Homebrew Clarification Thread - What is going on?

[Mrrraou]

too many combnations tho it will take you more then a life time to crack it

Until you have a quantum computer.

 

[hacksn5s4]

so give hopes up

 

[Ptrk25]

nvm

 

[Syphurith]

arm9loader loads FIRM from NAND. But arm9loader is decrypted and loaded by the bootloader. And the keyslot is cleared, because the payload is executed after arm9loader. So you can't regenerate the decryption keys. And the problem, is that you have to bruteforce to have something bootable and that does "what you want".

Then that's almost useless currently. Even the loaded address is known, and your own code could be done..
Bruteforcing the decryption to have a Jump Command is surely a job with unknown trails, even that must be easier than bruteforce Math.pow(2,128).
-- Cause what you need is only a valid BL after the FIRM0 section in ram, you don't need to place it exactly after the FIRM0.
Whatever, good luck to devs.

 

[Mrrraou]

Then that's almost useless currently. Even the loaded address is known, and your own code could be done..
Bruteforcing the decryption to have a Jump Command is surely a job with unknown trails, even that must be easier than bruteforce Math.pow(2,128).
-- Cause what you need is only a valid BL after the FIRM0 section in ram, you don't need to place it exactly after the FIRM0.
Whatever, good luck to devs.

Yup, but I don't think anyone would care to do that, when we have downgrade and menuhax. Plus, it would have to be done for each N3DS.

 

[intensje]

I really love reading this thread.

And reading it, i realised something special happened here on the scene. I'm not an insider, but one can see when thunder strikes. Watching the 32C3 talk of those 3 'guys' did good to me. It's a bit like watching a Messi video. I dont understand anything t hey say, but i know they 1337. Respect to all of you three, and the other people too supporting the 3ds Scene. I'm just a noob downloading all the scripts and homebrews when they pre.

Only thing i dont get is Smea always had the image of not giving away anything further then userland, because kernel would make piracy possible. Now they gave not 1, but more possibilities for other devs to do it. can any1 explain this?

last one: people pls stop asking WHEN, because it will come eventually. PPL pls just keep doing this the 3DS scene is a very nice place

 

[Suiginou]

.CXI = .3DS files

33%, see me after class.

CXI == CTR eXecutable Image. A CXI is a specialization of the NCCH format and contains at least an ExeFS, and optionally a RomFS. A CCI (CTR Cartridge Image == .3DS) contains at least one CXI, which is the main content of the CCI; however, a CCI can contain more CXIs in theory. In practice, slot 0 of the CCI is always the main contents and the other slots are only used for CFAs (CTR File Archives), such as update data (which is a collection of CIAs of system titles) and the manual.

See also: http://3dbrew.org/wiki/NCCH#CXI and http://3dbrew.org/wiki/NCSD#Overview

 

[hacksn5s4]

can they be converted into cia

 

[verifyvenuz]

can they be converted into cia

can you not ask about it and other unrelated things in this thread

 

[Mrrraou]

33%, see me after class.

CXI == CTR eXecutable Image. A CXI is a specialization of the NCCH format and contains at least an ExeFS, and optionally a RomFS. A CCI (CTR Cartridge Image == .3DS) contains at least one CXI, which is the main content of the CCI; however, a CCI can contain more CXIs in theory. In practice, slot 0 of the CCI is always the main contents and the other slots are only used for CFAs (CTR File Archives), such as update data (which is a collection of CIAs of system titles) and the manual.

See also: http://3dbrew.org/wiki/NCCH#CXI and http://3dbrew.org/wiki/NCSD#Overview

Thanks. I was too lazy to explain.

 

[Syphurith]

.CXI = .3DS files
And braindump 1.0 allows you to dump them. But they are not signed.

Oh no. .3DS is NCSD type, a NCCH container type, CIA is also a container type.
.CXI, .CFA are NCCH type. CXI is executable, while CFA is only an archive with no exefs inside.
EDIT: Haven't found out that is already answered. Yes NCSD is CCI.

 

[Deleted User]

33%, see me after class.

CXI == CTR eXecutable Image. A CXI is a specialization of the NCCH format and contains at least an ExeFS, and optionally a RomFS. A CCI (CTR Cartridge Image == .3DS) contains at least one CXI, which is the main content of the CCI; however, a CCI can contain more CXIs in theory. In practice, slot 0 of the CCI is always the main contents and the other slots are only used for CFAs (CTR File Archives), such as update data (which is a collection of CIAs of system titles) and the manual.

See also: http://3dbrew.org/wiki/NCCH#CXI and http://3dbrew.org/wiki/NCSD#Overview

I've also noticed that CCIs == CSUs too, which can be then converted into CIAs through a certain converter which isn't available anymore.

 

[Syphurith]

I've also noticed that CCIs == CSUs too, which can be then converted into CIAs through a certain converter which isn't available anymore.

These types are all NCSD, so they have a similar structure.
However CSU is used by ninty for its dev units to Update the System, thus there is U in it. (CTR System Update)
Also to note there is no .CSU for Retail console. CCI is for games, correspondingly.
Hope there is something hidden and amusing.

 

[Deleted User]

These types are all NCSD, so they have a similar structure.
However CSU is used by ninty for its dev units to Update the System, thus there is U in it. (CTR System Update)
Also to note there is no .CSU for Retail console. CCI is for games, correspondingly.
Hope there is something hidden and amusing.

No, those dev CSUs can be converted to CIAs for retail units. I managed to do that for all of the SDK Devkit tools.

 

[Syphurith]

No, those dev CSUs can be converted to CIAs for retail units. I managed to do that for all of the SDK Devkit tools.

I know that, and i can do that too. NCSD can be converted to CIA, and you can also make a CXI to be wrapped to a CIA, with some info provided.
However that does not prove something more. I still can not decrypt the CSUs from Ryan on twitter. The files seems encrypted using another key.

DevTools is just DevTools. But there is SystemUpdateXX.CSU. Yeah whatever.

 

[Deleted User]

I know that, and i can do that too. NCSD can be converted to CIA, and you can also make a CXI to be wrapped to a CIA, with some info provided.
However that does not prove something more. I still can not decrypt the CSUs from Ryan on twitter. The files seems encrypted using another key.

I didn't intend to get into details about this stuff.

 

[Syphurith]

I didn't intend to get into details about this stuff.

Okey. I just know the Dev Unit System Update is in CSU, and no corresponding CIA ever heard of.
Yes, for most guys you can simply think the two types are the same one. They are all NCSD.

 

[Deleted User]

Okey. I just know the Dev Unit System Update is in CSU, and no corresponding CIA ever heard of.
Yes, for most guys you can simply think the two types are the same one. They are all NCSD.

I don't even know what NCSD is lol.

 

[Suiginou]

I don't even know what NCSD is lol.

http://3dbrew.org/wiki/NCSD

> @Syphurith likes this.
What the fuck.

 

[Syphurith]

Yup, but I don't think anyone would care to do that, when we have downgrade and menuhax. Plus, it would have to be done for each N3DS.

Yes this is true, it would need hardmod, trails, and console different (cause the NAND). Even a system update to FIRM would cause another try, quite boring for some.
And this is really early. That would be just after the arm9loader finished... Oh I don't think ninty would let us have the bootrom in this way.
Good luck to the braves that want to try out this theory. (Busy fixing my own EmuNAND image. I accidentally removed the ac module from NAND but can not install a new.)