1. MegaBoyEXE

    OP MegaBoyEXE GBAtemp Regular
    Member

    Joined:
    Dec 27, 2015
    Messages:
    126
    Country:
    Brazil
    I readed some guides regarding 'region change', but I want to know if it's possible to fake out 2 devices with same serial, secureinfo_a, NNID, etc,. a perfect clone, like swapping SD cards both of them works with same apps, games, NNID.

    Some tech info I was reading:
    http://3dbrew.org/wiki/Nandrw/sys/SecureInfo_A
    http://yifan.lu/2015/04/22/opening-up-cardboard-crafting-an-american-new-3ds-non-xl/

    The steps would be something like that:

    1- Get a 3DS fully functional vanilla updated sysnand, with NNID, original titles, call it device #1;
    2- Get another 3DS fully functional (vanilla sysnand no NNID linked; rxtools emunand unliked), call it device #2 (both are different hardware devices);
    3- Do a System Transfer from #1 to #2;
    4- Backup emunand #2;
    5- Wait 7 days;
    6- Config device #1 to first use after System Transfer reset;
    7- Do another System Transfer from #2 to #1;
    8- Modify emunand #2 backup to have same secureinfo_A serial as #1;
    9- Modify unknown files needed to make appears the same as #1; (<---- I need more info on this)
    10- Restore 'cloned' emunand at #2;
    11- Use emunand #2 as a clone of device #1 (not at same time of course).

    First: Does this works? Since it's possible to do change region, why not just do a clone same region?

    Second: For those that want to know why did I not tried myself, it's because I'm stuck at step 5 right now.

    Third: Why I would like to to that?

    Well, I have a O3DS XL, only able to do Homebrew through OOThax (10.3 firmware).
    I bought another O3DS XL at firmware 6.1, did the rxtool stuff.
    Now I want to use multiple SD cards at the exploitable device, to use my own account and on both devices, do regular backups of my titles, and do CFW tests.

    Besides my lack of knowledge on what else I need to do at step 9, has anyone tried to do a cloned device?
    And what else would I need to do in step 9?
     
  2. Ericjwg

    Ericjwg GBAtemp Psycho!
    Member

    Joined:
    Jul 2, 2015
    Messages:
    3,721
    Country:
    Canada
    oh.... great project.....:)
     
  3. tony_2018

    tony_2018 GBAtemp Psycho!
    Member

    Joined:
    Jan 3, 2014
    Messages:
    3,107
    Country:
    United States
    oh...nice....
     
  4. MegaBoyEXE

    OP MegaBoyEXE GBAtemp Regular
    Member

    Joined:
    Dec 27, 2015
    Messages:
    126
    Country:
    Brazil
    Oh God! This is not a project!!
    It's a noob question :wacko::wacko::wacko:

    Ok, if this looks like a great project, let's get some goals. :teach:

    1- Device #1 continues fully functional at 10.3 (no exploitable kernel access, but able to Homebrew with OOThax);
    2- Device #2 can use it's own unlinked emunands for CFW as everyone else does, but also can use another SD card with a emunand clone of device #1, but still exploitable.

    It's like having device #2 booting off a mirror o device #1, but this time with exploitable version.

    Now it looks more like a project to me.
     
  5. I don't think it would be possible, because for most data saved to the SD card, something in nand is changed to reflect it.
    You wouldn't be able to, say, download games off the eShop on the 10.3 3DS, and have them show up on the home menu and work on the other, exploitable 3DS on 10.3 emunand just by swapping the SD card, even if they had been "cloned" to have the same unique identifiers. It updates something in nand that keeps track of what titles are installed and all that kind of stuff.

    Similar deal for extdata, at least the vast majority of it. Part of it is saved to nand when the SD extdata is modified. This is why, if you take out the SD card while you have a theme active, boot the 3DS without an SD card and go to the Themes menu and select "Do not use a theme", even though the theme data is present in extdata on the SD card, when you put the SD card back in, it will just wipe the extdata on SD card and use the default theme instead of showing the theme you had again.
     
    Last edited Dec 27, 2015
  6. narutonic

    narutonic GBAtemp Regular
    Member

    Joined:
    Feb 21, 2015
    Messages:
    233
    Country:
    France
    Its the ticket.bin
     
  7. MegaBoyEXE

    OP MegaBoyEXE GBAtemp Regular
    Member

    Joined:
    Dec 27, 2015
    Messages:
    126
    Country:
    Brazil
    I see, ticket.bin.

    Is there any operation that syncs the tickets from NNID server? I readed at System Transfer they do sync.
    But also I know that they don't know what titles do you have because of this file, and it's because of that too the CIA apps are not deleted when accessing Data Management, right?
     
  8. System transfer transfers the tickets, yes. Only as long as they are legit and valid tickets from legally-purchased software from the eShop. Tickets from installed pirated .cias will never be transferred, even if you installed legit .cias, because Nintendo keeps track of which 3DS serials came with games genuinely pre-installed. Attempt a system transfer, Nintendo's servers don't see any tickets associated to that 3DS on their servers, nothing is transferred.

    You could possibly swap the SD cards between both systems and then access the eShop on the other system with the SD card in, and attempt to download whatever games and/or apps you had downloaded. Actually, simply connecting to the eShop might sync your tickets with what's on your eShop account data but I'm not sure. I'm only going off from assumptions there.
    But what I know is that a ticket is generated for you when you legally download something off the eShop and it is added to your ticket.db, so the eShop should be able to give you the tickets for your legally-owned content.
     
  9. MegaBoyEXE

    OP MegaBoyEXE GBAtemp Regular
    Member

    Joined:
    Dec 27, 2015
    Messages:
    126
    Country:
    Brazil
    I think I can test this ticket sync stuff.

    I will look for some free content I did not aquired (I think there's nothing unfortunately).
    Will backup emunand before aquiring, then backup again after aquiring, restore first backup and try to redownload (not purchase, just redownload).

    If this works, then we have ticket sync, but unfortunately I'm still using the same device as test.
    We will need to test at the 'cloned' emunand since it's use another encryption.

    Maybe someone with 2 devices and emunands on both can try my cloning attempt steps way earlier than I, since there's no need to wait 7 days, just restore emunand backup after modifying what's need to modify.

    Edit: Found a thing to aquire. First time I think a freemium pokemon game can be useful :D
     
    Last edited by MegaBoyEXE, Dec 27, 2015
  10. narutonic

    narutonic GBAtemp Regular
    Member

    Joined:
    Feb 21, 2015
    Messages:
    233
    Country:
    France
    Yes it will sync the stuff.
     
  11. MegaBoyEXE

    OP MegaBoyEXE GBAtemp Regular
    Member

    Joined:
    Dec 27, 2015
    Messages:
    126
    Country:
    Brazil
    OK, it indeed synced.

    So, my attempt is not worthless!

    I just need enough info for when I get to step 9.
    Changing just the serial part o secureinfo_A is enough?
    If I need the entire file, then I'm screwed up now, unless there's a way to retrieve this info by homebrew.
     
  12. gamesquest1

    gamesquest1 Nabnut
    Moderator

    Joined:
    Sep 23, 2013
    Messages:
    15,135
    nope, without recalling the specifics part of the eshop login process uses hardware embedded serials as part of the identifier to make sure the console connecting is the real console, this is why there is no perfect region changing as the only bypass for this is with on the fly patching performed with NTR which will only grant eshop access for as long as you patch the eshop challenge/responses to match those of the original console you want to spoof too.....plus the whole ticket issue meaning content isnt so easily shared without connecting to the eshop....and any games that use anti save restoration would need the secure value to be wiped every time you switch the SD card between the consoles

    TL: DR there is no 100% spoofing of one console to another, and swapping SD cards between systems raises more issues
     
    Last edited by gamesquest1, Dec 27, 2015
    Deleted-236924 likes this.
  13. MegaBoyEXE

    OP MegaBoyEXE GBAtemp Regular
    Member

    Joined:
    Dec 27, 2015
    Messages:
    126
    Country:
    Brazil
    I see your points. You are right about eshop, just found this. https://gist.github.com/yellows8/f15be7a51c38cea14f2c

    I didn't knew there were hardware keys. I was just blindling looking at the firmware only.
     
Draft saved Draft deleted
Loading...

Hide similar threads Similar threads with keywords - possible, Perfect, Clone