Getting to Homebrew Menu Before Initializing System

Discussion in '3DS - Homebrew Development and Emulators' started by drfsupercenter, Apr 5, 2016.

  1. drfsupercenter
    OP

    drfsupercenter Flash Cart Aficionado

    Member
    1,896
    234
    Mar 26, 2008
    United States
    Hey guys,

    Just wondering if this is doable.

    I just learned this trick yesterday (call me slow if you want) from 3dbrew's article about the Home Menu.

    On a system that hasn't been formatted/initialized, you can hold R + ABXY which will boot directly from the inserted gamecard instead of forcing you to complete system setup. The cool thing about this is that it won't be associated with an ID0 and ID1 yet.

    For example, 3DSes that come with a bundled game - I want to do some investigation of the ticket stuff that comes on those.

    Well, I tried out NinjHax using my retail copy of Cubic Ninja. On one of my N3DS systems which was on 9.2.0-20U, I installed the payload for ninjhax2 and confirmed it loaded the Homebrew Menu. I then reformatted the system and tried booting up Cubic Ninja.

    As soon as I selected the QR code option, I got the message that "The homemenu ropbin is ready" and then the 3DS powered itself off rather than continuing.

    I assume it needs to access something that isn't available before you initialize the system.

    Are OoTHax and the one using Smash Bros. the same way? Obviously you can't use ThemeHax or BrowserHax before either of those are available to access.

    Just thought I'd ask, it would be a neat thing to figure out.
     


  2. Filo97

    Filo97 Zelda's totally my sister! Not lying!

    Member
    3,620
    1,195
    Oct 8, 2015
    Italy
    Hyrule Castle
    it needs a system, that's it.
     
  3. drfsupercenter
    OP

    drfsupercenter Flash Cart Aficionado

    Member
    1,896
    234
    Mar 26, 2008
    United States
    All of the cartridge-based exploits behave the same way?
     
  4. KaduPSE

    KaduPSE Revolution and cake

    Member
    235
    171
    Dec 26, 2015
    Brazil
    I know Ninjhax 1.X requires the browser, so that would never work on systems < 9.0. Ninjhax 2.X for 9.X doesn't require the browser at all, but they do use system modules to work, so that probably won't work at all.

    But maybe you could get some stuff only from code execution within the cartridge vuln, I just don't see how that would be useful.
     
  5. Logan Pockrus

    Logan Pockrus Knawledge is key.

    Member
    1,338
    1,020
    Jan 1, 2016
    United States
    All of the exploits require different services and other things like that to be doing just the right thing, at just the right time. If the system hasnĀ“t been initialized, then the aforementioned services may not be available, henceforth, the exploit fails.
     
  6. drfsupercenter
    OP

    drfsupercenter Flash Cart Aficionado

    Member
    1,896
    234
    Mar 26, 2008
    United States
    Right, I understand that, just asking if OoThax uses the same system services as ninjhax. If it does, I won't even bother trying :(
     
  7. Logan Pockrus

    Logan Pockrus Knawledge is key.

    Member
    1,338
    1,020
    Jan 1, 2016
    United States
    I can't be certain, but to my knowledge, every exploit requires different services, none of them achieve the goal in quite the same way.
     
  8. Seriel

    Seriel Worshipper of Skiddos

    Member
    2,703
    4,729
    Aug 18, 2015
    All the haxs use the same services except lesshx. Try using lesshax.
     
  9. Logan Pockrus

    Logan Pockrus Knawledge is key.

    Member
    1,338
    1,020
    Jan 1, 2016
    United States
    That's a payload for MenuHax....
     
  10. Seriel

    Seriel Worshipper of Skiddos

    Member
    2,703
    4,729
    Aug 18, 2015
    I know. Its designed to run as few services as possible no? Run it with ninjhax and see if it works.
     
  11. Logan Pockrus

    Logan Pockrus Knawledge is key.

    Member
    1,338
    1,020
    Jan 1, 2016
    United States
    Would it work? I thought that it was only compatible with MenuHax. I guess he can try it out if he wants to.
     
  12. Seriel

    Seriel Worshipper of Skiddos

    Member
    2,703
    4,729
    Aug 18, 2015
    I think its just a payload that runs the bare minimum.
    If we can get homebrew when not formatted, we can fix all those 2ds softbricks with low firmwares right?
     
  13. Logan Pockrus

    Logan Pockrus Knawledge is key.

    Member
    1,338
    1,020
    Jan 1, 2016
    United States
    Okay, seems legitimate to me! I think that would be really cool if the solution was that simple!
     
    Seriel likes this.
  14. Seriel

    Seriel Worshipper of Skiddos

    Member
    2,703
    4,729
    Aug 18, 2015
    Probably won't work, but theres no real harm in trying :)
     
  15. Logan Pockrus

    Logan Pockrus Knawledge is key.

    Member
    1,338
    1,020
    Jan 1, 2016
    United States
    True. But hey, you never know. Maybe with Smea's (theorized) new exploit, you could accomplish this? I say this because if this fails, there's still hope!

    (I need to stop saying "this")
     
    Seriel likes this.
  16. RednaxelaNnamtra

    RednaxelaNnamtra GBAtemp Advanced Fan

    Member
    743
    632
    Dec 8, 2011
    Gambia, The
    I don't think it will work, since hax2 uses the home menu for many stuff, since less hax only uses less services, the home menu is still needed for it to work.
     
    Seriel likes this.
  17. Seriel

    Seriel Worshipper of Skiddos

    Member
    2,703
    4,729
    Aug 18, 2015
    Maybe try hax 1?
     
  18. gunner007

    gunner007 GBAtemp Advanced Maniac

    Member
    1,506
    368
    Dec 31, 2013
    United States
    Requires the browser.
    All *hax require system services to be running prior to exploitation.
    The only caveat to that is A9LH, but that's beyond the scope of the OP's discussion.
     
  19. drfsupercenter
    OP

    drfsupercenter Flash Cart Aficionado

    Member
    1,896
    234
    Mar 26, 2008
    United States
    Can confirm that OoThax also doesn't work. I have no idea what less hax is...
     
  20. I_AM_L_FORCE

    I_AM_L_FORCE Unban me from Discord

    Member
    879
    268
    Feb 19, 2015
    London
    Can't a modified Ninjhax/OOThax payload be made to launch directly into a .bin? Have any of you tried Gateway's hax saves on Cubic Ninja/OOT with this?