Hacking [Release] PBT-CFW - Import CIAs on your SYSNAND

  • Thread starter nop90
  • Start date
  • Views 100,287
  • Replies 341
  • Likes 20
nop90

nop90

Well-Known Member
OP
Member
Level 12
Joined
Jan 11, 2014
Messages
1,556
Trophies
0
Location
Rome
XP
3,136
Country
Italy
Install a sys update different from the browser with this tool, and you'll propably brick the 3DS.

If you want to experiment, use a hard modded 3DS so you can restore your nand if it bricks.
 
  • Like
Reactions: Margen67
Cyan

Cyan

GBATemp's lurking knight
Former Staff
Level 25
Joined
Oct 27, 2002
Messages
23,749
Trophies
4
Age
45
Location
Engine room, learning
XP
15,649
Country
France
You can install any cia directly with palantine's ctrclient?
I always thought that it would require to install devmenu first, then install the browser title, because that's what every body is doing.
But I can install the browser title directly on my sysnand without using a leaked sdk file.


I just need to put all palantines files to SD, your boot.bin and that's all.
Launching gateway exploit will allow cia install on SysNAND, then use ctrclient to send the browser.

users reported that using ctrclient is not always successful, they had to try and reboot their emuNAND multiple times.
Is it an emuNAND redirection issue, or does it happen on sysNAND too?
I wouldn't want to install cia on sysNAND and fail midway because of instability.

Edit:
Well, that ends my questions. ctrclient.exe from palantine doesn't work on WinXP 32bit...
so, I can't use that method
I guess if nobody has a 32bit version my only solution is devmen/brm from gateway.
there's so many users on 64bit now? I feel like the last 32bit user
 
Cyan

Cyan

GBATemp's lurking knight
Former Staff
Level 25
Joined
Oct 27, 2002
Messages
23,749
Trophies
4
Age
45
Location
Engine room, learning
XP
15,649
Country
France
laharl22 said:
How to install this cfw over palantine?
Click to expand...
just replace the boot.bin file on your SD card.
it will not redirect NAND to emuNAND and everything will be done on your sysNAND.


I still don't like the word "custom firmware" as it's not one. you don't replace your firmware at console's boot, you only launch a homebrew to patch files.
 
nop90

nop90

Well-Known Member
OP
Member
Level 12
Joined
Jan 11, 2014
Messages
1,556
Trophies
0
Location
Rome
XP
3,136
Country
Italy
Cyan said:
I still don't like the word "custom firmware" as it's not one. you don't replace your firmware at console's boot, you only launch a homebrew to patch files.
Click to expand...

I agree, but when in the past i used different names, a lot of people misuderstood and started a never ending loop of nonsense "so if I do this ... maybe I could obtain that ...". I'm hoping that KARL will clean this bad habit :lol: .

Cyan said:
users reported that using ctrclient is not always successful, they had to try and reboot their emuNAND multiple times.
Is it an emuNAND redirection issue, or does it happen on sysNAND too?
Click to expand...

Same issues. But strangely I found this patch a lot more stable while in CTRsrv mode (booting with L Key pressed).

Cyan said:
I wouldn't want to install cia on sysNAND and fail midway because of instability.
Click to expand...

Installing only the browser should not be daungerous. If it fails, the browser wont start, but your FIRM will nor be bricked. So you can still do a new install. For other firmware updates a connection interruption could be potentially a disaster. The same of turning off the 3DS (or any other device) during system update.

Instead of devmenu you can install Big Red Menu. You will wait a little more, but it works.
 
Kakkoii

Kakkoii

Old fart
Member
Level 5
Joined
Sep 14, 2007
Messages
631
Trophies
0
XP
586
Country
Canada
Cyan said:
You can install any cia directly with palantine's ctrclient?
I always thought that it would require to install devmenu first, then install the browser title, because that's what every body is doing.
But I can install the browser title directly on my sysnand without using a leaked sdk file.


I just need to put all palantines files to SD, your boot.bin and that's all.
Launching gateway exploit will allow cia install on SysNAND, then use ctrclient to send the browser.

users reported that using ctrclient is not always successful, they had to try and reboot their emuNAND multiple times.
Is it an emuNAND redirection issue, or does it happen on sysNAND too?
I wouldn't want to install cia on sysNAND and fail midway because of instability.

Edit:
Well, that ends my questions. ctrclient.exe from palantine doesn't work on WinXP 32bit...
so, I can't use that method
I guess if nobody has a 32bit version my only solution is devmen/brm from gateway.
there's so many users on 64bit now? I feel like the last 32bit user
Click to expand...

Yes... Because there's absolutely no reason to stay on 32bit. 32bit restricts you to 4GB of system RAM usage, and has worse performance than 64bit. Is your CPU not capable of 64bit? If it is, then get your ass onto Windows 7 already, or even 8/10
 
  • Like
Reactions: Margen67
MrCheeze

MrCheeze

Well-Known Member
Member
Level 3
Joined
May 13, 2014
Messages
200
Trophies
0
Age
79
XP
338
Country
Canada
So, if I unthinkingly followed a guide's advice and formatted my sysnand to unlink it from emunand/cfw, this is useless to me, right?
 
Relys

Relys

^(Software | Hardware) Exploit? Development.$
Member
Level 7
Joined
Jan 5, 2007
Messages
878
Trophies
1
XP
1,239
Country
United States
Cyan said:
I still don't like the word "custom firmware" as it's not one. you don't replace your firmware at console's boot, you only launch a homebrew to patch files.
Click to expand...

This is a chain of multiple exploits to gain full control over the system, load a modified (i.e. "custom") FIRM image (yes, the magic header is even called FIRM) and then soft reboot the system. It is literally, by definition, "custom firmware". Gaining an entry point during the systems initial boot (as opposed to when we gain access during a soft reboot) just enables automated persistence. boothax is a matter of convenience and does not change the definition or the overall rest of the process.
 
  • Like
Reactions: cearp
Zidapi

Zidapi

Well-Known Member
Member
Level 11
Joined
Dec 1, 2002
Messages
3,112
Trophies
3
Age
42
Website
Visit site
XP
2,681
Country
Relys said:
This is a chain of multiple exploits to gain full control over the system, load a modified (i.e. "custom") FIRM image (yes, the magic header is even called FIRM) and then soft reboot the system. It is literally, by definition, "custom firmware". Gaining an entry point during the systems initial boot (as opposed to when we gain access during a soft reboot) just enables automated persistence. boothax is a matter of convenience and does not change the definition or the overall rest of the process.
Click to expand...
Relys sure knows how to make a point. Well, that settles that.

I hope this puts end to that "but it's not a CFW unless it loads at boot" bullshit.
 
Cyan

Cyan

GBATemp's lurking knight
Former Staff
Level 25
Joined
Oct 27, 2002
Messages
23,749
Trophies
4
Age
45
Location
Engine room, learning
XP
15,649
Country
France
Ok, it's a modified FIRM title.
But I'm on the impression users think that redirecting the eMMC (EmuNAND, redNAND, etc.) is what is called a custom firmware.
thinking that being on emuNAND is being on a Custom firmware.

You look at the FIRM patching process, I looked at the results, what users have access to and that they are calling custom firmware (which is a copy of their system, not a custom one).
users usually call the full system file the "firmware". "I'm at firmware 9.2.0 !" which is NOT the firmware.
like you said, the firmware is only a file (which has FIRM in the header)

just a different point of view I guess.
 
nop90

nop90

Well-Known Member
OP
Member
Level 12
Joined
Jan 11, 2014
Messages
1,556
Trophies
0
Location
Rome
XP
3,136
Country
Italy
I edited that post right now.

That DSWare cia works in emunand too with Palantine CFW. So there is nothing strange if it works in Sysnand with sign check removed.
 
  • Like
Reactions: Kelton2

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew  A new way to experience StreetPass

Is it possible...?

Hacking Homebrew  how to link pnid to 3ds/how to use juxtaposition?

Hacking Hardware  New Nintendo 3DS XL Louvre

Emulation  i have citra, i have my aes keys installed, how do i get the home menu

Hardware  Why does my 3DS take so long to turn off?

Translation Project  DQM2SP translation

Hacking Misc  VCRUNTIME140.dll UCRTBASED.dll Master Thread

General chit-chat
Help Users
    Psionic Roshambo @ Psionic Roshambo: https://m.youtube.com/watch?v=_NTF5_qgH0o