Toggle sidebar

Homebrew Clarification Thread - What is going on?

  • Thread starter Thread starter JustPingo
  • Start date Start date
  • Views Views 647,630
  • Replies Replies 5,356
  • Likes Likes 103
Status
Not open for further replies.
You guys did actually read the github where he says it doesn't work yet, right?
Calm your jets.
 
its a start, slow or fast it has to be stable.. have more patience its 2 days after the info release :P
 
xoleras20099 said:
You guys did actually read the github where he says it doesn't work yet, right?
Calm your jets.
Click to expand...
But we know that there's a good chance that it will happen now. Before we had an empty github and 25 pages of baseless hype.
 
i wonder if it is possible for the new exploit to allow region swap(or may be swapping the UI text file) from japanese to english.
 
sterob said:
i wonder if it is possible for the new exploit to allow region swap(or may be swapping the UI text file) from japanese to english.
Click to expand...

I..am not sure about that UI thing but, if 9.2 can do it, so can this.
 
sterob said:
i wonder if it is possible for the new exploit to allow region swap(or may be swapping the UI text file) from japanese to english.
Click to expand...
IIRC you can make an emunand of a different region, which is pretty close to what you want.
 
DKB said:
I..am not sure about that UI thing but, if 9.2 can do it, so can this.
Click to expand...
wait what, there is already a way for 9.2 JP N3DS to change UI to english? Sorry i was under a cave the last quarter.
 
sterob said:
wait what, there is already a way for 9.2 JP N3DS to change UI to english? Sorry i was under a cave the last quarter.
Click to expand...

Oh, I have no idea. I was explaining that if the 9.2 could do it, this could do it. Since, you know, this will allow people to downgrade their software to a super exploitable one.
 
  • Like
Reactions: Townsperson
Jackus said:
Like with all hype, here's some tips.
Everyone calm the f*** down. It will happen when it happens. Do not post random nonsense. Think to yourself, if I never saw this, what would I be doing? Then do it.
Click to expand...
So should I order SKY3DS+? I was too close to press Pay button when I saw all this.
 
Code: 
#include <3ds.h>

#include <stdio.h>

#define SLAB_HEAP 0xFFF70000
#define PAGE_SIZE 0x1000

extern u32 __ctru_heap;
extern u32 __ctru_heap_size;

static u32 memAddr = 0;
static u32 memSize = 0;

static Result control_res = -1;

// Thread function to slow down svcControlMemory execution.
void delay_thread(void* arg) {
    while(control_res == -1) {
        svcSleepThread(10000);
    }
}

// Thread function to allocate memory pages.
void allocate_thread(void* arg) {
    u32 tmp;
    control_res = svcControlMemory(&tmp, memAddr, 0, memSize, MEMOP_ALLOC, (MemPerm) (MEMPERM_READ | MEMPERM_WRITE));
}

// Executes exploit.
void do_hax() {
    // Prepare necessary info.
    memAddr = __ctru_heap + __ctru_heap_size;
    memSize = PAGE_SIZE * 2;

    // Retrieve the address arbiter.
    Handle arbiter = __sync_get_arbiter();

    // Create thread to slow down svcControlMemory execution. Yes, this is ugly, but it works.
    threadCreate(delay_thread, NULL, 0x4000, 0x18, 1, true);
    // Create thread to allocate pages.
    threadCreate(allocate_thread, NULL, 0x4000, 0x3F, 1, true);

    // Use svcArbitrateAddress to detect when the memory page has been mapped.
    while((u32) svcArbitrateAddress(arbiter, memAddr, ARBITRATION_WAIT_IF_LESS_THAN, 0, 0) == 0xD9001814);

    // Retrieve the current header data.
    u32 size = *(vu32*) (memAddr);
    u32 next = *(vu32*) (memAddr + 4);
    u32 prev = *(vu32*) (memAddr + 8);

    // Overwrite the header "next" pointer.
    *(u32*) (memAddr + 4) = SLAB_HEAP; // TODO: destination

    // Output debug information.
    printf("\"Size\" value: %08X\n", (int) size);
    printf("\"Next\" value: %08X\n", (int) next);
    printf("\"Prev\" value: %08X\n", (int) prev);

    printf("Post-overwrite control result: %08X\n", (int) control_res);
    while(control_res == -1) {
        svcSleepThread(1000000);
    }

    printf("Final control result: %08X\n", (int) control_res);

    // Free the allocated pages.
    u32 tmp;
    svcControlMemory(&tmp, memAddr, 0, memSize, MEMOP_FREE, MEMPERM_DONTCARE);
}

int main(int argc, char **argv) {
    gfxInitDefault();
    consoleInit(GFX_TOP, NULL);

    // Allow threads on core 1.
    aptOpenSession();
    APT_SetAppCpuTimeLimit(30);
    aptCloseSession();

    do_hax();

    printf("Press START to exit.\n");

    while(aptMainLoop()) {
        hidScanInput();
        if(hidKeysDown() & KEY_START) {
            break;
        }

        gfxFlushBuffers();
        gfxSwapBuffers();
        gspWaitForVBlank();
    }

    gfxExit();
    return 0;
}
So much hype, I must contain it.
 
Jwiz33 said:
Google ''trademark symbol'' and copy and paste.
On Topic: Steveice10 started working on this an hour ago, so maybe he is still working as we speak? :D
Click to expand...
He updated the readme 41 minutes ago... and he IS the dev of FBI, and ctrulib took his pull request to allow a proper 3dsx.


tl;dr Soon™
 
Status
Not open for further replies.

Site & Scene News

Go to forum More news

Popular threads in this forum

Why did the price of 3ds shoot up ?

Hacking Homebrew Project  BlazerTube - a YouTube 3DS revival using the REAL app!

Problems getting Homebrew to appear outside of the Homebrew Launcher (homebrew won't appear on the HOME menu)

Homebrew app Emulator  [Release] 3DS-CLI - Run a real RISC-V Linux environment on the Nintendo 3DS

Website for finding alternative games for 3DS

Hardware  2 Broken 3DSes, need help

Gaming  any good rpgs on 3ds?

Hacking  Modding Reassurance