Inject ROP of homebrew menu/xxxCFW/xxxNAND into Help & Safety app?

Discussion in '3DS - Flashcards & Custom Firmwares' started by riverscn, Aug 17, 2015.

  1. riverscn
    OP

    riverscn Member

    Newcomer
    27
    3
    Apr 8, 2015
    Switzerland
    FBI H&S injection is possible now, at least on an O3DS.
    So has any one tried to inject a ROP into H&S? That would make entering an existing homebrew easier.

    p.s. Is there a way to inject FBI into H&S in a N3DS, since as we know rxtools can't run on a N3DS……
     
    Last edited by riverscn, Aug 17, 2015
    thaikhoa likes this.
  2. shinyquagsire23

    shinyquagsire23 SALT/Sm4sh Leak Guy

    Member
    1,962
    3,231
    Nov 18, 2012
    United States
    Las Vegas
    Nope, breaks signatures (and you can't really 'inject' a ROP). And for FBI inject on N3DS, I see no reason why it wouldn't work.
     
  3. samiam144

    samiam144 Régulier

    Member
    2,871
    935
    Aug 19, 2007
    Canada
  4. riverscn
    OP

    riverscn Member

    Newcomer
    27
    3
    Apr 8, 2015
    Switzerland
    I found some tutorials only applied on an O3DS. N3DS has different Titles/.. structure and maybe different versions of H&S files. I failed to find out how to do it.
    Would you share a tutorial which works on a N3DS?
    For the 'ROP inject' thing, what is the difference between a ROP and FBI app?
    Thank you for your information! :)

    — Posts automatically merged - Please don't double post! —

    I follow the tutorial and I have a EUR N3DS, but there is no title\000400010\00022300\content\ . FW 9.2
     
  5. samiam144

    samiam144 Régulier

    Member
    2,871
    935
    Aug 19, 2007
    Canada
    The N3DS have different title IDs. One of the 0's are replaced with a "2"

    Can you look for 200400010 and/or 20022300? You should ask in that thread because it should be possible to inject over the N3DS version of the H&S app
     
  6. nop90

    nop90 GBAtemp Maniac

    Member
    1,413
    2,112
    Jan 11, 2014
    Italy
    Rome
    You can't inject a ROP in a system app slot but you could inject a custom app that loads a rop chain in the stack and executes it.

    The only problem is that such an app wold be unsigned (like FBI) and to run it you will need an entrypoint to patch the signature check first.

    But if you have such entrypoint you can already hack your 3ds.

    Got the point?
     
  7. xXDungeon_CrawlerXx

    xXDungeon_CrawlerXx GBAtemp Maniac

    Member
    1,187
    510
    Jul 29, 2015
    Liverpool
    this is a lie :(
    Warning: Spoilers inside!
     
  8. JoostinOnline

    JoostinOnline Certified Crash Test Dummy

    Member
    10,958
    3,741
    Apr 2, 2011
    United States
    The Twilight Zone
    I think "a mistake" would be a better (and much less rude) way of saying it.
     
    Zidapi likes this.
  9. riverscn
    OP

    riverscn Member

    Newcomer
    27
    3
    Apr 8, 2015
    Switzerland
    Got. ROP is only executed by a certain app which can be launched before homebrew(e.g. MSET/ninjahax/tubehax/...). A leak is necessary.
     
  10. bache

    bache GBAtemp Advanced Fan

    Member
    694
    292
    Sep 28, 2009
    The closest thing you you can do is to inject SudokuHax into your Nintendo DS WiFi connection settings, and use the homebrew menu in that to run each ROP installer.
     
  11. riverscn
    OP

    riverscn Member

    Newcomer
    27
    3
    Apr 8, 2015
    Switzerland
    I failed TOT. Could you give a working tutorial post link? Thanks a lot.