Hacking 3DS Hacking Theory Thread

[[MOFO]]

Unfortunately my Digital Camera is in the Pawn Shop. I will up them ASAP. Best I could do right now is post which errors I was getting. Only thing I can really suggest right now is try decompiling a 3DS ROM (With 3D Support) then recompiling after you've set random ARM functions on each of the ARM Channels (1-16). Ohh and terms of the ARM Functions during Reboot that's easy enough to do by adding a run script to deploy when you load your Flash Cart Kernel.

PS: pachura it's already been %100 determined that you have to have access to the 3DS' NAND Flash in order to deploy the Certificates so doing that method has already been determined that it's completely redundant and continuing to use that method is a waste of time. I only "tried" it , I didn't succeed thus why I was only posting the information as that information..

 

[minilion]

LOL. [MOFO] is trolling everyone.

He's talking bullshit and his ramblings make no sense. He's just throwing random technical terms in a sentence in order to sound smart.

- Decompiling a 3DS ROM? That's as useful as decompiling /dev/rand
- (With 3D Support)? That makes no sense
- ARM functions? ARM channels? This is bullshit.
- Access to 3DS NAND required? Again, NAND is encrypted so this is as useful as having a file that came from /dev/rand.

Stop posting bullshit.

 

[Arisotura]

You guys should stop dreaming and wait a little more anyway. Right now, even if one of us managed to find a suitable 3DS-mode exploit, it would be useless. Being able to run custom code is one thing, but if you don't know how the hardware works and what to do to ensure that the exploit worked or do other fancy things, you're just wasting your time. What would be required in order to do potentially useful things, would be RAM dumps with the unencrypted system code and all. Or the 3DS SDK (CTR-SDK). Until we get one of those two things, all we can do is wait.

 

[[MOFO]]

Actually you fucking douche I know exactly how the hardware works. I've fuckin taking it apart.. do you want me to post a fucking diagram of the 3DS. Do you want me to show you where each ARM channel is on the board? Do you want me to wipe your ass for you and serve you breakfast? Some people have ALOT of experience with hardware and some people have actually coded for Homebrew as well as patched Homebrew Apps that have had bugs that cause them not to play or crash. Before you go saying people are Trolling maybe you should do some research about how the the fucking ARM Channels work on the 3DS and that what I was posting was factual information. The NAND Flash is Encrypted yes , but how fuckin long did it take for the Wii's NAND to be dumpable?.. not very fucking long.. and I don't believe you have done any fucking information on any of this cause if you did and knew what the fuck you were talking about you'd know nothing is unhackable no encryption can not be decrypted and there is always a solution. Trolling? Dude I'm like one peice of code away from dumping the NAND can you do that? I guess not cause you seem to think it's not at all fucking possible.. I should email Team Twiizers and tell him the douches on GBATemp are non believers so they can laugh at you and post you a link to The Hombrew Channel/BootMii and the HackMii Installer you fuckin asshat..

PS: Did I not fucking say this is fucking useless anyways? Do you understand how the fuckin NAND works? Obviously Not.. Go Look it up..

 

[Rydian]

[MOFO], do you really believe one person speaks for the entire site? One person with only 9 posts? :\

And you know, it's perfectly possible to respond to calls of "bull" without insults. You could respond to it with some proof, that'd show the people reading that you have some credence. Responding with childish insults just makes you look bad, and I don't think you want that.

 

[ccfreak2k]

Actually I'd like to see this diagram and the "ARM channels" you're talking about.

 

[serenade.63]

@[MOFO] When you swear, you sound uneducated... doesn't exactly further your cause.

 

[b2cool]

Is anyone working in a way to replace the video that are download from the eshop channel to there own 3d videos?

Cuz that be cool.

 

[Rydian]

Is anyone working in a way to replace the video that are download from the eshop channel to there own 3d videos?

Cuz that be cool.

Probably encrypted. If not somebody would have likely done it already just for the glory, as if it wasn't encrypted it wouldn't be too hard. The format should be a variant of a known one and people have had ways to fake NUS stuff for ages.

 

[Arisotura]

[MOFO], stop it with your bullshit. Your 'fucking ARM channels' don't exist. You don't even know how ARM CPUs work, so please kindly stfu. Or, in the (highly unlikely) case you actually know how the 3DS works, post your 'fucking diagrams' as a proof.

Oh, also, since you're talking about the NAND, dumping it is one thing, but decrypting it is another thing. Good luck decrypting 128bit AES... but I suppose you already know where the 'fucking key' is

 

[RupeeClock]

Just a thought, Pokédex 3D saves individual pokédex entries to the SD card as they are downloaded daily.

There might be something there if you mess with the data it loads.
Maybe a buffer overflow or something, it's only an ideal.

 

[[MOFO]]

I don't know how ARM works eh?

Weird how I was perfectly correct eh?

Processor

Nintendo ARM

133 MHz ARM9 and 33 MHz ARM7

67 MHz ARM9 and 33 MHz ARM7

What proof do you want? What I stated was completely plausible. I don't mean to use inappropriate language and I do realize it makes me look bad but when everyone on this forum likes to call BS when all I'm doing is trying theories in a thread about theoretical 3DS Exploit information what BS is there to call? It's a Theory.. Do most of you not understand that concept?

 

[ccfreak2k]

]
I don't know how ARM works eh?

Weird how I was perfectly correct eh?

Processor

Nintendo ARM

133 MHz ARM9 and 33 MHz ARM7

67 MHz ARM9 and 33 MHz ARM7

You've quoted the CPU generations and speeds of the DSi and DS modes respectively. This isn't exactly news.

 

[[MOFO]]

Whoops... wrong generation

Nintendo 3DS:

ARM Processor: Dual-core 266 MHz

Look at the picture it shows it right there.. each ARM is marked and considering it's Dual Core each transistor is doubled..

PS: The Information I posted about the ARM Channels for the DSLiTE/DSi still corresponds to the 3DS as the 3DS' ARM Channels are just Doubled ie Dual Core ARM CPUs
PPS: Yes it's an ARM9 and ARM7 CPU but like every other cpu you can use whatever amount of CPU speed you want and in this case it's on each ARM which is why I was stating to use ARM1-16 depending on the speed/part of the cpu you want/function

Oh, also, since you're talking about the NAND, dumping it is one thing, but decrypting it is another thing. Good luck decrypting 128bit AES... but I suppose you already know where the 'fucking key' is

^^Since when was this hard? 128 bit AES is weak dude.. give me 20 minutes and I'll spend 19 minutes eating Cheetos and then decrypt it for you..

PS: The Quoting Option on GBATemp is ass backwards as fuck.. doesn't seem to work at all for me..
PPS: I don't know need to take screenshots this thread is a "3DS Hacking Theory Thread" isn't it? xD

 

[[MOFO]]

*DELETE*

 

[heartgold]

]

[Mega Mario]Oh, also, since you're talking about the NAND, dumping it is one thing, but decrypting it is another thing. Good luck decrypting 128bit AES... but I suppose you already know where the 'fucking key' is

^^Since when was this hard? 128 bit AES is weak dude.. give me 20 minutes and I'll spend 19 minutes eating Cheetos and then give decrypt it for you..

Alright do it!

and please don't double post

 

[[MOFO]]

Alright do it!

and please don't double post

1. I do what I want..
2. I'll double post if I want.. ban me?

PS: You know if you ban me I'll just find another forum that can actually exploit the 3DS xD (kidding)

 

[Nujui]

]

Alright do it!

and please don't double post

1. I do what I want..
2. I'll double post if I want.. ban me?

PS: You know if you ban me I'll just find another forum that can actually exploit the 3DS xD (kidding)

You won't get banned, but probably get warned, just edit your post.

 

[[MOFO]]

Anyways.. I'm only stating ideas/concepts/theories.. I thought that's what this thread was about?

 

[ChrisRX]

]
Correct pachura but you left out one point where I added Random ARM functions to deploy DURING the reboot , using a very similar method to the BannerBomb exploit on the Wii. The ARM functions did deploy during reboot enabling the first load of a 3DS Rom to display ARMxx Errors and 3D Mode Not Accessible errors which leads me to think I'm on the right direction with this..
I think you mean ARM instructions, not functions. At a hardware level functions don't exist. In addition, if you didn't initialise the processor then it wouldn't be possible for the processor to then display error messages. Theoretically the LCD controller could be smart enough to display the error message about the 3D mode not being enabled, but then it wouldn't know about the ARM chip, therefore making your errors unbelievable.

PS: The ARM Functions are just Random ARM Functions (Jibberish Numbers) on each of the ARM Channels 1-11. I'm still not %100 sure which ARM Function is going to do it or wether it is completely write protected similar to other devices..
Yet again, instructions*. And I have know idea what you're talking about when you say ARM channels. The closest I can think of would be the registers of which there are 16, and you can't just "put" an instruction into a register. It wouldn't do anything useful

]
I don't know how ARM works eh?

Weird how I was perfectly correct eh?

Processor

Nintendo ARM

133 MHz ARM9 and 33 MHz ARM7

67 MHz ARM9 and 33 MHz ARM7

What proof do you want? What I stated was completely plausible. I don't mean to use inappropriate language and I do realize it makes me look bad but when everyone on this forum likes to call BS when all I'm doing is trying theories in a thread about theoretical 3DS Exploit information what BS is there to call? It's a Theory.. Do most of you not understand that concept?

What does quoting the specs of the DS have to do with anything?

]
Look at the picture it shows it right there.. each ARM is marked and considering it's Dual Core each transistor is doubled..

PS: The Information I posted about the ARM Channels for the DSLiTE/DSi still corresponds to the 3DS as the 3DS' ARM Channels are just Doubled ie Dual Core ARM CPUs
PPS: Yes it's an ARM9 and ARM7 CPU but like every other cpu you can use whatever amount of CPU speed you want and in this case it's on each ARM which is why I was stating to use ARM1-16 depending on the speed/part of the cpu you want/function

That is not how a dual core processor works. You go and try and design even a basic dual core processor in VHDL or Verilog and see that you need a huge amount of additional logic to allow the cores to syncronise and communicate properly

QUOTE

PS: The Quoting Option on GBATemp is ass backwards as fuck.. doesn't seem to work at all for me..
PPS: I don't know need to take screenshots this thread is a "3DS Hacking Theory Thread" isn't it? xD

If you're not smart enough to be able to use the quote option on here, then you're not smart enough to hack into an ARM system.