Hacking Official [Source Release] ReiNand CFW

[cearp]

i'm such a noob.
i added only the 3dsx, it didn't work. (i was playing with minipasta earlier today)
then the rei folder, it didn't work.
now i'll add the .dat file
thanks for this!

-- it is working nice thanks

@Reisyukaku - i have a little request.
i just tried your cfw because i want to be able to install my personal legit cia backups that i have created from my eshop content and it did not work.
(not the preinstalled legit cias, these ones i am using are only legit for the console the ticket was generated for. they are the 'perfect(?)' backup for bought content)
on gw, these do not install. also with minipasta, and i think rxtools too.
i don't know why.
with 4.5 pbt cfw, they DO install, but that is only on 4.5, and old3ds...

i don't know what has to be patched out to allow or these cias to be installed, but do you think you would mind having a look?
i find it strange that it seems these legit backups require more signature patches than pirated cias

we can create the personal cias with FunkyCIA.
i really hope you can help me use my backups thanks!

 

[AlbertoSONIC]

Awesome work, too bad the Pasta team will take all the credit of your work (like they always do)

What? We've never taken credit of anyone.

I don't know right now, but some time ago rxtools n3ds support was heavily based on reinand. If rx team announced 10.3 support is only logic reinand could support it too. We are about too see if cakescfw can keep up, but I think it will.

This is false and has already been busted. We never copied.

And if you don't believe me, then please Rei, wait to release the source of 9.6 support. We don't need it.

 

[Urbanshadow]

This is false and has already been busted. We never copied.

And if you don't believe me, then please Rei, wait to release the source of 9.6 support. We don't need it.

Yo, yo. Calm down. That is news for me. I recall using reinand's firmware.bin for n3ds with rxtools at the time, but I never said you copied anything. Sorry if I offended you in some way.

 

[AlbertoSONIC]

Yo, yo. Calm down. That is news for me. I recall using reinand's firmware.bin for n3ds at the time. Sorry if I offended you in some way.

It was just because that decrypted firmware.bin is illegal to share so we told users to get it from reinand's github, as rei was already sharing it

 

[Urbanshadow]

It was just because that decrypted firmware.bin is illegal to share so we told users to get it from reinand's github, as rei was already sharing it

Thanks for clarifying, then

 

[DjoeN]

Please, don't start this again :/
It was all sorted out long ago! and everything was settled.

thanks

 

[CrispyYoshi]

I dumped OTP registers on N3DS, which gave me access to 0x200 bytes of NAND keys , which let me generate all the keys from 0x15, 0x16 and all keyXs for 0x18, 0x19..0x1F so i can decrypt 9.6+. I honestly dont think nintendo would be able to lock us out again. lol
Took me longer than I expected to get this done because my n3ds was acting weird from downgrade. So SciresM was my beta tester

hhhhhHHHHHHHOIIIIII!!!??!??!

 

[daxtsu]

I dumped OTP registers on N3DS, which gave me access to 0x200 bytes of NAND keys , which let me generate all the keys from 0x15, 0x16 and all keyXs for 0x18, 0x19..0x1F so i can decrypt 9.6+. I honestly dont think nintendo would be able to lock us out again. lol
Took me longer than I expected to get this done because my n3ds was acting weird from downgrade. So SciresM was my beta tester

That's wonderful news! If it's true that Nintendo can't lock us out of future emuNAND versions now due to OTP being dumped, then the N3DS is definitely in a good spot.

Edit: Thinking on it more, yeah, I guess there would pretty much be nowhere else for Nintendo to go, right? They used OTP data to encrypt/deal with the 9.6+ keys that we need for emuNAND, right? So even if they change the key stored in NAND, then we can just decrypt it now anyway, or am I misunderstanding something?

Edt 2: https://gbatemp.net/threads/aes-key-scrambler.406951/page-19#post-5963926 See that and the answers. N3DS definitely is in a good spot from the sound of it.

 

[zuxicovp]

might release this sometime tomorrow if i get up at a decent hour
https://twitter.com/Reisyukaku/status/686829593370734592

Are you injecting the keys, using the code.bin, or will we need to be on a higher sys version?

 

[Reisyukaku]

Some people asked for a vid so here

 

[peteruk]

Some people asked for a vid so here

Is there an ETA on release ?

 

[Reisyukaku]

Is there an ETA on release ?

Well I need to clean up the hard coded keys, once i do that, ill be able to push code to git, but you'll need nand key2. I'd rather not leak keys so ill have to think of something.. then again, people on twitter seem to know how i got the keys so... lol

 

[Cap'n Josh]

Isn't that a region-swapped N3DS? How you managed to pull up the eShop is the real question.

 

[Apache Thunder]

Isn't that a region-swapped N3DS? How you managed to pull up the eShop is the real question.

There have been a few special edition n3DS regulars that hit the US. That and due to downgrading being a thing means this n3DS did not need a region swap.

 

[Cap'n Josh]

There have been a few special edition n3DS regulars that hit the US. That and due to downgrading being a thing means this n3DS did not need a region swap.

Good point. I just recently region-swapped an N3DS, so I ended up reading through all the threads about it. I could've sworn I'd seen OP mention that they had a region-swapped system.
I thought maybe there was another secret to look forward to.

 

[hundshamer]

Now my SSB N3DS with a US mobo won't be as rare. At least I still have custom LED's...

 

[Apache Thunder]

Good point. I just recently region-swapped an N3DS, so I ended up reading through all the threads about it. I could've sworn I'd seen OP mention that they had a region-swapped system.
I thought maybe there was another secret to look forward to.

Rei might have had a region swapped one at some point. But I'm pretty sure the one used in the video was downgraded.

 

[Reisyukaku]

Isn't that a region-swapped N3DS? How you managed to pull up the eShop is the real question.

Nah, its the Animal Crossing one. Came on 9.8 and i downgraded, lol (i was wondering if someone would actually point that out haha)

 

[Vappy]

then again, people on twitter seem to know how i got the keys so... lol

If the method is already public, what about a quick how-to so people can dump and generate the keys themselves? Assuming you're referring to running 1.0 emuNAND, which I didn't think was possible on N3DS.

 

[Tiibz]

Some people asked for a vid so here

where can i find your tokyo ghoul theme ? ^^