Hacking [WIP] KARL3DS - Kernel access on N3DS via Ninjhax + Loadcode

[Deleted User]

Nice work on this so far. Since you're able to patch the SVC handler for privileged syscalls, I'd assume it's also possible to patch service access permissions as well, correct? If so, things like sound could be made available on the N3DS, along with various other services that Ninjhax homebrew currently can't access.

 

[Slushie3DS]

What are you trying to do exactly? Load Ninjhax from the Loadcode exploit?(can I even call it an exploit?)

If so, would you mind giving my site and I credit for the idea?

Are you honestly implying that you were the first to think of these steps? 3dsdev chat was full of this looooong ago.

 

[Deleted User]

Are you honestly implying that you were the first to think of these steps? 3dsdev chat was full of this looooong ago.

I don't see whats wrong with my post. There was nothing wrong with it. The OP and I already collaborated about it, and it's behind us. He actually gave me some tips.

I don't see why it pertained to you however to make a reply. If we are going to pull the "implying card" You're "implying" that I said I was the first to think of it. I never said that. Only you and one other member took it as such.

Either way it's behind us, and there is no need to bring this conversation filler. I will continue working on what I'm working on, you can work on whatever you're doing(other than joining someone else's conversations without all of the details). and the OP can continue his amazing work

 

[Slushie3DS]

I don't see whats wrong with my post. There was nothing wrong with it. The OP and I already collaborated about it, and it's behind us. He actually gave me some tips.

I don't see why it pertained to you however to make a reply. If we are going to pull the "implying card" You're "implying" that I said I was the first to think of it. I never said that. Only you and one other member took it as such.

Either way it's behind us, and there is no need to bring this conversation filler. I will continue working on what I'm working on, you can work on whatever you're doing(other than joining someone else's conversations without all of the details). and the OP can continue his amazing work

Accreditation comes with originality, which was implied when asking to be credited for the idea on a message board with thousands of members.

 

[Deleted User]

Accreditation comes with originality, which was implied when asking to be credited for the idea on a message board with thousands of members.

You seem to forget the fact that only a fraction of those members contribute ideas/homebrew like the OP is developing. I posted in the Pinned request thread, which is 90% "Can I get a hack for x"

Either way, as I said it's over, the situation(which never existed) Is resolved, you can go back on your merry way, and pick someone else out of the crowd

Before you make the next reply, I said that because you would have gotten more details about this if you read the replies after my original post

 

[Slushie3DS]

You seem to forget the fact that only a fraction of those members contribute ideas/homebrew like the OP is developing. I posted in the Pinned request thread, which is 90% "Can I get a hack for x"

Either way, as I said it's over, the situation(which never existed) Is resolved, you can go back on your merry way, and pick someone else out of the crowd

Before you make the next reply, I said that because you would have gotten more details about this if you read the replies after my original post

Your horse is both tall and mislead. Good day.

 

[shinyquagsire23]

OK, so all the SVC patch addresses have been added. However, not every version has been tested. So now I need some people to assist in this endeavor: I need a person on 4.x to validate that it's actually failing, someone between 5.1-6.1 to validate if it's successful or not, a person on 5.0, and a person on 7.0 to also test. And anyone else who feels like testing it as well I guess, but I need to know your firmwre version, what type of 3DS you have, and the output it gives. Now here are the outputs which tell you what succeeded and what failed:

0xdeadbeef - ARM11 kernel was not reached
0xf00ff00f - ARM11 kernel reached, SVC not patched
0xfaaffaaf - ARM11 kernel reached, SVC patched and SVC 0x7B succeeded
Crash after "ARM11 Kernel Code Executed" - SVC patched, but failed to call SVC 0x7B

Linkeroni is here: https://github.com/shinyquagsire23/bootstrap/raw/master/bootstrap.3dsx

If you can, try testing around 10 times and report the number of times failed vs times of success. Especially if you get a crash on the first time. Also, 8.x users and below who are getting 0xdeadbeef will need to do a re-test, there was a bug which just got fixed which gets a successful return from kernel on 4.x-7.x systems.

Results:

3DS        - 4.5.0-xxU - 0xfaaffaaf
3DS        - 4.5.0-xxU - 0xfaaffaaf
3DS        - 9.2.0-20U - 100% fail
New 3DS    - 9.0.0-20E - 0xfaaffaaf
New 3DS    - 9.0.0-20J - 0xfaaffaaf
New 3DS XL - 9.0.0-20U - 0xfaaffaaf, 1 crash before success
New 3DS XL - 9.0.0-20U - 0xfaaffaaf
New 3DS XL - 9.0.0-20U - 0xfaaffaaf 100% success
New 3DS XL - 9.0.0-20U - 0xfaaffaaf 80% success
3DS XL    - 4.5.0-10E - 0xfaaffaaf 60% success
3DS XL    - 4.4.0-10E - 0xfaaffaaf 60% success
3DS XL    - 9.2.0-xxU - 0xfaaffaaf, 1 crash before success

 

[VinsCool]

OK, so all the SVC patch addresses have been added. However, not every version has been tested. So now I need some people to assist in this endeavor: I need a person on 4.x to validate that it's actually failing, someone between 5.1-6.1 to validate if it's successful or not, a person on 5.0, and a person on 7.0 to also test. And anyone else who feels like testing it as well I guess, but I need to know your firmwre version, what type of 3DS you have, and the output it gives. Now here are the outputs which tell you what succeeded and what failed:

0xdeadbeef - ARM11 kernel was not reached
0xf00ff00f - ARM11 kernel reached, SVC not patched
0xfaaffaaf - ARM11 kernel reached, SVC patched and SVC 0x7B succeeded
Crash after "ARM11 Kernel Code Executed" - SVC patched, but failed to call SVC 0x7B

Linkeroni is here: https://github.com/shinyquagsire23/bootstrap/raw/master/bootstrap.3dsx

tested on old 3ds XL 9.2.
Crash after "arm11 kernel code executed"

 

[NyaakoXD]

OK, so all the SVC patch addresses have been added. However, not every version has been tested. So now I need some people to assist in this endeavor: I need a person on 4.x to validate that it's actually failing, someone between 5.1-6.1 to validate if it's successful or not, a person on 5.0, and a person on 7.0 to also test. And anyone else who feels like testing it as well I guess, but I need to know your firmwre version, what type of 3DS you have, and the output it gives. Now here are the outputs which tell you what succeeded and what failed:

0xdeadbeef - ARM11 kernel was not reached
0xf00ff00f - ARM11 kernel reached, SVC not patched
0xfaaffaaf - ARM11 kernel reached, SVC patched and SVC 0x7B succeeded
Crash after "ARM11 Kernel Code Executed" - SVC patched, but failed to call SVC 0x7B

Linkeroni is here: https://github.com/shinyquagsire23/bootstrap/raw/master/bootstrap.3dsx

So you're only testing this on 4.X-7.0?

 

[shinyquagsire23]

So you're only testing this on 4.X-7.0?

All versions are welcome at the moment, 4.x-7.2 is what I'm actively seeking input from.

 

[NyaakoXD]

All versions are welcome at the moment, 4.x-7.2 is what I'm actively seeking input from.

I see. Well then, I'll try it on my Red New3DS XL 9.0.0-20U.

 

[NyaakoXD]

Okay, results are in!
New3DS XL 9.0.0-20U: 0xfaaffaaf - ARM11 kernel reached, SVC patched and SVC 0x7B succeeded

 

[shinyquagsire23]

tested on old 3ds XL 9.2.
Crash after "arm11 kernel code executed"

OK, so I've been testing it around a few places, if it crashes, try giving it another go. Sometimes it'll fail (I've had it fail once out of all my tests on my N3DS) on a very rare occasion.

 

[VinsCool]

OK, so I've been testing it around a few places, if it crashes, try giving it another go. Sometimes it'll fail (I've had it fail once out of all my tests on my N3DS) on a very rare occasion.

ok will test again

Successfully set up ip blocking on my n3ds xl 9.0 will also give it a go, without having update nag

 

[Psi-hate]

It says deadbeef only on my 3ds 4.5 (using cfw CN so that may screw with it so lemme try my actual copy on sysnand with regionthree)

 

[NyaakoXD]

OK, so I've been testing it around a few places, if it crashes, try giving it another go. Sometimes it'll fail (I've had it fail once out of all my tests on my N3DS) on a very rare occasion.

On my first try, the text was actually broken up and was sort of on a random spot on the bottom screen instead of showing the output needed on the top-left corner which I got on my second try. Unfortunately, I manually turned off my New3DS and forgot to take a picture of it.

 

[VinsCool]

Ok it outputs faaffaaf this time
it's fine I guess

Will reinstall ninjhax on my n3ds and try on it.
shinyquagsire23 tested on my US red N3DS XL 9.0 and succeed! faaffaaf. got it on first attempt.

also, noticed how fast it ran yeti3ds. framerate is insane!

 

[codychaosx]

woah is it a big deal when ppl get "0xfaaffaaf" on their n3ds consoles? this is getting fairly exciting. wondering if i should get a copy of cubic ninja before price skyrocket again...

 

[VinsCool]

Second attempt on N3ds: faaffaaf.

Won't try again on my old xl, I don't want to reset up ninjhax.

 

[cearp]

woah is it a big deal when ppl get "0xfaaffaaf" on their n3ds consoles? this is getting fairly exciting. wondering if i should get a copy of cubic ninja before price skyrocket again...

just get a sky3ds and run it like that (that is what i will do if this makes enough progress to be useable and cubic ninja is needed)