Hacking DLC disappeared after entering eShop. Unable to reinstall?

GothicIII

Well-Known Member
Member
Joined
Jan 4, 2015
Messages
829
Trophies
0
Age
35
XP
2,198
Country
Gambia, The
It is, can you compile it?


I think the tool does that.
I'll compile it when I get back home next week. As of now it looks promising but I want to know if it works without a kernel exploit. If I would have to boot a 9.2.0 firm every time I launch it it wouldnt make sense to use it. Right now I dont have the time to mess with the code to answer the question myself.
 
  • Like
Reactions: cearp and pustal

pustal

Yeah! This is happenin'!
Member
Joined
Jul 19, 2011
Messages
1,556
Trophies
2
Location
Emerald Coast
Website
web.archive.org
XP
6,105
Country
Portugal
I'll compile it when I get back home next week. As of now it looks promising but I want to know if it works without a kernel exploit. If I would have to boot a 9.2.0 firm every time I launch it it wouldnt make sense to use it. Right now I dont have the time to mess with the code to answer the question myself.

Alright. If you manage to compile, please share the binaries (and tell us how did you do it).
 

pustal

Yeah! This is happenin'!
Member
Joined
Jul 19, 2011
Messages
1,556
Trophies
2
Location
Emerald Coast
Website
web.archive.org
XP
6,105
Country
Portugal
It happens with every cfw and entry point -_-


Simple fix is to not to enter the eshop. Use the website to check for games and what not. That way you only have to go in the eshop when you absolutely need to.

Should this happen also updating games? If so only updating the game where it has that DLC installed or any game?
 

cearp

瓜老外
Developer
Joined
May 26, 2008
Messages
8,721
Trophies
2
XP
8,473
Country
Tuvalu
So the Tool from yifanlu is in 3dsx format when you compile it?
Do you need kernel rights to launch it? (So fw9.2.0 only?)
How do I extract tickets? Possible With ctr-tool?
If the 2nd answer is yes then it will be for me more comfortable to dump and inject tickets.db with decrypt9 through a9lh instead of compiling the tool and converting it to cia
use decrypt 9 to dump the ticket.db
you can make FunkyCIA extract tickets, make it not download anything and it will only dump the tickets.
i'm not sure how to compile the code, but i imagine you can get a 3dsx out of it...
 

GothicIII

Well-Known Member
Member
Joined
Jan 4, 2015
Messages
829
Trophies
0
Age
35
XP
2,198
Country
Gambia, The
@pustal @cearp

Of course compiling fails when you don't use libraries from the time when the code was written. libctru has many changes since beginning of 2015.

Download and extract DevkitARMr45.
bash :"export DEVKITARM=<Path2DevkitARM>"
Download and extract ctrulib v.0.6.0; newer ones won't compile since some functions were changed.
bash :"export DEVKITARM=<Path2libctru>"

compile libctru first, else linking the objects will fail.
finally compile 3DSInstallTickets


Here you go: binaries for all; I didn't test them since Im not at home:
 

Attachments

  • 3DSInstallTickets.zip
    98.8 KB · Views: 113
Last edited by GothicIII,
  • Like
Reactions: pustal

cearp

瓜老外
Developer
Joined
May 26, 2008
Messages
8,721
Trophies
2
XP
8,473
Country
Tuvalu
@pustal @cearp

Of course compiling fails when you don't use libraries from the time when the code was written. libctru has many changes since beginning of 2015.

Download and extract DevkitARMr45.
bash :"export DEVKITARM=<Path2DevkitARM>"
Download and extract ctrulib v.0.6.0; newer once won't compile since some functions were changed.
bash :"export DEVKITARM=<Path2libctru>"

compile libctru first, else linking the objects will fail.
finally compile 3DSInstallTickets


Here you go: binaries for all; I didn't test them since Im not at home:
no, i used a complied version someone sent me, i didn't try to compile myself! anyway, thanks for the advice...
i just don't remember it working, or some issue i had with it, honestly i forget. i have it still in my 3ds folder so i can run it just now :)
it works fine for you? ooh you said you didn't test, but sure i hope it works ok.
maybe i can add the code to CIAngel
 

cearp

瓜老外
Developer
Joined
May 26, 2008
Messages
8,721
Trophies
2
XP
8,473
Country
Tuvalu
@pustal @cearp

Of course compiling fails when you don't use libraries from the time when the code was written. libctru has many changes since beginning of 2015.

Download and extract DevkitARMr45.
bash :"export DEVKITARM=<Path2DevkitARM>"
Download and extract ctrulib v.0.6.0; newer ones won't compile since some functions were changed.
bash :"export DEVKITARM=<Path2libctru>"

compile libctru first, else linking the objects will fail.
finally compile 3DSInstallTickets


Here you go: binaries for all; I didn't test them since Im not at home:
ok i tested the version i had that someone sent me.
i get a khaxinit error, unknown kernel version.
i tested the one you uploaded, and i get the same error :(
 

GothicIII

Well-Known Member
Member
Joined
Jan 4, 2015
Messages
829
Trophies
0
Age
35
XP
2,198
Country
Gambia, The
@cearp: Yeah I thought so some posts ago. This tool is useless on later firmware. It depends on the memchunkhax exploit which doesnt work on devices with later 10.x firmware.
 

cearp

瓜老外
Developer
Joined
May 26, 2008
Messages
8,721
Trophies
2
XP
8,473
Country
Tuvalu
@cearp: Yeah I thought so some posts ago. This tool is useless on later firmware. It depends on the memchunkhax exploit which doesnt work on devices with later 10.x firmware.
so, if we reverse this change, it may be ok? https://github.com/yifanlu/3DSSystemTools/commit/5dca264725643edea047db41d9f75575c836cc98

is the memchunkhax just to get the permission/hooking started, and the project's main code is abstracted from that?
or, will the code and it's functions be very dependent on the type of hack/exploit you are using?
(maybe this changes from project to project)

i want to know if we can just 'remove' the hax stuff.. and be left with working code. but i doubt it's that easy :)
 

GothicIII

Well-Known Member
Member
Joined
Jan 4, 2015
Messages
829
Trophies
0
Age
35
XP
2,198
Country
Gambia, The
@cearp It won't work that way. The program needs kernel rights and this is where memchunkhax kicks in. It is essential for the 3dsx version because 3dsx is run from usermode. You can't manipulate tickets without kernel rights.
Im not a 3ds developer I don't know how the cia installers get kernel rights but it must be something how the kernel handles the software (kernel is always patched on cfw to make unsigned code run).

To make the program useful it needs at least a cia version of it.
 
Last edited by GothicIII,
  • Like
Reactions: cearp

cearp

瓜老外
Developer
Joined
May 26, 2008
Messages
8,721
Trophies
2
XP
8,473
Country
Tuvalu
@cearp It won't work that way. The program needs kernel rights and this is where memchunkhax kicks in. It is essential for the 3dsx version because 3dsx is run from usermode. You can't manipulate tickets without kernel rights.
Im not a 3ds developer I don't know how the cia installers get kernel rights but it must be something how the kernel handles the software (kernel is always patched on cfw to make unsigned code run).

To make the program useful it needs at least a cia version of it.
i assumed if we run 3dsx homebrew from a cfw with signature patches, like from the hblauncher_loader on the home menu, then the homebrew itself wouldn't need to do anything special to get permissions? i'm not an expert on this, i just try to make some tools but yeah it seems tricky for me to put this code into CIAngel :D
 

The Real Jdbye

*is birb*
Member
Joined
Mar 17, 2010
Messages
23,207
Trophies
4
Location
Space
XP
13,733
Country
Norway
i assumed if we run 3dsx homebrew from a cfw with signature patches, like from the hblauncher_loader on the home menu, then the homebrew itself wouldn't need to do anything special to get permissions? i'm not an expert on this, i just try to make some tools but yeah it seems tricky for me to put this code into CIAngel :D
CIA homebrew defines permissions in the exheader, so you just need to add the flag for svcBackdoor in the rsf file when building the CIA, and any function to be ran with ARM11 kernel needs to be called through it, pretty simple. It's also 100% stable :)
Using svcBackdoor you can also patch the pid to 0 to automatically get access to every service (or access to every service could be granted in the rsf)
 
Last edited by The Real Jdbye,
  • Like
Reactions: cearp

cearp

瓜老外
Developer
Joined
May 26, 2008
Messages
8,721
Trophies
2
XP
8,473
Country
Tuvalu
CIA homebrew defines permissions in the exheader, so you just need to add the flag for svcBackdoor in the rsf file when building the CIA, and any function to be ran with ARM11 kernel needs to be called through it, pretty simple. It's also 100% stable :)
Using svcBackdoor you can also patch the pid to 0 to automatically get access to every service (or access to every service could be granted in the rsf)
but when dealing with 3dsx i do nothing? :)
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
    Xdqwerty @ Xdqwerty: @salazarcosplay, yea the only game they rereleased are the game boy and games boy color ones...