Needs Fasthax to work on 11.2 first.
Once Fasthax is working on stable release, this will be able to be compiled to gain ARM9 access.
For now, this means you could use Decrypt9 on 11.2 to CTRNAND Transfer 2.1, then install A9LH from there. No need to downgrade to 9.2 anymore. As soon as fasthax stable is working and this gets compiled with it.
Last edited by Olmectron,
- Joined
- Jan 11, 2016
- Messages
- 6,032
- Trophies
- 1
- Age
- 24
- Location
- 日本
- Website
- www.facebook.com
- XP
- 3,235
- Country
- Joined
- Nov 26, 2012
- Messages
- 2,568
- Trophies
- 2
- Location
- United States
- Website
- sites.google.com
- XP
- 3,915
- Country
Yes that's pretty much correct. Firmlaunchhax is the arm9 exploit people use in 9.2, but you need K11 access to patch some K11 function calls (I believe this is for the hooks)
https://yifan.lu/2015/01/17/reversing-gateway-ultra-stage-3-owning-arm9-kernel/
(Incase people didn't know)
There is another version of the firmware called SAFE_MODE_FIRM that is used by the system updater where firmlaunchhax has not been patched. We also need K11 access to boot into this mode (I assume). So the idea is too boot into this firmware run Firmlaunchhax then downgrade using the K9 access we now have to 2.1 and install A9LH.
https://github.com/TiniVi/safehax/blob/master/source/main.c#L107 just fyi, 11.2 should be the only unsupported firmware fwiw.
It's not hard to build this stuff. Quick tutorial: Download and install DevKitPro. Go on the github project you'd like to build. There should be a Download button on the right, click it, put it on your desktop. Open the file you downloaded, should be a makefile in it, along with other folders. Now, shift-click in the folder, and click "open command window here". Then just type "make" in cmd (no quotes). If all went well, the file it made should be in the root of the folder you ran the command in. Please let me know if I'm wrong
Correct.
SigHax it not something that let's you install anything or sign anything. It's simply a precisely malformed signature that exploits the bad verification of the BootROM to have a valid checkout on anything signed with this "sighax" signature.
You will need to create a firm with this signature and write it to the FIRM0, which you need Arm9 Access to.
SigHax would make the 9.2 -> 2.1 downgrade unnecessary, since 9.2 had Arm9 access and with that you can install SigHax FIRM. (And then gain otp just for the fun).
11.2 etc. only have Arm11 Access (currently) which is not enough to get a SigHax FIRM installed.
To get cfw without downgrading from 11.2 you'd need a Userland entrypoint (Soundhax/Any HBL entrypoint), then get Arm11 Access (Fasthax/Waithax) and follow this up by a way to gain Arm9 Access (safefirmlaunchhax).
Now use the Arm9 Access to install the SigHax FIRM and gain cfw boot from BootROM.
(Alternate would be OTPLess A9LH Install for N3DS or 2.1 CTRInject method to aquire OTP and install A9LH)
Last edited by Zan',
- Joined
- Jan 11, 2016
- Messages
- 6,032
- Trophies
- 1
- Age
- 24
- Location
- 日本
- Website
- www.facebook.com
- XP
- 3,235
- Country
Same tbhNot sure who feels the wait for 40 minutes on a O3DS for a possible brick
Not sure who feels the wait for 40 minutes on a O3DS for a possible brick
Hm. I mean...it kind of depends on who has hardmods, technically.
But the possible brick shouldn't be a deterrent to people who would test it with fasthax, right? Considering a brick would still brick on fasthax...
I do get the waiting issue though. Uggu. I'd test it myself, but I can't, because firmpatched Luma A9LH will act as if it had ARM9 anyway...right?
- Joined
- Jan 11, 2016
- Messages
- 6,032
- Trophies
- 1
- Age
- 24
- Location
- 日本
- Website
- www.facebook.com
- XP
- 3,235
- Country
Similar threads
