Hacking rxTools with Signatures patched out!

[AHP_person]

It was but it's still a shock when it happens.

It was a shock to me

 

[insidexdeath]

@AHP_person maybe you should refer to Nop90 cuz he had an idea on silently installing a CIA installer of any kind when loading the exploit. This could disregard the need of having to downgrade to 4.5.

I also wonder how Roxas would react towards editing his CFW to allow sig checks to be patched out.

 

[capito27]

Welp, I guess this was inevitable.

next we are taking over rapture science !!!! (but in all seriousness, now that Sigchecks offsets and code is public, it most likely was invevitable)
Even though i doubt anyone will do the same with NTR, because no ARM9 code exec ^^'

 

[ewin00]

now this is what am waiting for, youre the man AHP. time to say good bye to my second nand aka cfwnand

 

[capito27]

I'm so super scared for a brick so can you explain me how injection works, I mean...

So rxTools.

I have the options:

- Inject EmuNAND partitions.
- Inject NAND files.

I think it's the NAND files one?

So I pressed A, and then I see 2 optionsto select NAND.
sysNAND
emuNAND

I'm so scared so I didn't do anything yet, haven't found a tutorial, can you explain?

please, if you are so scared and not confident enough to do it, please DON'T, wait for an in depth tutorial to do it, it would be really dumb if you bricked.

 

[coolfuze]

now this is what am waiting for, youre the man AHP. time to say good bye to my second nand aka cfwnand

Do you also have a dual nand on one SD? If so how do you plan on getting rid of the rednand aka cfw without needing to format the card?

 

[Vappy]

Even though i doubt anyone will do the same with NTR, because no ARM9 code exec ^^'

There's at least a disassembly available on patois' github, with some amount of work someone well versed in ARM asm could probably reimplement features from it.

 

[ewin00]

Do you also have a dual nand on one SD? If so how do you plan on getting rid of the rednand aka cfw without needing to format the card?

i just backup my rxnand and reinject it

and ofcourse i have to format it first

 

[SciresM]

They can still add new keys with those one-time-use RSA registers at boot which they used for the 6.x and 7.x keys. Considering the 6.x key has never been dumped they could probably get away with reusing that same method.

Isn't the successful exploitation result for the first listing in http://3dbrew.org/wiki/3DS_System_Flaws#arm9loader literally "Recovery of 6.x save key/7.xNCCH key"?

 

[thekarter104]

please, if you are so scared and not confident enough to do it, please DON'T, wait for an in depth tutorial to do it, it would be really dumb if you bricked.

Sure thing! Thanks!

 

[capito27]

Isn't the successful exploitation result for the first listing in http://3dbrew.org/wiki/3DS_System_Flaws#arm9loader literally "Recovery of 6.x save key/7.xNCCH key"?

well, as far as i know, no successful exploit of this flaw was done up to now to fetch the keys (might be wrong tho)

 

[shinyquagsire23]

Isn't the successful exploitation result for the first listing in http://3dbrew.org/wiki/3DS_System_Flaws#arm9loader literally "Recovery of 6.x save key/7.xNCCH key"?

My point was that they *might* be able to get away with it, although with that exploit out there it's pretty unlikely.

 

[morvoran]

Just going to say this, we have control over OTP registers for O3DS, so it REALLY is unlikely that we will have a problem with emunand loading on O3DS.

Edit : sure, we might have to update the code, but i don't think they can really block firmloader on O3DS at this point

I'm not concerned with this new rxtools being blocked completely and permenantly. My main concern is it being blocked by an update and no future support to release the updated rxtools.dat(which, in a way, is a permanent block). Gateway may take their time releasing updates, but their support is consistent.

 

[djnaff]

Thanks that saves me booting the boys 3ds in to gateway all the time.
all its need now is a region patch

 

[capito27]

I'm not concerned with this new rxtools being blocked completely and permenantly. My main concern is it being blocked by an update and no future support to release the updated rxtools.dat(which, in a way, is a permanent block). Gateway may take their time releasing updates, but their support is consistent.

i really doubt Roxas will drop rxTools support, but that is a possibility, but yeah, if you are afraid of not having access to lates emunand on O3DS, keep your gateway ^^

edit :
And to be honest, nothing can go wrong with keeping your GW, maybe in the future GW will drop further sysnand firmware compatibility, if so it will take months (just a hunch, but at least 3-4 months) for the cardless emunand solution to adapt.

 

[coolfuze]

i just backup my rxnand and reinject it

and ofcourse i have to format it first

Hey, do you do this through rxtools or emunand tools? If you weren't trying both I would but luckily you can try it first and let me know how it goes

 

[ewin00]

Hey, do you do this through rxtools or emunand tools? If you weren't trying both I would but luckily you can try it first and let me know how it goes

with emunand tools but i have listed/sorted nand emunand rednand backup and also some img backup so itll takes time. im on backing up progress anyway, will let you know if its going well

 

[bjaxx87]

Finally a way to use SaveDataFiler with retail games on 9.2 SysNAND (without Cubic Ninja) - thank you!

 

[Vappy]

maybe in the future GW will drop further sysnand firmware compatibility, if so it will take months (just a hunch, but at least 3-4 months) for the cardless emunand solution to adapt.

That's maybe the only thing that would keep people with an O3DS buying GW. With O3DS emuNAND virtually futureproof, especially once Pasta adds it and it can be updated by anyone, and Sky3DS already available for people on sysNAND 9.3+ there's little reason to buy one currently.

 

[CreAtor135]

Is it supposed to be RX-S? I was gonna update but isn't RX-S sysnand mode? Wouldn't that ruin everything?