Hacking Downgrade vs. Hardware-Mod

[lukas_2511]

this sounds interesting...
so, could i order one of these chips and have it run off of a battery to boot the exploit on my ds?

Yea I actually thought about using it as a tiny hardware dongle with a coincell, battery should last quite some time if done right and not used too often, but since the module is so tiny, and there is sooo much spaaaaace in the 3ds-xl, I would rather go and throw it in there

 

[gamesquest1]

in another thread, I saw someone post a Wifi-SDCard. the 3DS can connect to it and the card serves the exploit page.
it's maybe easier (no soldering needed), but wifi might always be enabled and draining battery.

edit:
http://toshiba.semicon-storage.com/eu/product/memory/wlan-sdhc.html

yea i like that idea too, but those cards are quite expensive, and the cards aren't really at the high end of possible speed, so i didn't want to take a closer look. but definitively a nice solution for people without hardware skills.

edit:

oh yea and of course it will drain the battery
mh, guess i'll look at the pins of the sdcard slot too, they are kinda hard to get to (battery connector next to it) but if it provides enough power for the wifi sdcards my little wifi module should work too.

worth mentioning that it seems a lot of those wifi SD cards don't actually allow full SD access, meaning it limits what you can view to mainly just JPG/MP4 etc.....in which case hosting the html page from one of them may not work......pretty sure when looking at them last time im sure i seen one that actually had a wifi off switch on the edge of the card, so assuming that one had fullSD access you could host it then turn the wifi off once you are booted into gateway mode meaning there wouldn't really be any additional battery usage

 

[lukas_2511]

Just a little update: I found that the power supply of the gamecards gets reset sometimes, and is only active with a gamecard inserted into the slot. I also tested the sd card slot, it's also only active while there is an sdcard in there, but since the exploit is kinda useless without an sdcard I guess that's okay.

I've connected some wires to the capacitor directly next to the sdcard slot, and I am currently powering one of the esp8266 modules from that power supply, and it seems to work without any problems
Now going to write a little bit of firmware, basically extend esp-httpd to go to sleep after 2 minutes or so, and then I guess i'll just shove it in there, close it, and baaam, done

 

[tony_2018]

This might actually work if the cost is right for those who don't have an android phone, keep it up.

 

[lukas_2511]

So little update: I've modified the firmware to go into deep sleep mode, and it seems to work, goes to standby after specified time, draws super little current while in deep sleep mode, but it looks like I can put it in deep sleep mode for a max of ~5000 seconds, after that a part of the system wakes up (not everything), and the thing consumes 10mA. The 3ds itself probably takes a looot more power itself, not even sure if i would recognize the 10mA in standby, but I'll try to find a way to put the esp8266 into sleepmode for the longest time possible...

Edit: Haha as it turns out mid of last month they updated their SDK to support going to deep sleep without setting up a wakeup timer, so yea, compiling new toolchain now, hoping esp-httpd will still work with new toolchain...

 

[lukas_2511]

It is done!

Code: https://github.com/lukas2511/sleepy-httpd (i added html files to gitignore, so the codebase is generic and you still need to add index.html and frame.html if you want to clone this hardware-mod)
Toolchain: https://github.com/pfalcon/esp-open-sdk

Picture attached to this post (used pro photosh^Bgimp skills to remove some numbers, dunno if they are "safe" to post on the interwebz, and you never know!).

It seems to work, I still need to restore my 9.2 image (it's currently at 4.5), but other than that, it seems fine

Edit: Reflashed the 9.2 image, works perfectly Hope it takes some time for Gateway to announce a non-internet-related exploit, so this work wasn't a complete waste of time Well, at least it was a fun little project

 

[MrJason005]

can you make a proper guide on this? i would love one of these

 

[Maximilious]

Too bad I have an original 3DS - Think there's enough room in the case for one of these things? And yes a full guide would be awesome!

 

[lukas_2511]

can you make a proper guide on this? i would love one of these

Mh... the thing is... you kinda need to know your way around with this stuff to work with those modules, and at that point a guide is not really needed anyway, since it's basically just power that has to be connected... hard think really is the work with the esp8266 itself.

Rough steps are: Build Toolchain from provided link, Build sleepy-httpd from provided link, Put Gateway-Go files in html folder, Connect FTDI (or other uart-)adapter and power to ESP8266, Use default firmware to configure the esp8266 (AT+CWMODE=2, AT+CWSAP="GATEWAY","secure",5,3), Flash firmware (make flash), Flash html files (make htmlflash), Configure 3DS Internet connection "GATEWAY" with WPA2-PSK key "secure", done.

 

[MrJason005]

Mh... the thing is... you kinda need to know your way around with this stuff to work with those modules, and at that point a guide is not really needed anyway, since it's basically just power that has to be connected... hard think really is the work with the esp8266 itself.

Rough steps are: Build Toolchain from provided link, Build sleepy-httpd from provided link, Put Gateway-Go files in html folder, Connect FTDI (or other uart-)adapter and power to ESP8266, Use default firmware to configure the esp8266 (AT+CWMODE=2, AT+CWSAP="GATEWAY","secure",5,3), Flash firmware (make flash), Flash html files (make htmlflash), done.

do you need an arduino for the GPIO?

 

[lukas_2511]

do you need an arduino for the GPIO?

I think you can program the chip using an arduino with a removed processor, so it's just a ftdi breakout board, but it would be at 5V logic level, this board needs 3.3V, so may damage the esp8266.

 

[NicEXE]

I would suggest that you wouldn't embed this on your 3DS but rather make it into a nice keyfob so that you can carry that wherever you go.

 

[gamesquest1]

use a old NDS flashcard, and put it in the case....plug n play wifi host XD

 

[lukas_2511]

I would suggest that you wouldn't embed this on your 3DS but rather make it into a nice keyfob so that you can carry that wherever you go.

If you are carrying around yet another device you may as well use a smartphone... Well, okay, i think carrying it around as a keyfob is somewhere inbetween.

Would actually be really easy to build, coincell + esp8266 + button, may be integrated in some cheap keyfob flashlight case

 

[gamesquest1]

If you are carrying around yet another device you may as well use a smartphone... Well, okay, i think carrying it around as a keyfob is somewhere inbetween.

Would actually be really easy to build, coincell + esp8266 + button, may be integrated in some cheap keyfob flashlight case

yeah its one of those, this is for a seamless solution, no switch card, no remembering something else.....but if you wanted to make some to sell on here (main buyers would probably be 2DS users as there is no downgrade option for them).....you could indeed make a little keyfob thing that is put on the lanyard strap of the 3DS/2DS itself

 

[lukas_2511]

yeah its one of those, this is for a seamless solution, no switch card, no remembering something else.....but if you wanted to make some to sell on here (main buyers would probably be 2DS users as there is no downgrade option for them).....you could indeed make a little keyfob thing that is put on the lanyard strap of the 3DS/2DS itself

yea well, but as i already said i don't plan on selling these, so yea, really no interest in putting it in a keyfob

and if anyone wants to donate a FW9.2 2DS or normal 3DS so i can try if the module fits in there too and maybe even write a guide, feel free to send me one

 

[tony_2018]

If you are carrying around yet another device you may as well use a smartphone... Well, okay, i think carrying it around as a keyfob is somewhere inbetween.

Would actually be really easy to build, coincell + esp8266 + button, may be integrated in some cheap keyfob flashlight case

Dammit, I already have 2 bulky keyfobs, one for my gate access and the other is my pager alarm. No can do for me on the keyfob.

 

[NicEXE]

btw since you have an iPhone you can jailbreak it (unless you already updated it to the latest iOS) and install mywi on it. then set up a web-server on it and host the exploit there.

 

[lukas_2511]

Here people, have a guide: https://github.com/lukas2511/sleepy-httpd/wiki/Guide

It's not noob-friendly, you have to know how to handle stuff, and of course you need to know how to solder and stuff to actually connect it to your 3DS.

For actual connection to 3DS-XL see my picture above, should be clear where i connected 3.3V and GND.
And of course as always: Modifying your 3DS in this way definitively voids warranty, and you are doing this at your own risk.

 

[tony_2018]

Change the title and add "[Tutorial]" and request to have this added to the Tutorial section.