Hacking hacking idea: flash the bios chip

superspudz2000

superspudz2000

Well-Known Member
OP
Member
Level 5
Joined
Aug 23, 2007
Messages
574
Trophies
1
XP
729
Country
Canada
.
module-bios-wifi-ds-lite-brick.jpg


this is way past my level of understanding, but ill post my idea here anyway so you can laugh at my foolishness. on DS Lite and DSi, the bios chip is stored on a removable "block", i assume 3DS is the same.

is it possible to re-flash the bios with custom firmware, by connecting the module to a hardware flasher?, i realize that reverse engineering the 3DS bios software is probably too hard, but maybe its possible to build custom software from the ground up to communicate with the 3DS hardware.

then maybe some group could mass produce custom bios modules, it wouldn't require any soldering, and easy for the user to revert back.
 
Chaldron

Chaldron

GBATemp's Official Attorney
Member
Level 4
Joined
Mar 29, 2013
Messages
434
Trophies
0
Location
`Murica
XP
439
Country
United States
BIOS wouldn't be able to hold much data. It's only used for the initial boot-sequence on a 3DS most likely.

In fact, I think we'll never get a CFW. We'll be stuck with flashcarts, because although the 3DS is a great sales console, it's never seen the widespread usage of other consoles, such as the PS3, where hackers devote their attention.
 
  • Like
Reactions: Deleted-236924
superspudz2000

superspudz2000

Well-Known Member
OP
Member
Level 5
Joined
Aug 23, 2007
Messages
574
Trophies
1
XP
729
Country
Canada
Rydian said:
That's not where the "firmware" is stored, it's stored in the NAND and is encrypted and the key isn't publicly known so you can't just flash custom stuff because it'll brick (until reflashed with the original).
Click to expand...

its called the Wi-Fi Module, but people who bricked their ds with a failed Flashme install, have swapped this "module" to fix the problem.

i assumed this module held all the software files, and the Flashme installation.
 
FAST6191

FAST6191

Techromancer
Editorial Team
Level 33
Joined
Nov 21, 2005
Messages
36,798
Trophies
3
XP
28,321
Country
United Kingdom
For the record on the DS BIOS =/= firmware. BIOS houses a bunch of functions used by the DS and games running on it (we call them BIOS compatible compressions for a reason) and the firmware a massive jumble of code and settings that gets launched by the DS and then used as reference afterwards. As the DS has basically no security in depth and is largely covered by the firmware then it becomes useful to hack it, other systems have had the BIOS act in a somewhat similar manner and it becomes useful to dump, alter and replace it there though such things are not without their own problems.
 
superspudz2000

superspudz2000

Well-Known Member
OP
Member
Level 5
Joined
Aug 23, 2007
Messages
574
Trophies
1
XP
729
Country
Canada
wow im completely lost. i dont really understand.

so going back to the DS Lite for a minute, lets say i start Flashme, then at 50% turn it off and corrupted, what actually happens to the DS Lite?

are you saying that the wifi module on a ds lite contains system settings? then how does swapping modules repair the corrupted flashme installation if the curropted installation is stored in NAND which is on a different part of the motherboard? :wacko:
 
Coto

Coto

-
Member
Level 11
Joined
Jun 4, 2010
Messages
2,979
Trophies
2
XP
2,565
Country
Chile
superspudz2000 said:
wow im completely lost. i dont really understand.

so going back to the DS Lite for a minute, lets say i start Flashme, then at 50% turn it off and corrupted, what actually happens to the DS Lite?

are you saying that the wifi module on a ds lite contains system settings? then how does swapping modules repair the corrupted flashme installation if the curropted installation is stored in NAND which is on a different part of the motherboard? :wacko:
Click to expand...


the DS firmware is 512KB, it holds the whole firmware in there (download play, boot from slot1 (with crypto stuff), boot from slot 2, the famous "ds firmware settings" that are stored on a NVRAM bank), which is on the wifi chip as well (beats me if it's on the same firmware chip, or a physical separate location)

when you corrupt the firmware, depending on how you "recreate the block", you can fail fetching data on a certain block (like most chip stores plaintexted data, or not encrypted), or a whole page of block encrypted (that need the whole block to be recreated), and this means the whole block encrypted must have its data healthy. If you corrupt an encrypted page of block, then all the decrypted data will be garbage.

on 3DS there is no NAND, there is e-MMC (think of SD's bigger brother), NAND is used on Wii, and DS uses SPI flash memory.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew  A new way to experience StreetPass

Is it possible...?

Hacking Homebrew  how to link pnid to 3ds/how to use juxtaposition?

Emulation  i have citra, i have my aes keys installed, how do i get the home menu

Hacking Hardware  New Nintendo 3DS XL Louvre

Hacking Misc  VCRUNTIME140.dll UCRTBASED.dll Master Thread

Hardware  Why does my 3DS take so long to turn off?

Translation Project  DQM2SP translation

General chit-chat
Help Users
    Xdqwerty @ Xdqwerty: empty chat