Hacking Starting native firmware without removing hacking on Nintendo 3DS

[botik]

1. Run Godmod9 and follow the path CTRNAND -> title -> 00040138 -> 20000002 -> content -> ???????? app -> NCCH image option -> Mount image to drive -> exefs ->. firm -> Copy (0: / gm9 / out)

2. Rename the '.firm' file on the SD card for example to native.firm and copy it to the SD folder: / luma / payload /

3.Now, if you turn on START and start native.firm, then the official firmware will be loaded (pirated games will not work). Do not be afraid that the Luma3DS will return at the next reboot.

P.S.
But if you want an official on an ongoing basis, rename native.firm to boot.firm and drop it into the root of the SD card with the replacement.

The main point is to check whether it is possible to remove the hacking without consequences. At risk, those who have changed movable.sed who have banned by changing LocalFriendCode. My console was able to start the official one only after returning the original movable.sed.

 

[BaamAlex]

Why should we do this?

 

[Engezerstorung]

i guess if you put this native.firm as the boot.firm in the CRT it could be a way to stealth the CFW by removing the SD card?

question : by using the native.firm as boot.firm does start and select do anything?

 

[BaamAlex]

removing the SD card

Then copy and paste the boot.firm to sysnand. And you can boot up the 3ds without sd card.

 

[Engezerstorung]

Then copy and paste the boot.firm to sysnand. And you can boot up the 3ds without sd card.

i knew that, my point is that by putting this native.firm in the ctr you can have a 3DS that look totally unhacked by itself (no chainloader or config menu with start/select, no unnoficial game launching or homebrew available on the console), well, except if the person examining your 3DS try to put a .firm in your sd to see if it launch

 

[BaamAlex]

Makes no sense for me to do this. Or with other words written...i don't understand why!?

 

[Engezerstorung]

it could be needed, for stuff like tournament or i dont know what situation having a hacked 3DS could be bad for you

 

[zoogie]

Why should we do this?

For devs, debugging errors (sometimes for exploit development). For end users, sometimes errors can be caused by cfw, and this is one way to workaround them.

Some people may also be paranoid about going online with cfw, and this gives them peace of mind.

 

[botik]

Attention !!! If you boot into native.firm and connect to the Internet and in the settings try to update the system, then B9S is REMOVE!!!! Tested on 11.10

 

[KleinesSinchen]

Attention !!! If you boot into native.firm and connect to the Internet and in the settings try to update the system, then B9S is REMOVE!!!! Tested on 11.10

That is not very surprising as the CFW (usually Luma) protects FIRM0/FIRM1 from being overwritten by the official updater. Nevertheless a good warning.

https://github.com/AuroraWright/Luma3DS/wiki/Standard-features

FIRM partition write protection: Luma3DS prevents the system from writing to the FIRM partitions. This allows you to perform a System Update safely without boot9strap being removed.

Not loading CFW, not protecting FIRM0/1.

 

[Sweater Fish Del]

I can't seem to get this to work. The screen just goes black and requires a hard shutdown.

I don't totally understand the following:

At risk, those who have changed movable.sed who have banned by changing LocalFriendCode. My console was able to start the official one only after returning the original movable.sed.

I don't think I ever changed movable.sed. I know the BannerBomb3 exploit I originally used to hack the system involved the movable.sed, but it didn't change the file, did it? If so, is there any way to recreate the original if I don't have a backup? I have a Japanese New 2DS LL that was region changed using 11.15.0-47U

What is the difference between the two firms in 20000002 and 20000003. As I understand it, they're both supposed to be NATIVE_FIRM, but the ARM11 binaries are different sizes, so apparently not identical.

20000102 contains the TWL_FIRM, right? This also doesn't boot on my system, but does give an error message (in Japanese, so maybe the region change didn't affect this, eh?). I thought TWL_FIRM was supposed to default to booting a DS card in slot-1 if it's not passed a TID. Is this the same problem that's keeping NATIVE_FIRM from working?

 

[a_username_that_isnt_cool]

I can't seem to get this to work. The screen just goes black and requires a hard shutdown.

I don't totally understand the following:


I don't think I ever changed movable.sed. I know the BannerBomb3 exploit I originally used to hack the system involved the movable.sed, but it didn't change the file, did it? If so, is there any way to recreate the original if I don't have a backup? I have a Japanese New 2DS LL that was region changed using 11.15.0-47U

What is the difference between the two firms in 20000002 and 20000003. As I understand it, they're both supposed to be NATIVE_FIRM, but the ARM11 binaries are different sizes, so apparently not identical.

20000102 contains the TWL_FIRM, right? This also doesn't boot on my system, but does give an error message (in Japanese, so maybe the region change didn't affect this, eh?). I thought TWL_FIRM was supposed to default to booting a DS card in slot-1 if it's not passed a TID. Is this the same problem that's keeping NATIVE_FIRM from working?

This is a post that dates back YEARS. At this point, just use safety_test.

 

[Sweater Fish Del]

safety_test essentially does the same thing, but is not directly bootable from fastboot3ds, so the age of the post doesn't seem relevant. Nothing significant has changed.

However, thank you anyway since the page where I downloaded the script has the additional information that this won't work on region changed systems like mine.

Anyone know if I should be able to boot the stock firms if I get them from a Japanese NAND backup? Or is this just impossible on a region changed system?

I'm also still curious why the two versions of NATIVE_FIRM are different and whether booting TWL_FIRM does indeed launch the slot-1 card on a system that hasn't been region changed.

 

[lone_wolf323]

safety_test essentially does the same thing, but is not directly bootable from fastboot3ds, so the age of the post doesn't seem relevant. Nothing significant has changed.

However, thank you anyway since the page where I downloaded the script has the additional information that this won't work on region changed systems like mine.

Anyone know if I should be able to boot the stock firms if I get them from a Japanese NAND backup? Or is this just impossible on a region changed system?

I'm also still curious why the two versions of NATIVE_FIRM are different and whether booting TWL_FIRM does indeed launch the slot-1 card on a system that hasn't been region changed.

The guide outright states that region changed consoles will brick when uninstalling cfw. which in turn means that running a stock firm like this will just yeild same results as a frozen screen which you would have hard reset the console from.

 

[Sweater Fish Del]

The guide outright states that region changed consoles will brick when uninstalling cfw. which in turn means that running a stock firm like this will just yeild same results as a frozen screen which you would have hard reset the console from.

Yeah, "the guide" is the page I was referring to when I said that.

Is there no way to boot an unpatched NATIVE_FIRM on a region changed system then?

And is this the same for TWL_FIRM or is that a different issue?

 

[KleinesSinchen]

Is there no way to boot an unpatched NATIVE_FIRM on a region changed system then?

Please do yourself a favor and don't play around with this.
Nothing to gain but a 3DS to loose.

But… here you go. Happy reading!
https://gbatemp.net/threads/can-i-r...er-did-the-region-change.525198/#post-8414127


Good luck and have fun!