Hacking [Discussion] Install DS Profile exploit with Download Play?

dicamarques

Definitely not Bruce Wayne.
OP
Member
Joined
Jun 25, 2010
Messages
1,096
Trophies
1
Location
Your computer's Recycle Bin
Website
www.google.com
XP
1,993
Country
Portugal
So now with all the hopes of CFW on my 3Ds without spending 60+€ on a flashcart I was looking for info and requirements where to only have the 3DS to downgrade and a DS flashcart to install the exploit. Well I'm a unlucky owner of a Ak2i, which the last working is 4.3... so even if I downgrade I cant use my flashcart to install the exploit.
But then I started thinking in a different way to load the exploit, what if I send it over download play, I have a DSi so I could use that?
I remember seeing this thread awhile back https://gbatemp.net/threads/ds-download-play-send-nds-file-with-planet-puzzle-league.306625/
and it is a great idea, but there's a catch, no homebrew is possible to be loaded on the client DS (in this case 3DS) unless it has flashme (there's no flashme for the 3DS).
If it was possible to fakesign or inject or code to a ninty signed .nds and then place it on that game, there was a way to load the exploit without a flashcart (yes without!, I think that there's also a way to send demos using a PC)

So any opinions, or this is completely impossible unless someone guesses the key.
 

MaK11-12

Well-Known Member
Member
Joined
Jul 26, 2009
Messages
241
Trophies
0
Location
Namek
Website
www.deltabeard.com
XP
434
Country
I would also like to know if there is a method of installing the ROP loader without a DS flash card.
I tried replacing the Launcher.dat file from the Gateway 3.0.1 update with the CFW Launcher_GW.dat (renamed to Launcher.dat) and then using the new browser exploit to load it. That didn't work. :(
 

dicamarques

Definitely not Bruce Wayne.
OP
Member
Joined
Jun 25, 2010
Messages
1,096
Trophies
1
Location
Your computer's Recycle Bin
Website
www.google.com
XP
1,993
Country
Portugal
I would also like to know if there is a method of installing the ROP loader without a DS flash card.
I tried replacing the Launcher.dat file from the Gateway 3.0.1 update with the CFW Launcher_GW.dat (renamed to Launcher.dat) and then using the new browser exploit to load it. That didn't work. :(
Yes, its because the new exploit does not only use the browser to work, it needs something else.
 

dicamarques

Definitely not Bruce Wayne.
OP
Member
Joined
Jun 25, 2010
Messages
1,096
Trophies
1
Location
Your computer's Recycle Bin
Website
www.google.com
XP
1,993
Country
Portugal
well i dont know but have you try desmume download play? lol who knows
The problem is not sending the file, is the 3DS accepting the file, because it's not signed by ninty

The exploit downgrades you to 4.2, so your card should be able to work.
from what I know, the EUR version downgrades to 4.5
 

mastermodr94

Well-Known Member
Member
Joined
Dec 3, 2014
Messages
137
Trophies
0
Age
29
XP
204
Country
United States
Heres the thing basically you would need a nds demo that was exploitable. Similar to how smealum just exploited BangioSpirits with its level editor. You would need to find a demo that has something similar or a rom that is under 4mb and then send it over download play and exploit it to patch the 3ds profile. Not imposible but very dificult for little payoff when you can grab a cheap ds flashcard for ~ $15 or less
 

dicamarques

Definitely not Bruce Wayne.
OP
Member
Joined
Jun 25, 2010
Messages
1,096
Trophies
1
Location
Your computer's Recycle Bin
Website
www.google.com
XP
1,993
Country
Portugal
Heres the thing basically you would need a nds demo that was exploitable. Similar to how smealum just exploited BangioSpirits with its level editor. You would need to find a demo that has something similar or a rom that is under 4mb and then send it over download play and exploit it to patch the 3ds profile. Not imposible but very dificult for little payoff when you can grab a cheap ds flashcard for ~ $15 or less
Thats not the issue, already did that. The problem is that the Homebrew is not signed.
 

mastermodr94

Well-Known Member
Member
Joined
Dec 3, 2014
Messages
137
Trophies
0
Age
29
XP
204
Country
United States
Thats not the issue, already did that. The problem is that the Homebrew is not signed.
No what im saying is that yes the homebrew is unsigned however an exploitable ds demo IS signed. So you can send an unmodified demo to the 3ds and then exploit it without the use of a flashcard. But you would need to build the exploit yourself.
 

anon3536

Well-Known Member
Member
Joined
Nov 4, 2012
Messages
183
Trophies
0
Age
29
XP
253
Country
United States
so what about if you like ran the exploit on the dsi then loaded a game like super mario ds that has single cart play, could it possibly crash then cuz your name shows up on the other users ds? im willing to bet this prob wont work but just a thought after reading this
 

dicamarques

Definitely not Bruce Wayne.
OP
Member
Joined
Jun 25, 2010
Messages
1,096
Trophies
1
Location
Your computer's Recycle Bin
Website
www.google.com
XP
1,993
Country
Portugal
so what about if you like ran the exploit on the dsi then loaded a game like super mario ds that has single cart play, could it possibly crash then cuz your name shows up on the other users ds? im willing to bet this prob wont work but just a thought after reading this
It possibly will crash the ds but wont change the 3DS name, so not going to help :(
My attempts at getting a signed header from another demo and place it on the homebrew were unsuccessful so far :( I was thinking to make the Bangai-oSploit to work, but it's a commercial rom and even though I removed a lot from the rom it wouldn't boot because of the header.
Probably this isn't working because of my lack of skills on DS hacking.
 
  • Like
Reactions: tozevleal

anon3536

Well-Known Member
Member
Joined
Nov 4, 2012
Messages
183
Trophies
0
Age
29
XP
253
Country
United States
It possibly will crash the ds but wont change the 3DS name, so not going to help :(
My attempts at getting a signed header from another demo and place it on the homebrew were unsuccessful so far :( I was thinking to make the Bangai-oSploit to work, but it's a commercial rom and even though I removed a lot from the rom it wouldn't boot because of the header.
Probably this isn't working because of my lack of skills on DS hacking.

well isnt it the actual name that crashes? sure it wont save to the 3ds but once the 3ds attempted to load that name i would think it would crash similar to how it does when you go to open the nds management atm
 

dicamarques

Definitely not Bruce Wayne.
OP
Member
Joined
Jun 25, 2010
Messages
1,096
Trophies
1
Location
Your computer's Recycle Bin
Website
www.google.com
XP
1,993
Country
Portugal
well isnt it the actual name that crashes? sure it wont save to the 3ds but once the 3ds attempted to load that name i would think it would crash similar to how it does when you go to open the nds management atm
You need to have it saved so it loads up on the system settings. I dont even know if we can change any of these values in DS Download....
 

WaterBotttle

Well-Known Member
Member
Joined
Dec 19, 2014
Messages
163
Trophies
0
Age
34
XP
307
Country
Since the DS download play titles have to be signed to run on the 3DS, it seems as others have suggested the best method would be using an already signed title and then exploiting a vulnerability in that to execute the needed DS code. While possible I don't think many would be interested because the DS cards are so cheap and we already have the web browser as an entry point. However it does sound like a cool project.
 
  • Like
Reactions: tozevleal

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
    AncientBoi @ AncientBoi: 🛌