Homebrew Is it possible to install the ROP Loader with the browser exploit ?

Hikari06

Well-Known Member
OP
Member
Joined
Nov 20, 2012
Messages
999
Trophies
0
XP
936
Country
Ecuador
Hello,
I saw that, recently, tools that allow arm9 and arm11 code execution were released.
My question might sound stupid but, since it seems pretty tough to make them work, I was wondering whether it would be possible to install the classic ROP Loader with them, and then boot any mset exploit the 'normal way'. I guess it would be easier to code this than an entirely new launcher, would'nt it ?
Thank you :)
 

minipablo

Active Member
Newcomer
Joined
Aug 3, 2014
Messages
41
Trophies
0
Age
24
XP
98
Country
This is what I have been looking for since gw 3.0 was released. It's a pity that I don't know any programming.
 

mid-kid

GBAtemp spamBOT
Member
Joined
Aug 2, 2012
Messages
879
Trophies
0
Age
25
XP
1,163
Country
Yfan_lu's ROP doesn't work on 4.5 as-is, because some addresses are wrong, I think.
With that, reading the original ROP's source code, you could be able to figure out how it works, though I'm not sure what the "writeFirmware()" function does, nor do I know if it's even possible to port it.
 

Hikari06

Well-Known Member
OP
Member
Joined
Nov 20, 2012
Messages
999
Trophies
0
XP
936
Country
Ecuador
Thank you for the link. I'm going to take a look at this, although I'm probably not skilled enough to get anything out of it
 

NCDyson

Hello Boys...
Member
Joined
Nov 9, 2009
Messages
278
Trophies
1
XP
319
Country
United States
The original ROPloader was based on an exploit that's been patched out for a long time, I think the best you MIGHT(and I highly doubt that you could) be able to do is use the browser exploit to re-enable it, but you would have to re-launch the browser exploit every time the system boots or you come out of emuNAND or any other kind of launcher.dat. at that point, it's pretty much pointless. There are many people working cfw for this new exploit, so if you don't think your skills are up to the task, it's probably better to wait for them to get somewhere with it.
 

Hikari06

Well-Known Member
OP
Member
Joined
Nov 20, 2012
Messages
999
Trophies
0
XP
936
Country
Ecuador
Indeed.
But actually I never intended to renable this exploit on >4.5 firmwares ( which would be as pointless as diffiult), but rather emulate the DS flash card, which basically just installs the first part of the ROP. I thought this could be achieved pretty easily by anyone with sufficient knowlegde. Indeed, if we could only have access to the DS profile data and edit it with the pre-existing data from Yfan_lu's ROP, via the web exploit, we could use all the exploits already released without any additionnal device than a sd card. That said, I'd not be able to do this
 

Hikari06

Well-Known Member
OP
Member
Joined
Nov 20, 2012
Messages
999
Trophies
0
XP
936
Country
Ecuador
I took a look at the ROP Loader sources and it seems very straight forward.
That said, do you known any way to write and read the 3DS nand ?
I mean, we'll probably be unable to use the read/write firmware functions as is, since they are supposed to be executed in DS mode. The system settings offset will have to be recalculated as well ( I think it points to the emulated DS flashsystem, doesn't it ?) but it doesn't seem unpossible.
Any ideas ?
 

mid-kid

GBAtemp spamBOT
Member
Joined
Aug 2, 2012
Messages
879
Trophies
0
Age
25
XP
1,163
Country
I took a look at the ROP Loader sources and it seems very straight forward.
That said, do you known any way to write and read the 3DS nand ?
I mean, we'll probably be unable to use the read/write firmware functions as is, since they are supposed to be executed in DS mode. The system settings offset will have to be recalculated as well ( I think it points to the emulated DS flashsystem, doesn't it ?) but it doesn't seem unpossible.
Any ideas ?

If there's any way to edit the DS settings, it should be documented in 3dbrew.
But a good start would be getting Spider3DSTools' default code.bin running on 4.5.
 

Hikari06

Well-Known Member
OP
Member
Joined
Nov 20, 2012
Messages
999
Trophies
0
XP
936
Country
Ecuador
If there's any way to edit the DS settings, it should be documented in 3dbrew.
But a good start would be getting Spider3DSTools' default code.bin running on 4.5.

Indeed.
However, I'd like to know what's the biggest difference between arm 11 and 9 homebrews, especially because there are two launchers out there
 

mid-kid

GBAtemp spamBOT
Member
Joined
Aug 2, 2012
Messages
879
Trophies
0
Age
25
XP
1,163
Country
Indeed.
However, I'd like to know what's the biggest difference between arm 11 and 9 homebrews, especially because there are two launchers out there

As far as I know (by lurking these forums), the difference lies mostly in privilege level. Here is for example a list of syscalls which can be performed in either mode. There's also other things which can be done in one mode, but not in the other. Most homebrews currently run in arm11, and so does ctrulib.
 

Hikari06

Well-Known Member
OP
Member
Joined
Nov 20, 2012
Messages
999
Trophies
0
XP
936
Country
Ecuador
As far as I know (by lurking these forums), the difference lies mostly in privilege level. Here is for example a list of syscalls which can be performed in either mode. There's also other things which can be done in one mode, but not in the other. Most homebrews currently run in arm11, and so does ctrulib.

Okay. Thanks for the clarification !
 

Apache Thunder

I have cameras in your head!
Member
Joined
Oct 7, 2007
Messages
4,402
Trophies
3
Age
36
Location
Levelland, Texas
Website
www.mariopc.co.nr
XP
6,744
Country
United States
I took a look at the ROP Loader sources and it seems very straight forward.
That said, do you known any way to write and read the 3DS nand ?
I mean, we'll probably be unable to use the read/write firmware functions as is, since they are supposed to be executed in DS mode. The system settings offset will have to be recalculated as well ( I think it points to the emulated DS flashsystem, doesn't it ?) but it doesn't seem unpossible.
Any ideas ?

The settings menu in the home menu is able to access and alter the DS Profile. I don't think you need to be in DS mode to write to it. ;)
 

Hikari06

Well-Known Member
OP
Member
Joined
Nov 20, 2012
Messages
999
Trophies
0
XP
936
Country
Ecuador
well, why not compile the rop installer as bin ans then use loadcode.dat but compile it for 4.5????

Well I fear that since this ROP Loader is designed to be executed in DS mode, this is probably not going to work. What's more, it uses FS functions calls, which, from what I've understood are not available yet from the arm9 exploit. The offset are probably incorrect too.
I could give it a try but I'm pretty sure it won't work without further adjustments.
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
    Veho @ Veho: