Gateway Questions

Discussion in '3DS - Flashcards & Custom Firmwares' started by gudenau, Dec 31, 2015.

  1. gudenau
    OP

    gudenau Never a unique idea

    Member
    3,236
    1,216
    Jul 7, 2010
    United States
    /dev/random
    I have a few questions about how Gateway implemented there CFW.

    I am not looking for "how do I use them", I am asking for how they work; at a code level.
    1. How does the version spoofing work?
    2. How does the cheat system work?
    3. How do they get ARM11, if they do at all?
     
  2. YourHero

    YourHero GBAtemp Maniac

    Member
    1,003
    219
    Apr 22, 2010
    United States
    Doesn't explain anything, the post.
     
    Last edited by YourHero, Dec 31, 2015
  3. gudenau
    OP

    gudenau Never a unique idea

    Member
    3,236
    1,216
    Jul 7, 2010
    United States
    /dev/random
    Not to be mean, but that does not answer my questions at all.
     
    Hayleia likes this.
  4. Quantumcat

    Quantumcat Dead and alive

    Member
    9,789
    5,113
    Nov 23, 2014
    Australia
    Canberra, Australia
    Read 3dbrew.org.
     
  5. gudenau
    OP

    gudenau Never a unique idea

    Member
    3,236
    1,216
    Jul 7, 2010
    United States
    /dev/random
    From what I can tell that does not explain how to inject code into arm11 processes from boot, nor does it say how someone implemented cheats or version spoofing. Sure with the data on there you could patch a title before installing it, but it does not say how the system stores that information in memory.

    From what I can tell, I am not going to get a good answer, am I?
     
  6. Quantumcat

    Quantumcat Dead and alive

    Member
    9,789
    5,113
    Nov 23, 2014
    Australia
    Canberra, Australia
    1. Get an understanding of the architecture of the 3DS (reading 3dbrew & studying computer science)
    2. Look at the source code for rxtools or cakes or anything else that's open source
    3. If you don't understand the source code, refer to step 1.

    Gateway is closed source so all you can do is guess. However things like the ROP loader for the DS profile exploit will be similar to rxTools.

    Edit: What you're asking for is basically like asking how to solve partial differential equations. If you have enough background knowledge to be able to understand the explanation then it's also trivial for you to find the info and you wouldn't need to ask.
     
    Last edited by Quantumcat, Dec 31, 2015
    soulskeeper likes this.
  7. Aroth

    Aroth GBAtemp Addict

    Member
    2,066
    745
    Apr 14, 2015
    United States
    Atm no one injects any code on boot. The closest is menuhax which injects code into a theme, which i then loaded when the home menu starts up and then (from what I understand) loads a 3dsx file. How this is handled or done, I have no idea and your best bet is to follow Quantumcat's advice.

    To be honest an open forum like this is not the best place to get detailed information about the mechanics and code behind the exploits. Your best bet, barring Quantumcat's advice, is to locate one of community groups that devs like yls8, smea and the rest frequent to discuss things. Seem to remember something being mentioned about an irc group, maybe a skype one?
     
    soulskeeper and Quantumcat like this.