Toggle sidebar

Hacking Pasta CFW - A CFW that allows unsigned CIA to be installed on Old and New 3DS! (required ninjhax)

  • Thread starter Thread starter capito27
  • Start date Start date
  • Views Views 1,431,184
  • Replies Replies 6,595
  • Likes Likes 123
Status
Not open for further replies.
kheldar said:
Quick question would this fuck my GW functionality? I want to check out dsiware and stuff.
Click to expand...

Unless you launch GW with CN, no (and even then you'd just overwrite your means to launch GW).
Just note you can't use CN from GW because of how GW works, so you need legit CN (or Sky or 4.X I guess)
 
dkabot said:
Unless you launch GW with CN, no (and even then you'd just overwrite your means to launch GW).
Just note you can't use CN from GW because of how GW works, so you need legit CN (or Sky or 4.X I guess)
Click to expand...

I have a legit CN copy. So I'd need to rescan the qr image to be able to launch gw from CN if I use this.. Hm is there a work around to this?
 
kheldar said:
I have a legit CN copy. So I'd need to rescan the qr image to be able to launch gw from CN if I use this.. Hm is there a work around to this?
Click to expand...

Since you're launching GW from CN I can safely presume it's a N3DS, so you could downgrade MSET and use that exploit for GW.
 
kheldar said:
Yeah I don't want to use MSET since It modifies sysnand..
Click to expand...
Using Pasta to install any CIAs modifies SysNAND far worse than downgrading MSET does.
A lower version of MSET is still legitimate software, DSiWare/GBA installed through means like this are installed with a wrong ticket which prevents that NAND from ever being able to get it legitimately without reverting or (painfully, from what I hear) editing it out manually.
(as it stands we can't run DSiWare/GBA on an EmuNAND)
 
  • Like
Reactions: ninb and kheldar
nop90 said:
Please understand, I'm making experience on 3DS while working, I'm not a super expert dev like the 3DBrew guys.
Click to expand...

UCWa1Hf.jpg


It's on the back-burner. Now people have something to tell others who will undoubtedly ask every 4 posts.
Thanks for the clarity.
 
  • Like
Reactions: VinsCool and piratesephiroth
dkabot said:
Using Pasta to install any CIAs modifies SysNAND far worse than downgrading MSET does.
A lower version of MSET is still legitimate software, DSiWare/GBA installed through means like this are installed with a wrong ticket which prevents that NAND from ever being able to get it legitimately without reverting or (painfully, from what I hear) editing it out manually.
(as it stands we can't run DSiWare/GBA on an EmuNAND)
Click to expand...


But can't you install stuff on the SD card with FBI? Or isn't that possible with GBA games?
 
thekarter104 said:
But can't you install stuff on the SD card with FBI? Or isn't that possible with GBA games?
Click to expand...
pretty sure they dont work unless they are installed to nand....but even if they did the tickets would still be installed to sysnand, so the whole argument of "i want to keep my sysnand 100% clean" is a bit flawed, truth is installing the 4.x MSET is sfer as if you ever did update sysnand the 4.x MSET ticket would be overwrote when you update....the fake tickets wouldnt unless you restore a nand backup first
 
gamesquest1 said:
pretty sure they dont work unless they are installed to nand...
Click to expand...
Not the case at all. In fact, only a couple of the ambassador games installed to NAND even on my old ambassador 3DS. All others went to SD.

Edit: and my ticket.db is over 35MB... are you sure new versions even bother overwriting the older tickets? Seems like they simply get added on or something... I don't know how to look at the file and separate it by individual ticket. Guess it would be nice to know though, in case I need to blank one out or something. Or would that mess up a signature and cause a black screen brick:wtf:
 
Another question after installing cias to sysnand do i need to launch the cfw each time I need to launch em?
 
urherenow said:
Not the case at all. In fact, only a couple of the ambassador games installed to NAND even on my old ambassador 3DS. All others went to SD.

Edit: and my ticket.db is over 35MB... are you sure new versions even bother overwriting the older tickets? Seems like they simply get added on or something... I don't know how to look at the file and separate it by individual ticket. Guess it would be nice to know though, in case I need to blank one out or something. Or would that mess up a signature and cause a black screen brick:wtf:
Click to expand...
yeah just had a look and they do install to SD, guess its just DSiware that installs to nand :lol:....but in regards to checking the title.db file, you can simply search for the titleID in a hexeditor, so for example if i search, 0004001000022000 (EU MSET) i only find one ticket for it, and directly after the titleID there will be the version number (in hex) so in my case its says 0C03 which is 3075....so if i update it will replace that with the updated ticket :)
 
I can just use my Gateway to boot into sysnand and install cia's that way? Then boot up pasta to run them? That should work right?
 
gamesquest1 said:
pretty sure they dont work unless they are installed to nand....but even if they did the tickets would still be installed to sysnand, so the whole argument of "i want to keep my sysnand 100% clean" is a bit flawed, truth is installing the 4.x MSET is sfer as if you ever did update sysnand the 4.x MSET ticket would be overwrote when you update....the fake tickets wouldnt unless you restore a nand backup first
Click to expand...
So even if I delete unlegit dsiware in data management the wrong ticket will still remain in my ticket.db?
 
nop90 said:
Gadgets are small pieces of code already loaded in ram. ROP (Return Oriented Programming) put a sequences of addresses on the stack and create program made of this small chunks of code (ROP chain). They are like LEGO bricks used to build what you want.

Executing this kind of code the program jumps on different locations of the memory instead of following a linear path.

This is used because on modern systems if you write something in memory you can't execute it untill a kenell process marks it as executable.

If you don't have kernel access (like in a Hack) with this kind of programming you can execute complex code joining instruction already in RAM.

The bad thing is that at every change of memory (i.e. for differtent FW) there are different things in RAM. So you have to collect different sets of gadget for every possible memory configuration.

Hope it's clear enough, this is a complex matter and I explained it in a very simplified (and not complete) way.
Click to expand...


I don't think I have ever seen a simpler explanation.......
 
  • Like
Reactions: Wario32
kheldar said:
I have a legit CN copy. So I'd need to rescan the qr image to be able to launch gw from CN if I use this.. Hm is there a work around to this?
Click to expand...

What you can do is install a CIA of CN in Pasta and install the GW payload in that. It's an extra step to get into GW mode but it should work.
Wouldn't it be great if someone found an exploit in one of the games available as legit CIA :P
 
i have a(nother) question for you folk. i have omega ruby retail cartridge. but it's not up to date. i can't access the nintendo e-shop. can i update it using a cia update? if so how do i do that? just install it with the retail cart in or what?
 
Status
Not open for further replies.

Site & Scene News

Go to forum More news

Popular threads in this forum

Help on 3DS prices...

Homebrew app Emulator  [Release] 3DS-CLI - Run a real RISC-V Linux environment on the Nintendo 3DS

Hardware  2 Broken 3DSes, need help

Website for finding alternative games for 3DS

GodMode9 wont launch, holding START just goes to home screen

Homebrew  My Secret World DS: is there a way to bypass the password lock?

Homebrew Homebrew app  [Release] GridLauncher Rosalina

please help, wont boot