Hacking Official Corbenik - Another CFW for advanced users (with bytecode patches!)

[laharl22]

Thanks. Yeah, this isn't a PR type thing, it's more than >80% original.



I think I've found this issue with both @Wolfvak's report as well as the other one, so I'll be uploading another build before I go to bed for the night.

thanks and good night in advance lol

 

[chaoskagami]

Hi there, just like to ask something about Corbenik.
Set it up like you said in the readme, renamed the file to native and got it inside the firmware folder along with agb and twl. For the firmkey I renamed it native.key, same goes for the rest as agb.key/twl.key. Managed to get into the config screen, apply a few necessary patches and options to my liking. Tried the firm load and it gave me [__fp] for all 3 native/twl/agb while top screen displaying the native_firm version (11.0) along with agb and twl version. However when i boot firmware, all i receive is a black screen. Using ctrbootmanager9 to boot the payload. Would be great if you can help me out with this. Thanks
PS: Just want to ask whether using native_firm <11.0 is possible with corbenik too.

There was multiple issues in stable-1, I just uploaded another release. [__fp] means that it didn't need to decrypt the firmware (it was already decrypted.) So anyways, @Wolfvak, this should fix that one (and hopefully the decrytion issue as well)

Yes, you should be able to use older native_firms. I've tested back to 10.2, but 9.2 and older haven't been tested. Theoretically they should work.

I goofed in the FS code and was returning zero from somewhere I shouldn't have been. Oh, and a NULL pointer too. So anyways, try it again, please.

 

[Wolfvak]

There was multiple issues in stable-1, I just uploaded another release. [__fp] means that it didn't need to decrypt the firmware (it was already decrypted.) So anyways, @Wolfvak, this should fix that one (and hopefully the decrytion issue as well)

Yeah, I used TWL/AGB from my Cakes setup. Testing now...

By the way, according to this, you say "you may have a very very old NATIVE_FIRM due to firm protection". FIRM protection only protects the partitions themselves, not the CXI from the CDN. That does get updated.

 

[chaoskagami]

Yeah, I used TWL/AGB from my Cakes setup. Testing now...

By the way, according to this, you say "you may have a very very old NATIVE_FIRM due to firm protection". FIRM protection only protects the partitions themselves, not the CXI from the CDN. That does get updated.

Interesting. Well, I'll have to update that then. I was under the impression it prevented that as well. Evidently I was wrong.

 

[TuxSH]

• Injection of arbitrary ARM11 services, including svcBackdoor.

wat?

Also:

<yellows8> Attempt to create a replacement handler for Service 0x3D, AKA OutputDebugString" "It still would be cool to capture debug logs from games. " that svc isn't even used, normally just nop instructions are used instead....

 

[chaoskagami]

wat?

Also:

You can replace other services aside from backdoor in the exception vector, technically. It's not well tested, obviously.

As to the side note; oh well. I suspected as much. That text was leftover from at least a month ago.

 

[Wolfvak]

Rather than services, they're called "svc calls" iirc
Services are a whole different beast in this world

--------------------- MERGED ---------------------------

Boots perfectly with the latest commit @chaoskagami

 

[chaoskagami]

Rather than services, they're called "svc calls" iirc
Services are a whole different beast in this world

Oy vey. Exceptions, service calls, they're all the same on ARM. It's the exception vector/svc call table. I don't come from a homebrew background, I'm from a general CS background.

 

[Suiginou]

Oy vey. Exceptions, service calls, they're all the same on ARM. I don't come from a homebrew background, I'm from a general CS background.

"Service calls" is, as far as I know, usually used to refer to using https://www.3dbrew.org/wiki/Services_API. svc is a word, not an abbreviation.

 

[reallybigfire]

Ok. Just tried out the new release. Used native_firm 10.2 and its firmkey from my cakes set up this time. Still having black screen. To be more precise, I enabled sys module/both cpu options and since I am booting 10.2 firm i disabled service replacement. Debug Pause to check which stage gone wrong. For patches I have the triple Cart/eshop/nim block, firm protection, RF, RO and sig patch as I want to try it clean without dev patches. When i boot firmware, patch were being applied and cached, config saved, firmware patched, modules injected, keyslot updated, sd unmounted, firm copied, after which screen goes black and stay that way.

 

[ketal]

Decided to try this out, the firm issues are gone, but the loader patching doesn't seem to be working

 

[TuxSH]

"SVC" = Supervisor call, not service call (see arm docs).

 

[chaoskagami]

"SVC" = Supervisor call, not service call (see arm docs).

I actually went and looked it up in the ARM ref manual before you even posted this. I'm a dumbass. I understand how it all works, but I have issues remembering terminology. :<

Decided to try this out, the firm issues are gone, but the loader patching doesn't seem to be working

You enabled System Modules in Options, right?

Ok. Just tried out the new release. Used native_firm 10.2 and its firmkey from my cakes set up this time. Still having black screen. To be more precise, I enabled sys module/both cpu options and since I am booting 10.2 firm i disabled service replacement. Debug Pause to check which stage gone wrong. For patches I have the triple Cart/eshop/nim block, firm protection, RF, RO and sig patch as I want to try it clean without dev patches. When i boot firmware, patch were being applied and cached, config saved, firmware patched, modules injected, keyslot updated, sd unmounted, firm copied, after which screen goes black and stay that way.

Get the file `loader.log` from the corbenik folder and upload it here. Loader logs to a file due to what a pain it is to debug,

 

[TuxSH]

Now for less obvious stuff:

PARTNER-CTR units don't have JTAG at all (unfortunately !). They use HIO instead.

 

[chaoskagami]

PARTNER-CTR units don't have JTAG at all (unfortunately !). They use HIO instead.

There's not a lot of documentation on the PARTNER units on 3dbrew. I need to hop on #Cakey and stop assuming things. Man, you're brutal (in a good way. )

 

[TuxSH]

Heh, sorry
By "less obvious" I meant "you can't know if you don't ask".

 

[chaoskagami]

Heh, sorry

Actually, I appreciate it. The less mistakes I make, the better. To everyone in this thread, if I'm wrong on something, please correct me, by all means.

 

[ketal]

You enabled System Modules in Options, right?

Changed microsd, for some reason now everything works fine.

 

[Temptress Cerise]

Actually, I appreciate it. The less mistakes I make, the better. To everyone in this thread, if I'm wrong on something, please correct me, by all means.

SAO > .hack.

Only joking! I actually do like .hack a lot more than I like SAO. The games were oh so good. The hours wasted on the originals and then GU trilogy. As well as the accompanying anime, so good.

Also, why Corbenik out of all the 8 phases for the name?

More on topic: I'll def check this CFW out. Good job.

 

[chaoskagami]

Changed microsd, for some reason now everything works fine.

Weird.

SAO > .hack.

Only joking! I actually do like .hack a lot more than I like SAO. The games were oh so good. The hours wasted on the originals and then GU trilogy. As well as the accompanying anime, so good.

Also, why Corbenik out of all the 8 phases for the name?

More on topic: I'll def check this CFW out. Good job.

Heh, I still do bi-yearly replays of the games.

I chose mostly based on the subtitle of the phases. I mean, who wants a CFW named Skeith? Smells like terror, death and bricks.

Anyways, I'm calling it quits for the day, so I'll get back to any other issues in the morning. Remember that this is new and highly untested, so don't quit your day CFW yet. Peace.