In the past couple of days I've been developing a brand-new A9LH installer.
It loads all the needed files from the SD card (no more need to build console-specific installers), and it's really fast. Other than that, it's way safer than the original one, as it does the following checks:
- Checks that it's able to encrypt FIRM partitions properly
- If you have a New 3DS and you're doing a first install, it validates your OTP. Sadly I have no way of validating the OTP on an Old3DS.
- If updating from A9LH, it verifies that the NAND keystore is the correct one (just in case) and that FIRM0 is correct before using it.
- Hashes the secret_sector, FIRM0 and FIRM1 from SD (if needed) to verify their integrity.
- Checks that stage1 and stage2 don't exceed a maximum size.
How to use:
- Copy the 3ds folder and the .dat if making a first install, and run the program from a vulnerable firmware; or load the .bin using A9LH itself. Press SELECT for a full install, or to update A9LH if booting from it.
- If you already have A9LH and are thus updating, copy a payload_stage2.bin (which was originally named stage0x5C000.bin) and a payload_stage1.bin to the a9lh folder on the root of the SD.
- If doing a full (first) install, you also need to copy these files to the a9lh folder: firm0.bin (which was new3ds90.firm), firm1.bin (which was new3ds10.firm), secret_sector.bin (only needed on Old 3DS) and your personal otp.bin.
Thanks go to everyone in #cakey on IRC, to delebile for his A9LH implementation, and to StandardBus who hardmodded my consoles and made this possible. Code for writing to the screens is from CakesFW.
Download: https://github.com/AuroraWright/SafeA9LHInstaller/releases
It loads all the needed files from the SD card (no more need to build console-specific installers), and it's really fast. Other than that, it's way safer than the original one, as it does the following checks:
- Checks that it's able to encrypt FIRM partitions properly
- If you have a New 3DS and you're doing a first install, it validates your OTP. Sadly I have no way of validating the OTP on an Old3DS.
- If updating from A9LH, it verifies that the NAND keystore is the correct one (just in case) and that FIRM0 is correct before using it.
- Hashes the secret_sector, FIRM0 and FIRM1 from SD (if needed) to verify their integrity.
- Checks that stage1 and stage2 don't exceed a maximum size.
How to use:
- Copy the 3ds folder and the .dat if making a first install, and run the program from a vulnerable firmware; or load the .bin using A9LH itself. Press SELECT for a full install, or to update A9LH if booting from it.
- If you already have A9LH and are thus updating, copy a payload_stage2.bin (which was originally named stage0x5C000.bin) and a payload_stage1.bin to the a9lh folder on the root of the SD.
- If doing a full (first) install, you also need to copy these files to the a9lh folder: firm0.bin (which was new3ds90.firm), firm1.bin (which was new3ds10.firm), secret_sector.bin (only needed on Old 3DS) and your personal otp.bin.
Thanks go to everyone in #cakey on IRC, to delebile for his A9LH implementation, and to StandardBus who hardmodded my consoles and made this possible. Code for writing to the screens is from CakesFW.
Download: https://github.com/AuroraWright/SafeA9LHInstaller/releases
Last edited by Aurora Wright,
