Hacking [Q] Is it possible to "steal" GW's multirom menu and add it to a CFW?

[tony_2018]

isn't removing a retail cartridge crashing the game too ?
removing a cartridge while playing is not the way to test if "gateway is running code on the console". It's just that the game is running on the console and crashes when the hardware containing the game's data is removed.


I've read a comment once (don't remember who said that) saying that redirecting game access from cartridge to SD would be easy.
I don't know if it's really easy or possible, but if emulators can load from a file why not the console? there are probably hardware checks (like voltage, eeprom size, etc.) but it can be patched?

In order to do this, I believe, a redirect is needed. But as you stated there are chcksums that need to pass first. Maybe verify the checks, apply the redirect to sd, and echo the answers the checksums are looking for. Just brainstorming......

 

[dkabot]

isn't removing a retail cartridge crashing the game too ?
removing a cartridge while playing is not the way to test if "gateway is running code on the console". It's just that the game is running on the console and crashes when the hardware containing the game's data is removed.


I've read a comment once (don't remember who said that) saying that redirecting game access from cartridge to SD would be easy.
I don't know if it's really easy or possible, but if emulators can load from a file why not the console? there are probably hardware checks (like voltage, eeprom size, etc.) but it can be patched?

The odd thing about redirecting is that we can already do it in some form: NTR has such a thing (the name escapes me) for the purpose of modding games on legit carts. The thing there is that we have no way to launch it if the goal is to run the game off the SD card.

 

[Zidapi]

Why not?

The odd thing about redirecting is that we can already do it in some form: NTR has such a thing (the name escapes me) for the purpose of modding games on legit carts. The thing there is that we have no way to launch it if the goal is to run the game off the SD card.

i think the NTR feature is called LayerFS.

 

[Cyan]

I never checked how NTR is working.
can you replace an entire game's file with another one with LayerFS?

 

[laramie]

I know this question has been asked before but I don't believe a detailed explanation was ever provided as to why.

So the experts have RE'd Gateways Launcher, correct? May someone expand on the details?

Please try to keep the comments clean ._. Looking for mature answers, though I guess that shouldn't always be expected xD

First off, GW's encryption on their crap is extremely hard, secondly, it's all about how their code interacts with their card, you can't just copy and paste their code into a cfw's code and say "yay red card support!" (If it were that easy then GW would be out of business. This doesn't mean we stop trying, but loading things like .3ds files from an sd card is considered a holy crap skill. Plus we don't exactly have the "skills" yet, if it were that easy don't you think we would have already made a software exploit to unlock the bootrom at start and then install cfw over it? Bottom line, craps hard, i figure this feature will come along the same time as when we finally unlock the bootrom after boot with a software attack and not a hardware attack.

 

[tony_2018]

First off, GW's encryption on their crap is extremely hard, secondly, it's all about how their code interacts with their card, you can't just copy and paste their code into a cfw's code and say "yay red card support!" (If it were that easy then GW would be out of business. This doesn't mean we stop trying, but loading things like .3ds files from an sd card is considered a holy crap skill. Plus we don't exactly have the "skills" yet, if it were that easy don't you think we would have already made a software exploit to unlock the bootrom at start and then install cfw over it? Bottom line, craps hard, i figure this feature will come along the same time as when we finally unlock the bootrom after boot with a software attack and not a hardware attack.

Interesting. Its crap, but there encryption is hard to break...

If it was indeed crap than I'm sure everyone would've had access to there code by now.

 

[laramie]

Interesting. Its crap, but there encryption is hard to break...

If it was indeed crap than I'm sure everyone would've had access to there code by now.

I ment like the shit's hard to fucking RE brah...

 

[tony_2018]

I ment like the shit's hard to fucking RE brah...

Didn't sound like that but cool I guess.

 

[WhoAmI?]

First off, GW's encryption on their crap is extremely hard, secondly, it's all about how their code interacts with their card, you can't just copy and paste their code into a cfw's code and say "yay red card support!" (If it were that easy then GW would be out of business. This doesn't mean we stop trying, but loading things like .3ds files from an sd card is considered a holy crap skill. Plus we don't exactly have the "skills" yet, if it were that easy don't you think we would have already made a software exploit to unlock the bootrom at start and then install cfw over it? Bottom line, craps hard, i figure this feature will come along the same time as when we finally unlock the bootrom after boot with a software attack and not a hardware attack.

Yeah, I know about the encryption and obfuscation and all that stuff. I still asked because GW's older firmware has been decrypted before and some users have RE'd it. Was wondering if someone had managed to see how it works.

 

[tony_2018]

Yeah, I know about the encryption and obfuscation and all that stuff. I still asked because GW's older firmware has been decrypted before and some users have RE'd it. Was wondering if someone had managed to see how it works.

Surprisingly.........they aren't sharing that portion. Wonder why?

 

[laramie]

Surprisingly.........they aren't sharing that portion. Wonder why?

it's not that it's not being shared, it's that well no one really tried to RE that part. Most people only RE'd the gaining access part with the over flows and crap, after that, people didn't care too much about GW's features.

 

[tony_2018]

it's not that it's not being shared, it's that well no one really tried to RE that part. Most people only RE'd the gaining access part with the over flows and crap, after that, people didn't care too much about GW's features.

Right, I would've went all the way but hey GW has been on there game with updates.


I'm sure they are still working on methods to update the firmware on the n3ds. Probably only have little time to do more testing and digging.

 

[Just3DS]

Right, I would've went all the way but hey GW has been on there game with updates.


I'm sure they are still working on methods to update the firmware on the n3ds. Probably only have little time to do more testing and digging.

Yeah, well I guess it would take same as much time it took last time they able to crack the new crypto on version 7.x firmware. However it might come again with cost of losing saves when we going to update, just like before.

 

[tony_2018]

Yeah, well I guess it would take same as much time it took last time they able to crack the new crypto on version 7.x firmware. However it might come again with cost of losing saves when we going to update, just like before.

True, its all fun and games until it turns into a business that you have to keep going. Especially, when your reputation is on the line. We may not know the brains behind GW but I'm sure they have something up there sleeves for the n3ds. I haven't even had time to fool around with CFW even though I have 2 systems, o3dsxl and n3dsxl. Busy with work and just using my spare time to catch up on the scene and news.

 

[WhoAmI?]

It's already possible with the CIA of NTR 3.0

Yeah but having it already pre-applied while booting the CFW would be better IMO.

 

[dela]

The function ntr, is called layeredfs. From what little I could understand of layered, with the necessary modifications, once patched addresses you could launch another game. the biggest problem could be the icon corresponds save file, but I suppose you could patch that too.
As I have free time, I work a little bit on that front. Should I just go to "game stop" to take a couple of games at low prices, I would not break a game that I care.
Although I assume that the most comforting, would be to launch a homebrew roms

italian version:
la funzione di ntr, si chiama layeredfs. Per quel poco che ho potuto capire di layered, con le dovute modifiche, una volta patchati gli indirizzi si potrebbe lanciare un'altro gioco. il problema più grande potrebbe essere rapresentato dai file di salvataggio ma presumo che si possa patchare pure quello.
Come ho tempo libero, lavoro un pò su questo fronte. Devo giusto andare da "game stop" a prendere un paio di giochi a basso prezzo, non vorrei rompere un gioco a cui tengo.
Anche se presumo che la strada più consola, sarebbe quella di lanciare le roms da un homebrew