Not wasting time with threads like these.
Start by learning ARM assembly, then you can reverse engineer the GW launcher by looking at the ROP chain, cross reference that with the code at the addresses it calls, see what each instruction does and by that point you should know enough to begin working on your own version of the exploit. Then you will just have to figure out what needs to be patched in the firmware to do what you want (reverse engineering GWs code can also be of help in this)Title self explanatory.
Everyone has to be a beginner at some point. You'll never know who will be the next Smealum
To boot a different version, you just load that native_firm instead. version-independent setup stuff is done in firm, after all.I think first of all needs:
extrapolate from CFW booting of 4.5 and clean it from all the patches to enable cia services.
Second phase from firmware 9.2 to try to dump the axiwram and FCRAM during a softreboot to understand how is the boot of sysnand.
Then once you understand how you start a firmware 9.2, we can think about how to rewrite the boot it.
How to start 9.2 instead of 4.1, a brief guide:
1. You boot 9.2 (9.0 actually) FIRM instead of 4.1. That's it. Remember that NATIVE_FIRM does all the version-independent setup stuff.