Homebrew [Release] ARM9 Kernel homebrew on < 9.2

Roxas75

Well-Known Member
OP
Member
Joined
Oct 9, 2010
Messages
516
Trophies
0
XP
1,522
Country
Italy
Hi guys!
Introduction:
Like many other people, I started my research on the last Gateway Ultra release, for my own curiosity on how the exploit works itself and to take a look at their code.
It was not actually difficult to go a bit deep, and also thanks to yfan_lu for his great explanation.
So i've seen he actually posted his method to run arm11 code, and I thought on this solution to make arm9 code execution possible.
I thought that using some of the GW payloads and manipulate them a bit was an easy solution for that, becouse they coded their payloads to make the same code be loaded with different firmware versions, and this should not contain any illegal thing (i'm ready to remove everything if i'm wrong).

So, what is this?
It's a simple and basic homebrew template to compile homebrews that will run on the arm9 kernel, like the we've seen time ago, through the new Web Browser vulnerability; I look at this as an useful thing, tools like the Multi-Decryptor can be potentially ported.
The code will run at 0x08000000, and it can load payloads up to 600kb, so the old 22kb size is not a problem anymore.
The main difference is that this runs on the kernel, not on Process9, so actually all the FS functions should be broken at this rate, someone should write a good library to interact with the SD.
I could test this only on a 4.X system, so i put it here to let you guys test then give me feedback on other firmware versions, then i'll update it and put the new download in the OP. :)
And the same is for the framebuffers location, it's possible that they change too in different firmwares.

Since Gateway probably added checks on the Launcher.dat, i suggest to use other methods to run the web exploit, i like this solution that's offered by an user here on GBAtemp :
http://dukesrg.no-ip.org/3ds/go

Download
Here is the download, looking for grat works: Download Here!

Enjoy!
 

Roxas75

Well-Known Member
OP
Member
Joined
Oct 9, 2010
Messages
516
Trophies
0
XP
1,522
Country
Italy
Don't expect any cfw any soon, this is just to make some kind of tools runnable on newer firmwares. It's much different. :)
 

krisztian1997

Well-Known Member
Member
Joined
Dec 14, 2013
Messages
370
Trophies
0
Age
26
XP
290
Country
Romania
They actually are the ones who made all of this possible. I think 60€ is the right price for this.

I would never buy their product after what they did some time ago with the brick code, I can't trust someone who wants to kill my console just because they think that its ok.
 

Apache Thunder

I have cameras in your head!
Member
Joined
Oct 7, 2007
Messages
4,294
Trophies
3
Age
35
Location
Levelland, Texas
Website
www.mariopc.co.nr
XP
6,245
Country
United States
But i mean in the good old nds times you bought a 15€ flashcard and you had ∞ games and 0 problems

The closest you'll get to that in this day and age is the Sky3DS/QQ3DS (they are both identical hardware wise) will be the closest you can get. They can't run custom homebrew like Gateway, but can boot most games you throw at it. But those carts days are numbers. The current iterations of them aren't updatable so when Nintendo blocks them in a firmware update, you have to buy a whole new card once/if one becomes available.

I'd highly advise you not buy a sky3DS or any card that operates like one until one comes out that has update-able firmware. Gateway's red card has a flashable FPGA chip and despite that, it's still cheaper then Sky3DS. Unlike gateway though, they'd need an extra USB device that connects to the PC to "flash" it to a new firmware as you can't do that on the 3DS. (would require custom homebrew code execution)

I'm sure it would be super easy to make one with a flash-able chip that works like the current Sky3DS. Then with a linker device via USB, it can be flashed to work again on future fw updates. That would be the "proper" competitor to Gateway.

Maybe like the DSTWO, the card can simply be flashed to new firmware via a specific file placed on the microSD card, so wouldn't need a external device. Just plug it into the 3DS for a specific amount of time and there you go. Even if the 3DS refuses to recognize a card, it would still provide power to it if it's in the slot.

Sky3DS has shown no indication of having this feature though. Since once the red button "workaround" came out, they had to release a whole new card to remove the arbitrary 10 game limit they imposed.

But until a clone that has this feature comes along, I believe they are a bad investment as they are not future proof at all. Especially at the crazy high prices they are currently selling at.
 

Apache Thunder

I have cameras in your head!
Member
Joined
Oct 7, 2007
Messages
4,294
Trophies
3
Age
35
Location
Levelland, Texas
Website
www.mariopc.co.nr
XP
6,245
Country
United States
Arm9 gives you full control over the console including the ability to cancel out encryption checks and to generate xorpads to decrypt existing content. Arm9 control is required for anyone ambitious enough to attempt a CFW. ;)

Tools like the VOiD Mulitool used to decrypt SD/Rom content requires Arm9 control as that chip handles the cryptography of the console. Arm9 is pretty much the head hancho, the boss so to speak. All other components of the 3DS must listen to what Arm9 tells it to do. Take control of it, and you take control of the whole system. ;)
 

Arras

Well-Known Member
Member
Joined
Sep 14, 2010
Messages
6,313
Trophies
2
Age
28
XP
5,053
Country
Netherlands
But i mean in the good old nds times you bought a 15€ flashcard and you had ∞ games and 0 problems

And on basically every single console before that, you paid a ton and it was far from easy. The DS was the exception, not the rule, simply because it was so incredibly popular and flashcards were so easy to make eventually.
 
  • Like
Reactions: zhdarkstar

Xenon Hacks

Well-Known Member
Member
Joined
Nov 13, 2014
Messages
7,414
Trophies
1
Age
29
XP
4,666
Country
United States
Pretty much. Although SaveDataFiler already does that and that only needed Arm11 control/Userland. Not sure how that program works. Save encryption is is most likely userland as the game itself needs to be able to decrypt/encrypt it's own save files.

So can an app made for ninjhax or an app that runs through the browser exploit do this?
 
  • Like
Reactions: Margen67

You may also like...

General chit-chat
Help Users
    BigOnYa @ BigOnYa: Damn gurl, I can't even change up my coffee routine without you freakin'