Homebrew SSB4 Entrypoint by Yellows8!

[ihaveahax]

I am not using the patched version will patch it right now. Thanks!

You need to patch the aircrack-ng source with the .patch file then compile it. How? Well I'm going to cover that.

 

[the assaf]

It won't be installed on your save, right?
I don't see a reason for using this haxx besides for the concept.

 

[ihaveahax]

It won't be installed on your save, right?
I don't see a reason for using this haxx besides for the concept.

Nope, no installation. And yes, this haxx is very impractical, but interesting nonetheless.

If you are truly worried, back it up before doing it.

 

[happydance]

I don't know bout this, but OOT3Dhax was around October 2012 and nobody aside from gateway used it for kernel access. The source are out there and some devs says it can in fact run ninjhax 1.0/1.1.

and we got bunch of user land exploit and go crazy and ignore one that has kernel access even though it's only for 5.0-9.2 firmware

 

[AtlasFontaine]

No. Never enough... we need MOAR!

Welp, Yellows actually has a kernel exploit lol but he doesn't want to release it.

 

[DiegitusXD]

Welp, Yellows actually has a kernel exploit lol but he doesn't want to release it.

Really!?

 

[AtlasFontaine]

Really!?

Don't get your hopes up, he doesn't like "piracy" and won't release it. And he usually wait years to release anything.

 

[DiegitusXD]

Don't get your hopes up, he doesn't like "piracy" and won't release it. And he usually wait years to release anything.

I would like to find one,but I don't know[emoji23] [emoji23] [emoji23]

 

[duwen]

Really!?

Possibly, but mainly speculation based on a tiny rewording.

 

[bakurage]

I have 2 kernel exploit, but no release beacause piracy is bad

 

[ihaveahax]

This was posted to http://gbatemp.net/threads/tutorial-using-smashhax-with-linux.397194/

Anyone with a Linux distribution, please try out this early tutorial. I want to remove any mistakes and things before I post it to the Tutorials section. Also please do not use Linux in a virtual machine.

Spoiler

This is an early version of the guide. There might be mistakes/inaccuracies and confusion caused. If something happens to your wireless card, rebooting your system or changing it to "Managed" instead of "monitor" should fix it. How to do that is in the last section.

Hey, you! You want to try out Smashhax?

Requirements

• Any Linux distribution should do. Windows and OS X users should wait or find a method themselves, sorry!
• A Wi-Fi wireless card.
• Super Smash Bros. for Nintendo 3DS Full or Demo.
• A New 3DS? This doesn't seem to be clear if it works on Old 3DS.
• Lots and lots of patience. The hax is unreliable so your game will most likely crash a few times before
• Recommended: Another device to access the internet (phone, tablet, computer, console).

Preparing

• Install these packages using your package manager (this might be incomplete. you might get an error compiling aircrack-ng later):

  openssl libssl-dev libnl-genl-3-200 libnl-genl-3-dev libnl-3-200 libnl-3-dev pkg-config

• Find your wireless card's interface by opening a terminal and using the command "ip link". It would be something like wlan0 or wlp3s0.

  ian@ian-VPCEG34FX:~/Desktop/aircrack-ng-1.2-rc2/src$ ip link
  1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default 
      link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
  2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000
      link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
  3: wlan0: <NO-CARRIER,BROADCAST,ALLMULTI,PROMISC,NOTRAILERS,UP,LOWER_UP> mtu 1500 qdisc mq state DORMANT mode DORMANT group default qlen 1000
      link/ieee802.11/radiotap xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff

• You probably already have it, but get the homebrew starter kit and place it on your SD card.
• Download the smashhax .pcap files from the releases section of the smashbroshax repository.
• Determine the .pcap file to use. This should be straightforward using the file names.

  The built beacon-hax pcaps are located under "pcap_out/". In the filenames, "vXYZ" means game-version "vX.Y.Z". Full-game filenames for USA include "gameusa", while the other regions filenames include "gameother".

• Determine what file you need to get from the Homebrew Launcher Payload section:
  
  Spoiler: Homebrew Launcher Payload

  With the release builds, the hax loads the payload from SD "/smashpayload.bin". This should contain the hb-launcher(https://smealum.github.io/3ds/) otherapp payload. Until there's a proper otherapp payload selector on the hb-launcher site, the payload can be downloaded from the following URL(see also https://github.com/smealum/sploit_installer):
  

  • "https://smealum.github.io/ninjhax2/Pvl9iD2Im5/otherapp/{PAYLOADNAME}.bin" Where {PAYLOADNAME} is: "FIRMVER_REGION_MENUVER_MSETVER".

  FIRMVER values(without quotes):
  

  • "POST5" = non-New3DS
  • "N3DS" = New3DS

  REGION values(without quotes):
  

  • "U" = USA
  • "E" = EUR
  • "J" = JPN

  MENUVER values(without quotes):
  

  • "11272": Non-JPN, system-version v9.0.
  • "12288": System-version v9.2.
  • "13330": System-version v9.3.
  • "14336": System-version v9.4.
  • "15360": System-version v9.5.
  • "16404": System-version v9.6.
  • "17415": System-version v9.7.
  • "20480_usa": USA, system-versions v9.9-v10.0.
  • "19456": Non-USA, system-versions v9.8-v10.0.

  MSETVER values(without quotes):
  

  • "8203": System-versions below v9.6.
  • "9221": System-versions starting with v9.6.

  For example, the payload URL for New3DS USA 9.9.0-X - 10.0.0-X is:https://smealum.github.io/ninjhax2/Pvl9iD2Im5/otherapp/N3DS_U_20480_usa_9221.bin
  The end result is a file named "smashpayload.bin" at the root of your SD card.
• Download and extract aircrack-ng's latest release source.
• Save aireplay-ng.patch from the smashbroshax repository in the folder "aircrack-ng-1.2-rc2".

Compiling aircrack-ng/aireplay-ng

• Open a terminal and go to the "aircrack-ng-1.2-rc2" folder.
• Use the command "patch src/aireplay-ng.c < aireplay-ng.patch". If you get the following then it has succeeded.

  patching file src/aireplay-ng.c
  Hunk #1 succeeded at 560 (offset 1 line).
  Hunk #2 succeeded at 573 (offset 1 line).

• (This is the part where errors may happen if the package list earlier was accidentally incomplete. Please tell me if this part fails and post the error you have, and I should be able to track it down.)
  Run "make" and wait. The program should be compiled with the patch now. If you get the following as the last line then it has succeeded.

  make[1]: Leaving directory '/path/to/aircrack-ng-1.2-rc2/src'

The moment of truth

• Run these 3 terminal commands in order, using the wireless interface (from "ip link") you found earlier.
  
  sudo ifconfig wireless_interface down
  sudo iwconfig wireless_interface mode monitor
  sudo ifconfig wireless_interface up​
• Enter the "src" folder in your terminal.
• Run the following command to start broadcasting the packet: "sudo ./aireplay-ng --interactive -r /path/to/smashbros_version_beaconhax.pcap -h 59:ee:3f:2a:37:e0 -x 10 wireless_interface"
  Use the .pcap file and wireless interface you found out earlier.
• On the 3DS system, start the game, then choose Smash and Group. Sit back and wait.

Encountering errors?

• Does running aireplay-ng end with "End of file"? You might be running your installed version of aircrack-ng. Don't forget the ./ for "sudo ./aireplay-ng ..."!
• Please tell me the distribution you are using and the error you've encountered. This will help me fix your issue faster.

Update 1 changes ipconfig to ifconfig.
Update 2 adds what to do if you just get "End of file" with aireplay-ng.

 

[teampleb]

I can't test this anymore. Smash crashing used all my launches.

 

[JR_44]

Anyone with a Linux distribution, please try out this early tutorial. I want to remove any mistakes and things before I post it to the Tutorials section. Also please do not use Linux in a virtual machine.

for the ipconfig commands it should be ifconfig but other than that its fine

 

[ihaveahax]

for the ipconfig commands it should be iwconfig but other than that its fine

Thanks, fixed. I actually knew it was ifconfig but I still typed ipconfig by memory.

 

[LinkKenedy]

@ihaveamac make a video booting the game jeje

 

[JR_44]

Thanks, fixed. I actually knew it was ifconfig but I still typed ipconfig by memory.

Everything works fine except the final part I get

The interface MAC (64:66:B3:EB:2B:6B) doesn't match the specified MAC (-h).
    ifconfig wlan1 hw ether 59:EE:3F:2A:37:E0
End of file.

which is what I got earlier today and wanted to change the mac but couldnt

 

[ihaveahax]

Everything works fine except the final part I get

The interface MAC (64:66:B3:EB:2B:6B) doesn't match the specified MAC (-h).
    ifconfig wlan1 hw ether 59:EE:3F:2A:37:E0
End of file.

which is what I got earlier today and wanted to change the mac but couldnt

This I don't get yet, because I get the same error but it still runs fine.

@ihaveamac make a video booting the game jeje

Or you can try this tutorial out and see for yourself if you got a New3DS.

 

[JR_44]

Oh wait it works now. Sorry I forgot the ./ infront of aireplay-ng

 

[ihaveahax]

Oh wait it works now. Sorry I forgot the ./ infront of aireplay-ng

Oh yes, it was trying to use your installed version of aireplay-ng. I'll make sure to add this to the tutorial.

 

[teampleb]

Oh wait it works now. Sorry I forgot the ./ infront of aireplay-ng

Let me know how it goes. I can't test anymore. Used all my demo launches.