How to Backup SYSNAND from 10.3 via HB?

Discussion in '3DS - Flashcards & Custom Firmwares' started by leerz, Jan 5, 2016.

  1. leerz
    OP

    leerz GBAtemp Advanced Fan

    Member
    512
    127
    Jan 11, 2015
    Makati
    Sorry for the misleading title.
    How to Backup SYSNAND from 10.3 via HB?

    not sure if it is possible,
    does current hb hacks allow nand read?
    maybe even with mch2 support atleast,
    this saves a lot of time of hardmodding just to backup the current 3ds on high FW
    I was guessing downgrading requires higher privileges as compared to Nand read/dump, (sd/access is enabled from hb)
    I thought about this since according to this slide.
    [​IMG]
    from: talk
    arm9, sd access and nand access coincide, at least from what it seem to me *in layman based on the slides.

    9.2 is not an issue since we can basically use GW loader to do this.
    another lead I have in mind would be bad, awful for intellectual property, since if I ever I knew how, *or the time to understand it,
    i would be ripping of mch2 support load from libsu https://github.com/Steveice10/memchunkhax2 /
    https://github.com/JustPingo/KernelTimeMachine/blob/master/source/libsu.c/
    https://github.com/TuxSH/sysUpdater/releases (weird, this seem to return 404, taken down?)
    and parts of https://github.com/d0k3/EmuNAND9Tool/releases
    for nand backup (since emunand reads from nand to duplicate)

    :D
     
    Last edited by leerz, Jan 5, 2016
  2. leerz
    OP

    leerz GBAtemp Advanced Fan

    Member
    512
    127
    Jan 11, 2015
    Makati
    hmm. I'm kinda surprised that not one comment or reply from this thread :)
     
  3. shameless_inc

    shameless_inc Newbie

    Newcomer
    2
    1
    Jan 6, 2016
    Gambia, The
    I'm pretty sure that NAND reading falls under the ARM9 CPU's reign. ARM11 just allows for installation of legit CIA (the crypto stuff about that is still handled by the ARM9 CPU which we don't control on FWs > 9.2, so we can't tell it to install anything we want).
    So no, it shouldn't work. Could you repost the slide? It doesn't show up (maybe as an Imgur mirror?)

    Btw, taking source from open source projects to do something else isn't exactly that horrible as long as you release the source according to the licenses the projects are provided under.

    About the 404 on TuxSH's sysUpdater, see this: https://www.reddit.com/r/3dshacks/comments/3zl47b/please_use_the_latest_version_of_sysupdater/
     
    leerz likes this.
  4. leerz
    OP

    leerz GBAtemp Advanced Fan

    Member
    512
    127
    Jan 11, 2015
    Makati
    Thanks, finally an interesting reply.

    yes, according to the slide: [​IMG], it is under arm9, however, HB can get sd access via current hacks?
     
  5. shameless_inc

    shameless_inc Newbie

    Newcomer
    2
    1
    Jan 6, 2016
    Gambia, The
    Yes, it can access the SD card but the NAND is a whole other story. Even with ARM11 kernel access, we can't just access the NAND (there is some access but it's encapsulated and checked by the ARM9 Kernel and performed through the ARM9 CPU). If we were able to read from (let alone write to) the NAND, that would be a violation of the concept of having a security coprocessor.

    I am 99% sure we have NO direct NAND access via ARM11 and the encapsulated access (asking the ARM9 to provide us certain things) we have is not enough to dump it (sadly).
     
  6. leerz
    OP

    leerz GBAtemp Advanced Fan

    Member
    512
    127
    Jan 11, 2015
    Makati
    I see, so even if they were under arm11, the privileges are just not that easy to gain. :)

    I was kinda tinkering about this process so new methods of DG impl's would not have to be too tedious, let alone unsafe specially for the inexperienced.

    current setup for safety esp if we want to DG is get a nand backup first before trying anything downgrade related.
    of course hardmod is the only option in public. :)
     
  7. Shadowtrance

    Shadowtrance GBAtemp Addict

    Member
    2,482
    1,513
    May 9, 2014
    Hervey Bay, Queensland
    Not gonna happen until we get arm9 kernel access above 9.2 which is why things like Decrypt9 and Emunand9 only work on 9.2 and below due to running on a version of brahma which gives us said access.
     
  8. Roboman

    Roboman GBAtemp Regular

    Member
    281
    68
    Jan 7, 2016
    United States
    Technically arm 9 access is possible up to 9.4
    The exploit for arm 11 kernel access was patched in 9.3 but the arm 9 exploit remained until 9.5
    With memchunkhax 2 we can use the old arm9 exploit up to 9.4
     
  9. Shadowtrance

    Shadowtrance GBAtemp Addict

    Member
    2,482
    1,513
    May 9, 2014
    Hervey Bay, Queensland
    Ah yep, forgot about that.
    The main problem though is that the main loader used to gain arm9 access (brahma and variants, which also has libkhax built in) only support up to kernel version 2.46-0 last i checked so it fails on anything above 9.2 i believe (i could be remembering wrong, it's been a while since i tried above 9.2 tbh).
    So yeah i just say up to 9.2 to cover bases, plus we know how unreliable memchuckhax2 is atm. :(