Hacking I bricked a 3DS while trying to inject A9LH FIRM0&1 over B9S FIRM's

[Deleted User]

Hey, I made a huge fuck-up, since I was able to switch Boot9Strap back to Arm9LoaderHax by restoring a NAND with A9LH just for testing, then restored other NAND with B9S again, works fine.

So I decided to do a quickest way, backup B9S'd firm0.bin and firm1.bin using Decrypt9WIP and renamed to FIRM0_B9S.bin and FIRM1_B9S.bin to not get confused, I also used GodMode9 and mounted a NAND backup that is A9LH and exported both firm's to files9 folder, renamed as frim0_a9lh.bin and frim1_a9lh.bin.

I went back to Decrypt9WIP, did a Partition Inject, selected frim0_a9lh.bin for FIRM0 and frim1_a9lh.bin for FIRM1, both were succeeded. Pressed START to reboot


and boom, black screen.

I am unable to load any payloads, .bin or .firm, tried holding SELECT on boot won't open up Luma3DS config for me. http://imgur.com/JjqDQFO

My 3DS is now a useless piece of shit...unless I have a NAND backup which I do. I don't know how to Hardmod some shit.

 

[I_AM_L_FORCE]

Luckily for you, all you need to do is to get a hardmod and Sighax your 3ds again

--------------------- MERGED ---------------------------

Or just restore a NAND backup.

 

[Kyousak]

Luckily for you, all you need to do is to get a hardmod and Sighax your 3ds again

--------------------- MERGED ---------------------------

Or just restore a NAND backup.

Thanks to SigHax you dont even need a NAND Backup. If it was A9LH you would be fcked without a backup

 

[N7Kopper]

That was smart. I'm going to assume that you forgot that A9LH works by mangling the FIRM0 keys in a very specific way so that they decrypt to garbage that jumps to arbitrary code execution while exploiting the fact that bootrom doesn't clear FIRM0 out of memory before loading FIRM1 if FIRM0 fails for any reason.

Just replacing the files without replicating this specific mangling would, in the best case scenario, remove your hacks.

 

[Deleted User]

That was smart. I'm going to assume that you forgot that A9LH works by mangling the FIRM0 keys in a very specific way so that they decrypt to garbage that jumps to arbitrary code execution while exploiting the fact that bootrom doesn't clear FIRM0 out of memory before loading FIRM1 if FIRM0 fails for any reason.

Just replacing the files without replicating this specific mangling would, in the best case scenario, remove your hacks.

Damn, I was so dumb, I thought replacing is just simple, then resulted in bootloader getting confused.

 

[RHOPKINS13]

Thanks to SigHax you dont even need a NAND Backup. If it was A9LH you would be fcked without a backup

Meh, you still need a NAND Backup. Pretty sure any method of recovery without a NAND backup is going to involve distributing copyrighted code. Perhaps if you have another 3DS you can use the data from that to "legally" fix your bricked 3DS, but I'd say in either case not having a NAND backup is a really bad idea, unless you're only interested in launching homebrew payloads directly from sighax

 

[I_AM_L_FORCE]

Meh, you still need a NAND Backup. Pretty sure any method of recovery without a NAND backup is going to involve distributing copyrighted code. Perhaps if you have another 3DS you can use the data from that to "legally" fix your bricked 3DS, but I'd say in either case not having a NAND backup is a really bad idea, unless you're only interested in launching homebrew payloads directly from sighax

All he'd need are Sighaxed firms and perhaps a CTRnand transfer, both publicly available.

 

[The Real Jdbye]

Meh, you still need a NAND Backup. Pretty sure any method of recovery without a NAND backup is going to involve distributing copyrighted code. Perhaps if you have another 3DS you can use the data from that to "legally" fix your bricked 3DS, but I'd say in either case not having a NAND backup is a really bad idea, unless you're only interested in launching homebrew payloads directly from sighax

He should be able to just reinstall b9s again with a hardmod, no NAND backup needed.

 

[RHOPKINS13]

All he'd need are Sighaxed firms and perhaps a CTRnand transfer, both publicly available.

Said CTRNANDs contain copyrighted Nintendo code. It may be "publicly available" mainly via torrent, but it still can be considered piracy.

He should be able to just reinstall b9s again with a hardmod, no NAND backup needed.

As far as I know, he'd also have to remove A9LH. In this case, perhaps it is possible for him to recover without a backup. But if something corrupts his NAND and he needs to use a CTRNAND, that's piracy.

And can we all agree that even if recovery without a NAND backup is possible, not having one is still a bad idea, especially if you have data you want to make sure you don't lose?

 

[The Real Jdbye]

Said CTRNANDs contain copyrighted Nintendo code. It may be "publicly available" mainly via torrent, but it still can be considered piracy.



As far as I know, he'd also have to remove A9LH. In this case, perhaps it is possible for him to recover without a backup. But if something corrupts his NAND and he needs to use a CTRNAND, that's piracy.

And can we all agree that even if recovery without a NAND backup is possible, not having one is still a bad idea, especially if you have data you want to make sure you don't lose?

B9S overwrites A9LH, so that's not a problem.
AFAIK the reason he bricked is the secret_sector.bin is not overwritten with the A9LH one. It's possible it could be unbricked by just flashing the A9LH secret_sector.bin as well but it's easier to flash B9S.

 

[Deleted User]

AFAIK the reason he bricked is the secret_sector.bin is not overwritten with the A9LH one. It's possible it could be unbricked by just flashing the A9LH secret_sector.bin as well but it's easier to flash B9S.

Geeeez... you're right. I forgot to include that file, even NAND header >_<
I didn't have a chance to dump it, so I'm outta luck.

 

[The Real Jdbye]

Geeeez... you're right. I forgot to include that file, even NAND header >_<
I didn't have a chance to dump it, so I'm outta luck.

It'll probably be fixable with ntrboothax once that's released, but that might take a while.
The safest bet is a hardmod.
I hope you have an OTP dump, you might need it.

 

[Deleted User]

It'll probably be fixable with ntrboothax once that's released, but that might take a while.
The safest bet is a hardmod.
I hope you have an OTP dump, you might need it.

I've got OTP, both boot9.bin and boot11.bin.

 

[Deleted User]

Bad news, I attempted to hardmod it with my dad, and it is completely fucked up now DiskImager won't show up Drive Letter for 3DS, too much burn on NAND pinout/spot from soldering pen.

Spoiler: Pictures

and video

 

[mrfoxhackerNAND]

My 2ds had blue screen but I solded it and did some thing for my blue screen to go away

 

[Kubas_inko]

Bad news, I attempted to hardmod it with my dad, and it is completely fucked up now DiskImager won't show up Drive Letter for 3DS, too much burn on NAND pinout/spot from soldering pen.

Do you have supported sd reader (maybe I missed it in text)

 

[Kubas_inko]

Bad news, I attempted to hardmod it with my dad, and it is completely fucked up now DiskImager won't show up Drive Letter for 3DS, too much burn on NAND pinout/spot from soldering pen.

Do you have supported sd reader (maybe I missed it in text)

 

[Deleted User]

Do you have supported sd reader (maybe I missed it in text)

No, I've got no Anker, only Integral dual slot card reader.

 

[Kubas_inko]

No, I've got no Anker, only Integral dual slot card reader.

That can be the case. When I was doing hardmod, I tried 4 laptops and 2 different sd card readers - nothing (never showed up). After that I bought anker and boom, first time it worked