Homebrew What ever happened to ntrccardhax?

zoogie

zoogie

playing around in the end of life
Developer
Level 24
Joined
Nov 30, 2014
Messages
8,560
Trophies
2
XP
15,000
Country
Micronesia, Federated States of
Last edited by zoogie,
  • Like
Reactions: sweis12
The Catboy

The Catboy

GBAtemp Official Catboy™: Boywife
Member
Level 40
Joined
Sep 13, 2009
Messages
27,982
Trophies
4
Location
Making a non-binary fuss
XP
39,478
Country
Antarctica
It kind of lost speed. It's a nice idea and would have been cool to see, but it seemed like the other options got more attention and this one just dropped out of the public's eye
 
Quantumcat

Quantumcat

Dead and alive
Member
Level 21
Joined
Nov 23, 2014
Messages
15,144
Trophies
0
Location
Canberra, Australia
Website
boot9strap.com
XP
11,119
Country
Australia
  • Like
Reactions: Codename and zoogie
evandixon

evandixon

PMD Researcher
Developer
Level 11
Joined
May 29, 2009
Messages
1,725
Trophies
1
Website
projectpokemon.org
XP
2,338
Country
United States
zoogie said:
Problem is, the last piece of the puzzle is an app to flash the payload to an ak2i and @Normmatt says only an arm9 app can do this, which defeats the purpose.
Click to expand...

Ak2i cards have an updatable firmware using a .nds installer run from the cart itself. While I know Normmatt knows what he's talking about, it seems like this would be a non-issue.
 
Roboman

Roboman

Well-Known Member
Member
Level 6
Joined
Jan 7, 2016
Messages
313
Trophies
0
Age
28
XP
742
Country
United States
It was overshadowed by the fact that with arm11 kennel you could downgrade.

Everybody just downgraded rather than bother with the extra hardware.
 
  • Like
Reactions: sweis12
d3m3vilurr

d3m3vilurr

Well-Known Member
Newcomer
Level 1
Joined
Jun 2, 2016
Messages
51
Trophies
0
Age
39
XP
104
Country
i think, ntrcardhax still important for some asian regions.
currently, ninjhax2 payload only support jap, eur, usa, and partially kor.

but, kor n3ds only have 9.6~11.x firm, so they cannot use arm9 control feature until release other arm9 exploit.
if we can launch hblauncher, still can downgrade or upgrade to 10.3, then can use ntrcardhax for the arm9 execution.
 
  • Like
Reactions: Quantumcat
shinyquagsire23

shinyquagsire23

SALT/Sm4sh Leak Guy
Member
Level 13
Joined
Nov 18, 2012
Messages
1,977
Trophies
2
Age
26
Location
Las Vegas
XP
3,765
Country
United States
d3m3vilurr said:
i think, ntrcardhax still important for some asian regions.
currently, ninjhax2 payload only support jap, eur, usa, and partially kor.

but, kor n3ds only have 9.6~11.x firm, so they cannot use arm9 control feature until release other arm9 exploit.
if we can launch hblauncher, still can downgrade or upgrade to 10.3, then can use ntrcardhax for the arm9 execution.
Click to expand...
Without an AK2i flasher or similar, the only way to do ntrcardhax would be custom hardware, but that is definitely a valid point.

EDIT: Actually, the other alternative for KOR consoles would be to use a valid SecureInfo_A from a US,EU or JP console and when downgrading, use another region's files. This would cripple the console partially though and would be tricky, because you would also have to get to a point where you can remove KOR titles to make it stable again. That, or just get to ARM9 anyhow and then swap back and remove the US,EU,JP titles.

EDIT: Actually you need ARM9 to install the SecureInfo_A, so nope @ that.
 
Last edited by shinyquagsire23,
  • Like
Reactions: d3m3vilurr and Gray_Jack
J

Jair

Well-Known Member
Newcomer
Level 1
Joined
Apr 14, 2016
Messages
93
Trophies
0
Age
32
XP
104
Country
Peru
NTRCardhax won't work on 10.4+? Bummer I didn't knew that. I was actually hoping that maybe in the future that it could be used to downgrade 11.0 without hardmod.
 
Roboman

Roboman

Well-Known Member
Member
Level 6
Joined
Jan 7, 2016
Messages
313
Trophies
0
Age
28
XP
742
Country
United States
Jair said:
NTRCardhax won't work on 10.4+? Bummer I didn't knew that. I was actually hoping that maybe in the future that it could be used to downgrade 11.0 without hardmod.
Click to expand...
It's been public since Christmas.
Nintendo usua)y patches public kexploits Within a month.
 
d3m3vilurr

d3m3vilurr

Well-Known Member
Newcomer
Level 1
Joined
Jun 2, 2016
Messages
51
Trophies
0
Age
39
XP
104
Country
shinyquagsire23 said:
Without an AK2i flasher or similar, the only way to do ntrcardhax would be custom hardware, but that is definitely a valid point.

EDIT: Actually, the other alternative for KOR consoles would be to use a valid SecureInfo_A from a US,EU or JP console and when downgrading, use another region's files. This would cripple the console partially though and would be tricky, because you would also have to get to a point where you can remove KOR titles to make it stable again. That, or just get to ARM9 anyhow and then swap back and remove the US,EU,JP titles.

EDIT: Actually you need ARM9 to install the SecureInfo_A, so nope @ that.
Click to expand...
yep. if can change region code, it is best option. but this action already require arm9 execution first if not use hardmod. :(

zoogie said:
@d3m3vilurr has been working on it
https://github.com/d3m3vilurr/ntrcardhax/tree/more

Problem is, the last piece of the puzzle is an app to flash the payload to an ak2i and @Normmatt says only an arm9 app can do this, which defeats the purpose.

I still would very much like to see a POC anyway.
Click to expand...
Normmatt's code need ak2i flash dump and reflash, and he said these actions require arm9 code execution..
but i have some problems for these works.

1. dump
launched ak2i mode, ak2i will change chipid. in this case, need to clear overlay data for dump. so require eject and reinsert to cart.
this action make, cannot dump to ak2i's sdcard with dsl(lost dldi connection at the eject time.(i don't know dsi mode. maybe they can dump to device sdcard. but i'm not have dsi, so not tested..)
currently, i try to use modified uncart code on the jap n3ds. current uncart code can send ntr commands to dscart.
(but i think, my dumped header data is little weird, and i don't know right flashrom position)

2. reflash
reversed ak2i flasher show some custom commands and encrypted flash rom data,
but i don't know direct write command.. (i need to dump before this work, so i will test next time..)

anyway, Normmatt also confirmed, dumped ak2i flashrom data can use another ak2 or ak2i. so someone discover dump and flasher method, it can use all ak2i owners. :)
(and i think, homebrew flasher can work with dsl and dsi)
 
Last edited by d3m3vilurr,
shinyquagsire23

shinyquagsire23

SALT/Sm4sh Leak Guy
Member
Level 13
Joined
Nov 18, 2012
Messages
1,977
Trophies
2
Age
26
Location
Las Vegas
XP
3,765
Country
United States
d3m3vilurr said:
yep. if can change region code, it is best option. but this action already require arm9 execution first if not use hardmod. :(


Normmatt's code need ak2i flash dump and reflash, and he said these actions require arm9 code execution..
but i have some problems for these works.

1. dump
launched ak2i mode, ak2i will change chipid. in this case, need to clear overlay data for dump. so require eject and reinsert to cart.
this action make, cannot dump to ak2i's sdcard with dsl(lost dldi connection at the eject time.(i don't know dsi mode. maybe they can dump to device sdcard. but i'm not have dsi, so not tested..)
currently, i try to use modified uncart code on the jap n3ds. current uncart code can send ntr commands to dscart.
(but i think, my dumped header data is little weird, and i don't know right flashrom position)

2. reflash
reversed ak2i flasher show some custom commands and encrypted flash rom data,
but i don't know direct write command.. (i need to dump before this work, so i will test next time..)

anyway, Normmatt also confirmed, dumped ak2i flashrom data can use another ak2 or ak2i. so someone discover dump and flasher method, it can use all ak2i owners. :)
(and i think, homebrew flasher can work with dsl and dsi)
Click to expand...
Realistically you should also be able to do flashing from a DS I'm pretty sure? I mean, it would make sense to be able to...
 
dark_samus3

dark_samus3

Well-Known Member
Member
Level 10
Joined
May 30, 2015
Messages
2,372
Trophies
0
XP
2,042
Country
United States
Why exactly is arm9 needed to reflash? The arm11 has access to the ntrcard registers (why ntrcardhax works in the first place) so, why couldn't a flasher be made to work on arm11? Or is it just the fact that no one has made it yet?
 
Roboman

Roboman

Well-Known Member
Member
Level 6
Joined
Jan 7, 2016
Messages
313
Trophies
0
Age
28
XP
742
Country
United States
dark_samus3 said:
Why exactly is arm9 needed to reflash? The arm11 has access to the ntrcard registers (why ntrcardhax works in the first place) so, why couldn't a flasher be made to work on arm11? Or is it just the fact that no one has made it yet?
Click to expand...
It is difficult if not impossible for the arm11 to interface with ntr cards fully and properly. It was designed to acess the card slot for 3ds games. Ds games also using that slot the premise of this hax
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew  A new way to experience StreetPass

Hacking Hardware  New Nintendo 3DS XL Louvre

Emulation  i have citra, i have my aes keys installed, how do i get the home menu

Hardware  Why does my 3DS take so long to turn off?

What's the best 3DS emulator (especially after Citra's shutdown)?

Tutorial  How to fix 007-2001

can't download system files on citra because im "not connected to the internet"

gacube emeleter

General chit-chat
Help Users
  • No one is chatting at the moment.
    Psionic Roshambo @ Psionic Roshambo: Not a big fan of NES kid Icarus either... I know it was popular but I didn't care for it.