Hacking Official [Source Release] ReiNand CFW

DarkenedMatter · Jan 12, 2016

Tiibz said:
where can i find your tokyo ghoul theme ? ^^

JJTapia19 · Jan 12, 2016

Reisyukaku said:
Well I need to clean up the hard coded keys, once i do that, ill be able to push code to git, but you'll need nand key2. I'd rather not leak keys so ill have to think of something.. then again, people on twitter seem to know how i got the keys so... lol

I find it amazing that you were the first one to give us new 3DS emunand without gateway and now you are going to be the first one to give us new 3DS emunand 9.6+ which not even gateway has accomplished. Thank you for everything you do for the scene.

Kioku · Jan 12, 2016

This ultimately has been an exciting year for the 3DS scene.. and it's only the 12th...

daxtsu · Jan 12, 2016

Vappy said:
If the method is already public, what about a quick how-to so people can dump and generate the keys themselves? Assuming you're referring to running 1.0 emuNAND, which I didn't think was possible on N3DS.

I'll second this, getting the keys ourselves would probably be the best way to release it, if it's not too hard to do.

Hagslayer5 · Jan 12, 2016

Reisyukaku said:
This will be the official thread for things related to ReiNand.
I released the source on git earlier today, so hopefully this will help those who want to learn.

What is ReiNand?:
ReiNand is a minimalistic custom firmware for N3DS exclusively. I didn't want tons of complex code, just something that load and patches firm basically.

Features:

Ninjhax and MSET support!

Sig checks disabled

screenshots (set for pokemon game offsets currently) [Select Button + X]

RAM dump (currently set for FCRAM) [Start Button + X]

emunand (with 'Rei' version string)

sysnand mode with sig checks disabled, using NAND firm0 [Start + B at menu]

Future plans:
Of course I'm planning to add plenty more features and keep up with this project.

CFW: https://github.com/Reisyukaku/ReiNand
ROP: https://github.com/Reisyukaku/rnInstaller
Ninjhax 2.0 Launcher: Here (Thanks @Dean_)

can you make a tutriuol on this please

Zidapi · Jan 12, 2016

James310 said:
Is there any way to autoboot without pressing start?

No, and requests for autoboot have been dismissed. If you want it you'll have modify and compile the code yourself.

MattKimura said:
I believe even CakesFW has to go through a screen similar to it before booting emunand. Only Rxtools and Gateway can autoboot into emunand without pressing anything.

There's no slash screen, and CakesFW has the option to enable autoboot from its menu.

Reisyukaku said:
might release this sometime tomorrow if i get up at a decent hour
https://twitter.com/Reisyukaku/status/686829593370734592

C-C-C-COMBO BREAKER!!

Well, that came out of nowhere. Honestly, I thought you'd abandoned reiNAND, but you were just quietly working behind the scenes.

Vappy said:
Assuming you're referring to running 1.0 emuNAND, which I didn't think was possible on N3DS.

JJTapia19 said:
the first one to give us new 3DS emunand 9.6+ which not even gateway has accomplished. Thank you for everything you do for the scene.

Have guys been living under rocks for the last few weeks?

Gateway announced that they'd be supporting 10.3 on the 29th of December. Correspondence since indicates their intent to release it by the end of the month.

That’s right! We can already reveal another surprise that is coming SOON: We will be bringing Gateway support to systems that are on the current LATEST FIRMWARE: 10.3 and lower.
So do not update past this version, because we will not be able to bring support for versions after that any time soon!

On the third of January Team SALT released a video showing that they'd cracked 10.3 sysNAND.

The video also shows that they are using a new exploit that boots directly into an exploited state (a bootROM exploit perhaps?), and that are able to launch homebrew directly from the home screen.

On the 12th both @Reisyukaku and rxTools Team announced they'd be adding 10.3 support shortly.

JJTapia19 · Jan 12, 2016

Zidapi said:
Have guys been living under rocks for the last few weeks?

Gateway announced that they'd be supporting 10.3 on the 29th of December. Correspondence since indicates their intent to release it by the end of the month.

On the third of January Team SALT released a video showing that they'd cracked 10.3 sysNAND.

The video also shows that they are using a new exploit that boots directly into an exploited state (a bootROM exploit perhaps?), and that are able to launch homebrew directly from the home screen.

On the 12th both @Reisyukaku and rxTools Team announced they'd be adding 10.3 support shortly.

I know about gateway and salt but salt don't release their work so they don't even count for me and about gateway like I said

JJTapia19 said:
and now you are going to be the first one to give us new 3DS emunand 9.6+ which not even gateway has accomplished. Thank you for everything you do for the scene.

I know gateway will support it too but as always SOON™

Apache Thunder · Jan 12, 2016

This comes around at about the same time as when Gateway came out with 9.x support last year. Coincidence?

MattKimura · Jan 12, 2016

@Zidapi Reinand has no splash screen? Then why's there a splash.bin file in it's folder lol
I'm talking about the screen that says press start to boot emunand. When I boot reinand, I just get a black screen yet I can press start anyways and still get to emunand.

Edit: Ever since I replaced firmware.bin with the one provided on Github, I can now see the splash screen like normal. Thanks Rei for suggesting it as a fix above.
Now I have all the CFW on CTR boot manager's menu, with each one working properly.

AHP_person · Jan 12, 2016

Zidapi said:
The video also shows that they are using a new exploit that boots directly into an exploited state (a bootROM exploit perhaps?), and that are able to launch homebrew directly from the home screen.

It's just arm9loaderhax (or as they call it, kernel9loaderhax, not really any different). The code execution time from startup is almost unnoticeable.

AlbertoSONIC · Jan 12, 2016

AHP_person said:
It's just arm9loaderhax (or as they call it, kernel9loaderhax, not really any different). The code execution time from startup is almost unnoticeable.

Yeah, almost once the bootrom has initilized the hardware, the code execution starts. Which is awesome

Zidapi · Jan 12, 2016

MattKimura said:
@Zidapi Reinand has no splash screen? Then why's there a splash.bin file in it's folder lol
I'm talking about the screen that says press start to boot emunand. When I boot reinand, I just get a black screen yet I can press start anyways and still get to emunand.

Sorry, reading over my reply I can see that I wasn't very clear.

CakesFW has autoboot, and no splash screen. Whereas reiNAND has a splash screen, but not autoboot.

Reisyukaku · Jan 12, 2016

Zidapi said:
Sorry, reading over my reply I can see that I wasn't very clear.

CakesFW has autoboot, and no splash screen. Whereas reiNAND has a splash screen, but not autoboot.

ill probably add a config file with defaults and people can change said defaults at leasure..
One reason i didnt do autoboot is it'd be harder to trigger sysnand mode i guess.. and also i need a way to display the splash on the screen for more than a split second, but also not cause crazy boot times.

Columbo2811 · Jan 12, 2016

There's an autoboot of reinand on the bottom of page 31 of this thread if anyone interested.

zuxicovp · Jan 12, 2016

Reisyukaku said:
ill probably add a config file with defaults and people can change said defaults at leasure..
One reason i didnt do autoboot is it'd be harder to trigger sysnand mode i guess.. and also i need a way to display the splash on the screen for more than a split second, but also not cause crazy boot times.

Regarding the 9.6+ support for emunand, is it reasonable to expect the source to be on github today?

Zidapi · Jan 13, 2016

Reisyukaku said:
might release this sometime tomorrow if i get up at a decent hour
https://twitter.com/Reisyukaku/status/686829593370734592

It's now been 13+ hours since you made this post.

Is it safe to say you didn't get up at a decent hour, or is it still the same day where you are?

JJTapia19 said:
I know about gateway and salt but salt don't release their work so they don't even count for me and about gateway like I said

I know gateway will support it too but as always SOON™

Okay I understand now, it's clear that what you said and what you wrote aren't the same thing (likey, because English isn't your first language).

What you meant was "Gateway hasn't released 10.3 emuNAND", but what you wrote was "Gateway hasn't achieved 10.3 emuNAND".

Thanks for clarifying things.

AHP_person said:
It's just arm9loaderhax (or as they call it, kernel9loaderhax, not really any different). The code execution time from startup is almost unnoticeable.

Thank you for the extra insight.

I realised it booted too quick to be menuhax, so I assumed it was a bootROM exploit, I didn't realise there was a third option that lay somewhere between the two.

Reisyukaku said:
ill probably add a config file with defaults and people can change said defaults at leasure..
One reason i didnt do autoboot is it'd be harder to trigger sysnand mode i guess.. and also i need a way to display the splash on the screen for more than a split second, but also not cause crazy boot times.

If you did that, it'd be great. If you had a "hold B to boot sysNAND" splash would that be enough time for users to trigger it, or would they have to be holding B before the splash screen appeared to trigger it?

Did you end up removing the hardcoded screenshot/ram dump triggers? That's one of the primary reasons I've been using CakesFW over reiNAND. The other was a lack of autobooting.

Please, give me a good reason to jump back on the rei-train

zuxicovp said:
Regarding the 9.6+ support for emunand, is it reasonable to expect the source to be on github today?

No.

Gregora · Jan 13, 2016

I've been out of the loop as far as cfw goes so it was a pleasant surprise for me that it looks like 10.3 emunand is incoming. It will be nice to be able to access the eshop again.

AHP_person · Jan 13, 2016

Zidapi said:
Thank you for the extra insight.

I realised it booted too quick to be menuhax, so I assumed it was a bootROM exploit, I didn't realise there was a third option that lay somewhere between the two.

Ye, it'd be nice to have what they have, but the execution space is so tiny ><

Gaiaknight · Jan 13, 2016

Zidapi said:
It's now been 13+ hours since you made this post.

Is it safe to say you didn't get up at a decent hour, or is it still the same day where you are?

Have some patience it hasnt even been 24hrs yet.....

Kioku · Jan 13, 2016

Gaiaknight said:
Have some patience it hasnt even been 24hrs yet.....

If you couldn't tell, it was clearly a joke.

Hacking Official [Source Release] ReiNand CFW

Well-Known Member

I fight for my friends.

猫。子猫です！

Well-Known Member

Well-Known Member

Well-Known Member

I fight for my friends.

I have cameras in your head!

3DS & WiiU Enthusiast

Well-Known Member

Pasta Team Member

Well-Known Member

Onii-sama~

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

猫。子猫です！

Similar threads

Popular threads in this forum