Hacking CiTRUS development

[Quincy]

soc 1048 oh (custom) wtf is "oh" ?

Maybe some kind of identifier? Maybe something it says on the chip? Hell for all that we know it could stand for Online Hacking!

Edit:It says 0H: Reminds me of some kind of HEX identifier. Could be wrong on this one tho!



Edit 2: seems I was right on my first try. It takes some good eyework to read it, but it is printed on the chip

 

[Boy12]

Sorry if im a bit n00by, but what can this program actualy do?
Making 3DS programs?
If that is so, it look's very promising

 

[CollosalPokemon]

I believe the RomFS is for storing certain files.

Thanks for this. Any idea what sort of files are stored in RomFS?

Don't quote me on this but the RomFS *might* be for storing game graphics, or it would seem to be a 'logical' place for them currently. The ExeFS contains the code, icon, banner, and logo so the other main necessity would be graphics. It might include some misc resources as well though, such as in a few Wii games I noticed there were plaintext *.txt files so I'd assume the RomFS is for similar resources and/or graphics. Again though, don't quote me on that as it's a guess.

 

[elisherer]

Sort of...but you need to provide the code yourslef (Assembly file)
It's not an IDE

 

[WildArms]

All i wish is that we can get rid of this damn region block, there are many japanese games i wish i could import, but even if i did, i wouldnt be able to play them, so... T_T

 

[totalnoob617]

so since this for exefs then can it be used to make a 1:1 clone flashcard that can spoof a header and allow for running 1;1 copies of retail games ? or would it still only work on dev unit ? or is the header more than the logo ,banner ,icon and application code

 

[Ericthegreat]

Still would only work on dev unitss I think....

 

[CollosalPokemon]

It's not that it could not spoof retail units, but the chances are virtually 0% because the _only_ (and I stress ONLY) ones with retail RSA keys are the trustable, high-classed, very few Nintendo employees. Developers _never_ get retail keys. In order to spoof a header, you'd need the RSA keys to sign the program. I mean if you were one of the few most trusted members in your job, and it paid well, why would you think of leaking something so secretive/private?

It may be possible if/when an exploit for the 3DS comes around, though. (it wouldn't check the signature)

 

[Luigi2012SM64DS]

4/23/2012
I am not dead! I apologize for my absence. I wanted to have enough evidence this time to make solid and more presentable data.

For the past month and a half I have been learning much more and I've been able to successfully compile CXI (CTR eXecutable Images) with accurate raw data. Last time, my CXI was (in all respects) only structurally valid; the data was not so much as valid as I was thinking. This time, however, I've been able to test the raw data and have progressed the output to be a 1:1 valid binary. I am working on proper encryption, but for this demo/progress update it now has correct structure, flags, signatures, and raw materials to be encrypted into a CXI. In other words, I've made a valid raw form of CXI for this progress update.

For those curious to see that I'm not making blind claims I'll attach a new download for a fully unencrypted (raw), but valid, homebrew CXI :

http://www.mediafire...9trvb9trt32dhn7

I am still working on encrypting it properly, but now I can show valid coding base progress. I've formatted this CXI to outline the CXI structure while being unencrypted. You may notice I did not include a logo binary in the ExeFS. This is because I'm not 100% sure if it is legal to distribute that (my guess is not, though) so I'd rather not post that here just to be on the safe side.

For now, with the plain region, I will use 1_2_0_200 as the version. This CXI isn't made by the official SDK (it's made through CiTRUS) so that's more of a placeholder version to ensure compatibility and match the plain region data format we see with retail CXI.

Now, with this presentation, I am showing valid structure and valid raw (unencrypted) data. I hope to soon figure out how to properly encrypt CXI to use with 3DS software.

found this on the CiTRUS page
edit: sorry i meant to say 3DS CXI?

 

[Skelletonike]

I don't know anything about this... What exactly does this mean? =S

 

[Quietlyawesome94]

I'd like a source too.

 

[Rockhoundhigh]

I'm guess this is progress on compiling some type of 3DS file format (maybe an executable?) through a 3rd-party sdk, I don't know exactly. This isn't really my area of expertise.

 

[Quietlyawesome94]

This appears to be the source. http://3dbrew.org/wiki/CiTRUS

 

[emmanu888]

yeah the problem is we still cant run the file on a retail 3ds

 

[Snailface]

This is pretty old news. And just for clarification, Xcution's colleagues didn't seem too amused by his contributions:
http://3dbrew.org/wiki/Talk:CiTRUS

Again, the people to watch are Neimod, Yellows8, Crediar, and maybe J|12.

(or course there could be a genius or two lurking in the shadows, you never know)

 

[CollosalPokemon]

This is pretty old news. And just for clarification, Xcution's colleagues didn't seem too amused by his contributions.
http://3dbrew.org/wiki/Talk:CiTRUS

It was mostly Trap15 talking trash...Yellows8 (Team Twiizers) didn't make a bad comment about it. But most of the comments were from his first beta anyways...
He actually updated his CXI though; it's not really old news.

 

[MelodieOctavia]

For us hur hurr stoopid peeple... What does this mean as far as bringing us closer to homebrew?

 

[CollosalPokemon]

For us hur hurr stoopid peeple... What does this mean as far as bringing us closer to homebrew?

To put it more simply (I think) it is like a libnds, but for the 3DS. By the time homebrew can be run, we'll already have a fully available "lib3ds" ahead of time.

 

[Fudge]

For us hur hurr stoopid peeple... What does this mean as far as bringing us closer to homebrew?

AFAIK, once encryption for the retail 3DS is opened up, all we need is an exploit to load the modified CXI. Correct me if I'm fucking stupid

 

[Snailface]

This is pretty old news. And just for clarification, Xcution's colleagues didn't seem too amused by his contributions.
http://3dbrew.org/wiki/Talk:CiTRUS

It was mostly Trap15 talking trash...Yellows8 (Team Twiizers) didn't make a bad comment about it. But most of the comments were from his first beta anyways...
He actually updated his CXI though; it's not really old news.

Xcution's homebrew tool requires the RSA keys to work, therefore he is dependent on the hardware guys to find them for him. That's why I don't consider his contributions important right now. He's a software guy, it's the hardware guys who will crack this open if it is to be at all.