Hacking How far away from 11.1 dg or cfw?

[EthanAddict]

No don't do it.
You can ctrtranfer directly to 2.1 and make nand backups directly on 11.X

Get Decrypt9
Get backup
Go to 2.1
Install a9lh
Get to 11.2

OK my fault...

 

[cheuble]

Get Decrypt9
Get backup
Go to 2.1
Install a9lh
Get to 11.2

OK my fault...

Or even better: (N3DS only)

1. Launch OTPless A9LH installer
2. Install
3. ???
4. Profit

 

[EthanAddict]

Or even better: (N3DS only)

1. Launch OTPless A9LH installer
2. Install
3. ???
4. Profit

The ??? is for seeing if brick or just waiting for its birthday?

 

[Quantumcat]

The ??? is for seeing if brick or just waiting for its birthday?

http://knowyourmeme.com/memes/profit

 

[Deleted member 350372]

I believe this is to do with the safe firm not having 11.x title checks and the exploit to get access to safe-firm is k11. And once in the safe-firm you have arm9 access to the system or at least can downgrade titles as the downgrade block isn't there.

*ninja'd a few times

That seems interesting. I thought that NFIRM would block older installations with the minversion at first, even in safe FIRM. But now it makes better sense to me. Just need to be 100% sure before doing anything. My irl friend has 11.2 and I was going to do the DSiWare dg with my cfw 2ds, but I decided to wait it out and see if anything were to come up, AND JUST LIKE THIS, it happened!! Amazing, and heavenly. :$$$$

IMPORTANT TO ALL USERS: DG USING THIS METHOD ASAP WHEN IT RELEASES CUZ NINTENDO WILL LIKELY PATCH THIS OUT WITH 11.3 IN A SHORT AMOUNT OF TIME!

 

[EthanAddict]

http://knowyourmeme.com/memes/profit

The one behind quantum computers who make normal computers look nosense watches SouthPark(just kidding)?

 

[Ryccardo]

That seems interesting. I thought that NFIRM would block older installations with the minversion at first, even in safe FIRM.

The recovery mode kernel is way older than 11.x and doesn't have the antidowngrade checks... not that it matters since we're not downgrading titles using the title uninstall/install functions, but flashing another system's nand backup and adapting it to ours (that's a ctrtransfer explained)!

 

[Quantumcat]

IMPORTANT TO ALL USERS: DG USING THIS METHOD ASAP WHEN IT RELEASES CUZ NINTENDO WILL LIKELY PATCH THIS OUT WITH 11.3 IN A SHORT AMOUNT OF TIME!

Actually there's no need to hurry. Soundhax is offline so Nintendo can't force you to update to 11.3. You can sit on 11.2 happily for as long as you want (not like when you need browserhax for homebrew - Nintendo can just force you to update to use the browser).

 

[WaterBotttle]

That seems interesting. I thought that NFIRM would block older installations with the minversion at first, even in safe FIRM. But now it makes better sense to me. Just need to be 100% sure before doing anything. My irl friend has 11.2 and I was going to do the DSiWare dg with my cfw 2ds, but I decided to wait it out and see if anything were to come up, AND JUST LIKE THIS, it happened!! Amazing, and heavenly. :$$$$

IMPORTANT TO ALL USERS: DG USING THIS METHOD ASAP WHEN IT RELEASES CUZ NINTENDO WILL LIKELY PATCH THIS OUT WITH 11.3 IN A SHORT AMOUNT OF TIME!

That's not how it works, https://gbatemp.net/threads/safehax-11-1-2-downgrade-without-dsiware.455456/

 

[Ryccardo]

Actually there's no need to hurry. Soundhax is offline so Nintendo can't force you to update to 11.3. You can sit on 11.2 happily for as long as you want (not like when you need browserhax for homebrew - Nintendo can just force you to update to use the browser).

That's the rational answer, but just wait for their brother/cousin/dog to "accidentally" update...

 

[Deleted member 350372]

Actually there's no need to hurry. Soundhax is offline so Nintendo can't force you to update to 11.3. You can sit on 11.2 happily for as long as you want (not like when you need browserhax for homebrew - Nintendo can just force you to update to use the browser).

I meant as in safefirmlauncherhax being patched in 11.3, not soundhax. Also I was just trying to make sure to announce it just in case people may update to 11.3 and not be alarmed beforehand just as a precautionary.

 

[HyperT]

Not exactly.

Firmlaunchhax is the arm9 exploit people use in 9.2, but you need K11 access to patch some K11 function calls (I believe this is for the hooks)
https://yifan.lu/2015/01/17/reversing-gateway-ultra-stage-3-owning-arm9-kernel/

(Incase people didn't know)
There is another version of the firmware called SAFE_MODE_FIRM that is used by the system updater where firmlaunchhax has not been patched. We also need K11 access to boot into this mode (I assume). So the idea is too boot into this firmware run Firmlaunchhax then downgrade using the K9 access we now have to 2.1 and install A9LH.

Yea you're right in terms of the documentation etc. but does the safe-firm act like a normal firm? In which case it wouldn't have the 11.x nfirm title-downgrade-block [even though that fact is irrelevant as this gives an arm9 access exploit right]

 

[Ryccardo]

Yea you're right in terms of the documentation etc. but does the safe-firm act like a normal firm? In which case it wouldn't have the 11.x nfirm title-downgrade-block [even though that fact is irrelevant as this gives an arm9 access exploit right]

Your reasoning implies safefirm was updated with the antidowngrade feature of 11.0, which it wasn't (its latest update, ignoring the port to N3DS, was to disable OTP in 3.0)

 

[WaterBotttle]

Yea you're right in terms of the documentation etc. but does the safe-firm act like a normal firm? In which case it wouldn't have the 11.x nfirm title-downgrade-block [even though that fact is irrelevant as this gives an arm9 access exploit right]

I'm not a expert on the matter but If the downgrade checks were not in place I think you would only be able to install / uninstall titles to the SAFE_FIRM ? Which may be useful I suppose. I don't think there has been to much research into the topic.

 

[HyperT]

Your reasoning implies safefirm was updated with the antidowngrade feature of 11.0, which it wasn't (its latest update, ignoring the port to N3DS, was to disable OTP in 3.0)

Think you've mis-read I implied that it hasn't been updated [the firmlaunchhax of nfirm was patched with 9.5 - safe-firm wasn't]; and was querying the other implications.

 

[WaterBotttle]

Think you've mis-read I implied that it hasn't been updated [the firmlaunchhax of nfirm was patched with 9.5 - safe-firm wasn't]; and was querying the other implications.

I see where you are coming from, even without Firmlaunchhax (Assuming the downgrade checks were not in place) we could have *potentially* downgraded/upgraded the necessary titles to enable the Firmlaunchhax then just use safehax.

--------------------- MERGED ---------------------------

I see where you are coming from, even without Firmlaunchhax (Assuming the downgrade checks were not in place) we could have *potentially* downgraded/upgraded the necessary titles to enable the Firmlaunchhax then just used the exploit.

 

[Ronhero]

http://knowyourmeme.com/memes/profit

Don't worry tweek have some coffee

 

[Rebelfromva]

So it looks like we are pretty close.