oothax on 11.0? Is it even possible to boot HBL at all?

Discussion in '3DS - Flashcards & Custom Firmwares' started by lisreal2401, Jun 8, 2016.

  1. lisreal2401
    OP

    lisreal2401 GBAtemp Advanced Fan

    Member
    500
    209
    Jun 4, 2013
    United States
    I messed up a 2.1 downgrade and had to recover to 11.0 but I have a NAND backup and OOT - I heard it still does work but is really luck based if you get it to work at all. Should I be using the 11.0 payload or the 10.7 payload? I know I renamed my 10.7 payload on my New 3DS to use HBL so I'm trying to make sure if I try to force it I'm using the right stuff.
     
  2. proflayton123

    proflayton123 Undeclared Shitposter 2.1

    Member
    5,812
    2,165
    Jan 11, 2016
    Japan
    日本
    You can only downgrade with a hardmod on 11 firm.
     
  3. Wuigi

    Wuigi GBAtemp Fan

    Member
    318
    106
    Sep 14, 2012
    Germany
    I think smea implemented methods against the KASLR introduced in 11.0, so all payloads should shave this fixed, also the ones for 10.7.
    Hardmod downgrade of FIRM or your pre 11.0 backup is needed as mentioned above if you want to get a ARM11 exploit working.
    Freakyforms and Ninjhax boot fine for me even on latest 11.0 sysNAND with a9lh, so I guess it boots consistently.
    I think secondary exploit games like IronHax or Ocarina of Time use this new payload too, as they download it in the installer.
     
    Last edited by Wuigi, Jun 8, 2016
  4. lisreal2401
    OP

    lisreal2401 GBAtemp Advanced Fan

    Member
    500
    209
    Jun 4, 2013
    United States
    You need ARM11 permissions to write to the NAND in HBL? I'm almost certain you can restore a backup - right?
     
  5. proflayton123

    proflayton123 Undeclared Shitposter 2.1

    Member
    5,812
    2,165
    Jan 11, 2016
    Japan
    日本
    I got freaky forms for 7£ on ebay p:
     
  6. lisreal2401
    OP

    lisreal2401 GBAtemp Advanced Fan

    Member
    500
    209
    Jun 4, 2013
    United States
    It's not my 3DS - a friend wanted me to get A9LH for him. I could just give it back unmodded but I'd like to try and fix my mess up. Without putting any of my own money into it. Isn't the OOT exploit workable with a recompile anyway?
     
  7. Wuigi

    Wuigi GBAtemp Fan

    Member
    318
    106
    Sep 14, 2012
    Germany
    Regardless of what you want to do, if you're on 11.0 you need a hardmod to restore your backup or to downgrade the FIRM partition to be able to get ARM11 access.
    Ocarina of Time is additionally a secondary exploit game, so you need a method to write the savegame image back to the game, so Powersaves or another primary exploit are also needed.
     
  8. lisreal2401
    OP

    lisreal2401 GBAtemp Advanced Fan

    Member
    500
    209
    Jun 4, 2013
    United States
    I'm using splotinstaller on my new 3ds to do this. It was my original method when the system was on 10.x - so that's a non issue.
     
  9. Salamencizer

    Salamencizer Handsome Computer Nerd

    Member
    795
    653
    Oct 3, 2015
    India
    Below
    ARM9 permissions to restore a NAND backup.
     
  10. lisreal2401
    OP

    lisreal2401 GBAtemp Advanced Fan

    Member
    500
    209
    Jun 4, 2013
    United States
    Can't even load Emunand9 to try. I could of sworn NAND backups could be restored so long as you had an entrypoint.
     
  11. Salamencizer

    Salamencizer Handsome Computer Nerd

    Member
    795
    653
    Oct 3, 2015
    India
    Below
    No, EmuNAND9 requires ARM9 permissions, so in addition to a homebrew exploit, you need to be on a vulnerable firmware with an ARM9 exploit. The only firmware that is supported by non a9lh EmuNAND9 at the moment is 9.2 or 10.3 if you consider ntrcardhax