Hacking I got an idea!

M

minipablo

Active Member
OP
Newcomer
Level 1
Joined
Aug 3, 2014
Messages
41
Trophies
0
Age
24
XP
98
Country
Well, i just doengraded my 3ds. So this is the plan:
1. Borrow some ds mode card.
2. Install palantine's cfw and bbmenu the usual way.
3. This is the interesting part: launch gw 3.0 browser exploit from cfw and select make a nand backup (I think it will backup the emunand, so the cfw too).
4. Go into sysnand and launch gw 3.0 exploit. Select nand restore by using up + downgrade.
5.????
6. Cfw on sysnand i suppose.
[Correct me if I'm wrong]
 
Ray305

Ray305

Well-Known Member
Newcomer
Level 2
Joined
Jan 16, 2012
Messages
50
Trophies
0
XP
152
Country
United States
minipablo said:
Well, i just doengraded my 3ds. So this is the plan:
1. Borrow some ds mode card.
2. Install palantine's cfw and bbmenu the usual way.
3. This is the interesting part: launch gw 3.0 browser exploit from cfw and select make a band backup (I think it will backup the emunand, so the cfw too).
4. Go into sysnand and launch gw 3.0 exploit. Select band restore by using up + downgrade.
5.????
6. Cfw on sysnand i suppose.
[Correct me if I'm wrong]
Click to expand...

The GW menu backs up the system nand. CFW is installed to the emunand. I like your thought process but it will not work.
 
Apache Thunder

Apache Thunder

I have cameras in your head!
Member
Level 17
Joined
Oct 7, 2007
Messages
4,426
Trophies
3
Age
36
Location
Levelland, Texas
Website
www.mariopc.co.nr
XP
6,792
Country
United States
You could use the emunand tool to extract the CFW partition as it will then be in a format that Gateway's 3.0 menu can flash back to system nand.

You can do this, but you'll get a nice brick out of it. The CFW most likely isn't encrypted properly and will fail sig checks if you try to boot it directly from system nand.

An exploit in the bootrom has to be found before something like this can work and I don't think that's happening anytime soon. Especially since the current exploits don't really give anyone much of an incentive in finding a bootrom exploit as it's not really needed beyond just having the novelty of replacing sysnand with a CFW when one can just be booted from the SD card.

FYI, bootrom contains the unique encryption key to the console and handles checking the encryption of the system nand before booting it.

Sorry dude, but it won't work the way you are thinking.
 
leerpsp

leerpsp

Well-Known Member
Member
Level 9
Joined
Feb 22, 2014
Messages
1,742
Trophies
0
Age
33
XP
1,871
Country
United States
you can back up your emunand with a program you can get but it will prob brick if you flash it to system sysnand.
 
The Real Jdbye

The Real Jdbye

*is birb*
Member
Level 23
Joined
Mar 17, 2010
Messages
23,286
Trophies
4
Location
Space
XP
13,843
Country
Norway
Apache Thunder said:
You could use the emunand tool to extract the CFW partition as it will then be in a format that Gateway's 3.0 menu can flash back to system nand.

You can do this, but you'll get a nice brick out of it. The CFW most likely isn't encrypted properly and will fail sig checks if you try to boot it directly from system nand. Sorry dude, but it won't work. An exploit in the bootrom has to be found before something like this can work and I don't think that's happening anytime soon. Especially since the current exploits don't really give anyone much of an incentive in finding a bootrom exploit as it's not really needed beyond just having the novelty of replacing sysnand with a CFW when one can just be booted from the SD card.
Click to expand...
Not to mention, it's patched on the fly, so even if he could flash it to sysNAND without a brick, it would just be plain 4.x without any hacks.
 
Apache Thunder

Apache Thunder

I have cameras in your head!
Member
Level 17
Joined
Oct 7, 2007
Messages
4,426
Trophies
3
Age
36
Location
Levelland, Texas
Website
www.mariopc.co.nr
XP
6,792
Country
United States
The Real Jdbye said:
Not to mention, it's patched on the fly, so even if he could flash it to sysNAND without a brick, it would just be plain 4.x without any hacks.
Click to expand...

Yeah either way it wouldn't work, even if the patches on the emunand were permanent. Bootrom expoit needed to install custom software to sysnand. If a bootrom exploit is found however, it wouldn't be patchable by Nintendo as bootrom is read-only memory. Early builds of the Nintendo Wii had a rewritable bootrom, but Nintendo quickly patched that in new hardware revisions. Either due to patching the exploit or by making them read-only.
 
The Real Jdbye

The Real Jdbye

*is birb*
Member
Level 23
Joined
Mar 17, 2010
Messages
23,286
Trophies
4
Location
Space
XP
13,843
Country
Norway
Apache Thunder said:
Yeah either way it wouldn't work, even if the patches on the emunand were permanent. Bootrom expoit needed to install custom software to sysnand. If a bootrom exploit is found however, it wouldn't be patchable by Nintendo as bootrom is read-only memory. Early builds of the Nintendo Wii had a rewritable bootrom, but Nintendo quickly patched that in new hardware revisions. Either due to patching the exploit or by making them read-only.
Click to expand...
Hold on, I thought the keys were contained within the bootrom? That must mean it's updatable right?
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew  A new way to experience StreetPass

Is it possible...?

Hacking Homebrew  how to link pnid to 3ds/how to use juxtaposition?

Hacking Hardware  New Nintendo 3DS XL Louvre

Emulation  i have citra, i have my aes keys installed, how do i get the home menu

Hacking Misc  VCRUNTIME140.dll UCRTBASED.dll Master Thread

Hardware  Why does my 3DS take so long to turn off?

Translation Project  DQM2SP translation

General chit-chat
Help Users
    rvtr @ rvtr: Spam bots again.