Hacking [Release] rxTools - Roxas75 3DS Toolkit [fw 2.0 - 9.2]

[VerseHell]

Like I said, just reinstall the cia with BBM, even if it says "already installed", it will add the ticket.

 

[TidusWulf]

What's the process from a vanilla 4.5 3DS to emuNAND 9.8? I'm all setup with a 9.2 sysNAND, but I have a friend with an unhacked 4.5.

Does he just download gateway files, run gateway's web exploit, create emuNAND, run rxTools web exploit, and do a system update (then unlink, FBI, etc. which is technically all optional)

 

[samiam144]

What's the process from a vanilla 4.5 3DS to emuNAND 9.8? I'm all setup with a 9.2 sysNAND, but I have a friend with an unhacked 4.5.

Does he just download gateway files, run gateway's web exploit, create emuNAND, run rxTools web exploit, and do a system update (then unlink, FBI, etc. which is technically all optional)

Yup! FBI injection method

Make sure he gets the latest rxtools.dat with the bug fixes for FBI injection
https://github.com/roxas75/rxTools/raw/master/release/rxTools.dat

 

[Madridi]

Maybe a stupid question, but is FBI injection to H&S reversible (for both sysnand and emunand)?

 

[samiam144]

Maybe a stupid question, but is FBI injection to H&S reversible (for both sysnand and emunand)?

Yes, you can download the title with 3DNUS and reinstall it afterwards

 

[MrDaveIsAwesome]

Hey can anyone help? My old 3dsxl (year of luigi edition) on 7.2.0.17, and it won't run rxtools through ninjhax or through the browser. It also wont load PastaCFW. Any advice? Is there something wrong with my 3ds that will stop me from running these things?

 

[samiam144]

Hey can anyone help? My old 3dsxl (year of luigi edition) on 7.2.0.17, and it won't run rxtools through ninjhax or through the browser. It also wont load PastaCFW. Any advice? Is there something wrong with my 3ds that will stop me from running these things?

Your web browser is not exploitable, you need to downgrade and use the MSET exploit!

 

[TidusWulf]

Your web browser is not exploitable, you need to downgrade and use the MSET exploit!

he has to downgrade lower than 4.5?

 

[samiam144]

he has to downgrade lower than 4.5?

To any 4.x. I'm not sure if he can even launch the gateway menu though, since the browser is to low. -17, should be at least -20 I think

 

[Jaitsu]

To any 4.x. I'm not sure if he can even launch the gateway menu though, since the browser is to low. -17, should be at least -20 I think

Naw, it just has to be -7 or above, I think. https://gbatemp.net/threads/release-custom-rop-loader-html.379531/ has versions for several different browser versions, so it SHOULD work.

 

[thekarter104]

Someone mentioned something about the PSP-1000 plugins, don't know who, but is that possible?

RemoteJoyLite comes in mind, allows you to display the PSP screen on the PC screen and you can capture it.

Is it possible to let the screens show on the PC monitor on 3DS aswell?
Maybe over the network since 3DS hasn't got an USB.

 

[pikatsu]

roxas has reconstructed rxinstaller.nds too

 

[samiam144]

Naw, it just has to be -7 or above, I think. https://gbatemp.net/threads/release-custom-rop-loader-html.379531/ has versions for several different browser versions, so it SHOULD work.

Oh I see. @MrDaveIsAwesome can you check your internet browser version? In the browser, select the settings icon and scroll to the bottom

 

[happydance]

So I'm a little unclear on this - presently, GBA titles don't work in devmode on 4.x sysnand? Like I said the other day about booting with X, I booted devmode and while everything else seems okay, GBA games in particular don't seem to appear at all... Unless this is like other threads I've seen where the GBA game has to be installed to both sysNAND and emuNAND to work. They APPEAR on sysnand, but their banners don't appear and they won't boot. Trying to install them again just gives an "already exists" error. My NANDs are linked.

According to Roxas, we can't use DevMode if our sysnand is on 4.X ...
Side note, you don't have to install on sysnand and emunand, especially since your nands are linked.

I think he ment FBI on H&S won't work on devmode on 4.X

just tried devmode on 4.4 [US] and FBI on H&S gives an error but i already have reinstalled a proper FBI and BBM (using hold X+A) which works on devmode and installed the patched AGB frim and a GBA game and works fine

 

[samiam144]

I think he ment FBI on H&S won't work on devmode on 4.X

just tried devmode on 4.4 [US] and FBI on H&S gives an error but i already have reinstalled a proper FBI and BBM (using hold X+A) which works on devmode and installed the patched AGB frim and a GBA game and works fine

X+A while booting DevMode?

 

[happydance]

X+A while booting DevMode?

no.. 1st I inject the FBI H&S the boot to patched sysnand using (holdX+A) and run FBI H&S to reinstall FBI or BBM CIA, then reboot rxtool and start in devmode install the AGB_frim and your GBA game from BBM or new FBI (not the H&S)

 

[zoogie]

Source finally compiles now it seems. However mset rop loader is broken in the new source. You forgot some needed files. Also I still have to adjust the make file for arm9 code of rxMode or that part doesn't compile due to missing command. Error I see when attempting to build mset:

C:\Users\Spenser\Desktop\rxTools-master\msethax>make
make[1]: Entering directory `/c/Users/Spenser/Desktop/rxTools-master/msethax/rxi
nstaller'
ARMIPS Assembler v0.7d (Apr  1 2013 10:09:41) by Kingcom
rop/mset4x.s(5) error: Could not create file data/mset4x.bin
Aborting.
make[1]: *** [data/mset4x.bin] Error 1
make[1]: Leaving directory `/c/Users/Spenser/Desktop/rxTools-master/msethax/rxin
staller'
make: *** [rxinstaller.nds] Error 2

C:\Users\Spenser\Desktop\rxTools-master\msethax>

As for the makefile for rxMode. This is what I did to it for it to finally compile:
just add a "data" folder inside rxinstaller directory.
(Found in rxmode\source\arm9, not the one in the base rxmode directory)

CC=C:\devkitPro\devkitARM\bin\arm-none-eabi-gcc
CP=arm-none-eabi-g++
OC=C:\devkitPro\devkitARM\bin\arm-none-eabi-objcopy
OD=arm-none-eabi-objdump
LD=arm-none-eabi-ld

PATCHES= source/EmuNAND.s source/CreateThread.s source/myThread/FS.s
CFLAGS=-c -mcpu=arm946e-s -march=armv5te -mlittle-endian -fshort-wchar -std=c99
SFLAGS=-c -mcpu=arm946e-s -march=armv5te -mlittle-endian -fshort-wchar
# No linker flags yet, but here if you need it
LDFLAGS=

all:
   $(CC) -g -Wall source/myThread/myThread.c source/myThread/lib.c $(CFLAGS)
   $(CC) -g $(PATCHES) -I source/myThread $(SFLAGS)
   $(CC) -nostdlib -T 3ds.ld EmuNAND.o CreateThread.o myThread.o lib.o FS.o
   $(OC) -O binary a.out arm9.bin
#$(OD) -t a.out
   rm -f *.o *.out
   mv arm9.bin ../../build/0801a4c0.bin

I had to specify direct paths to arm-none-eabi-gcc and arm-none-eabi-objcopy. If I didn't, rxMode would not work with the resulting build (instead showing "command not found" when make tries to use those programs. If I were to attempt to boot rxMode with the resulting rxTools.dat, it would black screen)

I don't know why this occurs. All I know is doing that made it work.

I do know it's compiling the payload.bin file now because I made a simple string change to the menu as a test and saw the change with the resulting rxTools.dat once booted on 3DS. I don't think ninjhax is building correctly either. The ninjhax binaires aren't updated in the release folder after doing a build and the new makefile and build.bat doesn't pause in each section like it used to so I don't get a chance to see the error. Though if I go to the "brahma" folder and run make from there, it does build a 3dsx/smdh file. Maybe they aren't getting renamed and moved over to the release folder location yet?

Another thing. I noticed it's wanting to copy rxTools.dat after building to drive G:.

I don't really understand why it's doing that. Might need to fix that. Most people probably don't have a drive using that letter. I happen to have a hard-drive with that, so I end up with a copy of rxTools sitting there for no reason.

EDIT: Nevermind on the Ninjhax stuff not building. I think it did build Ninjhax stuff, because I did see updated ninjhax binaries in the release folder. Guess that first time was a fluke or I misread the date modified time stamps

just add a 'data' folder to the rxinstaller directory.

 

[samiam144]

no.. 1st I inject the FBI H&S the boot to patched sysnand using (holdX+A) and run FBI H&S to reinstall FBI or BBM CIA, then reboot rxtool and start in devmode install the AGB_frim and your GBA game from BBM or new FBI (not the H&S)

Sorry I'm not really following; how are you booting FBI H&S in the first place if it doesn't work on 4.x? Unless holding X+A actually makes a difference, compared to selecting DevMode in the menu?

 

[LinkmstrYT]

Someone mentioned something about the PSP-1000 plugins, don't know who, but is that possible?

RemoteJoyLite comes in mind, allows you to display the PSP screen on the PC screen and you can capture it.

Is it possible to let the screens show on the PC monitor on 3DS aswell?
Maybe over the network since 3DS hasn't got an USB.

If it's possible to stream 3DS footage over the network, the video quality would most likely be terrible. You're better off just using a capture card.

 

[happydance]

Sorry I'm not really following; how are you booting FBI H&S in the first place if it doesn't work on 4.x? Unless holding X+A actually makes a difference, compared to selecting DevMode in the menu?

holding X+A = sysnand with sig patched = FBI on H&S works, use this to install other cia managers
devmode = AGB/TWL with sig patched = only FBI on H&S don't work, but other CIA managers will work, so be sure to install them again first before booting to devmode