Homebrew Question on executing CTR commands using web exploit
- Thread starter TheHomesk1llet
- Start date
- Views 6,708
- Replies 49
- Likes 2
Sorry about that my computer is lagging so bad that it posted this a few times
Same as the other computer lagging out.
If by roms you mean 3DS packaged files (like the usual roms) then you need access to something like ns and redirect it to sd.
Dat files are usually just binary to load to ram.
- Joined
- Jul 7, 2010
- Messages
- 3,882
- Trophies
- 2
- Location
- /dev/random
- Website
- www.gudenau.net
- XP
- 5,417
- Country
TL;DR
The GW spider exploit runs in the browser. so it has its permisions. The nect stage loaded from the webdite uses the gpu to corrupt ARM11 kernel to execute ASM in in privlaged ARM11. Then stage 3 breaks into ARM9 kernel land.
From there they do pirate stuff, killing sig checks adding the menu, etc.
You have access to the System calls until ARM9.
If you need more info ask.
(Crappy phone res, can not see what I typed)
The GW spider exploit runs in the browser. so it has its permisions. The nect stage loaded from the webdite uses the gpu to corrupt ARM11 kernel to execute ASM in in privlaged ARM11. Then stage 3 breaks into ARM9 kernel land.
From there they do pirate stuff, killing sig checks adding the menu, etc.
You have access to the System calls until ARM9.
If you need more info ask.
(Crappy phone res, can not see what I typed)
- Joined
- Jul 7, 2010
- Messages
- 3,882
- Trophies
- 2
- Location
- /dev/random
- Website
- www.gudenau.net
- XP
- 5,417
- Country
From what I know, yes. I have not gotten that far though, so please do not quote me.
This helps so much, thank you.
Also, if I don't post on here for a little while, it doesn't mean I've abandoned everything. I'm not always on GBAtemp, and usually I'm working on this homebrew. Give me some space sometimes.
I think the current intentions are to remake the launcher.dat so it never needed the cart to begin with. It might actually be easier that way since there won't be as much (if any) Gateway DRM in the new launcher.
Just to let you guys know for now, I'm going back to dedicating my full time and attention to creating this thing, so if I don't reply...it's because I'm doing that.
He's being ironic because williamcesar2 is one of the biggest piece of shit trolls on GBAtemp, and json is too
I hope you both got warnings for the part you each played in turning OP's previous thread into a shit storm.
Actually really disappointed that you both weren't banned, you're each repeat offenders.
- Joined
- Oct 7, 2007
- Messages
- 4,434
- Trophies
- 3
- Age
- 36
- Location
- Levelland, Texas
- Website
- www.mariopc.co.nr
- XP
- 6,809
- Country
I'm pretty sure the OP being a troll thing was just speculation started by someone and just got snowballed and that ended up derailing the last thread. Can we PLEASE not derail this one too? It won't help anyone continuing to argue about this!
I've always been on the side of just sitting on the sidelines and seeing if something happens. Some of you are way to invested into the wait game. Ya'll need to calm the **k down. Go outside and play in your front yard or something. There's a world outside of the 3DS ya know.
Wait, you asking if commands sent to the cartridge slot can be redirected? I assume you are talking about Arm11 related activities. I'm probably not the best person to try and answer this. I would think you just need to gain Arm11 kernel access and recreate the commands. Having Arm11 kernel access means being able to do anything Arm11 is normally allowed to do. (all other things would be Arm9 territory). So if the CTR commands are controlled by Arm11, then yes, I don't see why you can't do this.
As I understand it one of the early stages of the web browser exploit gains Arm11 kernel access. Whether or not the launcher.dat file/external file needed to do that is required, I don't know. I think so, but at that point you already have FS access to the SD card I would assume as how else does gateway load the launcher.dat for the rest of the exploit?
I've heard the new exploit (or at least the reverse engineered version of it thanks to yifan_lu) runs on Arm9 kernel and not Process9 and that FS commands are broken. (basically you have to recreate the Arm9 kernel code yourself) So the kernel commands need further documentation? If you can already read/write files via Arm9 code at whatever stage of development this CFW of yours is at, you already are able to do this I assume. But again, I can't answer that.
It was mentioned in that first Arm9 thread soon after Yifan Lu's release of the Arm9 exploit info.
From how things work, Arm11 kernel access occurs first, then Arm9 is hijacked. I would think you set most things up in Arm11 before you go and boot up Arm9 code. (non encryption related stuff anyway. Arm9 access needed once you get the point where you need to alter encryption checks, but you should be aware of this already. )
I'm not a programmer so I can't really answer this beyond that.
Aside from that I hope someone who knows more on this kinda stuff can answer your question before the trolls flood this thread.
I've always been on the side of just sitting on the sidelines and seeing if something happens. Some of you are way to invested into the wait game. Ya'll need to calm the **k down. Go outside and play in your front yard or something. There's a world outside of the 3DS ya know.
Wait, you asking if commands sent to the cartridge slot can be redirected? I assume you are talking about Arm11 related activities. I'm probably not the best person to try and answer this. I would think you just need to gain Arm11 kernel access and recreate the commands. Having Arm11 kernel access means being able to do anything Arm11 is normally allowed to do. (all other things would be Arm9 territory). So if the CTR commands are controlled by Arm11, then yes, I don't see why you can't do this.
As I understand it one of the early stages of the web browser exploit gains Arm11 kernel access. Whether or not the launcher.dat file/external file needed to do that is required, I don't know. I think so, but at that point you already have FS access to the SD card I would assume as how else does gateway load the launcher.dat for the rest of the exploit?
I've heard the new exploit (or at least the reverse engineered version of it thanks to yifan_lu) runs on Arm9 kernel and not Process9 and that FS commands are broken. (basically you have to recreate the Arm9 kernel code yourself) So the kernel commands need further documentation? If you can already read/write files via Arm9 code at whatever stage of development this CFW of yours is at, you already are able to do this I assume. But again, I can't answer that.
It was mentioned in that first Arm9 thread soon after Yifan Lu's release of the Arm9 exploit info.
From how things work, Arm11 kernel access occurs first, then Arm9 is hijacked. I would think you set most things up in Arm11 before you go and boot up Arm9 code. (non encryption related stuff anyway. Arm9 access needed once you get the point where you need to alter encryption checks, but you should be aware of this already.
)I'm not a programmer so I can't really answer this beyond that.
Aside from that I hope someone who knows more on this kinda stuff can answer your question before the trolls flood this thread.
Uhm, That's for the old DS Profile exploit. OP is trying to use the web browser entry point.
I'm betting OP has already seen these but, these are more relevant to his research if anything:
https://github.com/yifanlu/Spider3DSTools
https://github.com/yifanlu/Spider3DSTools/tree/arm11-kernel-research
http://gbatemp.net/threads/release-arm9-kernel-homebrew-on-9-2.379477/
EDIT: Yet neither are they complete answers to his original question. I'd like to know some of this stuff too, as I might try to roll together some web-browser-launched homebrew just for kicks. (Don't expect anything amazing though...)
Regarding the questions AFAIK the GW runs on arm9. And the arm9-kernel-homebrew thing also runs on arm9 (not Process9) which means you have to rewrite some syscalls yourself apparently.
which would probably explain why gateway's launcher.dat usually contains copies of the arm9/11 kernel code for each firmware version, from what I've heard.
-
-
@
Sicklyboy:
Lazy day for me. Was gonna go grocery shopping but it's raining so I don't feel like going out. Listened to music and messed with server stuff instead -
-
-
-
@
Sicklyboy:
I feel like school, back when I was actually in school, was more entertaining though, because of how much I get to interact with people, hang out with friends, and other stuff like that. All I get to talk to at work is my boring coworkers lol
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@
BigOnYa:
Anybody here have a Xbox series S and a series X, is the performance difference noticeable? I have a series X but not a series S and was curious. (Reason- I was thinking of buying a series S for a second tv, for when grandkids come over, to keep them off my X)
