Hacking Official Corbenik - Another CFW for advanced users (with bytecode patches!)

[The Catboy]

o_o

You know I am going to do everything possible in my attempts to break it!

 

[chaoskagami]

You know I am doing to do everything possible in my attempts to break it!

As you should.

 

[Madridi]

EDIT: Okay, actually, what's dark-samus' username on GBATemp? The readme is based on github. I'm assuming he's @dark_samus3, right? If I'm wrong, correct me. >_<

Yeah that's him

 

[chaoskagami]

EH, ME just wantejsd downgsrefer fasst and ds pligsn limma33ds fet me no coeefei!!!!!
cmon isnt thate hard me no rpogeram devd sonblihgateion they are basteards biilies and stupid .
me just awnt dowsnrade me 3ds plilect briked when adwongrading 9.9 plilect fautt nao me want idngereder cmon not harr me want oklhigatieon
@astronaultlevel @Aurora Wright @Plailect @Apache Thunder @shutterbug2000 @d0k3 @mid-kid @Rinnegatamante @cearp @TheCruel @Steveice10
NO COEEFEI i want downtgaodaere no bully me want nao quik fest no mods be bckea no woof tipsic
egein me atag becuuse devs obligateons me not naow ewhy beeeneed but me ajsust want wdingereder comnn quick decs bved i want NAO NAO.
FEST Or ben MED
EGEIme have 6 copies frakafoerms me have hb reprotam patch no coeffei it prosible devs have gdevs dnont relesae devs stuoud
no cofefei me beck
petermary17beck

This is an abomination. What even is this

(Is this the Lima3ds dude? @astronautlevel, halp.)

 

[The Catboy]

This is an abomination. What even is this

(Is this the Lima3ds dude? @astronautlevel, halp.)

Ignore him, he's been a spammer that comes around every now and again to spam the CFW threads. Try not to reply, it only feeds into his shallow need for attention.

 

[chaoskagami]

Ignore him, he's been a spammer that comes around every now and again to spam the CFW threads. Try not to reply, it only feeds into his shallow need for attention.

I kind of figured as much.

Still, that is the absolute worst abuse of the english language I have ever seen. I'm actually laughing, don't mind me.

 

[chaoskagami]

STUPDI DEV RELERSE NAO UR OBLGIATEIOJN

Oblgiate-iojn? I'm sorry, what language is that?

(Reported. Have a nice day.)

 

[The Catboy]

I seriously suggest not engaging him. He's only trying to get other members to react for whatever reason. I am only assume they are trying to shutdown threads by starting a spam war. Like I said, it's a shallow cry for help.
Topic on hand, I still can't find any bugs. Even high memory games like Monster Hunter 4 play with hassle

 

[chaoskagami]

I seriously suggest not engaging him. He's only trying to get other members to react for whatever reason. I am only assume they are trying to shutdown threads by starting a spam war. Like I said, it's a shallow cry for help.
Topic on hand, I still can't find any bugs. Even high memory games like Monster Hunter 4 play with hassle

Yeah, I'm not bothering any more. It's a waste of my time.

Nice to hear they work well. Guess there's just no real bugs left in the current version.

 

[The Catboy]

Yeah, I'm not bothering any more. It's a waste of my time.

Nice to hear they work well. Guess there's just no real bugs left in the current version.

Nothing I can find and I've been looking. After several hours of trying to break it, I just ended up enjoying a game for once because there was nothing to do.

 

[shawn_]

Near done on chainloader menu. Cleaning up the code, then I push to github.

As an FYI, this will only load raw binary files, not dat files. I don't intend to change this. It's also a submenu, not button combos like other CFW, and I also have no intentions to change this.

Put your ARM9 payloads under /corbenik/chain. Doesn't even need to have the bin extension.

Perfect [emoji1305]


Sent from my iPhone using Tapatalk

 

[3xkrazy]

Works great! I just wanted to report an issue with the chainloader:

uncart built from https://github.com/citra-emu/uncart.git commit 1577f36 freezes when selected. Here's the bottom screen print out:

Chaining to copy payload.

Using Corbenik commit fe089ca. Other than this, D9, E9, and GodMode9 work fine . I attached the boot.log and loader.log files below, with the extension renamed to txt.

 

[chaoskagami]

Works great! I just wanted to report an issue with the chainloader:

uncart built from https://github.com/citra-emu/uncart.git commit 1577f36 freezes when selected. Here's the bottom screen print out:

Chaining to copy payload.

Using Corbenik commit fe089ca. Other than this, D9, E9, and GodMode9 work fine . I attached the boot.log and loader.log files below, with the extension renamed to txt.

I screwed my SD, so I'll be unable to test until I copy ~100GB. I'll push what will hopefully resolve this, and you can tell me if it does, alright?

Otherwise, I'm pretty sure this is caused by uncart not using the same start.s as every other arm9loaderhax payload in existence. To be clear, the problem is that near every arm9loaderhax payload shares the same start.s which does the following:

* Flush cache
* Set MPU settings
* Enable cache.

Do you see what's so funny about this?

Every arm9loaderhax payload sharing the same start.s starts with the same code, and said code immediately flushes the cache off the processor, masking the issue here. Uncart doesn't do the same as other projects for start.s, so it hits a cache error. Humorous.

EDIT: @3xkrazy - Pull and try now. It may crash horribly on every payload if I made a mistake.

 

[3xkrazy]

I screwed my SD, so I'll be unable to test until I copy ~100GB. I'll push what will hopefully resolve this, and you can tell me if it does, alright?

Otherwise, I'm pretty sure this is caused by uncart not using the same start.s as every other arm9loaderhax payload in existence. To be clear, the problem is that near every arm9loaderhax payload shares the same start.s which does the following:

* Flush cache
* Set MPU settings
* Enable cache.

Do you see what's so funny about this?

Every arm9loaderhax payload sharing the same start.s starts with the same code, and said code immediately flushes the cache off the processor, masking the issue here. Uncart doesn't do the same as other projects for start.s, so it hits a cache error. Humorous.

EDIT: @3xkrazy - Pull and try now. It may crash horribly on every payload if I made a mistake.

Wow, you're fast! I'll report back tomorrow, I promise. Gotta go to bed and wake up in 5 hours for work

 

[chaoskagami]

Wow, you're fast! I'll report back tomorrow, I promise. Gotta go to bed and wake up in 5 hours for work

Ouch. Sleep well, I guess. Don't stay up on my account. I'll probably have it debugged in the morning. ;P

 

[DjoeN]

Works great! I just wanted to report an issue with the chainloader:

uncart built from https://github.com/citra-emu/uncart.git commit 1577f36 freezes when selected. Here's the bottom screen print out:

Chaining to copy payload.

Using Corbenik commit fe089ca. Other than this, D9, E9, and GodMode9 work fine . I attached the boot.log and loader.log files below, with the extension renamed to txt.

Did you try AuroraWright A9LH version of uncart?

 

[chaoskagami]

Did you try AuroraWright A9LH version of uncart?

The changes required for a9lh were merged upstream, along with the trimming behavior (as an optional feature.) This is no longer an issue.

I know what the real issue is, anyways.

 

[DjoeN]

The changes required for a9lh were merged upstream, along with the trimming behavior (as an optional feature.) This is no longer an issue.

I know what the real issue is, anyways.

Nevermind again, it does work, i had no gamecart in the system

 

[chaoskagami]

Nevermind, it indeed freezes

I'm sitting around waiting for a copy to complete, so when I'm done this will be fixed ASAP. I already know the cause.

EDIT: I may need to sleep, though.

 

[DjoeN]

Just to let you know:

With latest build i got a AGB error

Spoiler: Error

Config file loaded.
FIRM load triggered.
NATIVE_FIRM
  [l_p]
Ver: 00000052, 0
TWL_FIRM
  [l_p]
Ver: 00000016, 0
AGB_FIRM
  [l_p]
Ver: 0000000b, 0
Saving config.
Config file loaded.
Loading firmware...
FIRM load triggered.
NATIVE_FIRM
  [l_p]
Ver: 00000052, 0
TWL_FIRM
  [l_p]
Ver: 00000016, 0
AGB_FIRM
  [l_p]
Ver: 0000000b, 0
Patching firmware...
f flag is not set, halting VM!

When turning AGB patches off in config the system boots fine again.
Then turning AGB patches back on it worked again, no error anymore.

Spoiler: No error

 Config file loaded.
Saving config.
Loading firmware...
FIRM load triggered.
NATIVE_FIRM
  [l_p]
Ver: 00000052, 0
TWL_FIRM
  [l_p]
Ver: 00000016, 0
AGB_FIRM
  [l_p]
Ver: 0000000b, 0
Generating patch cache...
Cache: Title Downgrade Fix (11.0 NFIRM)
            Cache: AGB Bootscreen
            Cache: AGB Signature Fix
            Cache: Block Cart Update / Carrt RF (Loader)
  Version: 9
  cache: 0004013000008002
            Cache: Block eShop Updates (Loader)
  Version: 9
  cache: 0004013000002C02
            Cache: Block NIM updates (Loader)
  Version: 9
  cache: 0004013000002C02
            Cache: ErrDisp devmode (Loader)
  Version: 9
  cache: 0004003000008A02
            Cache: Settings Version String (Loader)
  Version: 9
  cache: 0004001000021000
  cache: 0004001000020000
  cache: 0004001000022000
  cache: 0004001000026000
  cache: 0004001000027000
  cache: 0004001000028000
            Cache: FIRM Protection
            Cache: Region Free HOME (Loader)
  Version: 9
  cache: 0004003000008F02
  cache: 0004003000008202
  cache: 0004003000009802
  cache: 000400300000A102
  cache: 000400300000A902
  cache: 000400300000B102
            Cache: RO Signature Fix (Loader)
  Version: 9
  cache: 0004013000003702
            Cache: Signature Fix
            Cache: TWL Patches
            Cache: MysteryMachine Patcher (Loader)
  Version: 1
  cache: 000400000011C400
  cache: 000400000011C500
  cache: 0004000000055D00
  cache: 0004000000055E00
            Patching firmware...
VM exited without issue
reboot: proc9 mem @ 08028000
            reboot: firmlaunch @ 240da5e8
reboot: fopen @ 08059d25
            reboot: NATF @ 240da714
reboot: TWLF @ 240da718
reboot: AGBF @ 240da71c
reboot: rebc @ 240da700
            emunand: free space @ 2407b1c0
emunand: size is 81344 bytes
emunand: read in emunand code
emunand: found NCSD magic for 0
emunand: layout is gateway
emunand:nand is on sector 0
emunand: head is on sector 1931264
emunand: write @ 240cd730
emunand: read @ 240cd6f0
emunand: patched read/write calls
emunand: SDMMC code @ 080d8a70
emunand: mpu @ 2407c164
emunand: patched MPU settings
            svc: 0x7B (backdoor) missing.
Svc: backdoor is 40 bytes
Svc: Read code to 24062f28
svc: Injected 0x7B.
            module: Grow 2 units
Module: Injecting 610271512
Module: injected modules.
            Saving FIRM for reboot...
Copied FIRM