Homebrew [ANNOUNCE] Yellows8 has updated the 3ds_browserhax_common to support >=9.9 O3DS, n3DS

Psi-hate

Psi-hate

GBATemp's Official Psi-Hater
Member
Level 12
Joined
Dec 14, 2014
Messages
1,745
Trophies
1
XP
3,105
Country
United States
DiegitusXD said:
Why?
Click to expand...
@shinyquagsire23 and their team are one of the "most" reliable public sources when it comes to asking about what we can and can't do (They've told us so much, yet we took it for granted like always). He has been tinkering with the 3ds back when KARL was a thing and knows quite a bit since him and his team have been working on their own CFW and have researched so much. I had a convo with him a while ago, back when I thought we couldn't touch Native_Firm unless arm9hax but he stated otherwise giving a small explanation. If he could clear it up a little, I'm sure some of the people will comprehend that at least downgrading should be achievable.
 

Attachments

  • nt.PNG
    nt.PNG
    22 KB · Views: 300
Last edited by Psi-hate,
  • Like
Reactions: Margen67, Bubsy Bobcat and TheRivo
shinyquagsire23

shinyquagsire23

SALT/Sm4sh Leak Guy
Member
Level 13
Joined
Nov 18, 2012
Messages
1,971
Trophies
2
Age
25
Location
Las Vegas
XP
3,709
Country
United States
Psi-hate said:
@shinyquagsire23 and their team are one of the "most" reliable public sources when it comes to asking about what we can and can't do (They've told us so much, yet we took it for granted like always). He has been tinkering with the 3ds back when KARL was a thing and knows quite a bit since him and his team have been working on their own CFW and have researched so much. I had a convo with him a while ago, back when I thought we couldn't touch Native_Firm unless arm9hax but he stated otherwise giving a small explanation. If he could clear it up a little, I'm sure some of the people will comprehend that at least downgrading should be achievable.
Click to expand...
Basically, all you need to install .cias is ARM11 kernel access. But these can only be signed .cias, ARM9 kernel is needed for unsigned .cias. There is downgrading protection with system apps and normal apps, however it's flawed: You can delete an app and then install it directly afterwards, effectively making these protections void. Thus the MSET downgrade hack was formed. So in theory, if you had ARM11 kernel access you could do this remove->install trick on all system apps and modules, including the NATIVE_FIRM title. To remedy the two stored straight on the NAND used by the bootloader, you actually already have the xorpads needed for those. If you know what version you're already on, you can use that NATIVE_FIRM image to retrieve an xorpad for it, and use that xorpad to write an older NATIVE_FIRM (note, these are still signed FIRM images here). This probably isn't possible though for the N3DS, due the fact that the 9.6 and up NATIVE_FIRM binaries are stuck behind new encryption. You could at least though return some usermode exploits I suppose.

You might say though, why not just write the NATIVE_FIRM only? This could maybe work for a few firmware versions with minimal updates relying on new stuff in the FIRM, but if the firmware introduced any significant changes it will most likely fail to work.
 
  • Like
Reactions: I pwned U!, TheRivo, AtlasFontaine and 8 others
NeoSlyde

NeoSlyde

Let us start the game
Banned
Level 11
Joined
Mar 6, 2015
Messages
1,899
Trophies
0
Location
Morocco
XP
2,564
Country
France
shinyquagsire23 said:
Basically, all you need to install .cias is ARM11 kernel access. But these can only be signed .cias, ARM9 kernel is needed for unsigned .cias. There is downgrading protection with system apps and normal apps, however it's flawed: You can delete an app and then install it directly afterwards, effectively making these protections void. Thus the MSET downgrade hack was formed. So in theory, if you had ARM11 kernel access you could do this remove->install trick on all system apps and modules, including the NATIVE_FIRM title. To remedy the two stored straight on the NAND used by the bootloader, you actually already have the xorpads needed for those. If you know what version you're already on, you can use that NATIVE_FIRM image to retrieve an xorpad for it, and use that xorpad to write an older NATIVE_FIRM (note, these are still signed FIRM images here). This probably isn't possible though for the N3DS, due the fact that the 9.6 and up NATIVE_FIRM binaries are stuck behind new encryption. You could at least though return some usermode exploits I suppose.

You might say though, why not just write the NATIVE_FIRM only? This could maybe work for a few firmware versions with minimal updates relying on new stuff in the FIRM, but if the firmware introduced any significant changes it will most likely fail to work.
Click to expand...
I didnt understand anything!!!
In english please??
 
guitarheroknight

guitarheroknight

1.6180339887
Member
Level 14
Joined
Nov 9, 2014
Messages
2,818
Trophies
1
Age
32
Location
Grand Line
XP
4,125
Country
Norway
shinyquagsire23 said:
Basically, all you need to install .cias is ARM11 kernel access. But these can only be signed .cias, ARM9 kernel is needed for unsigned .cias. There is downgrading protection with system apps and normal apps, however it's flawed: You can delete an app and then install it directly afterwards, effectively making these protections void. Thus the MSET downgrade hack was formed. So in theory, if you had ARM11 kernel access you could do this remove->install trick on all system apps and modules, including the NATIVE_FIRM title. To remedy the two stored straight on the NAND used by the bootloader, you actually already have the xorpads needed for those. If you know what version you're already on, you can use that NATIVE_FIRM image to retrieve an xorpad for it, and use that xorpad to write an older NATIVE_FIRM (note, these are still signed FIRM images here). This probably isn't possible though for the N3DS, due the fact that the 9.6 and up NATIVE_FIRM binaries are stuck behind new encryption. You could at least though return some usermode exploits I suppose.

You might say though, why not just write the NATIVE_FIRM only? This could maybe work for a few firmware versions with minimal updates relying on new stuff in the FIRM, but if the firmware introduced any significant changes it will most likely fail to work.
Click to expand...
So basically if someone were to publicly release an ARM11 kernel between 9.2 - 9.5 the downgrade function could be viable again? What about ARM9?
 
  • Like
Reactions: Margen67 and VegaRoXas
Psi-hate

Psi-hate

GBATemp's Official Psi-Hater
Member
Level 12
Joined
Dec 14, 2014
Messages
1,745
Trophies
1
XP
3,105
Country
United States
shinyquagsire23 said:
Basically, all you need to install .cias is ARM11 kernel access. But these can only be signed .cias, ARM9 kernel is needed for unsigned .cias. There is downgrading protection with system apps and normal apps, however it's flawed: You can delete an app and then install it directly afterwards, effectively making these protections void. Thus the MSET downgrade hack was formed. So in theory, if you had ARM11 kernel access you could do this remove->install trick on all system apps and modules, including the NATIVE_FIRM title. To remedy the two stored straight on the NAND used by the bootloader, you actually already have the xorpads needed for those. If you know what version you're already on, you can use that NATIVE_FIRM image to retrieve an xorpad for it, and use that xorpad to write an older NATIVE_FIRM (note, these are still signed FIRM images here). This probably isn't possible though for the N3DS, due the fact that the 9.6 and up NATIVE_FIRM binaries are stuck behind new encryption. You could at least though return some usermode exploits I suppose.

You might say though, why not just write the NATIVE_FIRM only? This could maybe work for a few firmware versions with minimal updates relying on new stuff in the FIRM, but if the firmware introduced any significant changes it will most likely fail to work.
Click to expand...
I really appreciate the explanation! Since N3DS is borked until those keys are out and about, that's one downside but at least O3DS users have a chance at downgrading.
 
  • Like
Reactions: Margen67
Psi-hate

Psi-hate

GBATemp's Official Psi-Hater
Member
Level 12
Joined
Dec 14, 2014
Messages
1,745
Trophies
1
XP
3,105
Country
United States
guitarheroknight said:
So basically if someone were to publicly release an ARM11 kernel between 9.2 - 9.5 the downgrade function could be viable again? What about ARM9?
Click to expand...
DiegitusXD said:
But only 9.5?,what about 9.9?
Click to expand...
O3DS is able to do 9.9 downgradin if Arm11 kernel is achievable, while N3DS is 9.5 and below due to encyption 9.6+
 
  • Like
Reactions: Margen67
leerpsp

leerpsp

Well-Known Member
Member
Level 9
Joined
Feb 22, 2014
Messages
1,740
Trophies
0
Age
32
XP
1,780
Country
United States
I would just like to downgrade so i can back up my 3ds games i have to install on my 3ds so i don't have to carry around all my 3ds cards with me.
 
  • Like
Reactions: Margen67
General chit-chat
Help Users
  • No one is chatting at the moment.
  • JuanMena @ JuanMena:
    Will you give me mouth to mouth oxygen if my throat closes?
  • K3N1 @ K3N1:
    Nah the air can do that
  • K3N1 @ K3N1:
    Ask @x65943 he's trained for that stuff
  • JuanMena @ JuanMena:
    Kissing random dudes choking in celery? Really? Need to study for that?
  • K3N1 @ K3N1:
    Yes it requires a degree
  • K3N1 @ K3N1:
    I could also yank out the rest of my teeth but theirs professionals for that
  • x65943 @ x65943:
    If your throat closes, putting oxygen in your mouth will not solve anything - as you will be introducing oxygen prior to the area of obstruction
  • JuanMena @ JuanMena:
    Just kiss me Kyle.
  • x65943 @ x65943:
    You either need to be intubated to bypass obstruction or create a stoma inferior to the the area of obstruction to survive
  • x65943 @ x65943:
    "Just kiss me Kyle." And I thought all the godreborn gay stuff was a smear campaign
  • JuanMena @ JuanMena:
    If I die, tell my momma I won't be carrying Baby Jesus this christmas :sad::cry:
  • K3N1 @ K3N1:
    Smear campaigns are in The political section now?
  • JuanMena @ JuanMena:
    Chary! Chary! Chary, Chary, Chary!
  • Sonic Angel Knight @ Sonic Angel Knight:
    Pork Provolone :P
  • Psionic Roshambo @ Psionic Roshambo:
    Sounds yummy
  • K3N1 @ K3N1:
    Sweet found my Wii u PSU right after I ordered a new one :tpi:
  • JuanMena @ JuanMena:
    It was waiting for you to order another one.
    Seems like, your PSU was waiting for a partner.
  • JuanMena @ JuanMena:
    Keep them both
    separated or you'll have more PSUs each year.
  • K3N1 @ K3N1:
    Well one you insert one PSU into the other one you get power
  • JuanMena @ JuanMena:
    It literally turns it on.
  • K3N1 @ K3N1:
    Yeah power supplies are filthy perverts
  • K3N1 @ K3N1:
    @Psionic Roshambo has a new friend
     +1
  • JuanMena @ JuanMena:
    It's Kyle, the guy that went to school to be a Certified man Kisser.
  • Psionic Roshambo @ Psionic Roshambo:
    Cartmans hand has taco flavored kisses
  • A @ abraarukuk:
    hi guys
    A @ abraarukuk: hi guys