HaxxStation: DS Download Station exploit

Discussion in 'NDS - Emulation and Homebrew' started by shutterbug2000, Jun 9, 2017.

  1. Ermelber

    Ermelber GBAtemp Regular

    Member
    3
    Sep 21, 2012
    Italy
    Como, Lombardia
    No, you need another (2/3)DS(L/i) that runs that DS Download Station ROM on a Flashcard and then on your other (2/3)DS(L/i) you download it. The nice thing is that this second (2/3)DS(L/i) is unmodified and thus you can run unsigned DL Play on any (2/3)DS(L/i) without Flashcards.

    Another nice thing you can do:
    There is a modified DS Firmware that is able to run unsigned DL Play Multiplayer ROMS such as Ermii Kart's or other (modified) games that couldn't work beforehands.
    You can just send this modified DS Firmware ROM with HaxxStation to the unmodified DS and then use this one to download the modified DL Play ROM.

    Hope I cleared things up.
     
    Clyde_271 likes this.
  2. chaos blast

    chaos blast Member

    Newcomer
    3
    Feb 25, 2013
    Egypt
    using r4i launcher tried to run this card http://www.r4i.ndsi.in/ on my dsi version 1.4.5, didn't work. after downloading the hax white screen and nothing.
     
  3. Gericom

    Gericom GBAtemp Maniac

    Member
    11
    Jun 30, 2011
    Netherlands
    Sidenote: Not all firmware roms seem to be working. The TWL unsigned downloader srl from the nitro sdk has been tested and works alright at least.
     
  4. MacGab

    MacGab Member

    Newcomer
    1
    Dec 19, 2015
    Poland
    Tried booting my original R4DS on a DSi with "wood_r4_m3.nds", but it doesn't seem to work properly.

    dsi.

    Anyway, great job guys! It was the final nail to the coffin for NDS ;)
     
    Last edited by MacGab, Jun 9, 2017
  5. Thunder Hawk

    Thunder Hawk Firefox Master Race

    Member
    7
    Jan 21, 2013
    United States
    For the NDS, maybe. But for the DSi? Maybe not.
     
    Some1CP likes this.
  6. SoslanVanWieren

    SoslanVanWieren Banned

    Banned
    5
    Feb 6, 2017
    Australia
    im having trouble getting it to work with 0.2.0 bootstrap and shutterbug said it works on that
     
  7. migles

    migles All my gbatemp friends are now mods, except for me

    Member
    14
    GBAtemp Patron
    migles is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Sep 19, 2013
    China
    Earth-chan
    what's left to exploit on the NDS?
    the only thing left would be customizable firmware or something, we have flashme which is a kinda custom firmware...
     
  8. SoslanVanWieren

    SoslanVanWieren Banned

    Banned
    5
    Feb 6, 2017
    Australia
    But we still need cfw for the dsi
     
  9. migles

    migles All my gbatemp friends are now mods, except for me

    Member
    14
    GBAtemp Patron
    migles is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Sep 19, 2013
    China
    Earth-chan
    talking about the NDS
     
  10. Gericom

    Gericom GBAtemp Maniac

    Member
    11
    Jun 30, 2011
    Netherlands
    IIRC there was a problem were the dsi shut off the slot, because an r4 has an invalid banner or something. Apache Thunder has a physical card switcher
     
  11. SoslanVanWieren

    SoslanVanWieren Banned

    Banned
    5
    Feb 6, 2017
    Australia
    having trouble getting it to work in Bootstrap 0.2.0 it stays on black screen
     
  12. Maschell

    Maschell GBAtemp Advanced Fan

    Member
    10
    Jun 14, 2008
    Gambia, The
    Wasn't wifi-me doing something similar?
     
  13. ChampionLeake

    ChampionLeake NTR/TWL Exploiter

    Member
    4
    Jan 19, 2016
    United States
    Is there going to be a source code soon or a write-up o this exploit soon? It would be interesting to see how the vuln was discovered.
     
  14. FAST6191

    FAST6191 Techromancer

    pip Reporter
    23
    Nov 21, 2005
    United Kingdom
    Nice.
    I shall await a writeup on how this works for a thought things were RSA signed and only flashme would bypass it.

    Other than chain loading I am not sure what use this will be for most, at least pending some means of launching from a PC, but still very cool to see.
     
    Thunder Hawk likes this.
  15. tozevleal

    tozevleal Probably the last VinsCool lonk clone :P

    Member
    5
    Jul 14, 2011
    Portugal
    Somewhere
    Its possible to inject multiple homebrew apps? Would be awesome!
    ----------------------
    Status: Homebrew works ok on my DSi XL but doesn't boot on my R4i-Gold (www.R4i-gold.eu) :/
    ----------------------
    How we can get Grand Dad NDS ?
    ----------------------
    UPDATE: the R4i boot hack with this works on my 3ds (with luma CFW using the Download play thing has a client)
    BUT! It doesn't work on the DSi with 1.4.5 FW using the Download play thing :P
    ----------------------
    UPDATE2: If you use a very bighomebrew file such has BadApple.nds (its over 120mb +-) the download play app client loads and you can see the bad apple homebrew logo... but when you try to launch it, automaticaly freezes with the loading sound! (probably trys to allocate 120mb on ram and freezes)
     
    Last edited by tozevleal, Jun 9, 2017
    NutymcNuty likes this.
  16. CTurt

    CTurt Advanced Member

    Member
    3
    May 3, 2015
    DS CFW is possible. I did it for fun a couple of years ago.

    http://cturt.github.io/ds-cfw.html
     
    Some1CP and migles like this.
  17. SoslanVanWieren

    SoslanVanWieren Banned

    Banned
    5
    Feb 6, 2017
    Australia
    anyone got it working with twl loader im using 0.2.0 bootstrap but i can't get it to work does it take long to load?
     
  18. migles

    migles All my gbatemp friends are now mods, except for me

    Member
    14
    GBAtemp Patron
    migles is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Sep 19, 2013
    China
    Earth-chan
    is there a version ready to flash like flashme, with custom themes?
    i'd like to inject a theme into my ds lite menu
     
  19. CTurt

    CTurt Advanced Member

    Member
    3
    May 3, 2015
    My project was mainly for developers and isn't really suitable for end users, however if you are willing to do a bit of reverse engineering or experimentation, it isn't too hard to change the text and colours in a firmware image.
     
    migles likes this.
  20. einhuman197

    einhuman197 GBAtemp Advanced Fan

    Member
    4
    Aug 17, 2015
    Germany
    Inside your bootloader (´◉◞౪◟◉)
    Can I launch the final nds with Twloader? If yes, how? I can't see it in Twloader. Installed the Twloader cia and the twlnand cia and copied the nds to the path in the settings
     
Quick Reply
Draft saved Draft deleted
Loading...