Hacking so i have a 8.1J FW N3DS with no browser, how can i exploit it?

[lemanuel]

Ronhero and Lemanuel are finalizing their methods. If you can't wait, JPN CN + Gateway or Sky3ds + Gateway combos are your best options. Sky3ds alone can play games but probably no eshop access.

I'm just an outside party
It's @Ronhero's method and also @laramie's method.

 

[Jayro]

Do TubeHax.

 

[sj33]

I have a 8.1J New 3DS with no browser so I was in a similar situation. Tubehax doesn't work because you would have to connect to the internet to download the application.

If you don't mind paying a bit of money, the easiest thing to do is to buy a Gateway and one of the supported exploit games such as Cubic Ninja or Ocarina of Time. The reason is that Gateway has explicit support for browserless 8.1 machines, whereas all *hax methods rely on the browser (bar themehax, I believe).

This will also allow you to set up an EmuNAND, which can be updated to 9.5 using a download at a certain 3DS ISO site. I have a browserless 8.1 machine and feared the worst, but I couldn't be happier now I have 9.5 running in EmuNAND. You'd have to update your SysNAND to install a CFW anyway so you may as well just invest in a Gateway.

 

[lemanuel]

Do TubeHax.

I prefer to do the boogie

 

[cearp]

@Ronhero i thought @yifan_lu 's method with ntr would still work, if we have the fw files locally ourselves (on a server) instead of going to nintendo for them... right?
or was that part never possible?
but yes, using gw we could update the sysnand from 8.1 i'm pretty sure but yeah it would be nicer for people not to have to buy gw for that

 

[Nirmonculus]

I have a Japanese oot and GW but I'm still looking for an exploitable Jap N3ds, I want to buy from Amazon Japan but odds are, I might get a 9.2 above firmware... the link you gave me to contact joyful japan requires me to order an item from there first XD

 

[Gruntzer]

i did not expect this amount of help, thank you all guys

 

[insidexdeath]

@Ronhero i thought @yifan_lu 's method with ntr would still work, if we have the fw files locally ourselves (on a server) instead of going to nintendo for them... right?
or was that part never possible?
but yes, using gw we could update the sysnand from 8.1 i'm pretty sure but yeah it would be nicer for people not to have to buy gw for that

Wait since when we can use GW to update sysnand? I thought that resulted in a brick since firmlaunch is enabled when you boot into sysnand.

I just want to make sure the information in this forum is correct before we end up with misinformed members with bricked 3DS'.

 

[Ronhero]

@Ronhero i thought @yifan_lu 's method with ntr would still work, if we have the fw files locally ourselves (on a server) instead of going to nintendo for them... right?
or was that part never possible?
but yes, using gw we could update the sysnand from 8.1 i'm pretty sure but yeah it would be nicer for people not to have to buy gw for that

It would work if you convert the files back from cia to raw format. I had problems with the soap files being able to be pointed away from nus and pointed at the local server. We contacted yellow8 for help but he gave us a 5 paragraph diatribe about how piracy was wrong.

The current standings with me is I'm working on a modified homebrew launcher via a 8.1 jpn game over adhoc play as an entry point. From here its just a matter of doing the update to system nand or region swapping

Wait since when we can use GW to update sysnand? I thought that resulted in a brick since firmlaunch is enabled when you boot into sysnand.

I just want to make sure the information in this forum is correct before we end up with misinformed members with bricked 3DS'.

You can only update system nand via gw within the realms of the native firm. 8.1 was the last of one native firm and 9.0-9.5 had an updated native firm. If you update from 8.1 to 9.0 you'll brick but 9.0 to 9.2 is ok but pointless

 

[Zidapi]

@Ronhero i thought @yifan_lu 's method with ntr would still work, if we have the fw files locally ourselves (on a server) instead of going to nintendo for them... right?
or was that part never possible?
but yes, using gw we could update the sysnand from 8.1 i'm pretty sure but yeah it would be nicer for people not to have to buy gw for that

Jeepers, once upon a time you were a respected and knowledgeable member of this community, but you've clearly been out of the loop for a while.

You need to shut your mouth, and do a bit more reading before someone bricks their 3DS based on your advice!

The method doesn't involve hosting the update files locally, and to my knowledge, never did.

Attempting to update sysNAND in Gateway Mode will result in a brick every time.

You can't simply install the 9.2 browser due to 8.1J being a rush job. Something is screwy behind the scenes. @Ronhero will have to elaborate further, I'm not too familiar with the details

 

[Ronhero]

Jeepers, once upon a time you were a respected and knowledgeable member of this community, but you've clearly been out of the loop for a while.

You need to shut your mouth, and do a bit more reading before someone bricks their 3DS based on your advice!

The method doesn't involve hosting the update files locally, and to my knowledge, never did.

Attempting to update sysNAND in Gateway Mode will result in a brick every time.

You can't simply install the 9.2 browser due to 8.1J being a rush job. Something is screwy behind the scenes. @Ronhero will have to elaborate further, I'm not too familiar with the details

As I mentioned you won't brick every time, you just can't update native firm though gw.

I have been experimenting with smashax as a homebrew entry point for homebrew

 

[cearp]

Jeepers, once upon a time you were a respected and knowledgeable member of this community, but you've clearly been out of the loop for a while.

You need to shut your mouth, and do a bit more reading before someone bricks their 3DS based on your advice!
Attempting to update sysNAND in Gateway Mode will result in a brick every time.

i never said the method does involves hosting update files somewhere else, but i mean it SHOULD! because, that is the problem now, because nintendo does not give access to the old ones anymore. before it was ok, because we could use them. this is why yifanlu's method does not really work anymore, so simply.
haha - no, i don't mean simply by using a gw and updating via devmenu or something, but if you have access to a gw, you can install cias = you can run homebrew stuff, you will be able to decrypt your nand, you will be able to inject firmware file into nand yourself and write it back with gw's launcher, yes?
i know that 'simply' using gw to install fw will skip the native fw bit that we need. lol but that is not what i was talking about.
if from what i wrote above (sure i should have given more detail just in case this happens), a noob immediately, blindly updated in gw mode and bricked his sysnand - then sorry.
have some faith before you change your opinion so quickly and actually be rude. shut mouth or not, it won't stop me typing.

It would work if you convert the files back from cia to raw format. I had problems with the soap files being able to be pointed away from nus and pointed at the local server. We contacted yellow8 for help but he gave us a 5 paragraph diatribe about how piracy was wrong.

The current standings with me is I'm working on a modified homebrew launcher via a 8.1 jpn game over adhoc play as an entry point. From here its just a matter of doing the update to system nand or region swapping

You can only update system nand via gw within the realms of the native firm. 8.1 was the last of one native firm and 9.0-9.5 had an updated native firm. If you update from 8.1 to 9.0 you'll brick but 9.0 to 9.2 is ok but pointless

converting from cia to the 'raw' content file is very easy. the file format is simple, the content it really inside the cia untouched, but one of those 3ds tools like ctrtool or something can extract it... i believe. (but even if not, it shoudl not be so hard to write a script to extract them)

so it is possible (but just tricky) having the files on the soap server? funny about yellows8, it's not really piracy. releasing his recent hax help the piracy 'scene' more than helping out with locally hosted update files - but his free time so he can choose what he does!
yeah i had an idea about adhoc stuff once, it has to send over a file, i thought, 'what if we just swap out that file it sends with a legit cia' - maybe it's not that simple

 

[Ronhero]

i never said the method does involves hosting update files somewhere else, but i mean it SHOULD! because, that is the problem now, because nintendo does not give access to the old ones anymore. before it was ok, because we could use them. this is why yifanlu's method does not really work anymore, so simply.
haha - no, i don't mean simply by using a gw and updating via devmenu or something, but if you have access to a gw, you can install cias = you can run homebrew stuff, you will be able to decrypt your nand, you will be able to inject firmware file into nand yourself and write it back with gw's launcher, yes?
i know that 'simply' using gw to install fw will skip the native fw bit that we need. lol but that is not what i was talking about.
if from what i wrote above (sure i should have given more detail just in case this happens), a noob immediately, blindly updated in gw mode and bricked his sysnand - then sorry.
have some faith before you change your opinion so quickly and actually be rude. shut mouth or not, it won't stop me typing.


converting from cia to the 'raw' content file is very easy. the file format is simple, the content it really inside the cia untouched, but one of those 3ds tools like ctrtool or something can extract it... i believe. (but even if not, it shoudl not be so hard to write a script to extract them)

so it is possible (but just tricky) having the files on the soap server? funny about yellows8, it's not really piracy. releasing his recent hax help the piracy 'scene' more than helping out with locally hosted update files - but his free time so he can choose what he does!
yeah i had an idea about adhoc stuff once, it has to send over a file, i thought, 'what if we just swap out that file it sends with a legit cia' - maybe it's not that simple

You can't decrypt anything via gw as far as I know or I would have had updating a long time ago. If you know of a way on the n3ds I am listening

Yea that yellow8 stuff was funny but he helped me with smashax and that's my entry point now so all is well.

The adhoc thing is simply smashax so I am not sure how a legit cia would help. If you can help me make a legit cia from gw emunand on 8.1 sys and 9.x emu that be super helpful

 

[cearp]

You can't decrypt anything via gw as far as I know or I would have had updating a long time ago. If you know of a way on the n3ds I am listening
Yea that yellow8 stuff was funny but he helped me with smashax and that's my entry point now so all is well.
The adhoc thing is simply smashax so I am not sure how a legit cia would help. If you can help me make a legit cia from gw emunand on 8.1 sys and 9.x emu that be super helpful

no i mean, earlier in the year i was going to play around with trying to swap out the download play game that is sent from one 3ds from another, swap it out for something else (legit and signed though) - but i stopped because i don't think it would work
and not decrypt using gw's tools, but, having the cia of homebrew tools that let your generate xorpads. so turn the cia into a .3ds (or just use devmenu in .3ds form to install the homebrew).

 

[MelonGx]

Smashax still requires a payload that Smea doesn't provide.

 

[Ronhero]

no i mean, earlier in the year i was going to play around with trying to swap out the download play game that is sent from one 3ds from another, swap it out for something else (legit and signed though) - but i stopped because i don't think it would work
and not decrypt using gw's tools, but, having the cia of homebrew tools that let your generate xorpads. so turn the cia into a .3ds (or just use devmenu in .3ds form to install the homebrew).

If you can convert something like D9 to a cia to be able to be used on GW please let me know because that would be ultra helpful

Smashax still requires a payload that Smea doesn't provide.

I have my own ways

 

[cearp]

@Ronhero ah so there still is no cia that we can use to generate xorpads?
i guess people the right people haven't needed it

 

[Ronhero]

@Ronhero ah so there still is no cia that we can use to generate xorpads?
i guess people the right people haven't needed it

It's more of the fact that GW has their arm locked down for such a program and can't hook the necessary permissions to execute things. If I could get say D9 working I would just region swap to 9.0 E/U and then update the jpn firmware to 9.1 then swap back.

 

[FR0ZN]

I see that GW does support emuNAND on 8.1J, which people can update to whatever they want. Aren't emuNANDs 1:1 copies of the actual NAND treated in the same way as sysNAND? What I'm asking here is if an updated emuNAND would differ from an updated 9.2 sysNAND. Because if not, couldn't peeps just update emuNAND to 9.2 -> dump emuNAND partition from SD card -> use GWs built-in function to write dumped emuNAND image as NAND.bin to sysNAND.

Or do they fiddle with emuNAND that this won't work? Because you can create a emuNAND partition on your own with just your NAND image, shouldn't this work the other way around as well?

 

[Ronhero]

I see that GW does support emuNAND on 8.1J, which people can update to whatever they want. Aren't emuNANDs 1:1 copies of the actual NAND treated in the same way as sysNAND? What I'm asking here is if an updated emuNAND would differ from an updated 9.2 sysNAND. Because if not, couldn't peeps just update emuNAND to 9.2 -> dump emuNAND partition from SD card -> use GWs built-in function to write dumped emuNAND image as NAND.bin to sysNAND.

Or do they fiddle with emuNAND that this won't work? Because you can create a emuNAND partition on your own with just your NAND image, shouldn't this work the other way around as well?

Native firm would need to be injected from a native 9.2 jpn console