Hacking 3DS Hack: "We hacked it"

[pasc]

i'm not one for assuming everything is fake, it annoys me when people do that, but, i thought the '3D' text led near the 3d slider is green when it is in '3ds mode', right?
and in the picture it is not, so hmm...
but maybe there are times when it is not green, in 3ds mode, i'm not sure

I thought it only was when the actual software supports 3D ?

 

[Seratonin]

Very poorly, I might add. But hey, there are always other system that could be emulated well - SNES, Mega Drive, NES, Master System, PlayStation, Game Boy Advance... N64? Not so much. The console is notorious for being hard to emulate not only because its hardware is a tad convoluted, but also because the games often used complex "programming tricks" to go beyond its limitations.

How exactly do you expect them to patch something that's on retail cartridges in ways other than a System Update which you can easily decline? Besides, Nintendo doesn't know the nature of the exploit yet as it's not public.

...this would be a good time to stop updating your system just in case thought. That said, we're at least a year away from proper libraries, so don't expect a homebrew fountain just yet.

Yes I am aware that I shouldn't update my 3ds any further but I was told that this hack works on the current firmware so I did it anyways. Do you think I made the right choice?

 

[Foxi4]

Yes I am aware that I shouldn't update my 3ds any further but I was told that this hack works on the current firmware so I did it anyways. Do you think I made the right choice?

If the hack works on the latest firmware, sure, why not? I'd stay on it though from now on unless the hackers themselves say it's safe to update to a given version.

 

[Jayro]

I know the DSi-mode hasn't been hacked yet, but it's not like it needs hacked before the 3DS does. I could really care less about having DSi homebrew that uses the cameras and mic. The 3DS being hacked has so much more potential, and I'm really embracing the day it becomes a reality. Only time will tell. I'm remaining optimistic.

 

[the_randomizer]

Welcome to the club, but there is one catch. What if they have a firmware update and fix it? No online play for those who care about online gaming .

Fixed that for you. If one doesn't care about online, or doesn't have good WiFi, then it's a moot point and shouldn't be an issue for those people.

 

[nukeboy95]

I know the DSi-mode hasn't been hacked yet, but it's not like it needs hacked before the 3DS does. I could really care less about having DSi homebrew that uses the cameras and mic. The 3DS being hacked has so much more potential, and I'm really embracing the day it becomes a reality. Only time will tell. I'm remaining optimistic.

The dsi was hack but it used a eshop game soo nintendo pulled the game
It was hacked by yellows8 iirc

 

[Chaossaturn]

To be safe no.
But this hack is confirmed it works in the latest

Do you have a link to where it confirmed it works with the latest?

 

[Sicklyboy]

Do you have a link to where it confirmed it works with the latest?

Why don't you read through the first four pages or so.

 

[Chaossaturn]

Why don't you read through the first four pages or so.

I see it now it hidden on page 5. I did read the thread and I did not notice that why I asked.

 

[ClickCLK]

Neimod has been busy mapping gsp (graphics) services on 3dbrew today:
http://www.3dbrew.org/wiki/GSP_Services

Hopefully this is addressing yellow8's problem yesterday:
<yellows8> it's still unknown how to use the gfx service to display anything.

This one is particularly interesting
"0x001C0040 SetLedForceOff"

Well, this is interensting.

By the way, is there a way to dump 3ds nand (maybe using additional hardware, that will be fine too)?

and here's what i found on 3DBrew:

On the 3DS savegames are stored much like on the DS, that is on a FLASH chip in the gamecart. On the DS these savegames were stored in plain-text but on the 3DS a layer of encryption was added. This is AES-CTR, as the contents of several savegames exhibit the odd behavior that xor-ing certain parts of the savegame together will result in the plain-text appearing.

The reason this works is because the stream cipher used has a period of 512 bytes. That is to say, it will repeat the same keystream after 512 bytes. The way you encrypt with a stream cipher is you XOR your data with the keystream as it is produced. Unfortunately, if your streamcipher repeats and you are encrypting a known plain-text (in our case, zeros) you are basically giving away your valuable keystream.

So how do you use this to decrypt a savegame on a 3DS? First off, you chunk up the savegame into 512 byte chunks. Then, you bin these chunks by their contents, discarding any that contain only FF. Now look for the most common chunk. This is your keystream. Now XOR the keystream with your original savegame and you should have a fully decrypted savegame. XOR with the keystream again to produce an encrypted savegame.

All gamecard and SD savegames are encrypted with AES-CTR. The gamecard savegame keyslot keyY is unique for every region of each game. A flag stored in the NCSD determines the method used to generate this keyY. This same flag is also used for determining which CTR period is used as well. The keyY when the flag is clear is generated from data stored in the main CXI, and data retrieved from gamecard commands. When the flag is set, a hash is generated for the keyY over the data from the CXI, and an ID retrieved from a gamecard command. The base CTR for gamecard savegames is all-zero. SD savegames use a CTR where the base CTR is fixed per savegame, however the CTR doesn't repeat in the image.

With system version 2.2.0-4 the system can now use a different gamecard CTR method, which fixed the above flaw. With 2.2.0-4 the system checks a NCSD flag, when it's set the new CTR period is used, otherwise the 0x200-byte CTR period is used. All games released since 2.2.0-4 have this flag set. The new CTR period may be 0x1000-bytes.

 

[Deltaechoe]

Le'me dropoff my first post here

First post is spam? Really?

On-Topic, this kind of news is realy exciting, especially since some credible people have confirmed it. Homebrew in 3ds mode will be awesome.

 

[Fear Zoa]

Its also worth noting that along with neimod updating the GSP Services page, Yellows8 made an edit to the savegames page. (Hadn't seen anyone mention that)

 

[nukeboy95]

Its also worth noting that along with neimod updating the GSP Services page, Yellows8 made an edit to the savegames page. (Hadn't seen anyone mention that)

i saw that and laughed

 

[MegaBassBX]

I was told that I shouldn't update just in case... Should I update?

I advice you not do so, until more information is provided. Do UPDATE it has been confirmed it's okay.

 

[Seratonin]

I advice you not do so, until more information is provided. Do UPDATE it has been confirmed it's okay.

One step ahead of you bro HAHA. Thank you for the confirmation.

 

[nukeboy95]

cant wait to play Tobidase Doubutsu no Mori with this

 

[RupeeClock]

Very exciting to see progress being made, a better understanding of how the 3DS functions gradually being mapped out.

The day that an actual homebrew launcher can be installed is very exciting. Just a thought, Nintendo would no doubt try to remove the homebrew launcher through firmware updates, or if they're really nasty a blacklist that is silently updated through spotpass and removed modified content (without needing a firmware update).
So if the homebrew launcher featured a way to change it's header or identifying details from within the launcher, as well as create details that are totally unique to the system they are created on (based on something such as MAC address and current date/time), it may be very difficult for Nintendo to remove the launcher title.

Just an idea, before flashcarts on DSi and 3DS systems have had to repeatedly find new headers and be reflashed before updating the system firmware. A homebrew launcher would need to take that fight a step further and make it easy to update/patch itself prior to 3DS firmware updates, or to successfully obfuscate itself to make it impossible to purge based on basic blacklist detection.

 

[MegaBassBX]

cant wait to play Tobidase Doubutsu no Mori with this

Same wise , I wish that can play Professor Layton and the miracle mask .

 

[MegaBassBX]

Very exciting to see progress being made, a better understanding of how the 3DS functions gradually being mapped out.

The day that an actual homebrew launcher can be installed is very exciting. Just a thought, Nintendo would no doubt try to remove the homebrew launcher through firmware updates, or if they're really nasty a blacklist that is silently updated through spotpass and removed modified content (without needing a firmware update).
So if the homebrew launcher featured a way to change it's header or identifying details from within the launcher, as well as create details that are totally unique to the system they are created on (based on something such as MAC address and current date/time), it may be very difficult for Nintendo to remove the launcher title.

Just an idea, before flashcarts on DSi and 3DS systems have had to repeatedly find new headers and be reflashed before updating the system firmware. A homebrew launcher would need to take that fight a step further and make it easy to update/patch itself prior to 3DS firmware updates, or to successfully obfuscate itself to make it impossible to purge based on basic blacklist detection.

I thought the Hack required a game of the eShop why do we need to re-flash our flashcarts.

And don't worry Nintendo will never do something sneaky.

 

[Kikirini]

Wow, the post-count has jumped up.
If this does turn out to be real and lead to homebrew, I personally can't wait for the emulators. I'd love to be able to have game channels installed for the stuff that doesn't make it to the eShop.