Hacking How to start 9.2 CFW dev?

[AtlanticBit]

Title self explanatory.

 

[MeisterFenster]

Learn coding. Self explanatory.

 

[Jayro]

Yeah, we need more 9.2 development to ditch the 4.5 dependency, but I can't code to save my life, and know nothing about the 3DS beyond basic hardware. :/

 

[SLiV3R]

Devotion. Time. Skill. Knowledge in programming.

I guess its like how to build a house. Start with a solid ground and so on

 

[Vappy]

Yeah, pick smaller projects, learn programming, learn about systems, about hardware and operating systems, read and try to memorize the ARM manual a few dozen times, do the same for 3dbrew, ask lots of questions. That's probably roughly how anyone else has done it.

 

[BobDoleOwndU]

Best place to start would be to learn as much about the 3DS as possible. I don't know much about the 3DS personally, but I know there's a lot of readily available information on 3dbrew. Looking at the 4.X CFW and the Gateway exploit files would probably also be helpful.

 

[illicit]

wait for someone else to do it

 

[KazoWAR]

I wanted to take mem dumps of 4.2 sysand, and 4.2 CFW and try to find what have been patched. then try to make patches for 9.X and see if i could get something out of it. but i could never find out how to do mem dumps in 4.X

 

[mathieulh]

You need to learn ARM assembly to begin with, you also need to know more on how the 3DS Operating System works (FIRM, the services...) you need to look into current vulnerabilities implementations and so forth.
If you haven't done any of this before, it might take you weeks before you get any tangible results.

 

[Duo8]

Not wasting time with threads like these.

 

[SLiV3R]

Not wasting time with threads like these.

Everyone has to be a beginner at some point. You'll never know who will be the next Smealum

 

[The Real Jdbye]

Title self explanatory.

Start by learning ARM assembly, then you can reverse engineer the GW launcher by looking at the ROP chain, cross reference that with the code at the addresses it calls, see what each instruction does and by that point you should know enough to begin working on your own version of the exploit. Then you will just have to figure out what needs to be patched in the firmware to do what you want (reverse engineering GWs code can also be of help in this)
Knowledge of the 3DS system will be important but you can learn a lot of that as you go

 

[Duo8]

Everyone has to be a beginner at some point. You'll never know who will be the next Smealum

Yeah but we had at least 5 threads like these at some point. Throwing this question at google would be much quicker with the same results.
Make a thread if there's some specific thing you want to know, not a vague question.

 

[MrJason005]

Why not downgrade?

 

[Deleted member 333767]

Lol, this thread.

 

[ewin00]

wait till someone leak it. but wait its all about WAITING right? and i guess this thread wont reach a thousand pages

 

[WulfyStylez]

CFW dev? Like booting into a hacked FIRM? Literally go look at Gateway's 1.0 launcher. Then make a 9.x native_firm with checks patched out. Done.
That's for booting from 4.x. Every single thing you need to make a custom firmware is public and has been for a really long time.

 

[dela]

I think first of all needs:
extrapolate from CFW booting of 4.5 and clean it from all the patches to enable cia services.
Second phase from firmware 9.2 to try to dump the axiwram and FCRAM during a softreboot to understand how is the boot of sysnand.
Then once you understand how you start a firmware 9.2, we can think about how to rewrite the boot it.

 

[WulfyStylez]

I think first of all needs:
extrapolate from CFW booting of 4.5 and clean it from all the patches to enable cia services.
Second phase from firmware 9.2 to try to dump the axiwram and FCRAM during a softreboot to understand how is the boot of sysnand.
Then once you understand how you start a firmware 9.2, we can think about how to rewrite the boot it.

To boot a different version, you just load that native_firm instead. version-independent setup stuff is done in firm, after all.

 

[Oishikatta]

How to start 9.2 instead of 4.1, a brief guide:
1. You boot 9.2 (9.0 actually) FIRM instead of 4.1. That's it. Remember that NATIVE_FIRM does all the version-independent setup stuff.

You don't have to do anything special to handle the 7.x encryption?