Hacking I got an idea!

minipablo

Active Member
OP
Newcomer
Joined
Aug 3, 2014
Messages
41
Trophies
0
Age
22
XP
78
Country
Well, i just doengraded my 3ds. So this is the plan:
1. Borrow some ds mode card.
2. Install palantine's cfw and bbmenu the usual way.
3. This is the interesting part: launch gw 3.0 browser exploit from cfw and select make a nand backup (I think it will backup the emunand, so the cfw too).
4. Go into sysnand and launch gw 3.0 exploit. Select nand restore by using up + downgrade.
5.????
6. Cfw on sysnand i suppose.
[Correct me if I'm wrong]
 

Ray305

Well-Known Member
Newcomer
Joined
Jan 16, 2012
Messages
50
Trophies
0
XP
152
Country
United States
Well, i just doengraded my 3ds. So this is the plan:
1. Borrow some ds mode card.
2. Install palantine's cfw and bbmenu the usual way.
3. This is the interesting part: launch gw 3.0 browser exploit from cfw and select make a band backup (I think it will backup the emunand, so the cfw too).
4. Go into sysnand and launch gw 3.0 exploit. Select band restore by using up + downgrade.
5.????
6. Cfw on sysnand i suppose.
[Correct me if I'm wrong]

The GW menu backs up the system nand. CFW is installed to the emunand. I like your thought process but it will not work.
 

Apache Thunder

I have cameras in your head!
Member
Joined
Oct 7, 2007
Messages
4,284
Trophies
2
Age
34
Location
Levelland, Texas
Website
www.mariopc.co.nr
XP
5,925
Country
United States
You could use the emunand tool to extract the CFW partition as it will then be in a format that Gateway's 3.0 menu can flash back to system nand.

You can do this, but you'll get a nice brick out of it. The CFW most likely isn't encrypted properly and will fail sig checks if you try to boot it directly from system nand.

An exploit in the bootrom has to be found before something like this can work and I don't think that's happening anytime soon. Especially since the current exploits don't really give anyone much of an incentive in finding a bootrom exploit as it's not really needed beyond just having the novelty of replacing sysnand with a CFW when one can just be booted from the SD card.

FYI, bootrom contains the unique encryption key to the console and handles checking the encryption of the system nand before booting it.

Sorry dude, but it won't work the way you are thinking.
 

leerpsp

Well-Known Member
Member
Joined
Feb 22, 2014
Messages
1,727
Trophies
0
Age
31
XP
1,593
Country
United States
you can back up your emunand with a program you can get but it will prob brick if you flash it to system sysnand.
 
Joined
Mar 17, 2010
Messages
21,248
Trophies
3
Location
Space
XP
10,049
Country
Norway
You could use the emunand tool to extract the CFW partition as it will then be in a format that Gateway's 3.0 menu can flash back to system nand.

You can do this, but you'll get a nice brick out of it. The CFW most likely isn't encrypted properly and will fail sig checks if you try to boot it directly from system nand. Sorry dude, but it won't work. An exploit in the bootrom has to be found before something like this can work and I don't think that's happening anytime soon. Especially since the current exploits don't really give anyone much of an incentive in finding a bootrom exploit as it's not really needed beyond just having the novelty of replacing sysnand with a CFW when one can just be booted from the SD card.
Not to mention, it's patched on the fly, so even if he could flash it to sysNAND without a brick, it would just be plain 4.x without any hacks.
 

Apache Thunder

I have cameras in your head!
Member
Joined
Oct 7, 2007
Messages
4,284
Trophies
2
Age
34
Location
Levelland, Texas
Website
www.mariopc.co.nr
XP
5,925
Country
United States
Not to mention, it's patched on the fly, so even if he could flash it to sysNAND without a brick, it would just be plain 4.x without any hacks.

Yeah either way it wouldn't work, even if the patches on the emunand were permanent. Bootrom expoit needed to install custom software to sysnand. If a bootrom exploit is found however, it wouldn't be patchable by Nintendo as bootrom is read-only memory. Early builds of the Nintendo Wii had a rewritable bootrom, but Nintendo quickly patched that in new hardware revisions. Either due to patching the exploit or by making them read-only.
 
Joined
Mar 17, 2010
Messages
21,248
Trophies
3
Location
Space
XP
10,049
Country
Norway
Yeah either way it wouldn't work, even if the patches on the emunand were permanent. Bootrom expoit needed to install custom software to sysnand. If a bootrom exploit is found however, it wouldn't be patchable by Nintendo as bootrom is read-only memory. Early builds of the Nintendo Wii had a rewritable bootrom, but Nintendo quickly patched that in new hardware revisions. Either due to patching the exploit or by making them read-only.
Hold on, I thought the keys were contained within the bootrom? That must mean it's updatable right?
 
General chit-chat
Help Users
  • No one is chatting at the moment.
    kenenthk @ kenenthk: https://youtu.be/B8Z6E7OPcW4