Homebrew Clarification Thread - What is going on?

[Bluelight]

Tried the FTBrony trick don't work on n3ds 9.9.0-26E

Edit : i tried multiple times it didn't work I stopped charging my n3ds and go near my wifi box and it worked.

To the people that don't get the deadcafe message :
Are you charging your 3ds?
Do you have wifi enabled ?
Are you near your internet box ?
Do you have a fast internet connections where you live?
Which hax are you using to go to the homebrew launcher (menuhax, ironhax...)?

 

[DeathChaos]

 

[GoldenHamburger]

What does this even do?

 

[EmulatorLover]

so what to do now?

 

[itsthenavy]

I think that you're right about that. But I'm not sure about how it was fixed either. I think that you can see it on the 9.3.0 page on 3dbrew.

I'll look into it! The last thing we need is confusion. I'm just spending my day off here because hacking video games got me into computer science and I figure the best way to help is through explaining things as well as I can.

Basically there are compiled versions of memchunkhax2 available for download. This doesn't mean a downgrade is possible yet, however it allows us to test the exploit on our systems. AFAIK The test replaces a part of the memory with "DEADCAFE" as a way to test the exploit. That's in basic terms and someone more experienced will probably explain it better.

As for me, I'm on an old 3DS (9.9.0-26E), I got through via the latest menuhax and I get from "Setting up..." to "Map complete."
Nothing after that, the console just crashes and the console has to be switched off (and the program's text still shows after it's switched off).

So it's just a test, huh? Okay, I'll just wait until the full thing comes out!

Let me break it down after looking over the repo as of 2:10 PM EST.

The value that you see printed is this

volatile u32 testVal = 0;

The DEADCAFE comes from this function here

static void kernel_entry() {

testVal = 0xDEADCAFE; ​

}

This function isn't called in the memchunkhax2 code though.

Instead it's set as manufactured vtable which has pointers to that function. Then that put in memory as part of a kernel object and the next pointer of the current memchunk is changed to point to that. When that pointer gets dereferenced, the kernel will execute the code of kernel_entry, which sets testVal to 0xDEADCAFE, then if it all worked you get to see that on your screen.

kernel_entry is just a test, but in the future it'll be the function that will allow downgrading, because it's happening in the space that the ARM11 kernel has access to.

Nifty, isn't it?

 

[TinchoX]

i'm already building newer commits at https://gbatemp.net/entry/the-memchunkhax2-hype-post-with-3dsx.10938/ which has the latest one by Steveice10

Will give this one a try as well.

 

[PokemonCrazy]

DEADCAFE on n3DS 10.3U Ironhax and OOThax with FTBrony trick, but stops at Map Complete with Ninjhax

 

[Seriel]

Trying with ironhax.
Yellow screen on ironhax boot. How delightful.
*sigh*
Let's try again..

 

[PedroPVJ]

so what to do now?

wait for the real deal release

 

[Nikki_swap]

Ooooooh I got a shiny pokemon right here

Spoiler

BTW its an N3DS on 9.9u

 

[demonotaku]

I tried on mine multiple times and failed on them on the steven one before this new one if its not posted

 

[Wolf_Lovel]

Trying with ironhax.
Yellow screen on ironhax boot. How delightful.
*sigh*
Let's try again..

It does that sometimes, same with themehax/shufflehax

 

[Misledz]

I'll look into it! The last thing we need is confusion. I'm just spending my day off here because hacking video games got me into computer science and I figure the best way to help is through explaining things as well as I can.



Let me break it down after looking over the repo as of 2:10 PM EST.

The value that you see printed is this

volatile u32 testVal = 0;

The DEADCAFE comes from this function here

static void kernel_entry() {

testVal = 0xDEADCAFE; ​

}

This function isn't called in the memchunkhax2 code though.

Instead it's set as manufactured vtable which has pointers to that function. Then that put in memory as part of a kernel object and the next pointer of the current memchunk is changed to point to that. When that pointer gets dereferenced, the kernel will execute the code of kernel_entry, which sets testVal to 0xDEADCAFE, then if it all worked you get to see that on your screen.

kernel_entry is just a test, but in the future it'll be the function that will allow downgrading, because it's happening in the space that the ARM11 kernel has access to.

Nifty, isn't it?

I just had a nerdgasm. Thank you for the detailed info

 

[Genetic935115]

I made a few experiments and for my console works 1 out of 5 times by force closing ftbrony so guys dont be impatient and im sure you will get it

 

[EmulatorLover]

Ooooooh I got a shiny pokemon right here

Spoiler

BTW its an N3DS on 9.9u[/Spoiler]

Silly niki thats not dead cafe thats DEAD

 

[Seriel]

Ironhax. O3DS 10.3.
Loaded and exited FTP-3DS...
Loading memchunkhax.....

DEADCAFE

 

[Saiyan Prince]

the change to boot.3dsx works 100% Atlast

 

[GoodCookie88]

I opened Gw 3dsx app and forced exit and when I opened mch2 pressing start goes to the homebrew menu..

 

[RedHat]

Ooooooh I got a shiny pokemon right here

I got that screen a few times. At this point I think that means that it worked, but the processor hopped to the hax "kernel code" (the DEADCAFE thing) but halted and didn't update the screen.

 

[CitizenSnips]

Ooooooh I got a shiny pokemon right here

Spoiler

BTW its an N3DS on 9.9u

Just got that too, O3ds 10.3U lol