Homebrew [request] can someone attach fasthax to safehax?

[rikumax25!]

I've read having testmenu(or devmenu can't remember which) installed will survive an update so one would be able to run *hax on that console even after lossing A9LH and having the newest update released. Sudokuhax injected to the NAND I've read has the same immunity. What say you to Nintendo being able to overwrite those with a single update and not brick/affect stock units? From my understanding the above mentioned cannot be touched by an update.

it would be like trying to install non-legit cias on a non-CFW console, without an attack it woul be rendered useless

 

[Chelsea_Fantasy]

I thought CFW takes care of that with FIRM0/1 protection.

read what I said above on the step 4
-------------------------------------------------

Then how do you uninstall a9lh?

well, that was already replied:

a9lh leaves open th offsets to exploit that part of the FIRM, that way it can write to it without OTP

But would nintendo be able to overrite that part of the FIRM without bricking everyone who didnt have a9lh?

yes, they can. They only need to check the SAFEFIRM for modifications and take advantage of a9lh to remove it (that way avoiding modifying vanilla consoles).
In a nutshell, its way more complicated than that.

Edit: Im not enginner so if i'm saying something innacurate, correct me plz

Alright, i guess i was mistaken.

yeah, the notion of "a9lh is unpatchable" is kinda mistaken
best jojoke 2016

-------------------------------------------------

Edit: Im not enginner so if i'm saying something innacurate, correct me plz

You are correct indeed

--------------------- MERGED ---------------------------

I've read having testmenu(or devmenu can't remember which) installed will survive an update so one would be able to run *hax on that console even after lossing A9LH and having the newest update released. Sudokuhax injected to the NAND I've read has the same immunity. What say you to Nintendo being able to overwrite those with a single update and not brick/affect stock units? From my understanding the above mentioned cannot be touched by an update.

false

 

[TimX24968B]

I think we need an a9lh expert here, everyone seems to be misinformed in some way.

 

[BL4Z3D247]

false

After some more reading it looks like devmenu installed to the NAND survives system formats, not updates. My mistake.

I wasn't able to find much on injecting sudokuhax to the NAND to support my claim, it's just something I read can save you if you say, "accidentally" update.

Either way, wouldn't the user have to manually accept any future update in order for anything that you claim to even work? I for one don't update unless devs confirm the update keeps A9LH intact.

 

[Chelsea_Fantasy]

Either way, wouldn't the user have to manually accept any future update in order for anything that you claim to even work? I for one don't update unless devs confirm the update keeps A9LH intact.

yeah but almost every user here updates his a9lh with blind eyes everytime a new update gets released

 

[BL4Z3D247]

yeah but almost every user here updates his a9lh with blind eyes everytime a new update gets released

That's sad because that's the golden rule of hacking/modding consoles: *Never perform a system update until scene devs deem it safe to do so*

Even though I thought I had failsafes(or lack thereof) in place, I wouldn't have performed a system update without first confirming it wouldn't overwrite A9LH. It pays to err on the side of caution though.

 

[Chelsea_Fantasy]

That's sad because that's the golden rule of hacking/modding consoles: *Never perform a system update until scene devs deem it safe to do so*

But the blind devs already say "you can update your console, it is safe if you use a9lh" (just read luma's wiki) or the @Plailect's guide.

 

[TimX24968B]

however, a9lh has been around for a long time, and they don't seem to think that they would be planning on trying to deal with it in an update. Probably focusing more of their efforts towards the switch now instead of 3ds.

 

[BL4Z3D247]

If I can ask a few more questions...

Here's a workaround that Nintendo can use to break A9LH and keep the 3DS alive(since most people using A9LH uses SysNAND thanks to all the stupid youtube tutos and all the initial propaganda to A9LH):
*This will only works if user DO NOT USES EmuNAND and updates his SysNAND instead*

Step 1: Create a new update breaking all the existing exploits

Won't arm9loaderhax and FIRM write-protection prevent that? (Booting with arm9loaderhax is auto-detected, and whenever you load SysNAND on A9LH all FIRMs are automatically patched to prevent overwriting A9LH or bricking.
This also makes you be able to always safely perform a system update from A9LH.)

Step 2: The user updates the 3DS like always

Step 3: Nintendo makes an app (by example: MSET) to check for the existence of A9LH. WAIT!!!!! EVEN BETTER: check on the SD for any CFW or A9LH related file and verify them by MD5 (example: Luma3DS's arm9loaderhax.bin)

Can't this be averted by changing the file name(s) and/or changing the MD5 of said file(s) needed on the SD card(with an update to A9LH and Luma3DS to reflect these changes of course)?

Step 4: The app (in this example, the MSET), breaks the CFW patches (example: 4a-Delete "arm9loaderhax.bin" or the file in "path.txt" 4b-Break the CFW execution from memory 4c-Reboot(*) the console to a new app with high privilegies designed for this case ---CFW patches should be already disabled and the executable will not reload---) and when the patches are off, the app installs the stock official firmware file and cleans all the "non vanilla" files, extdatas (mostly for game based exploits) and keys.
Step 5: Done, you are on --by example: 11.3.0-#X-- SysNAND with no piracy related stuff to do...

(*) There are a lot of ways to do this, even loading this app from A9LH itself (just imagine Nintendo using a A9LH payload)[/USER]

See above question.

Again, just looking for clarification, not to start any arguments so I'd appreciate respectable answers, please.

 

[Drakia]

Won't arm9loaderhax and FIRM write-protection prevent that? (Booting with arm9loaderhax is auto-detected, and whenever you load SysNAND on A9LH all FIRMs are automatically patched to prevent overwriting A9LH or bricking.
This also makes you be able to always safely perform a system update from A9LH.)


Can't this be averted by changing the file name(s) and/or changing the MD5 of said file(s) needed on the SD card(with an update to A9LH and Luma3DS to reflect these changes of course)?

While it's technically feasible that you could patch out an a9lh installation, there's zero chance Nintendo will, there's too much risk in doing so.

I could go write a CIA right now that replaces arm9loaderhax.bin with an a9lh uninstaller, then reboots the system. It wouldn't be difficult. But it's not something Nintendo would ever do.

 

[bailli]

But the blind devs already say "you can update your console, it is safe if you use a9lh" (just read luma's wiki) or the @Plailect's guide.

First, on a side note: Patching is not possible since the flaw is a FIRM correctly signed by Nintendo and only a new bootrom could reject these particular FIRM.

Of course A9LH can be (temporarily) deleted by Nintendo. And - hooray! - it is even easier as what you described

Nintend just needs to release a new update which dumps an "arm9loaderhax.bin" and FIRM onto the SD Card and powers the console down (rebooting might cause problems because reboot is most likely hooked by Luma).

The "Nintendo arm9loaderhax payload" does not need any fancy exploiting or backdoors at all because it is run on next boot and has full access to everything (except to OTP - but who cares). So it just writes the dumped FIRM reboots and - surpries - A9LH is gone.

Also: if you had a N3DS, it is now probably bricked because your secret sector is garbage and cannot be restored without a backup...
If you have been messing around with a hard patched system menu your 3DS is also bricked...

And now the final conclusion: All these tricks be Nintendo to delete A9LH work for a minority of people. The people who update without checking the internets first. Because after a few casualties these "tricks" just get patched by Luma, too.