Config Application

Discussion in '3DS - Flashcards & Custom Firmwares' started by Relys, Nov 7, 2014.

  1. Relys
    OP

    Relys Master of Computer Science

    Member
    863
    788
    Jan 5, 2007
    United States
    Note: Please do not attempt to mess around with the Config Menu options without a hardware NAND mod until these functions are confirmed safe.

    I noticed that the Config Menu application:

    http://3dbrew.org/wiki/3DS_Development_Unit_Software#Config

    Has the option to boot into Test Menu (which is a limited alternative to Home Menu):

    http://3dbrew.org/wiki/3DS_Development_Unit_GUI#Test_Menu

    Allegedly it allows booting from slot1 devices and the Dev Menu (which can be used to launch CIAs). The interesting thing about the Test Menu is that there is alleged screenshot support.

    I do not have a NAND mod anymore (I had to remove it to replace my LCD screen), so I was wondering if someone who does could test it out and report back if these features are safe. Since the Home Menu is unloaded I would suspect that the Test Menu would be operating outside of our emunand environment, but I'm not certain. Hell, I don't even know if the Test Menu exists on retail units (is it part of the application or part of the firm)???

    Edit: Found some more information regarding it:
    http://3dbrew.org/wiki/NS#Alternate_menu

    Does anyone know if this title has been dumped? It may still be on the NAND depending on the method of deletion.

    Note: Please do not attempt to mess around with the Config Menu options without a hardware NAND mod until these functions are confirmed safe.
     


  2. Link999123

    Link999123 Advanced Member

    Newcomer
    54
    26
    Aug 18, 2014
    United States
    It probably is firmware rooted but if it is able to be booted from nand (I don't see why it wouldn't be possible) this will be a big leap for the community.
     
  3. Relys
    OP

    Relys Master of Computer Science

    Member
    863
    788
    Jan 5, 2007
    United States

    Found some more information regarding it:
    http://3dbrew.org/wiki/NS#Alternate_menu

    Does anyone know if this title has been dumped? It may still be on the NAND depending on the method of deletion.
     
    Link999123 likes this.
  4. gudenau

    gudenau Never a unique idea

    Member
    3,257
    1,225
    Jul 7, 2010
    United States
    /dev/random
    Still think that the crypto needs to be completely reversed before a CFW will 'stick'. :-P
     
  5. Link999123

    Link999123 Advanced Member

    Newcomer
    54
    26
    Aug 18, 2014
    United States
    .[/quote]


    So according to this if someone has a dev unit, they could dump the nand and using a gateway someone could download the menu to the nand or use it with emunand?
     
  6. Relys
    OP

    Relys Master of Computer Science

    Member
    863
    788
    Jan 5, 2007
    United States

    You would have to find an exploit in the bootrom (if there is even any) to get your sig patches to stick. It doesn't really have to do anything with crypto at this point unless they failed on their signature implementation (which is unlikely).

    Exactly.

    Another interesting thought:

    "This title could be used as a recovery process" and "this title seems to be installed from a factory gamecard"

    I wounder if the card was dumped if it would be possible to use Sky3DS to run it, seeing as it looks like it's signed for retail units. If it could run, this would allow for installing retail signed CIAs (games,dlc,patches) and possibly even downgrading system titles. It of course would not allow unsigned code as FRIM would still be running in the background enforcing signature checks, but if you can downgrade system titles then you can downgrade to exploitable version and gain full controll.
     
    RubenCantuVota likes this.
  7. gudenau

    gudenau Never a unique idea

    Member
    3,257
    1,225
    Jul 7, 2010
    United States
    /dev/random

    True, now to dump the bootrom... :-P
     
    daicon likes this.
  8. Relys
    OP

    Relys Master of Computer Science

    Member
    863
    788
    Jan 5, 2007
    United States
    So according to this if someone has a dev unit, they could dump the nand and using a gateway someone could download the menu to the nand or use it with emunand?[/quote]
    Eh, you'd still have to dump unique keyX from the keyslot used to encrypt NAND and moveable.sed from the private filesystem which is used to initalize keyY on the NAND so forget about downgrading. Decapping would just allow doing all the decryption without using a 3DS as a slave.
     
  9. gudenau

    gudenau Never a unique idea

    Member
    3,257
    1,225
    Jul 7, 2010
    United States
    /dev/random
    I do have a 4.X dump, I just want custom channels on the NAND for homebrew.
     
  10. Relys
    OP

    Relys Master of Computer Science

    Member
    863
    788
    Jan 5, 2007
    United States

    Um, you can do that now already with the leaked CFW or using Gateway 2.6...
     
  11. gudenau

    gudenau Never a unique idea

    Member
    3,257
    1,225
    Jul 7, 2010
    United States
    /dev/random
    On the real NAND? I was not aware.
     
  12. Link999123

    Link999123 Advanced Member

    Newcomer
    54
    26
    Aug 18, 2014
    United States
    According to the page it is installed to the NAND so therefore, it would need to have privileges to access the NAND, assuming the privileges are that which a game has, then yes it should work, but this is only theoretically speaking.
     
  13. Relys
    OP

    Relys Master of Computer Science

    Member
    863
    788
    Jan 5, 2007
    United States

    You not be able to run homebrew without entering exploit to patch signature checks unless there is a bootrom exploit.

    Theoretically you should be able to install properly signed retail titles though...
     
  14. gudenau

    gudenau Never a unique idea

    Member
    3,257
    1,225
    Jul 7, 2010
    United States
    /dev/random
    Oh, I thought I missed some big news. :-P I need to get my SD card adaptor made, I do not have the time though.
     
  15. Link999123

    Link999123 Advanced Member

    Newcomer
    54
    26
    Aug 18, 2014
    United States
    I guess the real question would be at what firmware does that card run at and if it can be used on any firmware. If it can then the simple answer would be that the only limitation would be the 3ds itself.
     
  16. Link999123

    Link999123 Advanced Member

    Newcomer
    54
    26
    Aug 18, 2014
    United States
    SD card adapter? Sounds interesting, please go on, I would like to hear more about this...
     
  17. gudenau

    gudenau Never a unique idea

    Member
    3,257
    1,225
    Jul 7, 2010
    United States
    /dev/random
  18. Link999123

    Link999123 Advanced Member

    Newcomer
    54
    26
    Aug 18, 2014
    United States
    Oh my... That is a LOT of soldering especially when it is that small, but you will definitely benefit be being able to access NAND and back up or restore it.
     
  19. gudenau

    gudenau Never a unique idea

    Member
    3,257
    1,225
    Jul 7, 2010
    United States
    /dev/random
    It is 16 joints for how I will do it, not much at all.
     
  20. Link999123

    Link999123 Advanced Member

    Newcomer
    54
    26
    Aug 18, 2014
    United States
    I'm a little squeamish with soldering systems especially after watching my ds light get mutilated... the L button got sticky so it was taken apart and... yeah... it was not so pretty...