Hacking Flashing Gateway 3DS Firmware on "normal" DS/DSi - PLS Don`t try this at Home ^_^

[Sammy_Lee]

I`ve stumbled over this thread in the PS3Crunch Forum, so pls dont try this @ Home

ok i done a very sill thing.i flashed gateway installer on normal ..PS dont try it XD

ok so i was a bit bored and decided to try the blue card in my old DS when i saw the gateway installer and though hmmm i wonder what would happen if i use it on a old DS (no not thinking it would play 3ds games or anything) i was just wondering if it would say failed or whatever or detect that it wasnt a 3ds.

well moral of the story is that it semi bricks the normal non 3ds if you install it, figured i would give people the heads up incase you get bored and wanted to see what would happen.....dont try

what will happen is
flashes it but starts going slow at the middle
verifys ok
restart and it seems ok untill you go to settings and crashes

at this point i thought.....Ohhhh well, removing the battery resets the settings on a normal DS........(this is true usually)

but nope it makes things worse if you do that it just doesn't work no more the stage where it normally asks for settings on first setup just crashes

but the reason i say semi bricks is that if you use a normal R4 card it bypasses the set up screen and botts to the r4 card,

so now that ive shared my silly story does anyone know if a way to sort of fix it as i can rerun the gateway installer pointless i know but proves i can sort of repair the dame if i had a sort of gateway uninstaller lol

figured someone should give fellow idiots a lil heads up

 

[Pong20302000]

you can fix it by running a "DS Firmware.nds" and then just change the settings in that .nds file and it will fix the settings when you save them

 

[filfat]

I`ve stumbled over this thread in the PS3Crunch Forum, so pls dont try this @ Home

the reason it crashes is that gateway changes the message/nickname to create a buffer overflow, which also works on DS XD

 

[kyogre123]

GW 1.2 does nothing on the original DS. I tried it a couple of weeks ago, now I checked if my name was screwed, it wasn't; went to settings, everything is normal.

 

[IronClouds]

Lmao!

 

[redkeyboard]

GW 1.2 does nothing on the original DS. I tried it a couple of weeks ago, now I checked if my name was screwed, it wasn't; went to settings, everything is normal.

That doesn't make sense, GW 1.2 doesn't change the installer at all.

 

[Foxi4]

The Gateway installer works the exact same DSBricker did - it writes strings of incorrect length into the DS Profile. It should not cause any harm to a DSi as that system is protected from such tampering, on a DS technically can cause a brick, depending on what is written and where. It's definitely not something you'd want to do without having flashme on-board.

 

[kyogre123]

That doesn't make sense, GW 1.2 doesn't change the installer at all.

Hahaha, I'm sorry, I woke up 30 minutes ago; I didn't remember that the DS files have been the same since GW 1.0 but still it did nothing on my original DS when I booted the GW Installer ROM on it, just failed the verification, restarted and everything was normal.

 

[Drenn]

It seems that, on the 3ds, the name & message strings are in different locations than on the regular ds. So, on a regular ds, it's overwriting something else... it could even be overwriting code in the DS firmware. Needless to say this is very very bad.

But, there's hope for him yet, if he has some electronics skills.

edit: or, if he can boot to r4, there's probably an easier method.

 

[filfat]

It seems that, on the 3ds, the name & message strings are in different locations than on the regular ds. So, on a regular ds, it's overwriting something else... it could even be overwriting code in the DS firmware. Needless to say this is very very bad.

But, there's hope for him yet, if he has some electronics skills.

edit: or, if he can boot to r4, there's probably an easier method.

this is false, the nickname string is in the exact same place as on the DS mode on the 3DS, however the 3DS nickname is on a completely other address

 

[Drenn]

this is false, the nickname string is in the exact same place as on the DS mode on the 3DS, however the 3DS nickname is on a completely other address

According to the firmware dumps from here, gateway is writing to the profiles at 0x1FE00 and 0x1FF00. But gbatek tells me that the profile data should be located at 0x3FE00 and 0x3FF00. Looking there, I see desmume's original profile data, still intact. This tells me that the data is shifted on the 3ds.
I'll own a 3ds in about 6 hours, then I can confirm this Not that it's important.

 

[filfat]

If you say so...

 

[gamesquest1]

hi yeah that was me over at PS3Crunch Forums the other night , i did actually get it sorted a couple of hours later by running flashme, just figured it was worth while giving people a head up as i did it out of curiosity as i hadn't seen any mention on what would happen and it was just an old DS i had lying around. btw im pretty sure it had corrupted the profile area only as before i pulled the battery the only problem i had was when going to settings, but luckily i had an old R4 lying around that autoboots so i could bypass the initial setup and run flashme, if anyone else does this the blue card wont help unless you run it without pulling the battery lol.

anyways im not sure what happens if its ran on a dsi or lite, but the original doesnt like it very much, and atleast now i know what happens if you run the installer on a standard ds (so think twice before you leave the installer on the card if you let your kids use the blue card on a normal DS)

 

[kyogre123]

hi yeah that was me over at PS3Crunch Forums the other night , i did actually get it sorted a couple of hours later by running flashme, just figured it was worth while giving people a head up as i did it out of curiosity as i hadn't seen any mention on what would happen and it was just an old DS i had lying around. btw im pretty sure it had corrupted the profile area only as before i pulled the battery the only problem i had was when going to settings, but luckily i had an old R4 lying around that autoboots so i could bypass the initial setup and run flashme, if anyone else does this the blue card wont help unless you run it without pulling the battery lol.

anyways im not sure what happens if its ran on a dsi or lite, but the original doesnt like it very much, and atleast now i know what happens if you run the installer on a standard ds (so think twice before you leave the installer on the card if you let your kids use the blue card on a normal DS)

WTF? I tried it in my old blue DS and nothing wrong happened (except that I didn't remove the battery). I'm almost sure there are only three versions of the DS, so I doubt you are talking about a different edition of it, but in any case mine looks like this:

http://upload.wikimedia.org/wikipedia/commons/a/a3/Nintendo-DS-Fat-Blue.png

 

[gamesquest1]

did you go to settings page after running it? as before i pulled battery it seemed to be fine but crashed when trying to access settings, once i pulled battery it crashed before initial setup could start, when i checked with flashme it said original os was dsv3, wouldnt of imagined it would make much diffrence

EDIT: and yeah thats the same model but mines silver

 

[kyogre123]

did you go to settings page after running it?

Yes. I did this like 2 weeks ago and after reading this topic, I went to the settings and everything is fine. It kept my name as well as the other info and I'm even able to edit it without problem.

I don't know if running a game instead of going to the settings right after the installer makes a difference.

 

[gamesquest1]

hmmm strange maybe you had already ran flashme before or the other firmware tool thing thats designed to block dsbricker....in which case it may have been blocked by default, either that or it just varies from console to console, mines a PAL model maybe that makes a diffrence who knows :S

 

[kyogre123]

hmmm strange maybe you had already ran flashme before or the other firmware tool thing thats designed to block dsbricker....in which case it may have been blocked by default, either that or it just varies from console to console, mines a PAL model maybe that makes a diffrence who knows :S

There's not such a thing as PAL or NTSC for handheld consoles, those are analogue television formats.

I'm sure I haven't downloaded that "flashme" tool as well.

Like I said before, maybe booting a game (regardless of it being an original or a ROM) can fix the problem (if there's any) before going to the settings. I also remember that I booted both (U/E/J) and (iQue/T) installers, that also could have made a difference.

 

[gamesquest1]

Well regardless considering this post was made about 2 days ago maybe you did it before anyone mentioned it, no need to get all uppity about formats, i know pal and ntsc are tv formats but they are also often used to describe different gaming regions regardless of what output system they are actually using. figured i would just let people know in case it happens to someone elses, or their kids ds so they know how to get it sorted, IDK maybe it was some sporradic error that only happened to 1 console, but whatever, it did happen idk, hopefully someone will be helped by this post in future who knows

 

[kyogre123]

Ok... testing for the sake of science:

The E/U/J/K installer gets stuck in "PROGRAMMING [*...], so there's nothing else to do except restarting. Settings are fine.

The Taiwan installer returns a Verify Error @ 0001fe00. Pressing A shuts down the console. Settings are fine.

iQue Installer gets stuck in the exact step as the first one. Settings fine.

To the guy who said GW 1.2 didn't change the installer, well now it seems that it does since I forgot (once again) that the T and C installers weren't present in GW 1.0