Homebrew ARM9Loader -- Technical Details and Discussion

[Psi-hate]

From what i understand for o3ds :
- get a < 3.0 fw (cia), downgrade with sysUpdatder
- dump otp with the binary posted a few post ago (need cn or linker/cn + normatt 1.0 qrcode for arm9) (thanks @MassExplosion213)

Could I be directed to the QR? Not sure where to find it. Google didn't help.

 

[Normmatt]

https://mega.nz/#!Zg0QQayL!gm-iuQ9Z67rIASQb6deORq55xIU42C3z96OSCPbKuiQ
OTP dumper. CN only atm.

Might want to tell people which qr code as that doesn't look like it'd work with my qr codes.

 

[MassExplosion213]

Might want to tell people which qr code as that doesn't look like it'd work with my qr codes.

It wouldn't? That's what it was meant for..hmm...

 

[Normmatt]

It wouldn't? That's what it was meant for..hmm...

Nope that file is based at 0x08000000 while my my qr code loads load.bin to 0x23F00000 and it doesn't need that arm9 vector crap either. Or if you want to replace the code.bin that one is based at 0x20600000.

 

[laramie]

Then why keep posting here?

Why not? It's fun...[emoji14]

 

[Psi-hate]

It wouldn't? That's what it was meant for..hmm...

Did you use this QR code and the same otp dumping binary posted above to dump your otp or did you use a different method?

You can use cubic ninja to exploit 1.0.0E its not very stable but its enough to get basic arm9 control (after a few retries). Scanhttp://i.imgur.com/7Q35Tuy.png and it will load the file load.bin into fcram at 0x23F00000 and start execution (size is limited to 0x3000 bytes)

 

[AHP_person]

https://mega.nz/#!2RUyFJ4b!4j1P9Obt8utwZhMwMon3iwlIMXlHw0SRAfVrto8y3Ro Here's what I used. Basically, use the CN NAND Dumper that @Normmatt made, and just replace code.bin. I stripped down decrypt9 to save time, so that's where the credits should go lib-wise. IIRC it should create a file on the sd named OTP.bin, then it should shut off the console. In any case where it fails, it'll reboot. OTP.bin may have to already exist, I can't remember if I ever got around to fixing that.

 

[cpasjuste]

Might want to tell people which qr code as that doesn't look like it'd work with my qr codes.

Did you use this QR code and the same otp dumping binary posted above to dump your otp or did you use a different method?

I was going to post the same link from normmatt. By the way, its really cool that your still wathching this @Normmatt .

Unfortunately I can't help more right now, I'll hardmod my EU n3ds tomorrow then take a closer look but you ( @Normmatt) can maybe provide the "up to date" tools (otp dumper for your 1.0 qrcode) for us, "normal people" (well to be fare its maybe something I'll be able to write myself as the big deal is your arn9 loader) but it can save a few hours/days.

 

[Normmatt]

I was going to post the same link from normmatt. By the way, its really cool that your still wathching this @Normmatt .

Unfortunately I can't help more right now, I'll hardmod my EU n3ds tomorrow then take a closer look but you ( @Normmatt) can maybe provide the "up to date" tools (otp dumper for your 1.0 qrcode) for us, "normal people" (well to be fare its maybe something I'll be able to write myself as the big deal is your arn9 loader) but it can save a few hours/days.

--------------------- MERGED ---------------------------





I was going to post the same link from normmatt. By the way, its really cool that your still wathching this @Normmatt .

Unfortunately I can't help more right now, I'll hardmod my EU n3ds tomorrow then take a closer look but you ( @Normmatt) can maybe provide the "up to date" tools (otp dumper for your 1.0 qrcode) for us, "normal people" (well to be fare its maybe something I'll be able to write myself as the big deal is your arn9 loader) but it can save a few hours/days.

Well I "could" but watching people struggle is more fun

 

[cpasjuste]

https://mega.nz/#!2RUyFJ4b!4j1P9Obt8utwZhMwMon3iwlIMXlHw0SRAfVrto8y3Ro Here's what I used. Basically, use the CN NAND Dumper that @Normmatt made, and just replace code.bin. I stripped down decrypt9 to save time, so that's where the credits should go lib-wise. IIRC it should create a file on the sd named OTP.bin, then it should shut off the console. In any case where it fails, it'll reboot. OTP.bin may have to already exist, I can't remember if I ever got around to fixing that.

Thanks mate.

--------------------- MERGED ---------------------------

Well I "could" but watching people struggle is more fun

You're the devil

 

[mitroux]

i have an o3ds with firmware 2.1.0-4E , could this be helping anyone? and is there a way to dump the browser cia from it ?

 

[MassExplosion213]

That would help a lot! Do you have Cubic Ninja?

 

[mitroux]

nope , not right now , but i can hardmod it and backup the nand , update with a game to 4.5 and use decrypt9 to get xorpads to decrypt the 2.1 nand , i guess this is possible right?

 

[MassExplosion213]

It is. Mind doing that?

 

[mitroux]

of course , but not tight now , it's 5 am and gonna sleep before leaving to work , but files will be ready tonight
what part of the nand do you need? the title folder?

 

[Psi-hate]

nope , not right now , but i can hardmod it and backup the nand , update with a game to 4.5 and use decrypt9 to get xorpads to decrypt the 2.1 nand , i guess this is possible right?

Yes.

Also btw guys: I just tried downgrading my O3DS to 1.0... Shit hit the fan. For some reason it refuses to install certain files. I don't know for sure but I don't think the files provided to me are working even though @AHP_person got it working on his. My 3ds says it's on 1.0 but I recall only about 8 cia files making it through before errors. Anyway, I can't boot into any hax (still have 9.2 homemenu and browser but those don't work) and I have Cubic Ninja but that doesn't work either. Good news is that I own a sky3ds+ and am using it to update to 4.5 to restore my nand..

 

[MassExplosion213]

Yes.

Also btw guys: I just tried downgrading my O3DS to 1.0... Shit hit the fan. For some reason it refuses to install certain files. I don't know for sure but I don't think the files provided to me are working even though @AHP_person got it working on his. My 3ds says it's on 1.0 but I recall only about 8 cia files making it through before errors. Anyway, I can't boot into any hax (still have 9.2 homemenu and browser but those don't work) and I have Cubic Ninja but that doesn't work either. Good news is that I own a sky3ds+ and am using it to update to 4.5 to restore my nand..

Yea..it takes a bit. Some titles have to be manually downgraded.

 

[mitroux]

and here is a photo of the 3ds

 

[Psi-hate]

Yea..it takes a bit. Some titles have to be manually downgraded.

Used Sysupdater, FBI and DevMenu and all had errors on certain files. Not sure how to delete a title before installing a new one on these installers tho.

 

[MassExplosion213]

and here is a photo of the 3ds

Aqua blue?

--------------------- MERGED ---------------------------

Used Sysupdater, FBI and DevMenu and all had errors on certain files. Not sure how to delete a title before installing a new one on these installers tho.

I mean you have to do it with decrypted CIAs and a decrypted NAND.