Can someone describe the guide steps in plain English

Discussion in '3DS - Flashcards & Custom Firmwares' started by markmcrobie, Jan 20, 2017.

  1. markmcrobie
    OP

    markmcrobie GBAtemp Fan

    Member
    439
    18
    May 24, 2008
    I have used 3ds.guide and it worked perfectly, but purely out of curiosity can someone explain what the steps actually do, and what the software you use during the guide does? Just briefly, as I said, just for curiosity/to help me understand what's going on - the guide is awesome and I followed it easily step by step, but it would be good to have an understanding of what's being done and why.

    For example:

    What do DSP Dump, hourglass9, godmode, etc all actually do?

    Why do we downgrade to 2.1 at one step
    Etc

    Thanks!


    Sent from my iPhone using Tapatalk Pro
     
  2. konsolenumbau.expert

    konsolenumbau.expert GBAtemp Regular

    Member
    279
    67
    Feb 7, 2016
    Germany
    Rieps
    When I remember tight on every page at the top there is a little explanation of what is happening in the following steps.

    Gesendet von meinem SM-G935F mit Tapatalk
     
    Zidapi and Quantumcat like this.
  3. Patxinco

    Patxinco Riding a Shooting Star

    Member
    665
    268
    Apr 18, 2011
    Iirc, hourglass9 is to get a backup of your nand in case if needed after all the steps.
    godmode9 lets you access system titles you cannot access otherwise.
    and we downgrade to 2.1 cause is the last system version when your unique OTP is not secured and you have access to an exploitable browser which you use to extract your OTP.

    Iirc, of course
     
  4. EthanAddict

    EthanAddict Founder of Skiddon't-ism

    Member
    456
    2,029
    Nov 12, 2016
    Greece
    OK, here you have it:
    1) We do DSP Dump to have audio in homebrew.
    2) Hourglass9 is a noob-friendly version of Decrypt9, having only the basic functions, like nand dumping, restoring etc.
    3) Godmode9 is a payload that reads folders in sdcard, sysnand, emunand etc, and features a hex editor to edit files.
    4) We downgrade to 2.1 because there was a flaw, because the system didn't clear the 0x11 keyslot, which allowed us to get the console-unique OTP via a spider exploit(browser exploit).
     
  5. capito27

    capito27 GBAtemp Advanced Fan

    Member
    873
    1,006
    Jan 19, 2015
    Swaziland
    the 4th explanation is totally unrelated to why we can read the OTP, up to 2.1, the CFG_SYSPROT9 config register only had it's first bit set (as in, bootrom9 lock mechanism), but its second bit, the one locking access to the OTP area, was not set, so we could still read the OTP area from arm9 code execution up to 2.1, with later versions, the second bit is properly set, and the OTP region can't be accessed until shutdown of the system.
     
    koffieleut and astronautlevel like this.
  6. Zidapi

    Zidapi GBAtemp Psycho!

    Member
    3,033
    1,817
    Dec 1, 2002
    In English he said! :rofl2: