Clarification Thread - What is going on?

Discussion in '3DS - Homebrew Development and Emulators' started by JustPingo, Dec 28, 2015.

Thread Status:
Not open for further replies.
  1. JustPingo
    OP

    JustPingo GBAtemp Fan

    Member
    497
    996
    Jan 11, 2015
    France
    So recently 3 persons just dropped a bomb into the 3DS scene, and so a lot of stupid things have been understood. This thread is made to clarify things and destroy the bullshit.

    • First of all, and most importantly: DO NOT UPDATE WHATEVER FIRMWARE YOU'RE ON; IF YOU HAVE *HAX. IF YOU DON'T, AND THE MOST RECENT FIRMWARE VERSION AVAILABLE IS STILL 10.3, UPDATE AND INSTALL MENUHAX. Thanks. It is recommended for you to get a way to access Homebrew Launcher as soon as possible.

    • snshax is indeed a way to downgrade without NAND backup (and install legit CIAs) for firmware under 10.2 as it was patched with that version. This is N3DS-only and not a kernel exploit. However, this is not the only way to do it and it is not very useful anyway because of the following.

    • memchunkhax2 is a new kernel11 exploit. This one works on every firmware up to and including 10.3. This allows downgrade (without NAND backup), legit CIA installation, a lot of good stuff (but not direct piracy). This is a new version of memchunkhax that was not properly fixed by Nintendo in 9.3. This works on 3DS, 3DS XL, 2DS, N3DS and N3DS XL.

    • ntrcardhax is a kernel9 exploit, and this allows piracy (because of the control of ARM9). This exploit needs special hardware (something similar to the PassMe). This is basically an exploit of the fact that ARM9 handles NDS games. More or less. This works on 3DS, 3DS XL, 2DS, N3DS and N3DS XL. This is not 100% needed however as memchunkhax2 allows you to downgrade back to more vulnerable versions like 9.2.

    • arm9loaderhax is a way to inject a payload directly into a N3DS bootrom (just after the the firm boot). This is like a CFW coldboot N3DS-only.

    • There is also a way to calculate/bruteforce the constant used by the key scrambler and use that to generate missing KeyX for known normal (AES) keys + KeyY and bypass the keyscrambler all together, which is pretty cool to be honest. This is made to get more keys, nothing usable for the end user.

    I think that's mostly it. Oh and by the way a certain smealum wants you to make homebrews.

    FAQ
    Q: What will this allow ?
    A: memchunkhax2 gives ARM11 kernel access, and will allow downgrading to 9.2 for 9.3-10.3, on 2DS, 3DS and New 3DS. That means that it will allow CFW (so, piracy), almost-full speed emulators, CIA decryption, and more.

    Q: How will this work ?

    A: An homebrew using memchunkhax2 will be released for downgrading the firmware with CIA files.

    Q: What will I need for this ?
    A: A way to run the Homebrew Launcher for the current version you are in and the CIA files for downgrading to 9.0-9.2 for your region and your model (New3DS or 3DS). DO NOT REMOVE THEM BEFORE DOWNGRADING!

    Q: Is it ready yet ?
    A: No. It's still being worked on.

    Q: When does it comes out ?
    A: We can't give any ETA. Please be patient, it will be released at some point. Developers will give news about this.

    Q: Where can I find these CIA packs ?
    A: You can try downloading these with 3DNUS, or on that ISO site (Google is your friend).

    Q: Who is working on this ?
    A: @Steveice10, @TuxSH, @julian20, @mid-kid, @delebile, and @MassExplosion213 are team-working on memchunkhax2. @motezazer is helping them, too.

    Q: Who found this ?
    A: smealum found snshax, derrek found memchunkhax2 and plutoo found ntrcardhax and arm9loaderhax.

    Q: Will this allow 9.5+ emuNAND on N3DS ?
    A: No.

    Q: Why can't I compile the source on the Steveice10's GitHub repository ?
    A: It's not finished yet, and needs the last modifications on ctrulib.

    Q: Will downgrade affect my console's data? Will I loose savegames/games/anything?
    A: No. The downgrade only touches to the system itself. All your data is safe. However, downgrading to a firmware version under 9.3 will remove the support of badges on sysNAND.

    Q: I want to ask something that is not in the FAQ, can I ?
    A: Sure, but it has to be related to the topic. We're not talking about how to download games CIAs, how to install CFW... but questions related to the exploits.



    If you want to say stupid shit or hype here is the right place to do it: http://gbatemp.net/threads/memchunkhax-2-and-snshax-hype-thread.407189/
     
    Last edited by Mrrraou, Jan 1, 2016 - Reason: to make sure that people read it


  2. Vahnyyz

    Vahnyyz GBAtemp Regular

    Member
    240
    17
    Aug 2, 2007
    United States
    Branford Fl
    Thank you for the clarification, hopefully everyone will see this and understand what exactly happened.
     
    Minnow and Mrrraou like this.
  3. Ammako

    Ammako GBAtemp Guru

    Member
    6,406
    3,540
    Dec 22, 2009
    Canada
    arm9loaderhax N3DS-only?
    awww
     
    Minnow and Nintendo Fanboy like this.
  4. Substance12

    Substance12 GBAtemp Advanced Fan

    Member
    562
    419
    Aug 2, 2015
    Argentina
    Thank you based JustPingo, sorry that you couldn't get to snshax before it was announced :(

    Anyway... N3DS is master race now? And what would be better, downgrading and doing the classic bunch to install rxTools or do it on 10.3?

    — Posts automatically merged - Please don't double post! —

    It's not like ctrbootloader is not a thing
     
    Minnow likes this.
  5. JustPingo
    OP

    JustPingo GBAtemp Fan

    Member
    497
    996
    Jan 11, 2015
    France
    I believe downgrading would be easier because ntrcardhax is a bit of a pain to execute. But future will tell.
     
    Minnow likes this.
  6. Substance12

    Substance12 GBAtemp Advanced Fan

    Member
    562
    419
    Aug 2, 2015
    Argentina
    Yeah, but didn't you say memchunkhax2 allows for CIA installation? Not going to upgrade anyway, glad I stayed on 10.1.
     
  7. Mrrraou

    Mrrraou GBAtemp Advanced Maniac

    Member
    1,869
    2,167
    Oct 17, 2015
    France
    Only legit CIA installation.
     
    Minnow, Arithmatics and Ammako like this.
  8. Ammako

    Ammako GBAtemp Guru

    Member
    6,406
    3,540
    Dec 22, 2009
    Canada
    arm9loaderhax would let you pretty much permanently have coldboot for cfw without any extra things required.
    Wouldn't have to worry about possibly accidentally updating sysnand. Could just power on and it'd boot directly to cfw, how cool would that be?
    And if what I read on another thread is true then this could be similar to bootmii where even if you bricked you'd have a way to recover. CTRBootManager can't do that.
     
    Minnow, Subtle Demise and peteruk like this.
  9. Substance12

    Substance12 GBAtemp Advanced Fan

    Member
    562
    419
    Aug 2, 2015
    Argentina
    Oh, well, he didn't say that in the OP. So, downgrade then.
     
    Minnow likes this.
  10. Mrrraou

    Mrrraou GBAtemp Advanced Maniac

    Member
    1,869
    2,167
    Oct 17, 2015
    France
    If you can have homemenuhax, keep using it. I think it's better, and safer.
     
    Minnow likes this.
  11. JustPingo
    OP

    JustPingo GBAtemp Fan

    Member
    497
    996
    Jan 11, 2015
    France
    My bad.
     
    Minnow likes this.
  12. Pikasack

    Pikasack What is a title

    Member
    633
    203
    Apr 27, 2015
    Canada
    Basically with Arm11 kernel, you would downgrade using legit cias, and then use an older exploit to get Arm9 kernel for CFW and all that good stuff?
     
    Minnow likes this.
  13. Mrrraou

    Mrrraou GBAtemp Advanced Maniac

    Member
    1,869
    2,167
    Oct 17, 2015
    France
    Yup. So tutorials would be almost the same.
     
    Minnow and Pikasack like this.
  14. Intronaut

    Intronaut An star maker

    Member
    726
    433
    Nov 18, 2014
    Cote d'Ivoire
    Off-topic: what level of access does sysupdater require? Arm9 or only arm11?
     
    Minnow likes this.
  15. JustPingo
    OP

    JustPingo GBAtemp Fan

    Member
    497
    996
    Jan 11, 2015
    France
    ARM11.
     
    peteruk likes this.
  16. Ammako

    Ammako GBAtemp Guru

    Member
    6,406
    3,540
    Dec 22, 2009
    Canada
    Maybe haha, I just want something like the PSP where you can have a full custom firmware installed directly to it and you never have to worry about an OFW (in the 3DS's case, sysnand) anymore.
     
    Minnow likes this.
  17. JustPingo
    OP

    JustPingo GBAtemp Fan

    Member
    497
    996
    Jan 11, 2015
    France
    Well if you have themehax directbooting to emuNAND that's the same result. And it's much safer to install.
     
    Minnow likes this.
  18. c0dex3ds

    c0dex3ds Member

    Newcomer
    11
    6
    Nov 19, 2015
    United States
    Thanks for clearing this up. HYPE TRAIN ACTIVATE!
     
    Minnow likes this.
  19. Woody8275

    Woody8275 GBAtemp Advanced Fan

    Member
    634
    91
    Sep 4, 2013
    so is there a way to install legit cias above 9.2 then
     
    Minnow likes this.
  20. duffmmann

    duffmmann GBAtemp Psycho!

    Member
    3,649
    1,482
    Mar 11, 2009
    United States
    "There is a way to get the key that blocks emuNAND 9.6+ on N3DS (it unlocks the new layer of security added to ARM9 bootrom on the N3DS)."

    Is there any particular reason I would want to update my emuNAND at this point beyond 9.5? I've yet to come across any game that isn't playable on my emuNAND thanks to cryptofixes and the like. So beyond that, are there any features that have been added to the 3DS beyond the 9.5 firmware? The one thing I've seen (That doesn't interest me) is that your badges can be applied to folders or something like that. Unless there is a more substantial new feature, I'm just not sure why I should even bother updating my emuNAND beyond 9.5
     
    Minnow likes this.
Thread Status:
Not open for further replies.