Hacking [WIP] KARL3DS - Kernel access on N3DS via Ninjhax + Loadcode

[Timburpton]

We might very well never see a release but damn, its exciting because there's updates from them.

Then again it might just be the Gatewait hangover talking.

 

[WulfyStylez]

WulfyStylez Just to clear things up, what's in the OP now is what is planned on being in the public release? This is exciting!

All the stuff I mentioned in the OP is for public release, yup.

Easy to say because its all we got as of now. Think about it, why would you rather turn your 3ds off, plug sd into computer and do other numerous step just to
save edit a file

While Gecko/RTE tool can easily change any value on the fly while playing and without turning off the game, plus your able to mod the values that's not even in the save file.
This is advancement my friend this is needed. Again i have no choice but to accept lol but i'm sure a app will come sooner or later

Like we said before, we're only developing features we would want to use ourselves that can be reasonably included. While we may end up implementing some RPC stuff for debugging/research purposes later, these won't be made public for obvious reasons.

 

[ShadowOne333]

I just saw in the OP that you guys might port this for use with a webkit exploit.
Couldn't be any better!

 

[Deleted User]

Eventually, we want to support a Home Menu-based homebrew channel app which will allow much more hardware control (i.e. as much as any retail title!) than current Cubic Ninja-based homebrew has access to.

Would it not be possible (and more convenient) to patch the home menu to display, for example, 3dsx files in a certain directory directly on the home menu as applications? Would be a bit nicer, and would allow for things such as proper home button usage. It would also likely not require patched signature checks as they wouldn't be installed and loaded as normal unsigned titles.

 

[WulfyStylez]

Would it not be possible (and more convenient) to patch the home menu to display, for example, 3dsx files in a certain directory directly on the home menu as applications? Would be a bit nicer, and would allow for things such as proper home button usage. It would also likely not require patched signature checks as they wouldn't be installed and loaded as normal unsigned titles.

You're right, but it'd also require a titanic amount of work to get working.

 

[Deleted User]

You're right, but it'd also require a titanic amount of work to get working.

I suppose. At the very least a "GW multirom menu"-esque quick launch would be neat if easy enough to do.

 

[DrunkenMonk]

Aren't you worried at all that gateway might attempt to RE some of this and use it for their own purposes? Or at the very least pay somebody else to?

That would mean your work would be indirectly contributing toward piracy, and from any outside view, would look just as bad as piracy itself.

I think you should try take extra precautions to make it harder to RE before release so that doesn't happen, it would really tarnish your guys' work.

Nice to see the progress ^^ can't wait to play some zombies ate my neighbors on my n3ds!

 

[gamesquest1]

Aren't you worried at all that gateway might attempt to RE some of this and use it for their own purposes? Or at the very least pay somebody else to?

That would mean your work would be indirectly contributing toward piracy, and from any outside view, would look just as bad as piracy itself.

I think you should try take extra precautions to make it harder to RE before release so that doesn't happen, it would really tarnish your guys' work.

Nice to see the progress ^^ can't wait to play some zombies ate my neighbors on my n3ds!

truth is a lot of this is based on gateway's work, the only thing really "different" is the entry point of cubic ninja which allows it to work on the n3DS, which was already released and documented by smealum.....now this isn't meant to be disrespectful or anything, but basically there is nothing *new* here.......its a different implementation of existing exploits.

basically if gateway wanted to use cubic ninja as their entry point they could of already done so

 

[WulfyStylez]

basically if gateway wanted to use cubic ninja as their entry point they could of already done so

Yup, this. Gateway's team has nothing to gain from our work anyways, since the bits they'd care about are lifted from their own work.

As for RE protection: Reversing Gateway's launcher is the simplest way to make a warez loader. It's going to stay that way. Don't really wanna talk about implementation beyond that.

 

[zoogie]

Yup, this. Gateway's team has nothing to gain from our work anyways, since the bits they'd care about are lifted from their own work.

As for RE protection: Reversing Gateway's launcher is the simplest way to make a warez loader. It's going to stay that way. Don't really wanna talk about implementation beyond that.

That's a very surprising answer given the payload of the palantine cfw is only about 8KB in plain text!

 

[Hashtastrophe]

They should have phrased it

As for RE protection: Reversing Gateway's launcher is the simplest way to make a warez loader that actually works more than 30% of the time.

Edit: To be clear, that was a joke.

 

[WulfyStylez]

That's a very surprising answer given the payload of the palantine cfw is only about 8KB in plain text!

First of all, 'palantine CFW' is a joke, he only rewrote one file that literally calls 4 methods and continues onto another, unmodified file. It's still just yellows8's stolen code, as far as anyone should be concerned. /rant
Second, Gateway's launcher is tiny once you realize they tack several NATIVE_FIRM images on the end of it. And there's plenty of extraneous code on top of that, too. Their final stage in 1.0 includes a function to do SHA256 in software, probably because they couldn't figure the damn SHA IO out (I really don't blame them.)

They should have phrased it

Well, when firmloader was a straight re-implementation of GW's launcher it only worked around 30% of the time. Fixing what makes it so bad is easy, though. Plus firmlaunch-hax gives you almost perfect stability. The 100% launch success rate we have right now is excellent after having to deal with the early stages.

Anyways, I'm off to sleep for now. Emunand for N3DS is 95% of the way there, and with some luck should be done tomorrow. ARM9 loading shifts suck.

 

[Cindakil]

Anyways, I'm off to sleep for now. Emunand for N3DS is 95% of the way there, and with some luck should be done tomorrow. ARM9 loading shifts suck.

For use this method will be necessary the game Cubic Ninja right?

 

[Hashtastrophe]

For use this method will be necessary the game Cubic Ninja right?

For now, yes. They have plans to port it to MSET (for 4.x - 6.x old 3DS) but there's no other way at all to use it on the N3DS yet.

 

[puss2puss]

Emunand for N3DS is 95% of the way there, and with some luck should be done tomorrow. ARM9 loading shifts suck.

awesome! great great progress!
keep up the great work!

 

[Cindakil]

For now, yes. They have plans to port it to MSET (for 4.x - 6.x old 3DS) but there's no other way at all to use it on the N3DS yet.

That means that if it use Cubic Ninja xploit, it will works in Old3ds 9.4/9.5?

AWESOME!

 

[gamesquest1]

That means that if it use Cubic Ninja xploit, it will works in Old3ds 9.4/9.5?

AWESOME!

no ....ninjhax only works upto 9.2 on all 3ds's

 

[motezazer]

That means that if it use Cubic Ninja xploit, it will works in Old3ds 9.4/9.5?

AWESOME!

Yes, of course ! You just have to find a new Process9 exploit ! Very easy !

 

[Hashtastrophe]

no ....ninjhax only works upto 9.2 on all 3ds's

Well, ninjhax is up to 9.2 but CubicNinja itself is exploitable on 9.5 ; )

 

[Dazzozo]

Cubic Ninja will basically always be exploitable.