I know that risky and and all but i the reason i ask is because i was thinking, if you can install a cia then you can make a self significant Gateway launcher on the sysnand and launch into gateway mode from a single button.
Hacking can we edit/install Cia's to the sysNAND?
- Thread starter xdarkmario
- Start date
- Views 5,311
- Replies 40
we can launch them on sysnand, just not without GW's patches.
just like we can't launch not legit things in classic mode on emunand, because gw's patches are not there.
Yes i know. The op is trying to create a forwarder to launch the DS Profile exploit. And I believe it can not be done since homebrew can't start on an un-patched nand. Which is why we need to start the DS profile to enter gw mode before we can play any backups and homebrews.
anyway well we have what i assume is full kernel control with these gateway cards so i can see the systemNAND as editable but with risks.
like how a NAND.bin backup or a downgrade.dg can be restored to the systemNAND,
can we even browse or see the 3ds NAND filesystem?
For the foreseeable future, we can't make custom modifications to the files.
If the 3DS bootloader finds unauthorized/unsigned modifications it will simply refuse to boot.
(refuses to boot the application, not refuses to boot the 3ds) - just so people don't get worried. but sure if you install a weird system app you can 'brick', but just a 'corrupt' game cia, you will be fine.
"Install CIA to sysnand" doesn't make any sense at all. You can easily do this by booting CFW, installing a CIA, and then exiting to sysnand, being sure the two are linked. The installed CIA (even devmenu) will appear on the sysnand home screen. The problem is that sysnand doesn't bypass the checks, and as such you can't run the installed CIAs.
The other problem is that we don't actually have a modified home screen. Just patches that need to be run on boot. And as it stands, we don't have access to the 3DS boot. So we can't run the patches.
So instead we go through the DS profile exploit, and boot a "emunand" which is a backed up version of the system. While booting this new system, the patches are applied, and the installed CIA files can be run.
In order to actually run the CIA files from sysnand, you'd either need a modified home menu where the patches are pre-applied (or perhaps a modified boot), or you'd need to properly sign the CIA files, which isn't going to happen.
And seeing as the CFW guys aren't fond of sharing work, and Gateway has 0 interest in making a CFW, we aren't going to get anything like that any time soon.
The other problem is that we don't actually have a modified home screen. Just patches that need to be run on boot. And as it stands, we don't have access to the 3DS boot. So we can't run the patches.
So instead we go through the DS profile exploit, and boot a "emunand" which is a backed up version of the system. While booting this new system, the patches are applied, and the installed CIA files can be run.
In order to actually run the CIA files from sysnand, you'd either need a modified home menu where the patches are pre-applied (or perhaps a modified boot), or you'd need to properly sign the CIA files, which isn't going to happen.
And seeing as the CFW guys aren't fond of sharing work, and Gateway has 0 interest in making a CFW, we aren't going to get anything like that any time soon.
All installs to sysNAND are unique for your very own
3DS and adds entries to the database like ticket.db.
You can't switch out files in title folder because that can
cause malfunction or bricking when messing with NAND.
Files are protected so you can't edit them without getting invalid.
I highly recommend not to install invalid game .cia
while in sysNAND and to use emuNAND for this!
Still every install has titlekey's (ticket.db), valid or invalid,
but you can't remove them without restoring backup!
Using funkycia with titleid plus invalid titlekey will still
download the files and create .cia, but install will fail
because the content is garbage! And no, only legit cia
from bundle will work after installing without Gateway!
cearp and i did a lot tests how far we can go
3DS and adds entries to the database like ticket.db.
You can't switch out files in title folder because that can
cause malfunction or bricking when messing with NAND.
Files are protected so you can't edit them without getting invalid.
I highly recommend not to install invalid game .cia
while in sysNAND and to use emuNAND for this!
Still every install has titlekey's (ticket.db), valid or invalid,
but you can't remove them without restoring backup!
Using funkycia with titleid plus invalid titlekey will still
download the files and create .cia, but install will fail
because the content is garbage! And no, only legit cia
from bundle will work after installing without Gateway!
cearp and i did a lot tests how far we can go
yes, you need the correct titlekey because without it, the 3ds itself cannot decrypt the contents of the cia
Well looks like that is out of the question
But one more question.
I know how the ds profile exploit has been patched but the 3ds has a couple of ways It can go to ds mode. Like when you have to step the internet for the ds wifi and also ds download play. Think there's a way to load up the old exploit though one of those?
Just throwing ideas here, but if nintendo patched one they mostly patched all idk..
But one more question.
I know how the ds profile exploit has been patched but the 3ds has a couple of ways It can go to ds mode. Like when you have to step the internet for the ds wifi and also ds download play. Think there's a way to load up the old exploit though one of those?
Just throwing ideas here, but if nintendo patched one they mostly patched all idk..
The whole point would top make a app on the system menu to boot directly into gateway mode, no bowser just an app. But I guess that's a bit ahead of our time...
you install a cia to either sysnand, or emunand. it makes sense to me...
Lol, that was a really old post. But no, it doesn't make sense. CIAs are installed to the SD and can be read/ran in either sysnand or emunand. The problem with running them in sysnand isn't installing it to sysnand, it's the signing of the file. emunand is patched to ignore the signing.
But there are CIAs that are 'legit' and can run without those patches. So you could install on emunand, boot into sysnand and then run.
ok, when you install a CIA, the ticket gets installed, and the content gets installed. the ticket goes in your ticket.db (stored in nand, so, sysnand or emunand), giving you permission to run the app (well, only if the ticket is valid, if not you need hacks to let you play).
if it is a system app, it gets installed to the nand. (so sysnand, or emunand). if not, it just gets installed in the sd card.
if you install a game in sysnand, even if it is legit, you will not have the ticket in emunand so it will not run.
just like if you buy and download a game in eshop emunand, you cannot play it in sysnand because you do not have the ticket.
that won't work (i explain it above) -- (because you need the ticket in the nand you want to play in)
Similar threads
- No one is chatting at the moment.
