Hacking I got an idea!

[minipablo]

Well, i just doengraded my 3ds. So this is the plan:
1. Borrow some ds mode card.
2. Install palantine's cfw and bbmenu the usual way.
3. This is the interesting part: launch gw 3.0 browser exploit from cfw and select make a nand backup (I think it will backup the emunand, so the cfw too).
4. Go into sysnand and launch gw 3.0 exploit. Select nand restore by using up + downgrade.
5.????
6. Cfw on sysnand i suppose.
[Correct me if I'm wrong]

 

[Deleted User]

Sysnand is the only thing that gets backed up. Your idea won't work.

 

[Ray305]

Well, i just doengraded my 3ds. So this is the plan:
1. Borrow some ds mode card.
2. Install palantine's cfw and bbmenu the usual way.
3. This is the interesting part: launch gw 3.0 browser exploit from cfw and select make a band backup (I think it will backup the emunand, so the cfw too).
4. Go into sysnand and launch gw 3.0 exploit. Select band restore by using up + downgrade.
5.????
6. Cfw on sysnand i suppose.
[Correct me if I'm wrong]

The GW menu backs up the system nand. CFW is installed to the emunand. I like your thought process but it will not work.

 

[minipablo]

So even if I'm on cfw emunand mode, the sysnand will back up instead?

 

[Apache Thunder]

You could use the emunand tool to extract the CFW partition as it will then be in a format that Gateway's 3.0 menu can flash back to system nand.

You can do this, but you'll get a nice brick out of it. The CFW most likely isn't encrypted properly and will fail sig checks if you try to boot it directly from system nand.

An exploit in the bootrom has to be found before something like this can work and I don't think that's happening anytime soon. Especially since the current exploits don't really give anyone much of an incentive in finding a bootrom exploit as it's not really needed beyond just having the novelty of replacing sysnand with a CFW when one can just be booted from the SD card.

FYI, bootrom contains the unique encryption key to the console and handles checking the encryption of the system nand before booting it.

Sorry dude, but it won't work the way you are thinking.

 

[leerpsp]

you can back up your emunand with a program you can get but it will prob brick if you flash it to system sysnand.

 

[The Real Jdbye]

You could use the emunand tool to extract the CFW partition as it will then be in a format that Gateway's 3.0 menu can flash back to system nand.

You can do this, but you'll get a nice brick out of it. The CFW most likely isn't encrypted properly and will fail sig checks if you try to boot it directly from system nand. Sorry dude, but it won't work. An exploit in the bootrom has to be found before something like this can work and I don't think that's happening anytime soon. Especially since the current exploits don't really give anyone much of an incentive in finding a bootrom exploit as it's not really needed beyond just having the novelty of replacing sysnand with a CFW when one can just be booted from the SD card.

Not to mention, it's patched on the fly, so even if he could flash it to sysNAND without a brick, it would just be plain 4.x without any hacks.

 

[Apache Thunder]

Not to mention, it's patched on the fly, so even if he could flash it to sysNAND without a brick, it would just be plain 4.x without any hacks.

Yeah either way it wouldn't work, even if the patches on the emunand were permanent. Bootrom expoit needed to install custom software to sysnand. If a bootrom exploit is found however, it wouldn't be patchable by Nintendo as bootrom is read-only memory. Early builds of the Nintendo Wii had a rewritable bootrom, but Nintendo quickly patched that in new hardware revisions. Either due to patching the exploit or by making them read-only.

 

[gamesquest1]

don't you just love "ive got an idea" threads.....pretty much a guaranteed no as soon as you read the title

 

[The Real Jdbye]

Yeah either way it wouldn't work, even if the patches on the emunand were permanent. Bootrom expoit needed to install custom software to sysnand. If a bootrom exploit is found however, it wouldn't be patchable by Nintendo as bootrom is read-only memory. Early builds of the Nintendo Wii had a rewritable bootrom, but Nintendo quickly patched that in new hardware revisions. Either due to patching the exploit or by making them read-only.

Hold on, I thought the keys were contained within the bootrom? That must mean it's updatable right?