Homebrew Clarification Thread - What is going on?

[gangs_08]

to run dumps (roms) on the O3DS on 10.3.0-28 we need a new version of snshax, right?

 

[Deleted User]

to run dumps (roms) on the O3DS on 10.3.0-28 we need a new version of snshax, right?

Dafuq do you mean, "new" there wasn't one to begin with. Besides, it isn't going to run them it will only let you downgrade your n3ds to 9.2 to run the exploit

 

[verifyvenuz]

to run dumps (roms) on the O3DS on 10.3.0-28 we need a new version of snshax, right?

Is it that hard to read other pages in the thread?

If you mean backups (piracy?), you have to downgrade to an exploitable firmware using memchunkhax2, which is not out yet. snshax isn't out yet either and doesn't work on O3DS.

 

[gangs_08]

Is it that hard to read other pages in the thread?

If you mean backups (piracy?), you have to downgrade to an exploitable firmware using memchunkhax2, which is not out yet. snshax isn't out yet either and doesn't work on O3DS.

thousand threads with thousand pages. dont fk up with 'piracy'. i have my cartbridges next to me and dont want to take them everywhere i am. its a lot easier to start them right away, isnt it?

 

[Deleted User]

thousand threads with thousand pages. dont fk up with 'piracy'. i have my cartbridges next to me and dont want to take them everywhere i am. its a lot easier to start them right away, isnt it?

Again, it won't lead to rom loading but it can lead to downgrading -> CFW (Compatible with Sky3DS)/emuNAND/Gateway -> Converting roms to CIA (like eshop games) -> installing CIA -> profit

 

[hacksn5s4]

can you use braindump to dump it then convert it to cia

 

[verifyvenuz]

thousand threads with thousand pages. dont fk up with 'piracy'. i have my cartbridges next to me and dont want to take them everywhere i am. its a lot easier to start them right away, isnt it?

One thread with 71 pages. Besides, it's even in the OP:

• snshax is indeed a way to downgrade without NAND backup (and install legit CIAs) for firmware under 10.2 as it was patched with that version.

Don't get up in arms about the piracy part. I just thought I'd clarify you can use CIAs that aren't from your system.

 

[gangs_08]

Again, it won't lead to rom loading but it can lead to downgrading -> CFW (Compatible with Sky3DS)/emuNAND/Gateway -> Converting roms to CIA (like eshop games) -> installing CIA -> profit

yeah i understand now thank you. i misunderstood because of the thousand pages.

 

[Deleted User]

can you use braindump to dump it then convert it to cia

WHY NOT POST IN THE BRAINDUMP THREAD!!!! WHY THE DUCK DO YOU KEEP ASKING OFF TOPIC QUESTIONS

 

[hacksn5s4]

i did they don't answer

 

[verifyvenuz]

can you use braindump to dump it then convert it to cia

Please, stop asking off-topic questions. You have a braindump thread.

 

[ketal]

Don't get up in arms about the piracy part. I just thought I'd clarify you can use CIAs that aren't from your system.

"legit CIAs" still stands

 

[verifyvenuz]

i did they don't answer

And how does that excuse asking in this thread? Just wait for someone's reply in the other thread. Yeesh.

 

[mathieulh]

1. arm9loaderhax takes place after the firmware decryption keyslot key are cleared, so right when jumping to the decrypted firm data.
2. No, it is: Powering on -> Bootrom -> arm9loader decryption -> jumps to arm9loader -> FIRM decryption -> keyslot clearing -> ARM9 jumping to ARM9 entrypoint; ARM11 jumping to ARM11 entrypoint -> Kernel9 loaded; Kernel11 loaded -> Running Process9 ; Starting ARM11 services (fs, pxi, am, ldr, pm) -> Running Process9 ; PM runs NS -> Running Process9; NS runs Home Menu
3. I don't know how you could decrypt it. I don't even know if these keys are publicly known.
4. There isn't any arm9loader on O3DS. But it would be useless anyway to have that on O3DS since we already have 9.5+ emuNAND.

Technically, the FIRM is decrypted before the Kernel9 loader, the kernel9 loader is part of the FIRM package, the kernel9 is however further encrypted and the bootrom jumps to the kernel 9 loader which decrypts kernel9. I think you get the idea.

In the hack firm1 gets loaded because the bootrom hash checks fails for firm0 and it switches banks, however during the check it had allocated firm0 to memory which contained the payload at the end, firm1 being smaller, the payload does not get overwritten in memory.

Using padding would have prevented this hack, but Nintendo folks did not think of that.

 

[Deleted User]

i did they don't answer

Have you tried patience? Great utility. I hear they need more users.

 

[Deleted User]

There's so much bullshit stirring in this world sometimes, it's unbelievable...

 

[Pandaxclone2]

If anyone is unable to find anything even at the start of this thread, here is a quote to help.

So recently 3 persons just dropped a bomb into the 3DS scene, and so a lot of stupid things have been understood. This thread is made to clarify things and destroy the bullshit.

• First of all, and most importantly: DO NOT UPDATE WHATEVER FIRMWARE YOU'RE ON. Thanks. It is recommended for you to get a way to access Homebrew Launcher as soon as possible.
  
  
• snshax is indeed a way to downgrade without NAND backup (and install legit CIAs) for firmware under 10.2 as it was patched with that version. This is N3DS-only and not a kernel exploit. However, this is not the only way to do it and it is not very useful anyway because of the following.
  
  
• memchunkhax2 is a new kernel11 exploit. This one works on every firmware up to and including 10.3. This allows downgrade (without NAND backup), legit CIA installation, a lot of good stuff (but not direct piracy). This is a new version of memchunkhax that was not properly fixed by Nintendo in 9.3. This works on 3DS, 3DS XL, 2DS, N3DS and N3DS XL.
  
  
• ntrcardhax is a kernel9 exploit, and this allows piracy (because of the control of ARM9). This exploit needs special hardware (something similar to the PassMe). This is basically an exploit of the fact that ARM9 handles NDS games. More or less. This works on 3DS, 3DS XL, 2DS, N3DS and N3DS XL. This is not 100% needed however as memchunkhax2 allows you to downgrade back to more vulnerable versions like 9.2.
  
  
• arm9loaderhax is a way to inject a payload directly into a N3DS bootrom (just after the the firm boot). This is like a CFW coldboot N3DS-only.
  
  
• There is also a way to calculate/bruteforce the constant used by the key scrambler and use that to generate missing KeyX for known normal (AES) keys + KeyY and bypass the keyscrambler all together, which is pretty cool to be honest. This is made to get more keys, nothing usable for the end user.

I think that's mostly it. Oh and by the way a certain smealum wants you to make homebrews.

If you want to say stupid shit or hype here is the right place to do it: http://gbatemp.net/threads/memchunkhax-2-and-snshax-hype-thread.407189/

Not that it matters much anyway since as soon as this page finishes someone will inevitably ask.

 

[WaffleWafer]

the psp can emulate ps1 games and its less powerful then old 3ds we will get stuff running ful speed on old when kernel comes out and devs can make there emulators make use of it
smea showed specs of old 3ds in his talk and there better then psp

"PSP and PS1 shares the same architecture (MIPS).
However the 3DS is ARM so things are a lot different and that means many CPU instructions cannot be translated 1:1, meaning more CPU time is needed to execute the same code.
It might be doable, but just barely. It would take a lot of effort to make it run at playable speeds, and there might not be enough interest to make that happen.
Even a n3DS won't give much of a speed improvement, as it's highly limited how well emulators can take advantage of multiple cores, you run into sync issues pretty quickly if you try emulating a single core multithreaded, causing crashes and such. The best you could do would be to emulate the CPU, GPU and audio each on their own thread."

 

[Deleted User]

"legit CIAs" still stands

that is only for systems above 9.3

 

[hacksn5s4]

well this thread should be locked until some more news like idk what this threads for its just to talk about the haxs but we need more info first like every ones hyped