Dude, he wasn't being rude about it he was just being curious. You don't have to be a dick about it.
If you don't like his question then just don't respond to it...
Please do check his backlog in this thread and tell me again who the dick is. All he does is try to guilt people into coding his erratic ideas while this thread once again mutates into "I don't know how to code - but here's how you all should do it" conversations.
wow, 3 wasted posts. And now back on topic which I believe is "homebrew-development"
To answer part of my own question(again sometimes there is just no excuse for a brainfart),
0x100090F0 is in the IO section of the 3ds memory map (the AES Register section) but the reason it didn't stand out (at least to me) was it is part of the REG_AESKEY3 Register which is at 0x100090D0. Specifically, the Special key data Y Register at 0x100090F0.
more complete data follows
IO memory begins @ 0x10000000
AES Registers begins @ 0x10009000
REG_AESKEY3 Register begins @ 0x100090D0
0x100090D0 Key data Register
0x100090E0 Special key data X Register
0x100090F0 Special key data Y Register
(according to wiki):
Key gets updated when either the last word of the key data or the last word of "special key data y" is written. When writing to special key data the actual key is F((key data x) xor (key data y)) where F is some unknown function implemented in hardware.
AES Registers begins @ 0x10009000
REG_AESKEY3 Register begins @ 0x100090D0
0x100090D0 Key data Register
0x100090E0 Special key data X Register
0x100090F0 Special key data Y Register
(according to wiki):
Key gets updated when either the last word of the key data or the last word of "special key data y" is written. When writing to special key data the actual key is F((key data x) xor (key data y)) where F is some unknown function implemented in hardware.
Um, what are you doing? I just posted first few and last few bytes of the payload. No need to analyse them, won't get you anything.
Anyway the 0x080C3EE0 bytes are not part of the actual payload, it's the return address used in the overflow and it's spammed maaaaany more times than shown in my post.
Do you mind sending me the ram dumper? I found one but it always crashes, both gateway version and rop loader version.Thank you! You were spot on.
EDIT:
And now I decrypted the rest:
Was a little tricky to figure out where to inject the RAM dumper, but got it after a few guesses.
Sorry if this is answered but: it´s possible (public method ¬¬ not smea) to load arm11 code ?
Oh! and sorry again but, it´s possible to make a homebrew recopilation? that includes for example ram dump, nand dump, red nand, or something?
PD: Anyone can make a homebrew loader? a launcher.dat that shows all homebrew in sd card and load the selected one ?
Thanks
PD: Anyone can make a homebrew loader? a launcher.dat that shows all homebrew in sd card and load the selected one ?
Thanks
Yes, it's possible. Just make what smea does on your own
One user made one but it's not public as far as I know.
I'm guessing I'm blind, this tutorial is where?
NEVERMIND I AM BLIND.
found it. >.<
Wait I'm still confused.
So I have gccarm thing in one folder and python in another (not program files)
I have all of the python 3ds stuff in another folder as well.
Can anybody give me a direct noob-friendly guide on what to do?
NEVERMIND I AM BLIND.
found it. >.<
Wait I'm still confused.
So I have gccarm thing in one folder and python in another (not program files)
I have all of the python 3ds stuff in another folder as well.
Can anybody give me a direct noob-friendly guide on what to do?
@KenightMario
3º Page, Snailface post
"This is for people frustrated by installation problems. Direct links to correct Windows installers:
https://launchpad.net/gcc-arm-embedded/4.8/4.8-2013-q4-major/ download/gcc-arm-none-eabi-4_8-2013q4-20131204-win32.exe
http://www.python.org/ftp/python/2.7.6/python-2.7.6.msi
The reason to use installers is that you don't have to worry about editing PATH variables and all that nonsense.
Now just click on build.bat in the ready-to-go demo package to compile (attached below).
3 steps, can't make it any easier. "
3º Page, Snailface post
"This is for people frustrated by installation problems. Direct links to correct Windows installers:
https://launchpad.net/gcc-arm-embedded/4.8/4.8-2013-q4-major/ download/gcc-arm-none-eabi-4_8-2013q4-20131204-win32.exe
http://www.python.org/ftp/python/2.7.6/python-2.7.6.msi
The reason to use installers is that you don't have to worry about editing PATH variables and all that nonsense.
Now just click on build.bat in the ready-to-go demo package to compile (attached below).
3 steps, can't make it any easier. "
I tried this, created a batch file with that code in it and I just got a while bunch of errors. such confuzzled
I'm really tired of messing with this, can somebody just send me a launcher.dat with the ram dumper inside of it? This is way more complicated then it should be for me >.>
"python ramdump.py Launcher.dat".
You'll might need to change the offset of the ROB base if you want to inject it somewhere (I think? I did at least). It just dumps 3MB of RAM, not sure if that's what you're looking for.
Oh, I thought that it was a 128mb ram dumper.
Kane made one but both versions didn't work for me and I have an SDHC card, any help with that then?
- No one is chatting at the moment.
-
-
-
@
BakerMan:
sadly, the clouds are setting in now
hey BigOnYa the clouds are coming from the south, maybe check again -
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@
K3Nv2:
I really don't want to buy this fap tab https://www.lenovo.com/us/en/p/tabl...enovo-tab-series/tab-p11-pro-gen-2/zab50101us
