Hacking Gateway Brick on b2 caught on camera finally :D

[KodyKaplish]

Maybe it a glitch in gw 2.0 beta 2

 

[hurfty]

Not to sure why some people are assuming that this will delay the final release of 2.0 (unless that pretty polished multi rom demo video was the 1 out of 10 tries where their 3DS didn't crap itself and they've actually got a long way to go). Pretty sure with all the delays so far and the emails with vague answers are specifically because they're working on unbugging this thing or trying to hide it better while not confirming or owning up to anything.

 

[Kippykip]

Perhaps when it does the diagnostics check, it temporary disable reading and the MD5 check doesn't return anything and bricks it?

 

[RicoT]

is it me or is a raspberry pi only cost 25$? I see there's 2 models ... A and B I think ... does it make a difference?

use the edition B whatever I had purchase the education B and is cost my 36$ and solder tools cost another 30$

 

[retrofan_k]

ok a couple of hours ago i started systematically rebooting gateway mode over and over to hopefully finally prove that b2 causes bricks....i recorded the whole process, although i will trim the video and upload to youtube, MD5 is correct, official Launcher.dat is used....after seeing many people saying they ran diagnostics before their brick i decided to give that a go a few times and bingo we have a official launcher files and a bricked 3ds caught on camera twice now (i did actually brick 5 times but only recorded it twice)

​

​

​

Things i have already tried​

Booting with emunand still triggers the diagnostics brick, without emunand it still bricks, with the date set before 4th Feb (i set it to 25/12/2013) still bricks, i have verified the date modified and MD5 on the launcher files before and after the bricks occurred, both of which where the original values, i have also tried multiple different SD card, which have been freshly formatted​

​

Stats so far
Standard boots ---150+----0 bricks
booting to gateway menu without running diagnostics----30+ --------0 Bricks
Booting to gateway menu and running diagnostics -------- 19 --------5 Bricks
draw your own conclusions as to the causes

FAQ's

does this mean I'm 100% safe if i avoid diagnostics-
Sorry i cant 100% guarantee it but the odds look alot better than if you go running diagnostics, but if you want to be 100% safe, stick to B1

So if i brick can i recover my system somehow -
Yes, as long as you have your nand backed up, you can use a raspberry pi to unlock your nand, this does require some soldering, so you may be better off looking for someone to do it for you if you aren't very good at soldering

So gateway is the devil ...am i right ehhh well am I?????
sure whatever floats your boat


HAHAH YOUR BRICKED -
nah ....im not, technically it shouldn't be called a brick no more as its recoverable

Thanks for taking the time for doing this and especially using your'e own console as a test subject. This is similar to what happened to mine in the 1st video around the 0:44 secs bit, as instead of my one going back to the main menu like yours did, my 3DS hung on a black screen and then BSOD upon restarting after I manually shut it down.

This shines the light a whole lot more on this scandal of a mess that is still not admitted by GW themselves and helps my case.

 

[gamesquest1]

Thanks for taking the time for doing this and especially using your'e own console as a test subject. This is similar to what happened to mine in the 1st video around the 0:44 secs bit, as instead of my one going back to the main menu like yours did, my 3DS hung on a black screen and then BSOD upon restarting after I manually shut it down.

This shines the light a whole lot more on this scandal of a mess that is still not admitted by GW themselves and helps my case.

Just because I want to pin down the cause, did you run diagnostics before your brick?

 

[retrofan_k]

Just because I want to pin down the cause, did you run diagnostics before your brick?

Yes, I did. Before I bricked, I initially had issues with the GW card seeing my roms that I wrote to the SD, as they would not show up. As result, I ran tests afterwards to verify the SD and the GW card itself, so I could narrow the problem, down, yet it was then I got bricked after using the diagnostics.

Copy and paste from my old original post when it bricked:-

Exploited the console as instructed using the blue card and copied the 2.02b launcher.dat to the SD, as I have done this before on my other GW 3DS so its not something I haven't done before.
Gateway mode screen boots via holding L on profile, etc, which I then back-up nand. However, afterwards I had an issue with the red card seeing the games that I wrote to the microSD using the Win32 Disk Image tool because nothing would show up on the screen after selecting GW mode.
I then did a diagnostic check with the GW test rom and the all the tests passed except for the SD, as it was constantly flashing blue for like 20 mins, so I then took out the RED card and cancelled the test.
Turned off the 3DS, took out the microSD and wrote the new "Zelda between two worlds" Rom to the card. Booted into GW mode screen again and did another Diagnostic test and this time the SD passed, as did all the other tests (all Green OK).
Came out of that and then selected GW mode, which then it hung on a black screen with the power indicator still on for like 2 mins. I then decided to manually shut it down by holding the power button till the LED went out, which it did
The 3DS BRICKED upon restarting on a Blue Debug Screen (BSOD) after I turned it back on.
The 3Ds was never exploited whatsoever with anything previously and was just recently updated from 2xx OFW (cannot remember the exact number but it was 2xx something) using an original Luigi's mansion 2 to 4.5 E
Emunand was never selected or used nor any roms played, as I literately had the GW card for like 30-35 mins until it bricked my system.

 

[gamesquest1]

Yeah I think its pretty clear that it's something that happens WHEN running diagnostics, so once it's run no matter what you do you are bricked, I think the reason people didn't tie it all together sooner, was because it still lets you enter emunand still if it's already set up, so once your in there the system is running from the SD slot, not the nand

The exact same thing you described happen when I tried with no emunand set up, when you try to exit gateway menu into gateway mode, at this point the brick has already occurred so the system just hangs on a black screen, as it can't go back to the main menu as the nand is locked

 

[retrofan_k]

Exactly, plus when others are running roms fine and emunand, they have no reason to mess around with the diagnostics. Shame this didn't surface sooner, yet suppose the un-bricking procedure is fairly new and most have limited or zero soldering skills to even attempt to gamble with their system. Still better late than never and this is the best proof so far we got that 2.0b2 is unsafe with the diagnostics. Did anyone so far brick without running tests?? I have not noticed.

Thanks again for contributing and narrowing this down and look forward to more findings, if any, if your'e continuing to investigate this issue further.

 

[gamesquest1]

Exactly, plus when others are running roms fine and emunand, they have no reason to mess around with the diagnostics. Shame this didn't surface sooner, yet suppose the un-bricking procedure is fairly new and most have limited or zero soldering skills to even attempt to gamble with their system. Still better late than never and this is the best proof so far we got that 2.0b2 is unsafe with the diagnostics. Did anyone so far brick without running tests?? I have not noticed.

Thanks again for contributing and narrowing this down and look forward to more findings, if any, if your'e continuing to investigate this issue further.

Well the only reports of bricking without running diagnostics, are from when the bricks first happened, I would like to try confirm with all of the existing reported bricks if they had ran diagnostics, I think at this point 6 out of about 10 have confirmed they ran diagnostics just before the brick, I'm kinda assuming the remaining 4 probably did run it but continued to emunand and didn't relate the diagnostics to their brick, because the system was seemingly fine after running diagnostics

Tbh I don't think there is much more I can do, no matter how many bricks running diagnostics, and non bricks by not running it, you can still never be 100% sure! but I'll go all out and say I'm 99.9% sure the bricking only occurs if you run diagnostics......atleast when running official firmware,

I may look into the region free patch at some point but idk the whole theory behind the brick code that was found was that it ran randomly, but from what I have observed on official firmware atleast it's not as random as we where lead to believe, the actual odds are like 1 in 5,

 

[Etheboss]

I cannot change! the download automatically start, do you could send me the link for MP ?

Yes you can, rightclick on the link, choose to copy shortcut, and past it in the adress barr, then change b2 to b1 (PS. that trick also works for even older versions)

 

[Gerbilly]

It's more complicated than that. You simply have exponentially more chances of bricking in the diagnostic mode because it calls most (if not all) of the functions that are tied to specific Gateway commands (SPI Read, IC challenge...) some of these functions themselves ultimately call the brick function if their built in checks fail. Of course these checks also run on a random basis while the Gateway payload is running, they just don't run all the commands at once outside of the diagnostic mode.

It could be that one check is buggy or fails with your particular card (not all of the checks are displayed on the diag screen).

There is no telling where precisely it fails without doing some extensive diagnostic. It'd be much better if the Gateway engineers were to remove the bricking function from their code rather than to take their chances.

Don't disregard this advice and assume that just not running the diagnostic tests will protect you from getting bricked. It can still happen at any time when running 2.02.

Running the test though makes the launcher run all its (bricking) tests in sequence, making it more likely to occur though.

The expedient thing is to remain on 2.01 or below (or equivalent) at this time.

 

[gamesquest1]

Yeah but do remember, that the devs who where looking into it said it had safeguards, and they didn't quite understand why it was running on the official launcher.....this could be the reason, if running diagnostics skips the sanity checks or whatever.

As I said its impossible to prove 100% that this is the only way it gets triggered on the official launcher, so yeah it would probably be for the best that people stick to B1, but saying that at least now people have a more clear view of the risks, especially if most of the brick reports where down to this exact bug

Not to mention it highlights the issue to gateway themselves...if they genuinely didn't know what caused genuine users to be bricked, they now know where to look at least to make sure it doesn't happen on 2.0 final

 

[retrofan_k]

Not much being said over at maxconsole regarding this, since its supposed to be the official GW support forum. Expected GaryOPA or someone else high up to comment and whether it has been submitted to GW themselves.

@ gamerquest1 when you bricked, did you have any roms written to the SD card that was in the Red card? I had the test rom on it first and it didn't brick after using the diagnostic, yet bricked soon after when a rom was on the SD after doing the test. Not that it might not matter, but when I bricked, I had the new Zelda on it and Gary mentioned something about reports using that rom and he was going to inform GW about it.

 

[gamesquest1]

Well I did email gateway with the details, but not heard anything back

Had professor layton and the azran legacy on the red card

 

[Gabbo04]

Well I did email gateway with the details, but not heard anything back

Without any further news, their credibility will vanish in one week.

 

[Huntereb]

gamesquest1 is chinese mafia!!

I'm a little late to the party.

 

[gamesquest1]

gamesquest1 is chinese mafia!!

I'm a little late to the party.

shhhhhhhh we don't out our own

Any more of this and you will be waking up with a horses head in your bed

 

[tomiga]

gamesquest1 is chinese mafia!!

I'm a little late to the party.

Maybe he can tell us about the legendary Ramble Pak.

 

[Huntereb]

Maybe he can tell us about the legendary Ramble Pak.

I can honestly say I have no idea what this "Ramble Pack" inside-joke is supposed to mean.