Hacking [How-to] Spoof firmware (to access eShop and more) on New 3DS and Old 3DS

[motezazer]

I just updated the first post.
Now the goal is to make a CIA homebrew.

 

[Oishikatta]

yifan_lu does have a donate button on his blog: http://yifan.lu/

 

[SpongeFreak52]

Holy cow, very nice!

 

[AquaX101]

THE command, to access eShop, System transfer, etc. on a lower firmware than the latest one (must be the only write command used!) : write(0x10DD28, (0x00, 0x20, 0x70, 0x47), pid=0x25)
I beg someone to convert this command to a CIA homebrew.

If you are using NTR CFW, then can you use NTR 1.0 for this?

 

[motezazer]

If you are using NTR CFW, then can you use NTR 1.0 for this?

I don't know. When I had an O3DS, I never managed to launch it...

 

[Apache Thunder]

I sure hope us Gateway users can get in on this action. NTR 1 only runs on old *** 4.x fw for old 3DS (because NTR2 is N3DS exclusive right now).

 

[motezazer]

I sure hope us Gateway users can get in on this action. NTR 1 only runs on old *** 4.x fw for old 3DS (because NTR2 is N3DS exclusive right now).

Gateway could include the patch in their launcher.

 

[Apache Thunder]

Gateway could include the patch in their launcher.

Yeah I'll be living on Mars in 2056 by the time they release a ***king update.

 

[motezazer]

Yeah I'll living on Mars in 2056 by the time they release a ***king update.

My crazy theory is "they wait for Sky3DS to be blocked by the next update that will happen in the next 48 hours".
Anyway, let's go back to the topic.

 

[dkabot]

Interesting note, if I access eShop directly or from the update prompt on CIAs ("legit" ones naturally) this works fine.
If I try to access it from a cart (US MM on Sky) it prompts for update, then continues to do so every launch until I restart the console.

But hey, it still works after restarting so I'm not about to complain. I can update Pokemon and Smash so I'm happy.

 

[motezazer]

Interesting note, if I access eShop directly or from the update prompt on CIAs ("legit" ones naturally) this works fine.
If I try to access it from a cart (US MM on Sky) it prompts for update, then continues to do so every launch until I restart the console.

But hey, it still works after restarting so I'm not about to complain. I can update Pokemon and Smash so I'm happy.

Did you read the first post?
I managed to access eShop from a cart and it worked well. Then I tried to launch System Transfer and it didn't worked.
It's VERY unstable, but if you perform the action you want right after the patch, they shouldn't be any problems.
Anyway, it's 3 AM here, so I will sleep. Good night.

 

[Wowfunhappy]

without any reason, the spoof will may longer work until next reboot.

Of course not; it's a ram patch.

Nice job though.

 

[cearp]

Of course not; it's a ram patch.

sure, but then this guy says this -

But hey, it still works after restarting so I'm not about to complain.

or maybe he is just misunderstood and thinks it sticks around after a reset...

anyway, i tried it and i got an error when i went to eshop, when i tried again i got an update request so i cancelled.
i don't have an nnid. i will try to grab an update for a game using sky + press y.

 

[retrospect]

Can we just stop with the conspiracy theories and wait ?

Those aren't really conspiracy-anything are they? They're not strictly even theories. They're just comments from naysayers.

Although this guy only said that he thought Nintendo would release firmware 10 before Gateway sorted 9.6 emuNAND, which doesn't seem too far fetched given that there's no timescale associated with the version numbers.

Right now 9.6 only matters while it's the latest, and that's for eShop. I think that's what he was trying to say. I'm sure 9.7 will be out soon too, making this 9.6 stuff irrelevant.

 

[dkabot]

sure, but then this guy says this -
or maybe he is just misunderstood and thinks it sticks around after a reset...

anyway, i tried it and i got an error when i went to eshop, when i tried again i got an update request so i cancelled.
i don't have an nnid. i will try to grab an update for a game using sky + press y.

Oh, sorry. I meant the patch works if I reapply it after a restart, as in once it breaks it's not broken forever.
The "unstable" part was added to OP after I last checked.

 

[dubbz82]

Those aren't really conspiracy-anything are they? They're not strictly even theories. They're just comments from naysayers.

Although this guy only said that he thought Nintendo would release firmware 10 before Gateway sorted 9.6 emuNAND, which doesn't seem too far fetched given that there's no timescale associated with the version numbers.

Right now 9.6 only matters while it's the latest, and that's for eShop. I think that's what he was trying to say. I'm sure 9.7 will be out soon too, making this 9.6 stuff irrelevant.

Except it still WILL be relevant, as we'll still have to deal with and work around 9.6 keys (and hopefully not, but quite possibly, 9.7 as well).

 

[yifan_lu]

Lol I think that offset is from fork of my https://github.com/yifanlu/service-patch for spider. The goal of that project is a lite-cfw (like NTR but with less features) that runs on O3DS through spider. "lite"=arm11 only not because of some anti-piracy bullshit but because it's easier.

I'm advertising this in case someone wants to work on it. I don't have too much free time so I don't expect it to be in any usable state anytime soon.

Also, I've now become an "expert" (read: not really) in 3ds <-> nintendo communications. Any question you have about soap, nnid, system transfers, etc feel free to tag me.

 

[dubbz82]

Lol I think that offset is from fork of my https://github.com/yifanlu/service-patch for spider. The goal of that project is a lite-cfw (like NTR but with less features) that runs on O3DS through spider. "lite"=arm11 only not because of some anti-piracy bullshit but because it's easier.

I'm advertising this in case someone wants to work on it. I don't have too much free time so I don't expect it to be in any usable state anytime soon.

Also, I've now become an "expert" (read: not really) in 3ds <-> nintendo communications. Any question you have about soap, nnid, system transfers, etc feel free to tag me.

Sorry to be completely out of the loop, but what would be the difference between this and what rxTools currently offers (not that having another option out there would be a bad thing, just sort of curious)?

 

[yifan_lu]

Sorry to be completely out of the loop, but what would be the difference between this and what rxTools currently offers (not that having another option out there would be a bad thing, just sort of curious)?

It's not emunand. I like having my eshop purchases tied to my sysnand. Also, it'll support region free on home menu once it's finished.

 

[cearp]

ok yifan_lu - would it be possible to patch something, to allow to to visit other region's eshops? or is that more involved that the hack on this thread?
(regardless of the content not being able to run without region free, and most likely needing an nnid for the new eshop)


- and that patch works for all regions? i quickly tested it on 9.2j and got an error message when i connected to eshop (as i said in an earlier post)
thanks