I recently cleaned up and released the tool i used to find the proper fake key when i initially implemented the arm9loaderhax exploit. In origin it ran in my 3DS, i decided to make it a PC tool in order to improve the speed : as for now it can attempt around 2200 keys every second (at least on my PC, may be better on others), which is good enough. I leave it here as it can be useful to improve the current public arm9loaderhax methods with new keys or firms, if anybody wants to work on it. On a side note, this tool contains my little 3DS AES engine simulator in C, which i didn't find on the net, i hope it can be of any use for other projects. Code : https://github.com/delebile/arm9loaderhax-keyfinder Download : https://github.com/delebile/arm9loaderhax-keyfinder/releases Read here before asking useless questions: Is this a new vulnerability? No. It's just a tool that was used to develop the public version of arm9loaderhax. Is this related to downgrade/cfw/warez? No. Again, this is a tool for developers mostly. So where are the news? There is nothing new here, it's a simple open-sourcing a software that previously was not, and that can result useful to some people. Okok... Is there any way i can learn how the exploit works then? Sure, here is some documentation.