It's here!

​

Info

@Normmatt has created a way to run B9S .firm files from bootrom via a DSi Flashcard and a magnet! This works on every 3DS on any firmware version.

For installation without a PC, user @TheCyberQuake has created a pack which will automatically install B9S and copy over essential starter homebrew from the flashcard's SD to the 3DS's. This will mainly be used for PC-less B9S installations. If you have a PC with you, use 3ds.guide. Read more here: https://gbatemp.net/threads/481141/

How does this work?

This works because of a flaw in the bootrom. Before the bootrom boots the NAND, it checks to see if Start+Select+X is held down, and if the shell is closed. If these requirements are met, it will boot an NDS cartridge from the bootrom. This give that cartridge bootrom access. You might be wondering how you'd hold down buttons while the shell is closed, and why you need a magnet. If you put a magnet in a specific spot on the 3DS, it will go into sleep mode. Using this, you can boot the NDS cartridge with the buttons held down while in sleep mode! Using a reflashable flashcard, you can boot B9SInstaller using the flashcard, and easily install it on your 3DS.

The 2DS doesn't need a magnet since a switch puts it to sleep instead of a magnet.

What does this mean?

1. Any 3DS model on any firmware can be hacked with minimal effort
2. You can unbrick any 3DS model from any type of brick.
   - Remember, you don't need a NAND backup for this. Just do a CTRTransfer.
   - This does not apply to MCU bricks.
3. Even consoles with fried NAND, or even the NAND chip physically removed, can use this

This is incredibly impressive stuff, and will most likely be released soon! edit: now!

FAQ

Q: Can Nintendo patch this?
A: Nope! Not without a new hardware revision.

Q: My flashcard is blocked by my firmware! Can I still use this?
A: Yes! The flashcard blacklist is not enabled on the bootrom.

Q: Why can't this work with my flashcard?
A: The installation requires you to flash NTRBoot to the flashcard's nand. Most DS flashcards, such as the original R4, have a ROM, which is not flashable.

Q: Can I install NTRBoot on my flashcard without another 3DS system?
A: If you can run NDS roms on your 3DS with it, then yes. If it's blocked on your 3DS version, then you'll need another 3DS system to use it.

Q: Will my 3DS flashcard work?
A: No, only the NDSi flashcards listed above.

Q: Will any other flash cards work?
A: Only the ones listed in the OP. However keep in mind that flashcards such as the DSTT, Supercard DS2 and R4 SDHC Dualcore are planned to be supported in the future.

Q: I tried to do this with my cartridge and it didn't work?
A: It doesn't work with regular DS cards.

Q: Can I unbrick from a ____ brick?
A: Considering the card has access to the bootrom, yes! This can unbrick any brick (except MCU), unless you've taken a knife to the motherboard.

Q: Can I install B9S on the latest firmware with this?
A: Again, since the card has access to the bootrom, you can do this easily! Just plug in your flashcard, boot up using the magnet and button combination, and install.

Q: Does this work on the New Nintendo 2DS XL?
A: Yes!

Release
Guide
Free NTRBoot Flashing
Free B9S Installations

Here is SciresM's post about this

Please see SciresM's presentation on bootromhax.​

 

[Axorve]

So, we have release date ?

 

[RedBlueGreen]

So, we have release date ?

Not yet. We just think it's coming soon because of the placeholder and downloads. It's not actually released though because the installer and compatibility aren't done yet.

 

[borka]

All soons (tm) are soon but some soons are more soon than others. I believe.
(No gateways is harmed in creating this statement).

 

[RockmanYoshi]

Wait, so is the nand where he internal system memory (friend codes, streetpasses, coins) is stored in? Or am i completely wrong?

 

[Deleted member 381889]

Wait, so is the nand where he internal system memory (friend codes, streetpasses, coins) is stored in? Or am i completely wrong?

mhm
except coins are stored on the SD Card, not the NAND no they aren't

 

[Deleted member 370671]

except coins are stored on the SD Card, not the NAND

No. Play Coins are stored on NAND as well.
https://www.3dbrew.org/wiki/Extdata#Shared_Extdata_0xf000000b_gamecoin.dat

 

[Deleted member 381889]

No. Play Coins are stored on NAND as well.
https://www.3dbrew.org/wiki/Extdata#Shared_Extdata_0xf000000b_gamecoin.dat

Huh, sorry.

 

[RockmanYoshi]

Alright, cool. If there was a problem with the NAND chip in my console, would it just display the old bootrom error screen?

 

[Texascfdad]

So, correct me if I'm wrong, this is similar to Windows PC booting from a recovery disk instead of the boot partition of the hard drive. We would have the option of re writing the boot partition (nand) for a brick. or running OS from the recovery disc (nds card) in the case of a fried nand chip.

 

[Snooli]

So, correct me if I'm wrong, this is similar to Windows PC booting from a recovery disk instead of the boot partition of the hard drive. We would have the option of re writing the boot partition (nand) for a brick. or running OS from the recovery disc (nds card) in the case of a fried nand chip.

Yes
Yes
Theoretically, although it might be easier to make it boot from SDcard.

 

[Diego788]

it will be compatible with r4?
i mean, we know that it will work in acekard and dstwo... but the r4?

 

[Cuphat]

it will be compatible with r4?
i mean, we know that it will work in acekard and dstwo... but the r4?

The original R4? Or one of the billions of cards named R4-something that all have different hardware and capabilities?

I doubt the original R4 could be compatible unless there's a way to flash it, but I don't think flashable firmware DS carts were really much of a thing before the DSi necessitated it.

 

[Diego788]

The original R4? Or one of the billions of cards named R4-something that all have different hardware and capabilities?

I doubt the original R4 could be compatible unless there's a way to flash it, but I don't think flashable firmware DS carts were really much of a thing before the DSi necessitated it.

well.. i was talking about the second thing... there's a LOT of different r4
i have this http://www.r4igold.cc/3ds_main.asp

according to the page, i can flash a firmware if i put a .nds firmware file in the r4 sd and run it in a DS/DSL/DSi
but it doesn't say anything about flashing in a 3DS, so i'm not sure if i can flash firmware into the r4 in my 3ds :<
if i can't flash the firmware i guess i'll have to get a DSi first

 

[Bullseye]

Well, in case some of you guys haven't noticed, on Boot9strap 1.2 there are NTR versions, however:

Note: The NTR firms are not currently usable without a means of flashing to a compatible flashcart. Wait for ntrboothax to be released!

This means that things are getting ready as we speak. Patience is a virtue, but rather uncommon in general.

 

[failzers]

Any way to test this on a native_firm bricked 3ds circa sysdowngrader 0.01 alpha back in memchunkhax days?

 

[Cuphat]

Any way to test this on a native_firm bricked 3ds circa sysdowngrader 0.01 alpha back in memchunkhax days?

When it's released, it should work fine on such a system.

 

[Snooli]

Don't hold our hopes high for the original R4. It might work, I just don't find it likely. The new "R4"s however are more likely to work, as they were flashed a few times by ppl here because of the entire timebomb thing.

 

[SonicMC]

Wonder if normmatt gets the dstwo working, how similar would it be to get the ismart mm or dsi iplayer working.

 

[ivoyko]

Someone here talked about this?

I dont know if writte the site adress where this its written is againt rules because that i only copy paste the test inside it... if u want find the site just copy paste all text on Google... lmao.

The ntrboothax exploit will require the following:

• A DS / DSi flashcart
  • Exact flashcart compatibility will be added when this exploit is released
• A small magnet
  • Note that this is only required on folding style 3DSs, not 2DSs
  • This is because the exploit requires your device to enter sleep mode while still having access to the buttons
  • The magnet should be able to trigger your device’s sleep mode by holding it on or around the ABXY buttons
• One of the following methods of installing ntrboothax to your flashcart:
  • A Powersaves
  • Another 3DS or 2DS already running some kind of custom firmware (such as boot9strap or arm9loaderhax)

 

[Ryccardo]

The original R4? Or one of the billions of cards named R4-something that all have different hardware and capabilities?

I doubt the original R4 could be compatible unless there's a way to flash it, but I don't think flashable firmware DS carts were really much of a thing before the DSi necessitated it.

All correct (and the reason most original DS/Lite flashcards are brick proof regardless of hardware and kernel quality)

ntrbootcardhax has the extra requirement of fully rewritable firmware and the communication with the console being done with different keys (for one) - so they must too be part of the firmware and not a fixed rom

---

Of course, since DS bootlegs and custom manufacturing are a thing, we could be able to buy (a probably outdated) physical version of B9S Soon if some underpaid Chinese guy realizes the market possibility...