Hacking How can I install arm9loaderhax?

  • Thread starter Thread starter einhuman197
  • Start date Start date
  • Views Views 2,726
  • Replies Replies 19
Hello. I wanna install arm9loaderhax . I have a new Nintendo 3ds with firmware 9.2. Or is it too risky? Thanks in advance.
https://github.com/delebile/arm9loaderhax
Once you get a hardmod, there's no risk since you can just restore a backup if something goes wrong. But it's still rather difficult to install, and there is no easy way to dump the OTP (meaning you will have to do it manually)
And it doesn't initialize the screens, so it's not very useful right now. But you could get a hardmod installed in the meantime so you're ready for when it actually becomes useful :)
 
  • Like
Reactions: einhuman197
Last edited by Ronhero,
  • Like
Reactions: einhuman197
Should also work on 2.x, and afaik rxTools works on 2.x, so presumably other ARM9 payloads loaded the same way should also work.

Maybe; I was only informed about needing to dg to 1x as part of the process and that emunand blocks otp so it needs to be system nand
 
why do you need a hardmod ? cant it be done on emunand ? or one must use a hardmode to dump the otp key or its hash ?
 
why do you need a hardmod ? cant it be done on emunand ? or one must use a hardmode to dump the otp key or its hash ?
It can't be done on emuNAND, because the OTP is locked by the time you start emuNAND and can't be unlocked without a full reboot.

It CAN be done without a hardmod, it's just really not recommended, because of the brick potential. To get 1.0 or 2.x working on a N3DS, you have to reencrypt the decrypted CTRNAND with keyslot 0x04 and swap out the header from an O3DS dump (https://3dbrew.org/wiki/Flash_Filesystem#NAND_structure)
 
It can't be done on emuNAND, because the OTP is locked by the time you start emuNAND and can't be unlocked without a full reboot.

It CAN be done without a hardmod, it's just really not recommended, because of the brick potential. To get 1.0 or 2.x working on a N3DS, you have to reencrypt the decrypted CTRNAND with keyslot 0x04 and swap out the header from an O3DS dump (https://3dbrew.org/wiki/Flash_Filesystem#NAND_structure)
question: otp lock happens before sysnand is initiated and is something not bound to it. Ej (otp & otp lock - sysnand boot ) ?
edit: i think i will stay with emu latest version without bootmii like thing xD
 
Last edited by ombus,
Can anyone point me to directions to dump otp on a o3ds. I have a hardmod and already know how to downgrade but even after a couple days on Google I can't find what to do after that.
 

Site & Scene News

Popular threads in this forum