2.1 N3ds unbricking question

Discussion in '3DS - Flashcards & Custom Firmwares' started by I_AM_L_FORCE, Apr 4, 2016.

  1. I_AM_L_FORCE
    OP

    I_AM_L_FORCE Unban me from Discord

    Member
    919
    293
    Feb 19, 2015
    London
    I've been curious about something, how do we actually get the 2.1fw to actually work on the N3ds? How does the "unbricking" work?
     
  2. driverdis

    driverdis I am Justice

    Member
    2,410
    919
    Sep 21, 2011
    United States
    1.048596β
    The unbricking is now handled by OTPHelper's "One Click Setup" Option, which fixes the 2.1 firmware with the header for an Old 3DS as it currently has a New 3DS header and switches the AES Keyslot used so it decrypts properly so it runs.
    there is more to it, but I have not done any more research past this.
     
    Last edited by driverdis, Apr 4, 2016
  3. I_AM_L_FORCE
    OP

    I_AM_L_FORCE Unban me from Discord

    Member
    919
    293
    Feb 19, 2015
    London
    Ah, is there a write up about this on 3dbrew?
     
  4. driverdis

    driverdis I am Justice

    Member
    2,410
    919
    Sep 21, 2011
    United States
    1.048596β
    I gathered this myself via reading the older guides from when you had to do the steps manually via a hex editor to unbrick the 2.1 EmuNAND. and via the older hardmod guides where you downgrade SysNAND to 2.1 then unbrick it via dumping the NAND and hex editing it before flashing it back.

    If 3dbrew has a writeup, I may have missed it (I did not look too deeply)
     
  5. gunner007

    gunner007 GBAtemp Advanced Maniac

    Member
    1,506
    368
    Dec 31, 2013
    United States
    Without getting super technical.

    Obviously the N3DS won't run on such a low FW since it was never designed to.
    What in essence the unbricking does is decrypts the CTRNAND partition, and changes the NCSDHeader/KeySlot to that of an O3DS, before encrypting/reinjecting it back.
    However, the AES keyslot also needs to be adjusted since if you booted it, it would be unable to decrypt the main FW image.

    Thus in essence, the console boots as if it was a O3DS with the appropriate system titles.
    Then in the end you restore your N3DS image, overwriting FIRM0/FIRM1 and booting the original system N3DS and all.
     
    I_AM_L_FORCE likes this.