Homebrew SigHax Updates and Discussion Thread

[GerbilSoft]

Faksigned firm being a universal nand.bin that can be flashed to any device or a faksigned firm like a part of the nand that needs to be injected to a valid dump? Thanks for the answers might help some other nabs like me.

It replaces the FIRM partition, so you'd need a specialized tool to inject it. (dgTool in DSi mode works for this; for hardmods, dd with the appropriate options will work.) Note that you won't be able to simply copy over the fakesigned FIRM; you'll need to extract the current FIRM and apply the known plaintext attack to encrypt the new FIRM. This also requires knowing what FIRM is installed, which isn't a major issue for unhacked systems, but might be difficult if you're trying to fix a broken A9LH installation.

 

[Starzcream]

It replaces the FIRM partition, so you'd need a specialized tool to inject it. (dgTool in DSi mode works for this; for hardmods, dd with the appropriate options will work.) Note that you won't be able to simply copy over the fakesigned FIRM; you'll need to extract the current FIRM and apply the known plaintext attack to encrypt the new FIRM. This also requires knowing what FIRM is installed, which isn't a major issue for unhacked systems, but might be difficult if you're trying to fix a broken A9LH installation.

So basically a modified version of Autofirm that uses the new files?

 

[GerbilSoft]

So basically a modified version of Autofirm that uses the new files?

Something like that, yes.

 

[Deleted member 414991]

There's nothing wrong in saying freeShop. It's accepted in GBAtemp. Secondly, anything downloaded from freeShop is unsigned (thus requiring CFW). I don't understand what you mean to ask in the second question. Please elaborate.

By 'diet coke that shop' i meant ciangel, which allows you to download titlekeys so that you can actually download stuff from the shop.

 

[Starzcream]

Something like that, yes.

Overall just a cleaner easier method of installing cfw than a9lh. I was hoping it would be some sort of bootloader payload. Thanks for the information. Now I can stop hawking the thread lol. Sighax is of no real use bricked systems without dev tools.

 

[gamesquest1]

By 'diet coke that shop' i meant ciangel, which allows you to download titlekeys so that you can actually download stuff from the shop.

anything you get without buying will not be legit and cannot be system transfered, while all the content is "signed" (as it comes from the Nintendo server, so it's the exact same thing people get from the eshop) but the ticket used to install them is not signed, but even in the cases where you have a signed ticket as from the legit cia files, even they still do not get system transfered as Nintendo keeps logs of who owns what and tickets don't get transfered from system to system, the target system gets the old systems tickets re-issued to the new system server side, no way about that

this all said, it's totally irrelevant to the topic at hand

--------------------- MERGED ---------------------------

Overall just a cleaner easier method of installing cfw than a9lh. I was hoping it would be some sort of bootloader payload. Thanks for the information. Now I can stop hawking the thread lol. Sighax is of no real use bricked systems without dev tools.

yeah as long as the system wasn't bricked by installing a corrupt nand backup/ bad a9lh build (unless you still have the plaintext a9lh firm) or nand backup from a different system, then yeah you could manually go through each firm until you find the right one

 

[Gnarmagon]

Could I restore a NAND Dump from a different 3ds (both "new") ?

 

[Quantumcat]

<snip>

 

[gamesquest1]

Could I restore a NAND Dump from a different 3ds (both "new") ?

Nope because the nand uses system unique encryption, you would need to provide the system unique info to be able to decrypt the content

If you want to restore a nand from one system to another, ctrtransfer in decrypt9 is the tool to use, and as I mentioned in that post, sighax will probably allow you to run decrypt9 on a already bricked system as long as you know the plaintext of the FIRM section

 

[jt_1258]

wish I could just get notifications when the original message is modified -.-

 

[LordDarkNe0]

Then... If you can do everything with Sighax, could you install ds roms as a cia, and use it?

 

[Kyubnyan]

Then... If you can do everything with Sighax, could you install ds roms as a cia, and use it?

no

 

[GerbilSoft]

Then... If you can do everything with Sighax, could you install ds roms as a cia, and use it?

No. You'd get the exact same result as if you tried this today with A9LH: the game would crash.

 

[Deleted member 350372]

Hey guys. It's been a while since we heard from Hedgeberg. Anything new going on with him in terms of dumping the protected boot9? I apologize if I seem like I am rushing his work. No intent of that. Sighax will come out whenever it is ready to be public. I can wait perfectly fine. I just like to be informed and check in to see how things are going, cuz ya know, I am a very curious person and I like hearing these things and such.

Also the hype doe... *gets excited and thinks random as hell thoughts regarding sighax due to it's potential*

 

[Deleted User]

Hey guys. It's been a while since we heard from Hedgeberg. Anything new going on with him in terms of dumping the protected boot9? I apologize if I seem like I am rushing his work. No intent of that. Sighax will come out whenever it is ready to be public. I can wait perfectly fine. I just like to be informed and check in to see how things are going, cuz ya know, I am a very curious person and I like hearing these things and such.

Also the hype doe... *gets excited and thinks random as hell thoughts regarding sighax due to it's potential*

First off, SigHax has potential but nearly no reason to switch afaik

 

[pixelmasher]

Hey guys. It's been a while since we heard from Hedgeberg. Anything new going on with him in terms of dumping the protected boot9? I apologize if I seem like I am rushing his work. No intent of that. Sighax will come out whenever it is ready to be public. I can wait perfectly fine. I just like to be informed and check in to see how things are going, cuz ya know, I am a very curious person and I like hearing these things and such.

Also the hype doe... *gets excited and thinks random as hell thoughts regarding sighax due to it's potential*

She moved and settled in.
https://twitter.com/hedgeberg/status/849459205182562306

 

[Deleted member 350372]

First off, SigHax has potential but nearly no reason to switch afaik

I agree, still like to hear news about in progress CFW types like sighax and A9LH last year. I may sound like a noob when I ask this question, but unlike sighax where only a hardware revision would patch it up, would A9LH be extremely difficult to patch, but is possible? Like if Nintendo found a way to bypass Luma3DS's firm0/firm1 protection? I just kinda fear that will happen sooner or later, so which is why I am kinda wondering if I should eventually move on to sighax or not. Sorry if this seems like a noob question.

--------------------- MERGED ---------------------------

She moved and settled in.
https://twitter.com/hedgeberg/status/849459205182562306

Ahh. Great news! I also apologize for thinking Hedgeberg is a he. Sounds like a male not female. xD

 

[GerbilSoft]

I agree, still like to hear news about in progress CFW types like sighax and A9LH last year. I may sound like a noob when I ask this question, but unlike sighax where only a hardware revision would patch it up, would A9LH be extremely difficult to patch, but is possible? Like if Nintendo found a way to bypass Luma3DS's firm0/firm1 protection? I just kinda fear that will happen sooner or later, so which is why I am kinda wondering if I should eventually move on to sighax or not. Sorry if this seems like a noob question.

Bypassing FIRM protection would affect both Sighax and A9LH, though Sighax would be easier to recover from if you have a hardmod.

 

[Zaphod77]

If i'm understanding firm protection, it simply patches the call that Nintendo uses to try to overwrite firm so hat it does nothing and report success.

if said call is the only way to actually overwrite firm, then there's nothing nintendo can do.

but if there's another way to do the overwrite, then we can't update unto luma team patches that too.

But i think the big N would get in trouble over that, if it had the potential to brick.

So i think it's better for them to attack the CFWs themselves. if they make luma brick without wiping a9lh,it's recoverable, and there's no possible legal action from them.

I have a few ideas on how that might be accomplished.

regardless, until told otherwise, we have to assume that 11.4 update is not actually safe, even though 11.3 update is. you can bet the instant nintendo cracks firm protection bypass and reliably wipes a9lh without bricking, there will be an update, people will update because it's safe, and they will get unhacked. it's what i would be working on if I was them.

 

[Deleted member 350372]

If i'm understanding firm protection, it simply patches the call that Nintendo uses to try to overwrite firm so hat it does nothing and report success.

if said call is the only way to actually overwrite firm, then there's nothing nintendo can do.

but if there's another way to do the overwrite, then we can't update unto luma team patches that too.

But i think the big N would get in trouble over that, if it had the potential to brick.

So i think it's better for them to attack the CFWs themselves. if they make luma brick without wiping a9lh,it's recoverable, and there's no possible legal action from them.

I have a few ideas on how that might be accomplished.

regardless, until told otherwise, we have to assume that 11.4 update is not actually safe, even though 11.3 update is. you can bet the instant nintendo cracks firm protection bypass and reliably wipes a9lh without bricking, there will be an update, people will update because it's safe, and they will get unhacked. it's what i would be working on if I was them.

That makes sense. Lol. I hope these are theories and they won't actually be implemented.