Flash .cia of DS Profile?

Discussion in '3DS - Flashcards & Custom Firmwares' started by red9350, Mar 15, 2015.

  1. red9350
    OP

    red9350 Member

    Newcomer
    24
    6
    Jan 10, 2015
    Italy
    Hi, is it possible to flash a system .cia of the DS Profile from fw 4.5 on a 9.2 console? So it would be possible to run the exploit from Settings instead of using the web browser/android app. I remember reading a thread some time ago about this topic, but I can't seem to find it...
     
  2. Plasma Shadow

    Plasma Shadow GBAtemp's Artificial Lifeform

    Member
    1,548
    369
    May 15, 2009
    I have no fucking idea.
    No.

    iirc (i may be wrong) but the DS Profile exploit is MSET, which was patched, it only works on 4.x
     
  3. zoogie

    zoogie simple pimp tool

    Member
    6,153
    7,733
    Nov 30, 2014
    United States
    What he's talking about is converting the 4.5 mset app to a cia and installing over the fixed version ala DS whitelist sysApp.
    I've converted the mset app to cci (and it works!) but haven't tried a cia or certainly a risky sysnand install.
     
  4. Plasma Shadow

    Plasma Shadow GBAtemp's Artificial Lifeform

    Member
    1,548
    369
    May 15, 2009
    I have no fucking idea.
    I thought MSET only worked on 4.x, hes trying to ask if he can use the MSET exploit in 9.2 which I am pretty sure is not possible
     
  5. red9350
    OP

    red9350 Member

    Newcomer
    24
    6
    Jan 10, 2015
    Italy
    There's a pc program which lets you download parts of the fw as .cias. It has been used to revert back the ds flashcard whitelist, I want to know if it's possible to use it to revert back the DS Profile app (Or the Settings app) to be able to use the old exploit on newer fw
     
  6. Axido

    Axido GBAtemp Fan

    Member
    411
    395
    Feb 12, 2014
    Germany
    MSET gets fixed after 4.5, yes. But the question was if it is possible to install the unfixed version to sysnand. Something like that was already done with a DS whitelist to get DS flashcarts working again that got fixed in newer FWs as stated above. Got it?
     
  7. zoogie

    zoogie simple pimp tool

    Member
    6,153
    7,733
    Nov 30, 2014
    United States
    The System Settings app (mset) itself was fixed, so it may be possible to unfix it by overwriting the patched version in later firmwares with a vulnerable one.

    This doesn't solve the problem of having to port the exploit rop chains for higher firmwares though of course.
     
  8. Axido

    Axido GBAtemp Fan

    Member
    411
    395
    Feb 12, 2014
    Germany
    And I'd like to add to this: ...but it's more convenient than other methods, especially if you get it to work on N3DS consoles.
     
  9. Plasma Shadow

    Plasma Shadow GBAtemp's Artificial Lifeform

    Member
    1,548
    369
    May 15, 2009
    I have no fucking idea.
    I get you now, wouldnt the only method to do this is manually update to 9.2 after downgrading to 4.5, install the 9.2 cia (except settings and w/e else was needed - much like Apache Thunder did with the Whitelist)
     
  10. red9350
    OP

    red9350 Member

    Newcomer
    24
    6
    Jan 10, 2015
    Italy
    Anyone with a hardmod willing to test it?
     
  11. toto621

    toto621 GBAtemp Regular

    Member
    200
    87
    Jan 19, 2015
    Belgium
    Would be awesome if it someone can manage to do it (fingers crossed) :)
     
  12. pedrobarca

    pedrobarca Banned

    Banned
    445
    177
    Jun 17, 2013
    So even if this would theoretically work, gateways Launcher.dat would work at this point because it cannot handle the MSET hack for firmwares which are not in the range 4.1-4.5 atm? Gateway should investigate this.
     
  13. Apache Thunder

    Apache Thunder I have cameras in your head!

    Member
    4,088
    3,988
    Oct 7, 2007
    United States
    Levelland, Texas
    I have a hardmod and could do this since I have already succesfully downgraded TWL_FIRM by not updating it when I updated to 9.2 via CIAs. But the problem is that unless a DS profile rop chain comes out that makes use of spiderhax/memchunkhax, I would have no way of really testing if it still works. The original Arm9 exploit msett used in 4.x was patched by NATIVE_FIRM, so any exploits for that still won't work on a 9.x system.

    If there is a MSETT exploit that uses memchunkhax/spider exploit, let me know and I might give this a shot. ;)