Hacking [WIP] KARL3DS - Kernel access on N3DS via Ninjhax + Loadcode

[overlord00]

Try with the latest build, if you were on 4.x before then t here was a bug with SVC 0x7B. It got patched, but it crashes on 4.x. I'm hoping for some people with 5.x-7.x so we can see how far up this bug will affect users. Either way, on the newest build it should return f00ff00f since SVC access fails.

returns f00ff00f.
it's 'working' as you suggest.

EDIT:
if you can suggest a way to update to 5.x-7.x, I can do so to test this stuff for you.

 

[Relys]

Now before you go doing something silly like updating, run the bootstrap test and post the results. Nobody has posted 7.1 results yet.


It's my understanding that this project is primarily focused on Ninjhax as an entry point.

Yes, but it should be trivial to port to Spider. If you an copy/paste code you should be able to do it probably. Remember that spider doesn't allow global vars though IIRC.

 

[Lord Prime]

New 3DS - 9.2.0-20J - 0xfaaffaaf

I'll be testing it on New 3DS LL - 9.2.0-20J when I get home, but i think the results should be the same since I'm only using one CN cartridge for both system.


Updated Tally: (Seems my assumption was wrong)
New 3DS - 9.2.0-20J
faaffaaf - 8
black screen - 2

New 3DS LL - 9.2.0-20J
faaffaaf - 4
blackscreen - 0
corrupted text (ARM11 kernel code exec crash) - 4
ARM11 Kernel Code Executed message (crash) - 2

 

[arm113ds]

my results:
my new 3ds 9.0e 0xfaaffaaf - ARM11 kernel reached, SVC patched and SVC 0x7B succeeded
my old 3ds 4.5.0-8e 0xf00ff00f - ARM11 kernel reached, SVC not patched
my emunand 9.2e black screen

 

[Idaho]

So for now this tool is like spider from yifan but with cubic ninja right?

I hope yifan's work on homebrew launcher for spider with kernel access is still in work that'd really be a key thing to achieve greatness on the new 3DS.

 

[zeruel85]

These are my results (10 times for each console):

New 3DS XL - 9.0.0-20E - 80% 0xfaaffaaf, 20% black screen
Old 3DS XL - 4.5.0-10E - 100% 0xf00ff00f

 

[Idaho]

>Sweats profusely while remembering chatter of cold-booting into GNU/Linux last night on 3dsev.

Shiny, if the reason why Cubic Ninja is used for an entrypoint is because SKATER is not documented, could this be modified to use spider as the entry point on old3DS?

Was it a real thing? Are they really trying to boot linux on the 3DS?

Also cubic ninja is a way more convenient entrypoint than SKATER as it doesn't require any connection once it's installed...

 

[WulfyStylez]

4.1-4.5 users, try this: https://github.com/shinyquagsire23/bootstrap/raw/master/bootstrap.3dsx
(fixed link, main supports 4.1 now)

 

[arm113ds]

4.1-4.5 users, try this: https://mega.co.nz/#!LoJAEAaK!MZqglQHHDgVpZh4LA6vYmDO1Bswe5vZWWS3K811GhPk
(sorry that's not on github, people with access the repo are asleep and can't add me atm)

my old 3ds 4.5e 0xfaaffaaf

 

[Ramzpat]

My 3DS: 3DS LL
FW sysNand: 9.2.0-20J

I've tried 10 times
But success only second and third

For the remaining tests, this screen is appeared

 

[Death78793]

Hello guys! Thanks for the amazing work you're putting forth!

I just tested this with a 2DS on 9.2 SysNAND, but have had no success with it. I'll keep testing and edit this post if I get it to work!

 

[Rokkubro]

My 3DS: 3DS LL
FW sysNand: 9.2.0-20J

I've tried 10 times
But success only second and third

For the remaining tests, this screen is appeared
View attachment 16028

Try the version in the attachment and see what you get. Could you also take a slightly lower resolution photo, I'm on my phone and that took ages to load.
Edit: Also, the times it worked, what was the code it displayed?

 

[Rokkubro]

Hello guys! Thanks for the amazing work you're putting forth!

I just tested this with a 2DS on 9.2 SysNAND, but have had no success with it. I'll keep testing and edit this post if I get it to work!

What's the output you're getting? Thanks!

 

[Death78793]

What's the output you're getting? Thanks!

Wow, never thought I'd get such a fast reply! Most times it hangs at executing ARM11, but once it just crashed with garbled numbers on the upper right part of the screen! Now it just displays faffaf on the screen (no 0x by the way)

 

[Rokkubro]

Wow, never thought I'd get such a fast reply! Most times it hangs at executing ARM11, but once it just crashed with garbled numbers on the upper right part of the screen! Now it just displays faffaf on the screen (no 0x by the way)

That means it's working! ...you wouldn't happen to have been counting how many times you attempted this would you? And the result each time? Sorry, I'm trying to make a database of the results...

 

[Death78793]

That means it's working! ...you wouldn't happen to have been counting how many times you attempted this would you? And the result each time? Sorry, I'm trying to make a database of the results...

Oh, I guess I'll keep trying then! I have tried about 4-6 times as of now!

EDIT: I am getting faaffaaf, not faffaf XD

 

[Ramzpat]

Try the version in the attachment and see what you get. Could you also take a slightly lower resolution photo, I'm on my phone and that took ages to load.
Edit: Also, the times it worked, what was the code it displayed?

Success result: faaffaaf
Success ( 4 times ) : 1 (after I use ftBRONY immediately) 3 4 10
Fail ( 6 times ) : 2 5 6 7 8 9

As for fail screen, the remaining code is appeared and have additional code after "free pointer" is "141a000"

 

[Rokkubro]

Success result: faaffaaf
Success ( 4 times ) : 1 (after I use ftBRONY immediately) 3 4 10
Fail ( 6 times ) : 2 5 6 7 8 9

As for fail screen, the remaining code is appeared and have additional code after "free pointer" is "141a000"

OK, use the original version from wulfy's post from now on, and run it a couple more times, what I want to know is the address and the kernel each time, if that's possible

 

[Ramzpat]

OK, use the original version from wulfy's post from now on, and run it a couple more times, what I want to know is the address and the kernel each time, if that's possible

Success : 3 5 6 7
Fail : 1 2 4 8 9 10

The results of success and fail are same as your version

 

[Rokkubro]

Success : 3 5 6 7
Fail : 1 2 4 8 9 10

The results of success and fail are same as your version

Are you still getting it saying kernel 22e0000 on wulfy's debug version when it fails? That is the crucial part, thanks, you are being a huge help!