Hacking Can We Unbrick a 3DS With No NAND Backups and a Hard Mod Yet?

Xenon Hacks

Well-Known Member
OP
Member
Joined
Nov 13, 2014
Messages
7,414
Trophies
1
Age
30
XP
4,687
Country
United States
Wondering if it's possible to take a bricked unit, NAND mod it, dump the corrupt Nand, Fix the FIRM partitions (if it's possible), Boot Recovery and update, then dump that Nand clean NAND and downgrade via the same hard mod.
 
Last edited by Xenon Hacks,

migles

All my gbatemp friends are now mods, except for me
Member
Joined
Sep 19, 2013
Messages
8,033
Trophies
0
Location
Earth-chan
XP
5,299
Country
China
Wondering if it's possible to take a bricked unit, NAND mod it, dump the corrupt Nand, Fix the FIRM partitions (if it's possible), Boot Recovery and update, then dump that Nand clean NAND and downgrade via the same hard mod.
edit first post with this information for extra effect and community points.
 
  • Like
Reactions: Xenon Hacks

Urbanshadow

Well-Known Member
Member
Joined
Oct 16, 2015
Messages
1,578
Trophies
0
Age
32
XP
1,712
Country
Wondering if it's possible to take a bricked unit, NAND mod it, dump the corrupt Nand, Fix the FIRM partitions (if it's possible), Boot Recovery and update, then dump that Nand clean NAND and downgrade via the same hard mod.

Someone correct me now, but I believe if you had some important keys (may be OTP and twl otp slot, or xorpads, or everything) you could be able to decrypt an alike working system's NAND, decrypt it and encrypt it for the new system, then restore it and get it working.
 

Xenon Hacks

Well-Known Member
OP
Member
Joined
Nov 13, 2014
Messages
7,414
Trophies
1
Age
30
XP
4,687
Country
United States
Someone correct me now, but I believe if you had some important keys (may be OTP and twl otp slot, or xorpads, or everything) you could be able to decrypt an alike working system's NAND, decrypt it and encrypt it for the new system, then restore it and get it working.
The reason this popped into my head is because this is kinda what I remember doing to unbrick my 2.1 Nand back (but not the same thing) when A9LH required a hard mod and that funky 3DSX blue screen app.
 
  • Like
Reactions: migles

migles

All my gbatemp friends are now mods, except for me
Member
Joined
Sep 19, 2013
Messages
8,033
Trophies
0
Location
Earth-chan
XP
5,299
Country
China
Good Idea lol it's 5:30 AM and I have not slept my B
with the "^title" you would get generic normal answers (for example: no, you can't use another console's nand backup) instead turning it into a discussion about if its possible or not to repair a corrupted nand backup
 

Urbanshadow

Well-Known Member
Member
Joined
Oct 16, 2015
Messages
1,578
Trophies
0
Age
32
XP
1,712
Country
The reason this popped into my head is because this is kinda what I remember doing to unbrick my 2.1 Nand back (but not the same thing) when A9LH required a hard mod and that funky 3DSX blue screen app.

What I would like for you to understand is recovering a corrupted and encripted NAND is not possible. Because if the NAND is corrupted it would be decrypted into garbage.
If you decrypt a working backup (another system or not, I think it doesn't matter) and you manage to encript it for the broken system to decript it correctly, I don't see why it wouldn't work.

But you still need that encrypting info correctly dumped somewhere.
 

Xenon Hacks

Well-Known Member
OP
Member
Joined
Nov 13, 2014
Messages
7,414
Trophies
1
Age
30
XP
4,687
Country
United States
What I would like for you to understand is recovering a corrupted and encripted NAND is not possible. Because if the NAND is corrupted it would be decrypted into garbage.
If you decrypt a working backup (another system or not, I think it doesn't matter) and you manage to encript it for the broken system to decript it correctly, I don't see why it wouldn't work.

But you still need that info somewhere.
I don't really ave a method in mind but the idea is to not fix it completely just enough to boot the recovery menu with L+R+A+UP and let the 3DS itself do the rest.
 

The Real Jdbye

*is birb*
Member
Joined
Mar 17, 2010
Messages
23,207
Trophies
4
Location
Space
XP
13,733
Country
Norway
Wondering if it's possible to take a bricked unit, NAND mod it, dump the corrupt Nand, Fix the FIRM partitions (if it's possible), Boot Recovery and update, then dump that Nand clean NAND and downgrade via the same hard mod.
Reflashing FIRM without a NAND backup is possible, which probably won't be enough to fix most bricks, but in some particular cases that could be enough to save a 3DS. SAFE_MODE FIRM isn't stored in the FIRM partitions though I think, so a bricked safe mode can't be fixed without a NAND backup.
If you have NAND xorpads though then you have much better chances of unbricking.
 

Xenon Hacks

Well-Known Member
OP
Member
Joined
Nov 13, 2014
Messages
7,414
Trophies
1
Age
30
XP
4,687
Country
United States
Reflashing FIRM without a NAND backup is possible, which probably won't be enough to fix most bricks, but in some particular cases that could be enough to save a 3DS. SAFE_MODE FIRM isn't stored in the FIRM partitions though I think, so a bricked safe mode can't be fixed without a NAND backup.
If you have NAND xorpads though then you have much better chances of unbricking.
Could one use donor Xorpads or are those console specific too -__-?
 

cearp

瓜老外
Developer
Joined
May 26, 2008
Messages
8,721
Trophies
2
XP
8,471
Country
Tuvalu
it depends how it is bricked, if the firm is the only problem then yeah that will fix it.
but if it is 'bricked' because you uninstalled a bunch of system titles that you need, then no - you will have to do some more stuff :)
 
Joined
Feb 15, 2015
Messages
1,464
Trophies
0
XP
1,099
Country
United States
Reflashing FIRM without a NAND backup is possible, which probably won't be enough to fix most bricks, but in some particular cases that could be enough to save a 3DS. SAFE_MODE FIRM isn't stored in the FIRM partitions though I think, so a bricked safe mode can't be fixed without a NAND backup.
If you have NAND xorpads though then you have much better chances of unbricking.
SAFE_FIRM is FIRM1 iirc.

--------------------- MERGED ---------------------------

it depends how it is bricked, if the firm is the only problem then yeah that will fix it.
but if it is 'bricked' because you uninstalled a bunch of system titles that you need, then no - you will have to do some more stuff :)
I know the feeling..I lost an O3DS during the unstable phase of MCH2 testing.
 
  • Like
Reactions: astronautlevel

Xenon Hacks

Well-Known Member
OP
Member
Joined
Nov 13, 2014
Messages
7,414
Trophies
1
Age
30
XP
4,687
Country
United States
it depends how it is bricked, if the firm is the only problem then yeah that will fix it.
but if it is 'bricked' because you uninstalled a bunch of system titles that you need, then no - you will have to do some more stuff :)
Lets say your running PlaiSysUpdater and it crashes mid way for no apparent reason something like that would be fixable with some fiddling no? Since FIRM gets installed first by priority when using it.
 

The Real Jdbye

*is birb*
Member
Joined
Mar 17, 2010
Messages
23,207
Trophies
4
Location
Space
XP
13,733
Country
Norway
SAFE_FIRM is FIRM1 iirc.
Nope. firm0 and firm1 are identical copies, so in the event that firm0 is corrupted during an update the system won't be bricked.
3DBrew https://www.3dbrew.org/wiki/FIRM#NATIVE_FIRM said:
NATIVE_FIRM is the FIRM which is installed to the NAND firm partitions, which is loaded by bootrom.
 

vb_encryption_vb

That hardmod guy....
Member
Joined
Nov 21, 2015
Messages
1,995
Trophies
2
Age
41
Location
Acworth, GA
XP
1,933
Country
United States
From what i understand.

With out the keys, you can't decrypt a nand on pc, so you're not able to use a donor nand to rebuild a new nand image. I actually have a system someone sent in, im not sure what they did exactly, but some how they managed to flash a corrupt emunand to sysnand. Console still worked for the time being in some sort of Frankenstein firm. Once the console was updated to 11.0 on emunand the system crashed. Crashed sysnand as well. No recovery, nothing. Just black screens. Unfortunately, they no longer had a backup of any dumps.

Yes, im positive it was in emunand as well. Even if it was in sysnand, a update should not have bricked a system like that.
 

Halvorsen

Well-Known Member
Member
Joined
Aug 12, 2015
Messages
2,060
Trophies
0
Website
halcove.com
XP
1,889
Country
United States
Nvm, I forgot about xorpads. xD

So let's say we corrupted NATIVE_FIRM and nothing else, like from a bad downgrade. 3DS is bricked. Can we do the 11.x downgrade method and inject the corresponding NF, essentially unbricking it? I didn't make this post to be useful, I'm just curious.
 
Last edited by Halvorsen,

hundshamer

Well-Known Member
Member
Joined
May 22, 2009
Messages
1,810
Trophies
0
XP
924
Country
United States
Can we XOR a NATIVE_FIRM (if it still intact), use a decrypted NAND (XOR'ed NAND from donor machine) to rebuild a new NAND and use the XOR from the original to rebuild an operational firmware?

EDIT: I remember rebuilding a firmware once, but it was a while ago. I forgot where we get the xorpads... Let me see if I can dig up what I did (with tons of help of course).
 
Last edited by hundshamer,

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
  • Psionic Roshambo @ Psionic Roshambo:
    Batman joined the Trans Justice League
    +2
  • Sicklyboy @ Sicklyboy:
    based af
    +2
  • Sonic Angel Knight @ Sonic Angel Knight:
    Forget the base, get on the roof.
  • K3Nv2 @ K3Nv2:
    Is that a bat in your buckle or are you just happy to have me
  • Psionic Roshambo @ Psionic Roshambo:
    Wonder "Woman" lol you wonder if they are a woman?
  • Psionic Roshambo @ Psionic Roshambo:
    The Riddler has questions...
  • K3Nv2 @ K3Nv2:
    Played a little of snow day glad I didn't spend $30
  • K3Nv2 @ K3Nv2:
    It's asthetic is okay maybe a good $10 grab
  • Psionic Roshambo @ Psionic Roshambo:
    Lol is it a game about doing cocaine?
  • K3Nv2 @ K3Nv2:
    Probably in pvp
  • Psionic Roshambo @ Psionic Roshambo:
    I tried Balders Gate II on the PS2 a few minutes ago, not bad lol
  • Psionic Roshambo @ Psionic Roshambo:
    My back catalog of games is like that scene at the end of Indiana Jones where the arc of the covenant is being stored in a giant ass warehouse
  • K3Nv2 @ K3Nv2:
    At least I can will my game catalog to family members
    +1
  • K3Nv2 @ K3Nv2:
    It's your problem now bitches
  • Psionic Roshambo @ Psionic Roshambo:
    Put it in your will that in order to receive any money they have to beat certain games, hard games and super shitty games...
  • Psionic Roshambo @ Psionic Roshambo:
    Say 20 bucks per Ninja Gaiden on the NES lol 60 bucks for all 3
  • Psionic Roshambo @ Psionic Roshambo:
    People you like "Beat level 1 of Ms Pacman" lol
  • K3Nv2 @ K3Nv2:
    Hello kitty ds is required
    +1
  • Psionic Roshambo @ Psionic Roshambo:
    Beat Celebrity Death Match on the PS1 omg tried it earlier today .... Absolutely trash
  • Psionic Roshambo @ Psionic Roshambo:
    Like -37 out of 10
  • Psionic Roshambo @ Psionic Roshambo:
    One of the worst games I have ever played
  • K3Nv2 @ K3Nv2:
    Make them rank up every cod game out
  • K3Nv2 @ K3Nv2:
    "Now I know why he took his own life"
    K3Nv2 @ K3Nv2: "Now I know why he took his own life"