Help with repacking system cias

Discussion in '3DS - Flashcards & Custom Firmwares' started by lefthandsword, Feb 28, 2016.

  1. lefthandsword
    OP

    lefthandsword GBAtemp Fan

    Member
    338
    209
    Apr 6, 2015
    Hong Kong
    root
    I was trying to make patched home menu/NS cias for region free on boot by patching the code.bin directly using offsets from free mutli patcher source:
    Code:
    int patchMenu() { // Set generell informations for patching static const char * titleId = "menu"; static const u32 startAddress = 0x00100000;
    // patch Homemenu to show out of region applications // 9.0.0 Address: 0x00101B8C; static unsigned char originalcode[] = { 0x00, 0x00, 0x55, 0xE3, 0x01, 0x10, 0xA0, 0xE3, 0x11, 0x00, 0xA0, 0xE1, 0x03, 0x00, 0x00, 0x0A }; static char patchcode[] = { 0x01, 0x00, 0xA0, 0xE3, 0x70, 0x80, 0xBD, 0xE8 }; findAndPatchCode(titleId, 4, startAddress, 0x00100000, originalcode, patchcode, sizeof(patchcode));
    return 0; }
    
    hex.PNG
    But I'm having a hard time with putting the patched code.bin and untouched RomFS back into a proper cia, makerom was asking for a rsf file (no idea how to make one for a system app) and googled up and down to no avail.


    Maybe some of you who made sigpatched twl_firm can give me some insights? I fully understand it's risky to mess with system titles (that's why you make NAND backups:)), but I'm just doing it for science and any help would be appreciated.
     
    Classicgamer likes this.
  2. driverdis

    driverdis I am Justice

    Member
    2,452
    940
    Sep 21, 2011
    United States
    1.048596β
    if you edit sysNAND, AL9H will be required for this to not end up causing a brick as the signature of the edited home menu will be invalid.

    It may work on EmuNAND though but why bother if you can run free multi patcher.
     
    Last edited by driverdis, Feb 29, 2016
  3. lefthandsword
    OP

    lefthandsword GBAtemp Fan

    Member
    338
    209
    Apr 6, 2015
    Hong Kong
    root
    I already know it'll work only in sigpatched environment (I have A9LH), but why not?