Toggle sidebar

Tutorial  Updated

OTP Guide

Full Guide Release!

https://plailect.github.io/OTP/

All regions now supported!

If you appreciate this guide and the work I put into maintaining it, I accept donations through both Bitcoin and PayPal.

If you felt like the guide helped you out then I'd really appreciate it! If I get enough I may buy a 2DS for testing hardware stuff so I don't break another N3DS.

If the guide didn't help you out then I'm really sorry about that :(
 
Last edited by Plailect,
  • Like
Reactions: Woxinum, NoNAND, Arkansaw and 63 others
Click to expand...
felipejfc said:
You surely did a lot to ensure you were flashing the right things, I think it would be great if you make a tutorial describing your method and your security measures as well :)
Click to expand...
After downgrade, dump EmuNAND's FIRM0 and FIRM1 with Decrypt9, and check that the first 0xDB000 bytes have a sha1 of A61412B6C3A7FA1A9F8E9F9945714270356506FF.
Then, when you decrypt ctr.bin, calculate the hash of the first 794.624.000 bytes.
Re-inject it with the 0x4 xorpad, and then re-extract it (with the 0x4 xorpad), and check if the hash is the same.
Where to do this varies in all the different hex editors ^^
 
Last edited by Aurora Wright,
  • Like
Reactions: felipejfc
Aurora Wright said:
After downgrade, dump EmuNAND's FIRM0 and FIRM1 with Decrypt9, and check that the first 0xDB000 bytes have a sha1 of A61412B6C3A7FA1A9F8E9F9945714270356506FF.
Then, when you decrypt ctr.bin, calculate the hash of the first 794.624.000 bytes.
Re-inject it with the 0x4 xorpad, and then re-extract it (with the 0x4 xorpad), and check if the hash is the same.
Where to do this varies in all the different hex editors ^^
Click to expand...
Similar steps will be added in the future.

--------------------- MERGED ---------------------------

Audioboxer said:
Thanks, restoring a backup now. File needs to be called NAND.bin just so everyone knows.



Not sure if we can, I just dumped it three times to make sure it was exactly the same each time. It was. Btw, don't you mean a9f.bin?
Click to expand...
Cubic ninja makes OTP.bin, the browser makes a9f.bin
 
  • Like
Reactions: Audioboxer
Aurora Wright said:
After downgrade, dump EmuNAND's FIRM0 and FIRM1 with Decrypt9, and check that the first 0xDB000 bytes have a sha1 of A61412B6C3A7FA1A9F8E9F9945714270356506FF.
Then, when you decrypt ctr.bin, calculate the hash of the first 794.624.000 bytes.
Re-inject it with the 0x4 xorpad, and then re-extract it (with the 0x4 xorpad), and check if the hash is the same.
Where to do this varies in all the different hex editors ^^
Browser payload is stable and many people had it working fine, but it's still private for now (it will be released soon).
Click to expand...

@Plailect released it on the last page. I'm currently restoring my 9.2 NAND.
 
Good news my OTP dump hashes match so I have it now. The big question though is what do I do with it?
 
mashers said:
Where does the data_input directory come from? I.e. where is the archive or repo? And what files go in there, and what do you do with it once it's built?
Click to expand...
Now your asking to get spoonfed but dont worry im just as clueless im surprised these people have this amount of patience with us seeing as we are intruding on their super secret hacker turf.
 
Xenon Hacks said:
Now your asking to get spoonfed but dont worry im just as clueless im surprised these people have this amount of patience with us seeing as we are intruding on their super secret hacker turf.
Click to expand...
I don't expect to be spoon fed, but a GitHub link would be helpful ;)

Edit - it got posted while I was writing :)
 
Xenon Hacks said:
I had the link for ar9lh but as far as im concerned it's gibberish to me.
Click to expand...
Just had a look at the readme. Looks fairly straightforward. I think you just put new3ds10.firm, new3ds90.firm, secret_sector.bin and the otp.bin, run make, and that generates the installer 3dsx. What the installer installs and what you do next isn't clear to me from the readme.
 
Don't worry guys, none of you are as stupid as me. I have no idea what to do now that I have my OTP. Trying to figure out arm9loaderhax.bin and Rei.

It's probably a miracle I just downgraded, got OTP and then managed to get back to 9.2 without a hard mod :rofl2:
 
  • Like
Reactions: Xenon Hacks
mashers said:
Just had a look at the readme. Looks fairly straightforward. I think you just put new3ds10.firm, new3ds90.firm, secret_sector.bin and the otp.bin, run make, and that generates the installer 3dsx. What the installer installs and what you do next isn't clear to me from the readme.
Click to expand...
Installer just injects everything into NAND... you get the .3dsx and just run that from *hax on a <9.3 system

EDIT: keep in mind the installer fails to work when compiled in linux, and will also probably fail when compiled from a Mac
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Why did the price of 3ds shoot up ?

Hacking Homebrew Project  BlazerTube - a YouTube 3DS revival using the REAL app!

[WIP] SMW 3DS Port - Early Playable Demo by ZalgonEn

Problems getting Homebrew to appear outside of the Homebrew Launcher (homebrew won't appear on the HOME menu)

Homebrew app Emulator  [Release] 3DS-CLI - Run a real RISC-V Linux environment on the Nintendo 3DS

Website for finding alternative games for 3DS

Homebrew  [Progress update] LCE Minecraft 3ds

Gaming  any good rpgs on 3ds?