Toggle sidebar

Homebrew AES key scrambler

  • Thread starter Thread starter Suiginou
  • Start date Start date
  • Views Views 89,904
  • Replies Replies 455
  • Likes Likes 12
zoogie said:
Well the fruits of this labor are emerging.
https://github.com/delebile/arm9loaderhax/

(and yes I struggled google-fuing a relevant thread lol)
Click to expand...
Readme says 10.0 N3DS NATIVE_FIRM .firm has SHA-256 d253c1cc0a5ffac6b383dac1827cfb3b2d3d566c6a1a8e5254e389c2950623e5. That mismatches my 10.0 N3DS NATIVE_FIRM hash (d82db7b4382b07889977910cc6ec6d877d217923d760af4e8b3aabb263e421c6); same with 10.0 O3DS (4684bb50ab77e7f1e38a65de18b2535859cc385b0b95fd3255c023f13cb7a7b3).

The 9.0-9.2 N3DS NATIVE_FIRM hash matches again, however.

EDIT: Mystery solved, it's actually N3DS 10.2.
 
Last edited by Suiginou,
Suiginou said:
Readme says 10.0 N3DS NATIVE_FIRM .firm has SHA-256 d253c1cc0a5ffac6b383dac1827cfb3b2d3d566c6a1a8e5254e389c2950623e5. That mismatches my 10.0 N3DS NATIVE_FIRM hash (d82db7b4382b07889977910cc6ec6d877d217923d760af4e8b3aabb263e421c6); same with 10.0 O3DS (4684bb50ab77e7f1e38a65de18b2535859cc385b0b95fd3255c023f13cb7a7b3).

The 9.0-9.2 N3DS NATIVE_FIRM hash matches again, however.
Click to expand...
Maybe it was just a miss past from a large text file full of hashes he made.
 
For arm9loaderhax to become feasible for the many, we'll need a better way to dump OTP.

On N3DS, OTP dumping requires a hardmod for the downgrade or for brute-forcing a few initial keys to get the OTP dump and work with the publicly released payload.

On O3DS, OTP dumping requires a very risky downgrade with no known path back onto 9.2. There's no ARM9 payload yet, either, and at least Cubic NInja, mset and OOT3D (to be set up in advance) or spider (2.1 only, there's no full dump of 2.1 with browser on the Internet so far) should be considered. This is just very bad. That, or arm9loaderhax with a blindly brute-forced key to get a handle on OTP dumping as with N3DS.

Both options suck. We still need a better way to dump OTP or at least get its hash from the SHA engine.
 
Last edited by Suiginou,
  • Like
Reactions: Psi-hate, daxtsu, capito27 and 3 others
The answer is that my code is meant to help the ones who want to achieve the hack on their own, who are intrapendent enough to follow all the tricky steps, so that they at least have some reference to look at.
This being said, i find positive the fact that it's not doable for the end-users, you do not know how many bricks this thing can cause.
 
  • Like
Reactions: shinyquagsire23 and kiwiis
delebile said:
The answer is that my code is meant to help the ones who want to achieve the hack on their own, who are intrapendent enough to follow all the tricky steps, so that they at least have some reference to look at.
This being said, i find positive the fact that it's not doable for the end-users, you do not know how many bricks this thing can cause.
Click to expand...
But people with hard mods would love to use it :P, this reminds me of the PSP scene when recovery menu came out and time machine was released.
 
Xenon Hacks said:
But people with hard mods would love to use it :P, this reminds me of the PSP scene when recovery menu came out and time machine was released.
Click to expand...
If you have an hard mod (which is absolutely required and not optional in my opiniom) you can try a downgrade to 1.x or 2.x (if you are on old3ds) or bruteforce the key and use arm9loaderhax to directly dump the otp hash (new3ds best option i guess).
 
  • Like
Reactions: kiwiis and Xenon Hacks
delebile said:
If you have an hard mod (which is absolutely required and not optional in my opiniom) you can try a downgrade to 1.x or 2.x (if you are on old3ds) or bruteforce the key and use arm9loaderhax to directly dump the otp hash (new3ds best option i guess).
Click to expand...
Ill wait for clearer steps im a bit of a ninny when it comes to the super technical steps im subbed to the repo hope to see something come out of your work :bow:
 
  • Like
Reactions: intensje
delebile said:
If you have an hard mod (which is absolutely required and not optional in my opiniom) you can try a downgrade to 1.x or 2.x (if you are on old3ds) or bruteforce the key and use arm9loaderhax to directly dump the otp hash (new3ds best option i guess).
Click to expand...

Thank you so much for your hard work (not just on arm9loaderhax but for memchunkhax2 as well) and for sharing unlike what some others have selfishly done. Good luck getting the LCD working and I look forward to seeing what comes from your repo in the future. :bow:
 
Last edited by kiwiis,
delebile said:
If you have an hard mod (which is absolutely required and not optional in my opiniom) you can try a downgrade to 1.x or 2.x (if you are on old3ds) or bruteforce the key and use arm9loaderhax to directly dump the otp hash (new3ds best option i guess).
Click to expand...
Honestly I plan to get a hardmod on both my old and new 3ds' so in the event that a guide to all the stuff is public for those who don't have the technical ability to work the whole process out without help will at least have a possibility to. There's no way I could do these things myself and don't even know if any sort of guide would help but if I had the info/process in front of me and the required prerequisites then I'm sure I'd get through with it.
 
  • Like
Reactions: Xenon Hacks

Site & Scene News

Go to forum More news

Popular threads in this forum

Why did the price of 3ds shoot up ?

Hacking Homebrew Project  BlazerTube - a YouTube 3DS revival using the REAL app!

Problems getting Homebrew to appear outside of the Homebrew Launcher (homebrew won't appear on the HOME menu)

Homebrew app Emulator  [Release] 3DS-CLI - Run a real RISC-V Linux environment on the Nintendo 3DS

Website for finding alternative games for 3DS

Hardware  2 Broken 3DSes, need help

Gaming  any good rpgs on 3ds?

Hacking  Modding Reassurance