Hacking [Question] Homebrew/CFW on a Development Unit?

NekoMichi

NekoMichi

Retro Collector
OP
Member
Level 11
Joined
Jun 4, 2015
Messages
1,441
Trophies
1
Location
Minus World
Website
www.youtube.com
XP
2,982
Country
Disclaimer: I don't have access to an actual development unit, these are just hypothetical questions.

It's to my understanding that the "Panda" developer 3DS units are pretty much identical to retail units in terms of hardware, however they are running a special firmware that does not allow retail software to be run without being signed for that specific device.

That being the case, how would one be able to access the Homebrew Launcher on such a unit, and subsequently create an emuNAND/install a CFW? Ninjhax, OoTHax, and SmashHax would not be possible since the games can't run on a dev unit, that leaves BrowserHax. The dev units have firmwares labelled 0.0.0 under Settings, so does that mean a specific payload must be made for them in order to load the Homebrew Launcher?

And if a CFW were somehow installed with signature patching, would that enable the dev unit to run retail carts?

Thanks in advance and I understand if these can't be answered due to lack of public knowledge or NDA-restricted information.
 
BigPanda

BigPanda

Well-Known Member
Member
Level 9
Joined
Jul 18, 2016
Messages
221
Trophies
0
XP
1,719
Country
Belgium
The only difference between Panda units and Retail units is the keys/certs used for encryption and signing. The version is not displayed in the setting menu by choice of Nintendo.

Games can run on dev unit if you decrypt them using a retail 3DS unit (xorpads) and rebuild the game into a Debug signed CIA (Witch is possible since the common key is public in the SDK since it is needed to sign the debug cia)

The problem with the Retail Cartridges is that the keys are different and the header also.
 
dankzegriefer

dankzegriefer

Banned!
Banned
Level 5
Joined
Aug 19, 2015
Messages
896
Trophies
0
Age
40
XP
560
Country
United States
ReiNand has a version for Panda Units but it's very barebones. Also I'm 90% sure ninjhax cannot run on devkits, so MSET exploit is used, or arm9loaderhax.
 
M

mathieulh

Well-Known Member
Member
Level 6
Joined
Feb 28, 2008
Messages
378
Trophies
0
Website
keybase.io
XP
897
Country
France
Dev units basically use other keys, the main difference is that the dev private RSA exponents are known (used in the SDK tools) and therefore allow an official developer to sign content for his own dev unit, he however has to use pre-built accessdesc.
As such, while the homebrew launcher does not run on dev (mostly because it relies on home menu ROPs that would need to be ported to the dev home menu), it doesn't need one to run software as you can sign and encrypt your own cia/ncch for development unit, which means you don't need an exploit to run your software on the device (you however need one for privilege escalation purposes, to run code on the arm9 for example)
 
  • Like
Reactions: dankzegriefer

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew  A new way to experience StreetPass

Is it possible...?

Hacking Homebrew  how to link pnid to 3ds/how to use juxtaposition?

Hacking Hardware  New Nintendo 3DS XL Louvre

Emulation  i have citra, i have my aes keys installed, how do i get the home menu

Hardware  Why does my 3DS take so long to turn off?

Hacking Misc  VCRUNTIME140.dll UCRTBASED.dll Master Thread

Translation Project  DQM2SP translation

General chit-chat
Help Users
  • No one is chatting at the moment.
    Psionic Roshambo @ Psionic Roshambo: I did use a bot for Diablo III though but no ban there lol