Hacking arm9loaderhax questions

[Mistie]

I have some answered questions to bring to the table regarding arm9loaderhax (or a9lh for short)
This post *was* outdated, and may still contain obsolete information. Please try to use other sources.

Spoiler: Is it in any state to be used yet?

It is in a perfectly useable state for both o3ds(xl, 2ds) and n3ds(xl)

Spoiler: Is anyone currently using it to boot into CFW?

LOTS OF PEOPLE ARE USING IT, with AuReiNand, Cakes, and I think reiNand too.

Spoiler: Is it recommend to go through the trouble to get it set up (risking brick)?

The process has gotten a lot safer and requires less work for the user. While there is no easy 3dsx file which will downgrade you, get the OTP, and then bring you back up. There are many tools out there to make the process extremely safe. (OTPhelper)

Spoiler: How fast is booting into CFW?

AuReiNAND currently boots in about 8 seconds.

Spoiler: Is a hardmod needed?

While no a hardmod is not needed but it highly recommended as in the event of you breaking your 3DS there is no going back unless you have your sysNAND dumped and a hardmod or are ready to get one if a brick does occur.

Spoiler: If I brick can I used my decrypt9 sysNAND.bin backup to restore with a hardmod

You should be able to, but if your dump is corrupted or something you are screwed.

Spoiler: What happens when the console is booted without the a9lh files on an SD card?

The 3DS will appear bricked. Don't worry it's not just gotta boot with the files on your SD.

Spoiler: Can a9lh alone brick my system?

Yes. If you, for example, use somebody else's OTP dump, it can and will brick your console. However, as long as you're using your own OTP dump and are using either online compilers or safea9lhinstaller, you should be fine.

Spoiler: How easy is it to install a CFW with a9lh?

For AuReiNAND it's drag and drop!

Spoiler: Can someone provide me with a precompiled version of a9lh?

If someone sent you their copy of arm9loaderhax.3dsx it'd brick your 3DS.
The OTP.bin is built into the 3dsx file, and thus like the OTP, every arm9loaderhax.3dsx is unique. However, there are online compilers out there and they are even in the main guide. If you don't feel safe with online compilers there is also safea9lhinstaller.

Spoiler: Assuming I have all the required files is installing a9lh really as easy as running a .3dsx?

Yes. You boot sysNAND with a 9.2firm and run it from Browserhax or whatever entrypoint you like. No need for miniPasta or anything else. If it hangs on "Exploiting ARM9..." for more than about 20 seconds, just reboot, the exploit failed.

Spoiler: Useful links

https://github.com/Plailect/Guide/wiki to completely setup a9lh from stock.
https://github.com/d0k3/OTPHelper/releases/ OTPHelper
http://gbatemp.net/threads/safea9lhinstaller.419577/ Safe a9lh installer

Spoiler: Any quick tips you can throw at me?

Make sure to follow the guide closely, ask questions if you have any, and double check yourself on every step, even if you THINK you did it right.

Demo of a9lh booting into ReiNAND CFW (thanks ihaveamac)


Huge thanks to daxtsu for letting me ask a crap ton of question!
I guess if you have more questions I can add them to the thread?​

 

[Svaethier]

If you're on a o3ds/2ds then don't bother just yet as there isn't a cfw that currently work with a9lh just yet. The downgrade process is OK but upgrading back to 9.2 is causing people's systems to brick sometimes I have read unless you have a hardmod so don't try it until the safer method comes out which can days or weeks from now.

 

[Toiry921]

If you don't know how to downgrade to dump OTP or compile don't do it, as of now there is not a good way that it is stable at all, Downgrading is never safe and the actual arm9 exploiting after you're back on 9.2 is still risky and can brick with a bad file, just overall ITS NOT SAFE FOR USERS. If you don't know what you are doing just use menuhax as it probably won't ever be considered anywhere near safe.
Edit: I had a O3DS brick when I thought I was safe

 

[daxtsu]

Hello, I would like to bring forward a few questions regarding arm9loaderhax that I am having.

Is it in any state to be used yet?
Is anyone currently using it to boot into CFW? (I am pretty sure reiNAND has been updated for it)
If you are using it would you recommend going through the trouble to get it set up (right now) (Downgrading to 2.1 getting OTP etc)?
Could you give some instructions or post a collection of links that would make figuring out installing and making a tutorial for others easier?
If you are using it how much faster is booting into CFW?

I am asking because I have been seeing a lot of stuff popup about it lately and am really curious.

If you do answer a question please quote exactly what question you are answering.

1. It's usable on N3DS, but not really O3DS yet.
2. Rei and a few others are using it for Reinand on N3DS, like you mentioned. I'm on the fence, but I'm thinking of moving over to it myself.
3. I wouldn't recommend it unless you're very comfortable with hex editors and using terminals/command prompts. All of it is manual work right now. There's no easy 3dsx file which will downgrade you, get the OTP, and then bring you back up.
4. There's a guide on getting the OTP in the tutorial section, but no there's no real guide on installing ARM9LoaderHax yet. It's still a WIP and has a few bugs, not to mention O3DS users have no CFW to actually boot from it yet, so it's pointless for them.
5. For me it boots ReiNAND in approx. 8 seconds, only one or two seconds slower than sysNAND booted, even with a 64GB SD card.

It's evolving slowly. I imagine it will be somewhat safer in a while (maybe a few weeks or so), but there will always be some inherent risk when downgrading and such. I myself double and triple checked every step to ensure I wouldn't brick (and saw that Aurora Wright posted some useful safety checking tips, which I was able to match/verify against).

Edit: Answered the last two as a bonus, since I took the plunge.

 

[Mistie]

1. It's usable on N3DS, but not really O3DS yet.
2. Rei and a few others are using it for Reinand on N3DS, like you mentioned. I'm on the fence, but I'm thinking of moving over to it myself.
3. I wouldn't recommend it unless you're very comfortable with hex editors and using terminals/command prompts. All of it is manual work right now. There's no easy 3dsx file which will downgrade you, get the OTP, and then bring you back up.
4. There's a guide on getting the OTP in the tutorial section, but no there's no real guide on installing ARM9LoaderHax yet. It's still a WIP and has a few bugs, not to mention O3DS users have no CFW to actually boot from it yet, so it's pointless for them.
5. For me it boots ReiNAND in approx. 8 seconds, only one or two seconds slower than sysNAND booted, even with a 64GB SD card.

It's evolving slowly. I imagine it will be somewhat safer in a while (maybe a few weeks or so), but there will always be some inherent risk when downgrading and such. I myself double and triple checked every step to ensure I wouldn't brick (and saw that Aurora Wright posted some useful safety checking tips, which I was able to match/verify against).

Edit: Answered the last two as a bonus, since I took the plunge.

Do you have a hard mod? And is https://github.com/Plailect/OTP/blob/master/New_3DS_Spider.md the guide you used to get the OTP? What cart did you use to update?

 

[daxtsu]

Do you have a hard mod? And is https://github.com/Plailect/OTP/blob/master/New_3DS_Spider.md the guide you used to get the OTP? What cart did you use to update?

No hardmod. I used that one, yes, but the author of that guide is planning on overhauling it to be safer tonight, so you might want to wait if you're going to do it. I did not use a gamecard to update. I used 2xrsa hax via the browser to run Decrypt9 and restore my sysNAND to 9.2 ( https://gbatemp.net/threads/otp-guide.415140/page-19#post-6084203 ). Rename decrypt9.bin to arm9.bin and replace arm11.bin that you used to dump OTP with the one from that post.

 

[Mistie]

No hardmod. I used that one, yes, but the author of that guide is planning on overhauling it to be safer tonight, so you might want to wait if you're going to do it. I did not use a gamecard to update. I used 2xrsa hax via the browser to run Decrypt9 and restore my sysNAND to 9.2 ( https://gbatemp.net/threads/otp-guide.415140/page-19#post-6084203 ). Rename decrypt9.bin to arm9.bin and replace arm11.bin that you used to dump OTP with the one from that post.

I am really looking into doing this myself as I have a n3ds and use ReiNAND anyways. But I do not have a hardmod. If I dump my sysNAND from decrypt9 can I use that to restore in the event that I brick and get a hardmod to fix it?

 

[daxtsu]

I am really looking into doing this myself as I have a n3ds and use ReiNAND anyways. But I do not have a hardmod. If I dump my sysNAND from decrypt9 can I use that to restore in the event that I brick and get a hardmod to fix it?

You should be able to, yes. You could alternatively use the Gateway menu to do it, but Decrypt9's been pretty thoroughly tested.

 

[Mistie]

You should be able to, yes. You could alternatively use the Gateway menu to do it, but Decrypt9's been pretty thoroughly tested.

Also how do I go about installing ReiNAND with arm9loaderhax? How do I uninstall arm9loader if possible? What happens if I boot my console without my SD card in with arm9loaderhax? Can arm9loaderhax alone brick my console if I screw up?

 

[daxtsu]

Also how do I go about installing ReiNAND with arm9loaderhax?

Assuming you've an emuNAND already (and your rei folder contains the 3.2 final files, not 3.2b or anything older), it's literally as simple as dragging and dropping the precompiled build Rei posted in the Reinand thread.

How do I uninstall arm9loader if possible?

You would need to use a payload to boot either:

1. Decrypt9, once the devs get graphics working, and restore sysNAND that way
2. Use a mod of Aurora Wright's mod of Reinand which boots sysNAND directly, and then launch Decrypt9 (see the AuReiNAND thread, Shadowtrance posted a .bin file there, but I'm not sure if it's working or not)

What happens if I boot my console without my SD card in with arm9loaderhax?

it will hang on a black screen, looking as if it bricked, but it won't be.

Can arm9loaderhax alone brick my console if I screw up?

Yes, if you, for example, use somebody else's OTP dump, it can and will brick your console. However, as long as you're using your own OTP dump and are building ARM9LoaderHax from Windows (and not Linux, as there are reports of people making it on Linux are bricking* ), then you should be fine.

*: There have been fixes, but no reports confirming if it's fixed or not from what I know.

Do you mind if I use the information provided to write up a thread of the information I received from you? Possibly in the form of a tutorial??

If you want to. Just make sure people know the risks. Even if it's getting safer day by day, there will always be some degree of risk involved. You might want to help contribute to the OTP guide in the tutorial section though, I would guess it'll eventually include ARM9LoaderHax installation as well.

 

[Mistie]

Assuming you've an emuNAND already (and your rei folder contains the 3.2 final files, not 3.2b or anything older), it's literally as simple as dragging and dropping the precompiled build Rei posted in the Reinand thread.



You would need to use a payload to boot either:

1. Decrypt9, once the devs get graphics working, and restore sysNAND that way
2. Use a mod of Aurora Wright's mod of Reinand which boots sysNAND directly, and then launch Decrypt9 (see the AuReiNAND thread, Shadowtrance posted a .bin file there, but I'm not sure if it's working or not)

it will hang on a black screen, looking as if it bricked, but it won't be.



Yes, if you, for example, use somebody else's OTP dump, it can and will brick your console. However, as long as you're using your own OTP dump and are building ARM9LoaderHax from Windows (and not Linux, as there are reports of people making it on Linux are bricking* ), then you should be fine.

*: There have been fixes, but no reports confirming if it's fixed or not from what I know.



If you want to. Just make sure people know the risks. Even if it's getting safer day by day, there will always be some degree of risk involved. You might want to help contribute to the OTP guide in the tutorial section though, I would guess it'll eventually include ARM9LoaderHax installation as well.

*head bow* Thank you *head bow* Thank you

 

[invaderyoyo]

Ok, so I bricked my N3DSXL attempting to get the OTP. All I get is a black screen no matter what I try. It happened when I copied my 2.1 emuNAND to my sysNAND.

I'm pretty sure my only option to fix it is a hardmod, but what do you mean "supposedly"? I've been looking around and I can't seem to get a definite answer about the decrypt9 dumped sysNAND.bin.

Also I've only been able to find stuff on how dump the NAND with the hardmod, but not flash onto it. Any help, or hints, or anything at all would be great.

 

[Conan179]

giv it a cfw, to boot the sysnand with arm9loaderhax?

 

[Lumince]

Ok, so I bricked my N3DSXL attempting to get the OTP. All I get is a black screen no matter what I try. It happened when I copied my 2.1 emuNAND to my sysNAND.

I'm pretty sure my only option to fix it is a hardmod, but what do you mean "supposedly"? I've been looking around and I can't seem to get a definite answer about the decrypt9 dumped sysNAND.bin.

Also I've only been able to find stuff on how dump the NAND with the hardmod, but not flash onto it. Any help, or hints, or anything at all would be great.

Did you by any chance, forget to unbrick your 2.1 emunand? And have you tried to taking your sd card out and trying to boot? It doesnt like to boot with it in.

 

[invaderyoyo]

Did you by any chance, forget to unbrick your 2.1 emunand? And have you tried to taking your sd card out and trying to boot? It doesnt like to boot with it in.

No, I didn't forget. I did the hardmod and bricked it a million more times. I finally managed to get the otp yesterday.

 

[Lumince]

No, I didn't forget. I did the hardmod and bricked it a million more times. I finally managed to get the otp yesterday.

ah i didnt see that you posted that sunday xD

 

[TheHaxForU]

okay i'm kind of nervous im on the step where i have downgraded my emunand and all went well i have an o3ds and currently dumping emunand with OTPHelper
from what i understand i do not need to unbrick emunand because its not a n3ds
so now i just restore my emunand backup to sysnand and hold my breath?

just stumbled upon [validate emunand downgrade] so for kicks i ran that

xD both validation stage 1 and 2 failed
TWL titles 4
TMD succes 99
TMD not found 0
TMD hash mismatch 9
APP fragment 0
APP hash mismatch 0

im confused because looking at that id assume restoring that to my sysnand id brick but had i followed Plailect's guide i would have just restored it to sysnand

 

[naivegirl2411]

Hmmm...

1. Im using aureinand fine on o3ds and installing cias is much more simpler compared to having emunand
2. I also have a boot time of probably 5 seconds max as it boots extremely fast 100% of the time
3. With an o3ds you dont even need a hex editor so its easier to install if you read + know what youre doing

Just my 2 cents

 

[Mistie]

I just updated this post, didn't realize a few people were still looking at it. If you are really concerned you should be able to find better information elsewhere.

THIS POST WAS ORIGINALLY FROM WHEN ONLY ABOUT 4 PEOPLE IN TOTAL HAD a9lh INSTALLED.

 

[LiquidAudacity]

It would probably be a good idea to have some sort of official post like this around too so as to lower the amount of questions we get about it