you're in this situation, STOP IT, GET SOME HELP, you сука!

    Post scriptum:
    ItsYogSothoth, Flaflo, sks316 and 9 others like this.
    MarcusD Don't you just love when your mom does something behind your back which causes frustration?

    Yesterday I got two emails which said that my job application was successfully submitted... excuse me?! >_> I'm 100% sure I did *not* sign up for a job >_> Let alone two. This happened while mom was sleeping, so I thought I'll just wait for her to wake up.

    After she woke up, I asked her WTF all this is, and she showed me the jobs she picked.
    The first job she chose, it was something related to JS, C#, and ASP. Sadly (or luckily?) I don't know ASP, but it seems like it's not needed, you can just work on a different side of the project.
    The second job, I'm supposed to be graduating from a "high-level technical school" and be deploying web applications on physical servers and VMs. I'd also need to know Windows and Linux, scripting them (it says bash and PowerShell, but I don't know PowerShit), and deploying web applications. There's just a small problem: I never attended a "high-level technical school", nor am I familiar with deploying web applications (and troubleshooting them), and definitely not on a huge scale.

    Okay, I thought I'll just cancel the job applications, until I checked my inbox for new emails; and that's when the hell starts. I got an email saying that my profile was outstandingly above all of the others, and they would love to call me ASAP to discuss the details. There's just a slight problem though: it's related to the web-app deployment job. This is when I started freaking out. I got no usable response from mom, she just went apeshit when I asked her, and just replied with useless "generic" replies like "you don't need to know all the things to be qualified'.

    I can't express the feelings I'm having, but I'm so sick right now that I had to take in an antidepressant because I got a panic attack. Can someone who has been all throught this share their experience? I don't know who to ask related to this; mom is useless, and who I could ask are still sleeping, and would be most likely pissed if I were to ask them. Any ideas?
    MarcusD Since a few days someone is always knocking on the door at the worst times possible. By the time someone could open the door, nobody is there. Today someone knocked on the door while I was sleeping, so I had to get out of bed really fast, get basic clothing on, and open the door. There was a man walking around slowly on the corridor leading to our door. At the moment I opened the door, the man stopped, leaned to a window in the corridor, and started doing things on his tablet thingy. When I asked him "Entschuldigung?" he didn't give a response (like if he didn't notice me at all), so I closed the door and continued peeking. Once he finished scribbling on his tablet he left.

    Damn, I'm scared now >->
    HaloEffect17 and smileyhead like this.
    MarcusD As you may know, I found this MacBook Pro (early 2011, 13inch, CoreI7, 8G RAM, 750G HDD) in the trash with the battery poking out of the trackpad hole and the trackpad being severelely bent.

    Screenshots of the initial disassembly

    Today the touchpad stopped working, so I got fed up with its current state and took the damn thing apart.

    But before I continue the story, let me interject the story for a moment: if you ever decide to take the trackpad out and power your MacBook Pro on, make sure to leave the *ribbon* itself plugged in, otherwise all OSes (except Linux) will refuse to boot completely. Linux works, but two cores are constantly ran at 100% core usage, and the built-in keyboard is so laggy that it technically doesn't even work anymore. So yeah, keep the ribbon cable (which contains some chips on it) plugged into the motherboard.

    Anyways, I had to somehow take the metal piece off of the trackpad itself (because the metal was severely bent), but there was this stupid adhesive holding it in place.
    I originally wanted to put the touchpad into the oven, but decided against it because I was afraid of damaging the sensing lines or the surface or the connector just via pure heat.
    I don't have a heatgun, so I decided to use my ancient heating device to project the heat on the trackad itself. I know that most (if not all) metals are good heat conductors, so I (ab)used this fact and heated up the metal part as much as possible, then I took a big SIM card piece (expired credit cards also work) and started working my way through the trackpad. After I worked my way thru' mostly, I took a thick flat head screwdriver, positioned it between the biggest opening hole (opposite side of the clicky button part), held that open with my fingernails, and just put the screwdriver in the hole.

    Important note: don't push the screwdriver in! Just let it fall in the hole, and hold it firmly in place! Don't let it move, otherwise it will scratch the surface of the trackpad and damage the lines, resulting in a malfunctioning trackpad! Only let the gravity push the screwdriver in the hole, don't use external force! The only way you could allow the screwdriver to push in more is if you use your fingers to make the hole bigger, and gravity makes the screwdriver go deeper.

    While the screwdriver was pulling the hole apart, I used the SIM card piece to work my way thru' the other sticky adhesive which is still sticky. After a while you'll need to reheat the damn thing, pull the hole, let the screwdriver fall a bit deeper, and work your way thru' the damn thing again. And repeat.

    Once you fucked around with the damn adhesive long enough, you should hear a ripping sound. That's the sound of holy glory, and that means that this is the critical moment where you can waste all this time even more that you have just wasted. If you pull the hole too strong, you'll crack and/or break the board in half. If you accidently push the touch pad and the metal together, it'll stick again. If the screwdriver falls out, you'll have to start from step one. You should have extreme patience at this point, just sloooooooooooooooooowly pull the holes on all sides to dampen the force you're putting on the trackpad to prevent the board cracking/breaking in half, and slowly pull while you're hearing the adhesive tearing from the metal. If the tearing stops, just heat up the thing again, use the SIM card or whatever to break the adhesive, and try again. If you're lucky then it will come apart very rapidly, so watch out, don't let the screwdriver damage the connection port or yourself when the two pieces come apart!

    At this point you're free to reconnect the trackpad to the ribbon cable, and test it out if you have damaged it or not. Luckily I was extremely patient and calm, and it took me exactly one hour and four minutes to take the thing apart successfully. I have damaged the sticker on the clicky button a bit, but not enough to make the button not stay and fall off.

    But yeah, all of this made the touchpad work even better than it was before! This action has fixed the "blind spots" the trackpad had, and has even made it more sensitive! If you're not mashing that trackpad like an idiot (you won't press on it so hard that it will snap in half) then you can leave the metal off, it's afaik only for shielding and structural stability (so pressing hard on the center will not break the board in half after a short time of use).


    Now if you excuse me, I'll wash my hands for 20minutes utnder very hot water, because I can feel the adhesive having eaten itself into my skin >o<
    Also, I'll have to find something to fix my broken fingernail for prying the damn thing for one hour.

    Edit: I forgot to show how I managed to make the touchpad stay in place... is there something duct tape can't fix?
    duct tape meme
    VinsCool likes this.
    MarcusD As the title says, I'll be leaving for an indefinite anount of time, then very likely come back later (which is what "pulling a DarkFlare" is).

    From tomorrow afternoon I'll stop developing and reverse engineering stuff. If you have a bug or a disfunctional feature in my homebrew then you're out of luck. If I'll be able then I'll fix a small bug in OCDM, but other than that I'll end support for my homebrew as soon as I post this blogpost.

    I've also left all Discord servers, and I'd leave Discord too if I didn't have a few people only available on Discord (since they moved from Skype).
    Also, please don't bother me on Telegram unless you know the reason for this decision and wanna talk with me about that.

    And what's the reason for this?
    I've been giving hints to people all this time. Those who know have either a negative attitude (bashing my type and telling me it's cringy (which it is, but still rude)), or don't even think that I have been giving hints. Sadly only one person is okay with it, and only 3 people accept me like that (and it turns out that one of them is also that type as I am (edit: he blocked me :cry:)).

    Anyways, the tl;dr is is that I can't handle it anymore, so I'll leave

    Marioyoshi64, dAVID_, iAqua and 8 others like this.
    MarcusD I had this """"""""great"""""""" idea of wanting to try out Windows (7) on this MacBook, because daaamn, it has i7, 8G RAM, and it's just in general more powerful than all of my x86 devices combined! Heh, it was a bit of a mistake.

    Because I have a MacBook (Pro, early 2011) with a disk drive, Apple decided that I shouldn't be able to install windoze from pendrive... well, after fucking around a few hours trying to make the pendrive bootable, it turns out I had to format it GPT FAT32... ok fair enough...

    After rebooting to boot into "EFI Mode", I waited, and waited, and eventually the top part of the screen got corrupted >_> (it's too agonizing to fuck around with efi boot, so I don't have a screenshot of this... it's just boring black stripes on top of the screen, so I'll just let you imagine it). It turns out that for some random reason Windows crashes when it can't set screen mode (it turns out those corrupted black boxes are part of the BSOD), so I had to chainload Windows using an efi binary called "VgaShim". It's really nice, I gotta say!

    Okay, I'm in the Windows installer now, YAY! After I got into the drive selection screen, I selected partition4 called "BOOTCAMP", aaaand I saw a yellow triangle... I can't remember the full error message now, but it was something like "can't install on MBR in EFI mode, only on GPT". At first I was super confused, because why the fuck would Apple use MBR in an EFI environment?! (insert very distorted thonk here)

    Okay... because macOS's default fdisk sucks ass, I found a nice alternative called "gdisk". After entering gdisk *from recovery* (because it doesn't work from a running system) I ran `/Volumes/GoatBook/usr/local/sbin/gdisk /dev/disk0`, and saw that it says "GPT, hybrid MBR" >_> I have never heard of hybrid MBR before, but it sounds like Windows doesn't like it at all. After digging around in gdisk, I found an option under the experts menu (key x) to create a new MBR (key n), and that did change from hybrid MBR to protective MBR (which also makes no sense to me). After writing changes to disk (key w from normal menu) I rebooted, and sure thing, I was now able to install Windows! ...kinda

    After it went into the installation menu, I hyped up too early, because it failed almost instantly with an unknown error, then rebooted... I got soooo angry I wanted to rek the Windows partition Bootcamp created... "an internal error has occurred", said Disk Utility. "FFFFFFUUUUUUUUUUUUUUUUCK YOU", said Sono, raging. </AudiobookYTP> Because I'm very confident with CLI disk utility tools (like diskpart, fdisk, or in this case gdisk), I decided that Disk Utility can fuck off with its "low-level" errors, and fix the problem manually from gdisk... And sure enough, Windows created an extra system EFI partition! No wonder why Disk Utility wasn't able to resize my main partition table bigger than 500Gigs! After cleaning up the mess Windows made, I created a 250G FAT32 dummy partition on the rest of the disk, and proceeded to reboot into the Windows installer. After formatting the FAT32 partition as NTFS, it sure thing allowed me to click Next again!

    But instead of going to the installation screen, it greeted me with a funny error message stating that it can't create a partition... ...this feels like Disk Utility again... So after pressing afaik SHIFT+F10 to open a command prompt, I went into diskpart, and saw the partition there, already formatted as NTFS... I thought WTF, and decided to spam diskpart further... eventually I noticed the activity light blink on my external HDD every time I press Next... and at this moment I knew I fucked up. I remembered that no Windows installer can detect the pendrive I'm using from the installer, hence I never managed to install from it (what a failure!). So I thought Windows must be trying to install from my external HDD! And I was right! After copying all files from the disk into my external HDD I managed to FINALLY* install Windows!
    * after like 4 reboots

    After rebooting into the Windows partition created, I noticed the black bars (BSOD text) again, so I went into macOS recovery again, and changed /efi/boot/bootx64.efi to VgaShim again. Just a bit of an oversight from my part :P

    And sure enough, it works fine! In fact, I'm using it to write this blogpost!
    There's just a tiiiiiiiiiny smol problem... can you notice it on the above screenshot? No? Let me help!
    After hours and hours of Googling, and hours and hours of driver installation, I noticed a single sentence... "Windows sound doesn't work in EFI mode"

    Fucking hell, Apple! :angry:
    moriczgergo, Eix, BlueFox gui and 5 others like this.
    MarcusD If I'd tell everything then I'd be discriminated and banned from every public place, so I'll only tell that I only like cute shy nerd boys (the curly hair and the glasses count as extra) and/or dominant MTFs who still think as a boy. The less you wanna know™

    send nudes owo

    fyi, I weigh personality much more than looks; someone looking good just adds to the "owo factor". I want a boyfriend who is either a very smart developer or a great artist. I haven't thought of other things yet, but other "talent" could also potentially win me.
    MarcusD I usually don't make blogs, but since I can't dev nor RE sysmodules atm I thought I might as well just make a blog about this.

    On this sunday (yesterday) night my phone decided that half of it should stop working. Nearly everything died, including GPS, GSM, camera, some screen settings, and it doesn't even recognize the SIM card, no matter what SIM card I put in it, it works in every other phone/device.
    Okay, I put it in my old GT-S5230, but the browser crashes on nearly every webpage, the touchscreen is too small and is buggy, and Discord doesn't even work on it...
    Okay, I put it in my Archos 50 Neon, but the battery drains in 4hrs, the touchscreen's functionality rate is 13% (aka. it barely even works), the touch buttons are glitched out, and System UI crashes if the battery goes below 15% .-. least my BlackBerry Bold 9700 works... but I'm using my Archos since that has Discord

    Not so long ago I found a MacBook in the trash. The battery is insanely expanded, and the touchpad is bent (see image)
    Today I walked into an Apple Store (yes, walked, even though it was 40seconds away from an U-Bahn (Metro/Underground) stop), and after waiting 15mins in the strong "Apple smell" they told me that I should throw this MacBook out ("du kannst das wegschmeissen"), and after ~4mins of debate they finally told me how much the charger costs... 90 fucking Euros?! waaaaaaaaaaaaaaaaaaaaaat :wtf: and the battery is also 90€ :glare:
    I looked up some stuff, and it has this in it: 750G HDD, 2x4G RAM, and I guess this is the i7 model, not the i5 model... I'm both very lucky and very unlucky at the same time with this :angry:

    To add the last contrast to this post (first negative, second both positive and negative, and this one is positive) I've been reverse engineering some 3DS sysmodules with success, and not only does this give more insight and more documentation about how the 3DS is build and how it works, but also makes us closer to doing stuff with the 3DS hardware in bare metal (namely ARM9 payloads and ARM11 co-payloads where the hardware registers are only accessible from the ARM11 side).
    Also, good timing, I got contact with d0k3 not so long ago, we might see new features in G9, including accurate system time without needing to touch anything to make it work :P

    Also, I wrote this because I'm curious for others' opinions regarding this, so please write your opinions and ideas if you have some. Also, please don't turn this into EoF, please keep the discussion sophisticated :sad:
    MarcusD Today I woke up, wanting to play osu! after oversleeping for a total of roughly ~11hours. I thought that a good ol' COFFEI will help me wake up properly and get rid of the headache I was having. I drank my COFFEI and went up in my room to turn my PC on. Because I left my lappy in Austria (because it's heavier than the rest of the contents of my luggage) I had to use my PC to play osu!. When I wanted to turn the PC on, it didn't turn on... it turns out I forgot to plug it in (note: I always unplug stuff before I go out for a longer period of time). After plugging the power and the periplerals in, I was finally able to turn it on.

    I proceeded to log in, and after every process has loaded and the CPU usage has calmed down, I went ahead and started osu!... except it didn't wanted to start!


    Well then... I know there's a bug where if you unmount and remount an external drive all desktop shortcuts pointing to that drive will have this problem, so I decided to start it manually from its directory... except it still didn't start!


    Well WTF?! I thought "the MZexe header must be corrupted or something"... and sure it was!


    PNG?! It's weird how the exe has its original size, yet the exe turned into a PNG >_>
    So then I renamed the file to "osu!.png" and tried to open it with LogoMotion


    This is a very bad sign... uuuh... let me try a shitty image viewer then which doesn't care about anything


    The moral of the story: protect your HDD from everyone, including yourself, otherwise those fuckers who always nail a kick on your luggage where your HDD is will destroy your precious data, including most of your 3DS projects... now I'll have to lay back in bed because I'm feeling very dizzy for some reason.
    cheuble and smileyhead like this.
    MarcusD Please read the whole post very carefully before even deciding to comment! This situation is already bad enough, there's no need to make it worse by not reading it fully. Thanks!

    As you may have noticed, there's a big fuss around the new UnbanMii 2.0 release due to how the backend was implemented. In this post - as the author of the backend - I'll explain why was the backend implemented this way, and I'll talk about some shitty design decisions I have made.
    As not everyone is competent reading code, I'll make an explaination with technical details, and one with "dumbed down" details so non-programmer people can also understand it.

    Technical explaination
    Non-technical explaination

    more info that's important regardless of being technical or not:
    - I had no malicious intentions *at all*... the reason for uploading such touchy files was purely for very shitty security checks, and the touchy data (movable.sed and SecureInfo) was purely used by the script to check stuff
    - some people let me know that the NAND CID (or as mentioned in the non-technical writeup: "NAND chip's ID") is also a touchy data... since I don't know of an occasion where people have replaced the NAND chip on their 3DS boards, I thought that this is a good way to *somehow* identify unique users
    - the reason I stored the data unencrypted in the database is because all 3 people who had access to the server don't know how to SQL (or even how the database manager UI works), I didn't even think about more about it since I knew that nobody else could access the database other than me
    - note to tech sawwies: I was using MySQLi prepared statements, and I don't know a way exists to exploit that... but data was checked before even a connection was made to the database, so there was absolutely no way to exploit this
    - my mind wasn't clear (and it still isn't) when I worked on the code/backend, and there were ~19errors/mistakes fixed in a ~1-2hr timespan before the initial release, so ye... I was only focusing on getting the work done, and I didn't even think about how the data I'm working with was touchy, nor about how illegal it was... I'm sorry for that

    so ye... my wanting to add too many safety checks went super wrong, and I'm sorry about that. the data in the database isn't used by any human at all, it's only used by the backend API code to check some data validity and eliminate possible risks for banning the public seed served by this...

    edit (17/07/28 10:01): I got access to the server and did a DROP TABLE which got rid of a whopping 17 entries, 3 of which were from the team... a bit of a waste of antidepressants for just those 14 entries...
    oh, also fixed the title as the typo was really triggering my OCD
    MarcusD As you may have noticed, I'm not very active (at all) since a few weeks/months (I have kinda lost the sense of flowing time, so I don't really know). That's because I have given up on development. The reason for this blog post is to clean up the possible confusion, and to tell people to don't wait for stuff to happen.

    Okay, to be honest the "I have given up on development" part is only partially true. I'll still provide help and support on the 3DSHacks Nintendo Homebrew Discord, and I'll share my knowledge with people who need it, but I won't be starting any new projects by myself, as I have lost motivation.

    Also, another thing. Some people may know that I wanted to move to the USA. Well, considering the recent events I have re-evaulated and compared the laws of USA and Hungary, and I decided to never leave Hungary. As some people may know, I have several severe mental illnesses, and I'm starting to get paranoid if people in the scene will figure out what those are (except that none of these "illnesses" are illegal, but rather disturbing and/or too weird). I don't need my life to be ruined even more by announcing what these are.

    Now to talk about my projects:
    As you may have noticed, most of my projects are gone from my Github (not that anyone cared that much), including stuff like TerraInveditThreedee, OCDM, and HorizonM. For popular demand I have restored some of my projects (to be exact: 3DSControllerPlus, RedThreeUP, TerraInveditThreedee, socks, PyShell27, and MCU_examples), but that's it. Some trusted people have access to my private Git projects (so they can reuse my work for the community's good), but I won't publically release those to the community in order to prevent noobs. I'm sorry.

    About HorizonM, I might transfer the ownership to someone who can maintain it. The public clone is a really old and unoptimized version. I really don't want the source code with the new features and optimizations to go to waste by abandoning it, but sadly it looks like that's what will happen to it.

    About 3DSControllerPlus, I think this is my last project I'll finish before completely disappearing from the scene. I'll silently push commits to the Github repo occasionally, but I won't update the thread if a new feature comes out.

    Note: this blog post is intended to notify users who care and are waiting for me and to clean up the possible confusion, so please refrain from posting stuff like "you didn't had to make this blog post to say goodbye, you can do that silently" or "goodbye". If you don't care then please just leave this blog post silently.

    Thanks for your understandings, and I hope there'll be someone better who can replace me in the community! Bye!
    maorninja, NicoAICP, XRaTiX and 13 others like this.
    MarcusD Well, technically it IS possible to install a DS application as a cia, and it will run, but let me explain...

    (based on my researches) here's how the original DS boots a game (ignoring validity checks):
    1. reads the header of the ROM to see where are the ARM9 and ARM7 binaries stored in the ROM
    2. loads the binaries into the RAM to the addresses specified in the ROM header
    3. jumps to specific offsets in RAM, also specified in the header
    4. from there on the game takes over the system (DS games run on bare metal)
    5. the game loads stuff from the cartridge, then you can play the game
    Now, here comes the problem: since the 3DS (and the DSi) don't emulate the DS, but run it on the actual hardware, it would be impossible(?) to "just patch the TWL_FIRM to read from *insert storage device here, like NAND, SDCard, etc.*", because as I mentioned above, that's now how it works, because it's running on bare metal hardware. Also, the original system didn't had a NAND to store the games on, nor an SDCard slot (SDCards in flashcarts are handled by the flashcarts' internal processor, the DS itself never interacts with that SDCard slot), so it would be hard to tell the games where to load the assets from.

    How did I research this? I was testing games on my flashcart to see if a game does something noticable before loading any assets, and when I was trying "Osu! Tatakae! Ouendan!", I noticed that the screen turns black on booting the game ASAP, so I thought that "I should test my theory, if TWL_FIRM jumps to garbage, or just the game crashes", so I converted the game to cia, installed it, ran, then the white screen turned to black, as it did on my flashcart, then it froze. This explains why the games crash: they try to read their assets from the (non-existing/non-matching) cartridge (remember? bare metal!), failing, thus resulting in a crash. This also explains why you're able to boot a flashcart by installing its firmware on the 3DS (I'm not taking credits, Apache Thunder discovered it WAY before I did :P).

    But in theory it would be "easy" as writing a DSi homebrew application to begin the load sequence of game booting, PATCH the game code to ask the loader homebrew to load the assets from *insert storage device name here* instead of the game cart, then continue game booting normally, but it's not that easy. Not easy at all. Very hard, almost impossible.

      - No (not yet)
    • Can I play ROMhacks installed as cia?
      - If the ROMhack patches a file in the filesystem (levels, textures, music, this kind of stuff), then no, since the files are loaded from the cartridge, but if it only patches the code (trainers, cheats, Wiimmfi), then yes
    • Can I cheat?
      - If you have the original game cart, technically yes, since the CODE is loaded from the cia (read above for explaination), so if you use a code patcher on the ROM, then convert it to a cia, install it, insert your gamecard, then run the cia, then BOOM, you're cheating without a flashcart/cheat device
    • This means I can play online games with Wiimmfi?
      - In theory, yes. If you patch the ROM with the Wiimmfi patcher, then install it as a cia, insert your cartridge, then run the cia, then you should be able to play Wiimmfi
    Note: I haven't tested the stuff in the above QnA, because DSATM always crashes for me, but based on the researches it should be valid information.

    TL;DR: you can't play DS ROMs as a cia unless you have the original cartridge inserted
    TL;DR: shorter explaination here:
    MarcusD Authentication

    First of all, Xenforo always requires you to use an xf_session Cookie in your calls, so we'll need to acquire that first.

    Because the smallest page I know about is "", we'll make a request to it with an empty cookie store. After the request was made, store the "xf_session" cookie somewhere, where you can access it in your requests. You'll NEED to include this data as cookie in all your requests!

    Logging in

    To log in, you'll need to POST a form to "", with POST parameters login=<URLEncoded username>&password=<URLEncoded password>&register=0&cookie_check=1&_xfToken=&redirect=%2F
    Example: my username is "MarcusD", and my password is "kekeke/index.php"

    If the response doesn't set a new xf_session cookie, then you can match the response body for the error message by getting the value between <span class="errors"> and </span>, and interrupt the login process; display error if matched the error message, otherwise display a generic error message. Otherwise, store the new value, replacing the old value.
    Java: "<span class=\\\"errors\\\">([^<]*)</span>"
    PHP: "/<span class=\\"errors\\">([^<]*)<\/span>/"

    Now, make another call to "", and using some kind of Regex, match the body for _csrfToken: "user token here"
    Java: "_csrfToken: \\\"([^\\\"]*)\\\""
    PHP: "/_csrfToken: \\"([^\\"]*)\\"/"

    If there's no value between the quotes (so _csrfToken: "" is the response), then interrupt the login process, and display a generic error message.
    If you matched a token, then store it somewhere accessible by every request you make, because you MUST include it in every response you make as an URLEnoded GET/POST parameter as _xfToken
    Bad example: php.php?lel=lol&_xfToken=numbers%2CSomeHashHere%2CanotherHash

    If you got here, then test the validity of the stored data by getting the notification count, which is explained a little bit later below.

    Logging off

    Session upkeep (not fully RE'd)

    Refreshes your xf_session cookie, and somehow get the refreshed _xfToken from the response

    API calls

    Notification / Message count

    POST "" _xfRequestUri=%2F&_xfNoRedirect=1&_xfResponseType=json&_xfToken=URLEncoded_xfToken

    Example response on success
    {"status":"ok","message":"Request Completed Successfully.","_visitor_conversationsUnread":"0","_visitor_alertsUnread":"0"}
    Response on fail
    {"status":"ok","message":"Request Completed Successfully."}
    Note: NEVER check by string comparing! Use Regex!

    Getting notification/message list

    Note: you are getting the notification list in HTML, so you'll need heavy parsing methods to extract the useful info from it.


    Match for errors first; check if the response contains ( "errorOverlayType": ). If it does, interrupt the process, most likely your token expired, or it's invalid.
    Match the whole value between ( "templateHtml":" ) and ( ","css" )

    For the private messages, just replace the underlined part with

    That's all I know right now :P
    MarcusD Well, let me say, even though Ninty tried everything to stop derping with its runtime, they can't top us from RE-ing the app :P

    I started with acquiring the apk (com.nintendo.zaaa) from a russian website. According to Play Store, the latest is 1.1.1, and luckily for me, it was available. This is the only 1.1.1 apk that was a proper zip file.

    I started my trusty aLogcat (the free edition is perfectly enough, or you could even use Eclipse ADT's LogKitty tool for overkill), set the search term to "nintendo", and started Miitomo.

    Well, the regular Holo-styled gradient showed up for a few seconds, black scree for a second, and this repeated a few times before the app finally decided to finally die. Ofc the logs said nothing related to the heartattack-y behavior, so I "extracted" the main Activity's class name from the logs (it would've been easier from the AndroidManifest.xml file though :P), desmai'd and dex2jar'd the classes.dex, and unjdgui'd the classes-dex2jar.jar file, and started analyzing the main Activity file.

    The app is kinda obfuscated, even the strings are!
    Well, it was just too easy to RE the strings :P Ninty, and his "trusty" ol XORpads :rofl2: I wrote some tools to decrypt the strings as automatically as possible. I investigated the strings, and I found some interesting ones: "Error: isRooted" and "Error: isEmulator". I searched for the string's ID, and I found where it's printed out. Appearently, if itcs detected, that your device is rooted, a NativeAbort function is called, which causes SIGABRT(6), which prevents the app from starting, causing the app to eventually close.

    I backtracked to the source of the detector function, and I investigated the .java file of the detector class (which btw is cruel what it can detect :sad:). After I understood the Java code, I got back to APKStudio, and edited the smali file of the class, so most of the detector functions return the best values for me :P

    I resmali'd the apk, pushed it to my phone, but it failed to install. Appearently, if you work with APKStudio (or everything that derps with the apk), you'll need ZipSigner (free and small app, get it from Play Store (kellinwood.zipsigner2)) to sign the apk file in order to allow the installation of it.

    After I (successfully) installed the (signed) apk, I ran Miitomo, and SUCCESS! *insert FF win music here*

    I can't use it, because it's crying about my clock being not properly set, but at least it starts :P

    I'll post a tutorial SUUN about how to modify the apk yourself without downloading an edited one :P
    Or if I upload the patched apk to that iso site, then get it from there :P