[Discussion] Install DS Profile exploit with Download Play?

Discussion in '3DS - Flashcards & Custom Firmwares' started by dicamarques, Jan 11, 2015.

  1. dicamarques
    OP

    dicamarques Definitely not Bruce Wayne.

    Member
    1,020
    179
    Jun 25, 2010
    Portugal
    Your computer's Recycle Bin
    So now with all the hopes of CFW on my 3Ds without spending 60+€ on a flashcart I was looking for info and requirements where to only have the 3DS to downgrade and a DS flashcart to install the exploit. Well I'm a unlucky owner of a Ak2i, which the last working is 4.3... so even if I downgrade I cant use my flashcart to install the exploit.
    But then I started thinking in a different way to load the exploit, what if I send it over download play, I have a DSi so I could use that?
    I remember seeing this thread awhile back https://gbatemp.net/threads/ds-download-play-send-nds-file-with-planet-puzzle-league.306625/
    and it is a great idea, but there's a catch, no homebrew is possible to be loaded on the client DS (in this case 3DS) unless it has flashme (there's no flashme for the 3DS).
    If it was possible to fakesign or inject or code to a ninty signed .nds and then place it on that game, there was a way to load the exploit without a flashcart (yes without!, I think that there's also a way to send demos using a PC)

    So any opinions, or this is completely impossible unless someone guesses the key.
     
    Margen67 and tozevleal like this.


  2. MaK11-12

    MaK11-12 GBAtemp Regular

    Member
    232
    123
    Jul 26, 2009
    Namek
    I would also like to know if there is a method of installing the ROP loader without a DS flash card.
    I tried replacing the Launcher.dat file from the Gateway 3.0.1 update with the CFW Launcher_GW.dat (renamed to Launcher.dat) and then using the new browser exploit to load it. That didn't work. :(
     
  3. dicamarques
    OP

    dicamarques Definitely not Bruce Wayne.

    Member
    1,020
    179
    Jun 25, 2010
    Portugal
    Your computer's Recycle Bin
    Yes, its because the new exploit does not only use the browser to work, it needs something else.
     
  4. ewin00

    ewin00 GBAtemp Regular

    Member
    146
    32
    Mar 24, 2011
    Indonesia
    well i dont know but have you try desmume download play? lol who knows
     
  5. Pawed

    Pawed ( ͡° ͜ʖ ͡°)

    Member
    141
    38
    Sep 29, 2014
    India
    The exploit downgrades you to 4.2, so your card should be able to work.
     
  6. dicamarques
    OP

    dicamarques Definitely not Bruce Wayne.

    Member
    1,020
    179
    Jun 25, 2010
    Portugal
    Your computer's Recycle Bin
    The problem is not sending the file, is the 3DS accepting the file, because it's not signed by ninty

    from what I know, the EUR version downgrades to 4.5
     
  7. w0dash

    w0dash noob

    Member
    150
    77
    May 29, 2012
    Gambia, The
    False, if he does not have an US device.
     
  8. dicamarques
    OP

    dicamarques Definitely not Bruce Wayne.

    Member
    1,020
    179
    Jun 25, 2010
    Portugal
    Your computer's Recycle Bin
    Well, I went ahead and tried this method, and the console semi-freezes. You can still reboot it normally to the home menu.
     
  9. tozevleal

    tozevleal Probably the last VinsCool lonk clone :P

    Member
    261
    92
    Jul 14, 2011
    Portugal
    Somewhere
    Maybe if someone hack a signed a .nds file maybe can becreated a exploit
     
  10. jmleolgq

    jmleolgq Advanced Member

    Newcomer
    76
    25
    Aug 7, 2011
    Switzerland
    An R4i card is cheaper than NDS/3DS to give you a download play spot
     
  11. dicamarques
    OP

    dicamarques Definitely not Bruce Wayne.

    Member
    1,020
    179
    Jun 25, 2010
    Portugal
    Your computer's Recycle Bin
    I know that but I already have that that's why I'm trying it. Also it might be possible to do it with a PC
     
    Margen67 likes this.
  12. mastermodr94

    mastermodr94 GBAtemp Regular

    Member
    136
    84
    Dec 3, 2014
    United States
    Heres the thing basically you would need a nds demo that was exploitable. Similar to how smealum just exploited BangioSpirits with its level editor. You would need to find a demo that has something similar or a rom that is under 4mb and then send it over download play and exploit it to patch the 3ds profile. Not imposible but very dificult for little payoff when you can grab a cheap ds flashcard for ~ $15 or less
     
  13. dicamarques
    OP

    dicamarques Definitely not Bruce Wayne.

    Member
    1,020
    179
    Jun 25, 2010
    Portugal
    Your computer's Recycle Bin
    Thats not the issue, already did that. The problem is that the Homebrew is not signed.
     
  14. mastermodr94

    mastermodr94 GBAtemp Regular

    Member
    136
    84
    Dec 3, 2014
    United States
    No what im saying is that yes the homebrew is unsigned however an exploitable ds demo IS signed. So you can send an unmodified demo to the 3ds and then exploit it without the use of a flashcard. But you would need to build the exploit yourself.
     
  15. anon3536

    anon3536 GBAtemp Regular

    Member
    181
    10
    Nov 4, 2012
    United States
    so what about if you like ran the exploit on the dsi then loaded a game like super mario ds that has single cart play, could it possibly crash then cuz your name shows up on the other users ds? im willing to bet this prob wont work but just a thought after reading this
     
  16. dicamarques
    OP

    dicamarques Definitely not Bruce Wayne.

    Member
    1,020
    179
    Jun 25, 2010
    Portugal
    Your computer's Recycle Bin
    It possibly will crash the ds but wont change the 3DS name, so not going to help :(
    My attempts at getting a signed header from another demo and place it on the homebrew were unsuccessful so far :( I was thinking to make the Bangai-oSploit to work, but it's a commercial rom and even though I removed a lot from the rom it wouldn't boot because of the header.
    Probably this isn't working because of my lack of skills on DS hacking.
     
    tozevleal likes this.
  17. tozevleal

    tozevleal Probably the last VinsCool lonk clone :P

    Member
    261
    92
    Jul 14, 2011
    Portugal
    Somewhere
    That means you can only send demos from ds download play?
     
  18. anon3536

    anon3536 GBAtemp Regular

    Member
    181
    10
    Nov 4, 2012
    United States
    well isnt it the actual name that crashes? sure it wont save to the 3ds but once the 3ds attempted to load that name i would think it would crash similar to how it does when you go to open the nds management atm
     
  19. dicamarques
    OP

    dicamarques Definitely not Bruce Wayne.

    Member
    1,020
    179
    Jun 25, 2010
    Portugal
    Your computer's Recycle Bin
    You need to have it saved so it loads up on the system settings. I dont even know if we can change any of these values in DS Download....
     
  20. WaterBotttle

    WaterBotttle GBAtemp Regular

    Member
    127
    86
    Dec 19, 2014
    Since the DS download play titles have to be signed to run on the 3DS, it seems as others have suggested the best method would be using an already signed title and then exploiting a vulnerability in that to execute the needed DS code. While possible I don't think many would be interested because the DS cards are so cheap and we already have the web browser as an entry point. However it does sound like a cool project.
     
    tozevleal likes this.