Homebrew Another, kinda-dumb firmware glitch that may downgrade

[Knucklesfan]

now, I read up on this, and I learned that on your 3DS, there is an emergency backup on your system. Nintendo warns you to plug in your 3DS to a wall so that it doesn't die and corrupt the files. But, doesn't that mean that the backup will load if it is corrupted? So all you would have to do to revert back to whatever firmware you're from is to take out the battery, plug in your system, and then get the installing started, and then unplug. that will imedetly shut down the system, corrupt the files, and then the backup can do it's job. If your lucky, the backup would be a previous firmware, and you can do whatever you want with that firmware. just a theory that I don't think nintendo can stop.

 

[WeedZ]

now, I read up on this, and I learned that on your 3DS, there is an emergency backup on your system. Nintendo warns you to plug in your 3DS to a wall so that it doesn't die and corrupt the files. But, doesn't that mean that the backup will load if it is corrupted? So all you would have to do to revert back to whatever firmware you're from is to take out the battery, plug in your system, and then get the installing started, and then unplug. that will imedetly shut down the system, corrupt the files, and then the backup can do it's job. If your lucky, the backup would be a previous firmware, and you can do whatever you want with that firmware. just a theory that I don't think nintendo can stop.

You go ahead and try that

 

[Knucklesfan]

You go ahead and try that

Ok, I will, I'm just worried that I'll get stuck on the 11.1 train, and I don't want to do THAT. (even though I have stickerhax lol)

 

[CitizenSnips]

I think you would just break your device tbh

 

[zoogie]

now, I read up on this, and I learned that on your 3DS, there is an emergency backup on your system. Nintendo warns you to plug in your 3DS to a wall so that it doesn't die and corrupt the files. But, doesn't that mean that the backup will load if it is corrupted? So all you would have to do to revert back to whatever firmware you're from is to take out the battery, plug in your system, and then get the installing started, and then unplug. that will imedetly shut down the system, corrupt the files, and then the backup can do it's job. If your lucky, the backup would be a previous firmware, and you can do whatever you want with that firmware. just a theory that I don't think nintendo can stop.

The "emergency backup" you're referring to is safe firm and safe "X" titles and is just enough to boot your corrupted system in a usable enough state to download and install the most current firmware pack from NUS. FIRM1 is an identical backup to FIRM0 and wont help either.

 

[TheCyberQuake]

That's just not how it works OP. If it were that easy we would already be using it as a method.
@zoogie covered the details correctly so I won't repeat it.

 

[Knucklesfan]

The "emergency backup" you're referring to is safe firm and safe "X" titles and is just enough to boot your corrupted system in a usable enough state to download and install the most current firmware pack from NUS. FIRM1 is an identical backup to FIRM0 and wont help either.

Hold the phone: Did you just say "Download and install the most current firmware pack, right? So what if we took that link, using our wifi network, and rerouted it to a different download server, with the 9.2 firmware, looking like its 11.1. Thus forth, downloading the incorrect firmware version, to the system.

 

[SomeGamer]

Hold the phone: Did you just say "Download and install the most current firmware pack, right? So what if we took that link, using our wifi network, and rerouted it to a different download server, with the 9.2 firmware, looking like its 11.1. Thus forth, downloading the incorrect firmware version, to the system.

Wouldn't work, we couldn't sign the CIAs, let alone spoof the SSL connection.

 

[Zidapi]

Hold the phone: Did you just say "Download and install the most current firmware pack, right? So what if we took that link, using our wifi network, and rerouted it to a different download server, with the 9.2 firmware, looking like its 11.1. Thus forth, downloading the incorrect firmware version, to the system.

No.

 

[TheCyberQuake]

Hold the phone: Did you just say "Download and install the most current firmware pack, right? So what if we took that link, using our wifi network, and rerouted it to a different download server, with the 9.2 firmware, looking like its 11.1. Thus forth, downloading the incorrect firmware version, to the system.

Again if it were that easy we would already be doing it. You aren't the first one to say something like that. It just doesn't work like that, Ninty has safety measures in place to stop that from happening

 

[Joom]

Wouldn't work, we couldn't sign the CIAs, let alone spoof the SSL connection.

There's a way to host your own update server. Plailect's old guide covered it, but this still wouldn't work.

 

[WeedZ]

I just thought of something else. Your talking about using the backup to restore an older fw version right? So let's say the backup did contain a full fw install. And let's say you accidentally updated from 9.2 to 11.1. You would have to wait for a new fw update in order to start the update process. And let's say pulling the power did work and it restored a full fw backup. Wouldn't that backup just be 11.1 being the last fw you were on?

 

[PabloMK7]

• Already answered, but anyway...
  1st: The "backup" you are talking about is the SAFE mode, it can only launch a limited OS to enter system settings and prompt you to update. And exploit would need to be found there, since SAFE titles almost never update (iirc) and may have exploits fixed outside SAFE mode (memchunkhax). The problem is you can't do anything other than press A to update your system.
  
  2nd: Nintendo servers are hosted with SSL. If the 3ds checks that the ssl is wrong it'll stop the connection. (Youtube app didn't use it that's why tubehax was possible). But assuming that you manage to spoof the ssl:
  
  3rd: The 3ds can't install a title if the one present in the system is a newer version. Trying to install 9.2 (lets assume ver 45) titles on 11.1 (lets assume ver 90) won't work because 45 < 90.

 

[Clydefrosch]

I just thought of something else. Your talking about using the backup to restore an older fw version right? So let's say the backup did contain a full fw install. And let's say you accidentally updated from 9.2 to 11.1. You would have to wait for a new fw update in order to start the update process. And let's say pulling the power did work and it restored a full fw backup. Wouldn't that backup just be 11.1 being the last fw you were on?

but its not a full backup. its just enough of a fix to connect to the official servers to download the latest firmware.

 

[PabloMK7]

I'm just wondering, you can actually get to the wifi configuration menu. Maybe an exploit can be found there, like using wrong SSID or corrupted data packets. If it's true that SAFE titles may have exploits fixed in normal mode, then it might be useful...
(Also will nintendo be able to update SAFE titles? They cannot risk destroying the purpose of it, never update them to prevent update corruptions)

 

[WeedZ]

but its not a full backup. its just enough of a fix to connect to the official servers to download the latest firmware.

So let's say the backup did contain a full fw install.

 

[SomeGamer]

There's a way to host your own update server. Plailect's old guide covered it, but this still wouldn't work.

AFAIK that required NTR and all it did is update to a specific version.

 

[Knucklesfan]

I'm just wondering, you can actually get to the wifi configuration menu. Maybe an exploit can be found there, like using wrong SSID or corrupted data packets. If it's true that SAFE titles may have exploits fixed in normal mode, then it might be useful...
(Also will nintendo be able to update SAFE titles? They cannot risk destroying the purpose of it, never update them to prevent update corruptions)

That does sound reasonable. I think that if we are able to find an exploit in there, we can prompt the downgrade session. Also, if you think about it, if it loads into SAFE, we can might be able to access the 3ds files, and replace the file that specifies the SSL, thus forth allowing us to gain access to override the files, and boosh. Downgrade away.

 

[dubbz82]

Oh no...not another one of these threads.

 

[Knucklesfan]

Oh no...not another one of these threads.

Hey, I actually thought this one out, and this has a chance, if you think more into it

 

[DrunkenMonk]

Hey, I actually thought this one out, and this has a chance, if you think more into it

it wouldn't work on 11.0+ since they added a firm version check, so if you could somehow manage to get it to boot into the recovered safe firm (which is not a backup of an older firm, it's more like safemode with a guest account on windows is probably a better way to describe it?) then somehow spoof an update server for the 11+ fw, the 3ds itself would reject anything less than 11+. It's just all not possible right now... Publically... Maybe we'll see a way around it nearer E.O.L, but I think people are probably gonna hold off on releasing anything astounding in that field any time soon.

Though, I've basically just reiterated what zoogie said. It was a nice thought, but it's just not gonna happen right now.