Homebrew [Question]: Soundhax -> Safehax -> FastHax?

ScarletDreamz · Jan 4, 2017

Hello;

I just wanted to ask, since Soundhax its a primary entrypoint, thats the easy part, so indeed its a ARM11 Userland Exploit.

If so, where its fasthax located? i do understand how the overflow works also the malloc and the syscalls, the only thing is, where is fasthax loaded and located on the structure of the sdcard? is it the new boot.3dsx? or is it the arm11.bin?

I just need some clarification on this.

Regards~

GerbilSoft · Jan 4, 2017

Soundhax is an ARM11 userspace exploit. Fasthax is an ARM11 kernel exploit, which is then used to launch SAFE_MODE_FIRM for safehax.

The current version of Safehax listed in Plailect's guide has fasthax built-in. There's no separate file for it.

metroid maniac · Jan 4, 2017

The 3DS has two processes, ARM11 and ARM9.
Soundhax owns the ARM11 userland, Fasthax owns the ARM11 kernel space, and Safehax owns the ARM9.

Safehax and fasthax are two different exploits, but they're bundled together into a single executable you can run from any homebrew entrypoint (i.e. anywhere you have userland privileges already).
This executable is the safehax.3dsx file located in this download. The boot.3dsx at the 3DS root is the Homebrew Launcher's menu and the arm11.bin and arm9.bin located on the SD root are safea9lhinstaller and the exploits needed to run it.

ScarletDreamz · Jan 4, 2017

Thanks, indeed i do understand that, my question was where was the file nad @GerbilSoft answered telling me they are bundled together into one single executable file. aka "SafeHax.3dsx"

NexoCube · Jan 4, 2017

safehax will launch arm9.bin on the SDCard, usually you want it to be Decrypt9 to start using 3ds.guide (ctrtransfer 2.1.0)

ScarletDreamz · Jan 4, 2017

So what its the procedure after safehax its triggered? can someone clarify me that?

Safehax -> Fasthax -> arm9?
OR
(Safehax+Fasthax) -> arm9?

Difference betweens those its the fasthax running with safehax, or fasthax executed as a different process inside the safehax.

metroid maniac · Jan 4, 2017

ScarletDreamz said:
So what its the procedure after safehax its triggered? can someone clarify me that?

Safehax -> Fasthax -> arm9?
OR
(Safehax+Fasthax) -> arm9?

Difference betweens those its the fasthax running with safehax, or fasthax executed as a different process inside the safehax.

It's back to front. You need to pwn the arm11 kernel before you can pwn the arm9, so it's fasthax and then safehax.
I believe that executable does safehax as soon as it finishes fasthax,

ScarletDreamz · Jan 4, 2017

You are totally right, since fasthax its the kernel exploit for arm11. totally forgot about it..

So it will be Soundhax (Arm11 Userland Exploit) -> Fasthax (Arm11 Kernel Exploit) -> Safehax (Arm9 Kernel Exploit).

Homebrew [Question]: Soundhax -> Safehax -> FastHax?

[Debug Mode]

Well-Known Member

An idiot with an opinion

[Debug Mode]

Well-Known Member

[Debug Mode]

An idiot with an opinion

[Debug Mode]

Similar threads

Popular threads in this forum