Toggle sidebar

Homebrew Clarification Thread - What is going on?

  • Thread starter Thread starter JustPingo
  • Start date Start date
  • Views Views 647,878
  • Replies Replies 5,356
  • Likes Likes 103
Status
Not open for further replies.
Hmm, will I lose my menuhax if I downgrade? I don't have any other entrypoints
 
WallK said:
Thank you! Still, I think I was too fast with selling my Sky3DS
Click to expand...


Why so? I canceled the preorder of mine when I heard about this news. What does the Sky3DS that a downgrade to 9.2 and then installing a CFW doesn't?
 
Hikenkami said:
Why so? I canceled the preorder of mine when I heard about this news. What does the Sky3DS that a downgrade to 9.2 and then installing a CFW doesn't?
Click to expand...
Launching games, so I can transfer my saves to the cfw backups
 
um you can download roms, convert them to cias on 9.2, and just install those cias to the home menu
 
Eh. @Mrrraou I've something to ask this time. About arm9loaderhax.
I've checked the EmuNAND backup of my O3DS, of version 10.3.0. After decrypted it with Decrypt9 and trimmed the file to actual size, the FIRM0 and FIRM1 have a same size.
Don't know if the decrypted and trimmed size differs on a N3DS. Yes it is said to be decrypted with a Key#2, but it should be decrypted with NAND keyslot 0x06 first.
The O3DS haven't get thus a encryption layer, so I suppose this size comparsion result is different from N3DS.
The FIRM0 is indeed a FIRM structure file for my O3DS, but still differs from the FIRM in decrypted NATIVE_FIRM title. Don't know what happened.
So if anyone have a N3DS could you use d0k3 Decrypt9 WIP to decrypt the "Emunand options -> Decrypt Paritions -> FIRM0 and FIRM1", and trim the lasting 00s?
If you don't want to trim the file manually here is C source of a tool: You can use GCC to compile it, and pass the decrypted (partially, isn't it) file as argument.
Code: 
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#define BLK_LEN_DEFAULT ((size_t)0x00000100)   //Unit Size for Checking 256B To check it carefully
#define BLK_LEN_WRITEIO ((size_t)0x00100000)   //Unit Size for Writing  1MB  To avoid too much writes

size_t TrimSize(char* name, size_t blklen, size_t* filelen) {
   FILE *fptr = NULL;
   char *fbuf = NULL;
   size_t flen = 0, blen = BLK_LEN_DEFAULT, rlen = 0;
   size_t bcnt = 0, boff = 0, bidx = 0, bchk = 0;
  
   if (blklen) blen = blklen;
   fbuf = (char*)calloc(1, blen);
   if (!name) {printf("[DBG:]Null File Name Buffer. SKIP.\n");return 0;}
   fptr = fopen(name, "rb");
   if (!fptr) {printf("[DBG:]File %s could not be opened. SKIP.\n");return 0;}
   printf("[DBG:]F:%s.B:0x%08X.", name, blen);
   fseek(fptr, 0, SEEK_END);
   flen = ftell(fptr);
   if (filelen) *filelen = flen;
   printf("L:0x%08X..", flen);
   boff = flen % blen;
   bcnt = flen / blen;
   printf("*:0x%08X.+:0x%08X..", bcnt, boff);
  
   if (boff) bcnt ++;
   for (bidx = bcnt; bidx > 0; bidx --) {
     fseek(fptr, bidx * blen, SEEK_SET);
     fread(fbuf, 1, boff, fptr);
     for (bchk = boff; bchk > 0; bchk --) {
       if (fbuf[bchk - 1]) {
         printf("R:0x%08X,@I:0x%08X,C:0x%08X\n",bidx*blen, bidx, bchk);
         fclose(fptr);
         free(fbuf);
         return bidx * blen + bchk;
       }
     }
     boff = blen;
   }
   printf("E:0x%08X.R:0x%08X\n",bidx*blen);
   fclose(fptr);
   free(fbuf);
   return 0;
}

int main(int argc, char** argv) {
   //FileSize: Untouched, Trimmed. Iterator. Trimmed FileName Length. Block Size, Block Count.
   size_t olen = 0, nlen = 0, i = 0, xlen = 0, blen = 0, bcnt = 0, clen = 0;
   //File pointer: Untouched, Trimmed.
   FILE *optr = 0, *nptr = 0;
   //Trimmed FileName. File content buffer.
   char *xbuf = 0, *fbuf = 0;
   printf("[INFO]Padding 00 Simple Trimmer.\n");
   if (argc < 1) {
     printf("[HELP]Pass the filenames as arguements. Trimmed file would be created in same directory.\n");
     exit(0);
   }
   fbuf = (char*)calloc(1, BLK_LEN_WRITEIO);
   for (i = 1; i < argc; i ++) {
     nlen = TrimSize(argv[i], BLK_LEN_DEFAULT, &olen);
     if (nlen == olen) {
       printf("[INFO]File %s could not be trimmed cause it is filled fully.\n", argv[i]);
       continue;
     }
     if (!nlen) {
       printf("[ERR:]File %s can not access, or is a empty file after trimmed.\n", argv[i]);
       continue;
     }
     if (optr) {fclose(optr); optr = 0;}
     if (nptr) {fclose(nptr); nptr = 0;}  
     xlen = strlen(argv[i]);
     if (xbuf) {free(xbuf); xbuf = 0;}
     xbuf = (char*)calloc(1, xlen + 8);
    
     snprintf(xbuf, xlen + 8, "%s.trim", argv[i]);
     optr = fopen(argv[i], "rb");
     nptr = fopen(xbuf, "wb");
     if ((!optr)||(!nptr)) {
       printf("[ERR:]Reading '%s' or Writing '%s' failed. Please check your access.\n", argv[i], xbuf);
       continue;
     }
     printf("[INFO]Trimming file %s with size 0x%08X to 0x%08X..", argv[i], olen, nlen);
     blen = BLK_LEN_WRITEIO;
     bcnt = nlen / blen;
     xlen = nlen;
     if (nlen % blen) bcnt ++;
     for (i = 0; i < bcnt; i ++) {
       if (xlen < blen) blen = xlen;
       fread(fbuf, 1, blen, optr);
       clen = fwrite(fbuf, 1, blen, nptr);
       fflush(nptr);
       xlen -= blen;
       if (clen != blen) {printf("F:%08X/%08X.FAIL\n",bcnt,i);}
     }
     printf("B:%08X/%08X.DONE.\n",bcnt,i);
     fflush(stdout);
   }
   if (xbuf) {free(xbuf); xbuf = 0;}
   if (optr) {fclose(optr); optr = 0;}
   if (nptr) {fclose(nptr); nptr = 0;}
  
   printf("[INFO]All Files Trimmed. Congratulations.\n");
   return 0;
}
Hope the arm9loader isn't a dream for us. The file size difference would also tell you how much space can be used for that payload if you want to be a brave.
EDIT: Note that the difference may be only for 9.6+ N3DS users. However even a bricked EmuNAND could contains valid partitions (just can not be decrypted) for this test.
EDIT: So if you dare to try the 9.6+ EmuNAND, first backup your working emunand, update, (no need to launch it actually) use decrypt9, restore emunand.
 
Last edited by Syphurith, , Reason: Notes.
  • Like
Reactions: Mrrraou and peteruk
TheZoroark007 said:
And on New 3DS too ?
Click to expand...
It's 9.2. There are no updates nags on the browser.

And go.gateway-3ds.com

--------------------- MERGED ---------------------------

Syphurith said:
Eh. @Mrrraou I've something to ask this time. About arm9loaderhax.
I've checked the EmuNAND backup of my O3DS, of version 10.3.0. After decrypted it with Decrypt9 and trimmed the file to actual size, the FIRM0 and FIRM1 have a same size.
Don't know if the decrypted and trimmed size differs on a N3DS. Yes it is said to be decrypted with a Key#2, but it should be decrypted with NAND keyslot 0x06 first.
The O3DS haven't get thus a encryption layer, so I suppose this size comparsion result is different from N3DS.
The FIRM0 is indeed a FIRM structure file for my O3DS, but still differs from the FIRM in decrypted NATIVE_FIRM title. Don't know what happened.
So if anyone have a N3DS could you use d0k3 Decrypt9 WIP to decrypt the "Emunand options -> Decrypt Paritions -> FIRM0 and FIRM1", and trim the lasting 00s?
If you don't want to trim the file manually here is C source of a tool: You can use GCC to compile it, and pass the decrypted (partially, isn't it) file as argument.
Code: 
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#define BLK_LEN_DEFAULT ((size_t)0x00000100)   //Unit Size for Checking 256B To check it carefully
#define BLK_LEN_WRITEIO ((size_t)0x00100000)   //Unit Size for Writing  1MB  To avoid too much writes

size_t TrimSize(char* name, size_t blklen, size_t* filelen) {
   FILE *fptr = NULL;
   char *fbuf = NULL;
   size_t flen = 0, blen = BLK_LEN_DEFAULT, rlen = 0;
   size_t bcnt = 0, boff = 0, bidx = 0, bchk = 0;
 
   if (blklen) blen = blklen;
   fbuf = (char*)calloc(1, blen);
   if (!name) {printf("[DBG:]Null File Name Buffer. SKIP.\n");return 0;}
   fptr = fopen(name, "rb");
   if (!fptr) {printf("[DBG:]File %s could not be opened. SKIP.\n");return 0;}
   printf("[DBG:]F:%s.B:0x%08X.", name, blen);
   fseek(fptr, 0, SEEK_END);
   flen = ftell(fptr);
   if (filelen) *filelen = flen;
   printf("L:0x%08X..", flen);
   boff = flen % blen;
   bcnt = flen / blen;
   printf("*:0x%08X.+:0x%08X..", bcnt, boff);
 
   if (boff) bcnt ++;
   for (bidx = bcnt; bidx > 0; bidx --) {
     fseek(fptr, bidx * blen, SEEK_SET);
     fread(fbuf, 1, boff, fptr);
     for (bchk = boff; bchk > 0; bchk --) {
       if (fbuf[bchk - 1]) {
         printf("R:0x%08X,@I:0x%08X,C:0x%08X\n",bidx*blen, bidx, bchk);
         fclose(fptr);
         free(fbuf);
         return bidx * blen + bchk;
       }
     }
     boff = blen;
   }
   printf("E:0x%08X.R:0x%08X\n",bidx*blen);
   fclose(fptr);
   free(fbuf);
   return 0;
}

int main(int argc, char** argv) {
   //FileSize: Untouched, Trimmed. Iterator. Trimmed FileName Length. Block Size, Block Count.
   size_t olen = 0, nlen = 0, i = 0, xlen = 0, blen = 0, bcnt = 0, clen = 0;
   //File pointer: Untouched, Trimmed.
   FILE *optr = 0, *nptr = 0;
   //Trimmed FileName. File content buffer.
   char *xbuf = 0, *fbuf = 0;
   printf("[INFO]Padding 00 Simple Trimmer.\n");
   if (argc < 1) {
     printf("[HELP]Pass the filenames as arguements. Trimmed file would be created in same directory.\n");
     exit(0);
   }
   fbuf = (char*)calloc(1, BLK_LEN_WRITEIO);
   for (i = 1; i < argc; i ++) {
     nlen = TrimSize(argv[i], BLK_LEN_DEFAULT, &olen);
     if (nlen == olen) {
       printf("[INFO]File %s could not be trimmed cause it is filled fully.\n", argv[i]);
       continue;
     }
     if (!nlen) {
       printf("[ERR:]File %s can not access, or is a empty file after trimmed.\n", argv[i]);
       continue;
     }
     if (optr) {fclose(optr); optr = 0;}
     if (nptr) {fclose(nptr); nptr = 0;} 
     xlen = strlen(argv[i]);
     if (xbuf) {free(xbuf); xbuf = 0;}
     xbuf = (char*)calloc(1, xlen + 8);
   
     snprintf(xbuf, xlen + 8, "%s.trim", argv[i]);
     optr = fopen(argv[i], "rb");
     nptr = fopen(xbuf, "wb");
     if ((!optr)||(!nptr)) {
       printf("[ERR:]Reading '%s' or Writing '%s' failed. Please check your access.\n", argv[i], xbuf);
       continue;
     }
     printf("[INFO]Trimming file %s with size 0x%08X to 0x%08X..", argv[i], olen, nlen);
     blen = BLK_LEN_WRITEIO;
     bcnt = nlen / blen;
     xlen = nlen;
     if (nlen % blen) bcnt ++;
     for (i = 0; i < bcnt; i ++) {
       if (xlen < blen) blen = xlen;
       fread(fbuf, 1, blen, optr);
       clen = fwrite(fbuf, 1, blen, nptr);
       fflush(nptr);
       xlen -= blen;
       if (clen != blen) {printf("F:%08X/%08X.FAIL\n",bcnt,i);}
     }
     printf("B:%08X/%08X.DONE.\n",bcnt,i);
     fflush(stdout);
   }
   if (xbuf) {free(xbuf); xbuf = 0;}
   if (optr) {fclose(optr); optr = 0;}
   if (nptr) {fclose(nptr); nptr = 0;}
 
   printf("[INFO]All Files Trimmed. Congratulations.\n");
   return 0;
}
Hope the arm9loader isn't a dream for us. The file size difference would also tell you how much space can be used for that payload if you want to be a brave.
EDIT: Note that the difference may be only for 9.6+ N3DS users. However even a bricked EmuNAND could contains valid partitions (just can not be decrypted) for this test.
EDIT: So if you dare to try the 9.6+ EmuNAND, first backup your working emunand, update, (no need to launch it actually) use decrypt9, restore emunand.
Click to expand...
Thanks, it's nice to see that you are doing some research. So, what can I do ? There aren't any questions, so... ^^' And I don't have any N3DS, sorry about that :/
 
  • Like
Reactions: Syphurith and TheZoroark007
I have a sky3ds and im going to keep it as I always might pick up a new console after 10.4 or a friend might ask me to hack their console, but I can see why other people might just sell theirs.
 
  • Like
Reactions: hobbledehoy899
Mrrraou said:
Happy NEW year~
--------------------- MERGED ------------------------------------------------ MERGED ------------------------------------------------ MERGED ------------------------------------------------ MERGED ------------------------------------------------ MERGED ---------------------------
--------------------- MERGED ------------------------------------------------ MERGED ------------------------------------------------ MERGED ------------------------------------------------ MERGED ------------------------------------------------ MERGED ---------------------------
Thanks, it's nice to see that you are doing some research. So, what can I do ? There aren't any questions, so... ^^' And I don't have any N3DS, sorry about that :/
Click to expand...
Thanks for reply. That's not a research indeed (yes what i have is only an O3DS), i was wondering about the FIRM and @d0k3 helped me with his tool.
You might want to kill some time, such as calculating the possibility of a 16 bits value could be interpreted as a BL (find yourself the instruction manual yeah).
And then, if you can find the arm9 offset, and differ the two binaries size, try to calculate the possibility again. No real coding skill needed.
 
Syphurith said:
Thanks for reply. That's not a research indeed (yes what i have is only an O3DS), i was wondering about the FIRM and @d0k3 helped me with his tool.
You might want to kill some time, such as calculating the possibility of a 16 bits value could be interpreted as a BL (find yourself the instruction manual yeah).
And then, if you can find the arm9 offset, and differ the two binaries size, try to calculate the possibility again. No real coding skill needed.
Click to expand...
Your quote is kinda weird ^^'
Didn't someone calculated this before ? And isn't the ARM9 entrypoint written somewhere in the FIRM header ?
 
  • Like
Reactions: Deleted-236924
Status
Not open for further replies.

Site & Scene News

Go to forum More news

Popular threads in this forum

Why did the price of 3ds shoot up ?

Hacking Homebrew Project  BlazerTube - a YouTube 3DS revival using the REAL app!

Homebrew app Emulator  [Release] 3DS-CLI - Run a real RISC-V Linux environment on the Nintendo 3DS

Problems getting Homebrew to appear outside of the Homebrew Launcher (homebrew won't appear on the HOME menu)

Website for finding alternative games for 3DS

Hardware  2 Broken 3DSes, need help

Gaming  any good rpgs on 3ds?

Hacking  Modding Reassurance