TubeHax is able to change Fw?

Discussion in '3DS - Homebrew Development and Emulators' started by NoWeeb, Aug 16, 2015.

Thread Status:
Not open for further replies.
  1. NoWeeb
    OP

    NoWeeb Advanced Member

    Newcomer
    69
    10
    Jul 25, 2015
    United States
    Chicago
    Smealum posted on Twitter showing the tubehax demonstration. On the bottom screen of the 3ds it says "Change Firmware Version". So well it be able to downgrade your 3ds?
     
    Margen67 likes this.


  2. TheZoroark007

    TheZoroark007 MK7 CT creator

    Member
    604
    234
    Apr 2, 2014
    Gambia, The
    Lake Constance
    Nop. I think that you have to choose your firmware version to load homebrew!
     
  3. Xenon Hacks

    Xenon Hacks GBAtemp Guru

    Member
    7,043
    3,349
    Nov 13, 2014
    United States
    No
     
    Zidapi likes this.
  4. Selim873

    Selim873 Nunnayobeesnes

    Member
    1,164
    582
    Jul 31, 2010
    United States
    Chillin' with Bob Ross
    The way Smea typically makes his hacks, he separates each one for different firmwares. He could indeed make a universal version, one exploit works with all, but that would just leave a buggy mess. So he makes seperate ones based on different firmwares, based on his testing. That's why there's the firmware selection on the Ninjhax 2.0 site.

    It's just for safety reasons.
     
  5. Jwiz33

    Jwiz33

    Banned
    2,654
    1,523
    Jun 5, 2014
    United States
    in the illuminati headquar—I have said too much!
    ^^what he said^^

    /thread
     
    MajinCubyan likes this.
  6. Boy12

    Boy12 NOT a new member!

    Member
    536
    134
    Mar 8, 2012
    Netherlands
    Purmerend
    Tubehax won't allow downgrading, as that would go outside of userland.
     
    HaloEffect17, Margen67 and Jwiz33 like this.
  7. Apache Thunder

    Apache Thunder I have cameras in your head!

    Member
    4,091
    3,996
    Oct 7, 2007
    United States
    Levelland, Texas
    The "Change Firmware" button is probably just something that changes what payload to use. He's got a basic page/exploit that will work on all firmware, but the rest is loaded based on what firmware you have to keep things efficient and stable. So the "change firmware" button just loads a different set of ROP chains. Useful incase you updated firmware and need to change the payload TubeHaX is using.

    Unlike Cubic Ninja where you chose the firmware version on your PC or other device to get the correct QR code payload, with TubeHaX that can all be done within the YouTube app. That's basically what that "Change Firmware" button does.
     
    Margen67 likes this.
  8. TheToaster

    TheToaster Warrior of the Toast

    Member
    430
    160
    Aug 11, 2015
    United States
    USA
    What exactly is "userland"?
     
  9. Boy12

    Boy12 NOT a new member!

    Member
    536
    134
    Mar 8, 2012
    Netherlands
    Purmerend
    Basicly anything that is not related to modifying the kernel or installing warez etc., Basicly you're allowed to write games and homebrews, but not CIA installers etc,.
     
    TheToaster likes this.
  10. WateredFire19

    WateredFire19 Banned

    Banned
    643
    215
    Aug 23, 2014
    United States
    Land of The User.

    Ok, It's basically Homebrew without any CIA installations, CFW's, ROM Loading, etc. Just basic user-end stuff that doesn't go beyond ARM11's area of accessability.
     
    HaloEffect17 and TheToaster like this.
  11. Psi-hate

    Psi-hate GBATemp's Official Psi-Hater

    Member
    1,622
    1,035
    Dec 14, 2014
    United States
    Houston
    It means that it gives off the kind of permissions that 3ds games or apps get . Userland=Limited Kernel=Full Access
     
  12. Boy12

    Boy12 NOT a new member!

    Member
    536
    134
    Mar 8, 2012
    Netherlands
    Purmerend
    We might be able to work around that when we get the source of ironhax/tubehax though (hopefully).
     
  13. Apache Thunder

    Apache Thunder I have cameras in your head!

    Member
    4,091
    3,996
    Oct 7, 2007
    United States
    Levelland, Texas
    There's also different levels of kernel access. Arm11 kernel access would allow you to alter app permissions. (Thus enabling downgrading). However running unsigned apps at the system level requires Arm9 access. Of coarse having Arm9 access means you have the ability to gain control over the entire system. Arm9 is the boss of Arm11 and Arm11 is the boss of other apps. Arm9 tells Arm11 what it's allowed to do, then Arm11 tells games and apps what they are allowed to do within the parameters that Arm9 allows it to. Simple as that. :D

    Userland is working within the confines of what access the system already has given you and you'd need a Arm11 exploit to gain full access to permissions and stuff. Though in some cases you can exploit other apps to get added access instead, but it's more limited then Arm11 access.

    In most cases you need an Arm11 exploit to try and exploit Arm9 as normal games and such can't talk to Arm9 directly.

    I don't think there is any exploits that could exploit Arm9 directly without Arm11 at the moment. The Arm9 exploit used more recently (firmlaunchhax) wasn't actually patched until 9.4 I believe (or 9.5. I don't recall exactly right now). But Arm11 (memchunkhax) exploit was patched in 9.3 closing off the path to Arm9 and full control.
     
    Last edited by Apache Thunder, Aug 16, 2015
    Psi-hate, KevInChester and Margen67 like this.
  14. WateredFire19

    WateredFire19 Banned

    Banned
    643
    215
    Aug 23, 2014
    United States
    I agree! Especially with it all working on 9.9.0 without any extra hardware.... (and with TDVS being able to access a few of the AM services.) Makes us wonder....:unsure:

    EDIT: I like where this thread is going... Seriously! :D
     
    Boy12 likes this.
  15. Boy12

    Boy12 NOT a new member!

    Member
    536
    134
    Mar 8, 2012
    Netherlands
    Purmerend
    I really hope there will be a say to install cias... For ehm... "Learning purposes" :D
     
    Ultimatezmaili and Margen67 like this.
  16. WateredFire19

    WateredFire19 Banned

    Banned
    643
    215
    Aug 23, 2014
    United States
    Ehhemm. Lol. We should probably focus on downgrading first :) . Would be easier than recreating everything for 9.3+. And especially because all firmware CIA's are "legit CIA's".
     
    Margen67 and Boy12 like this.
  17. DutchyDutch

    DutchyDutch COPYRIGHT LOLOLOLOL

    Member
    869
    430
    Nov 16, 2014
    Netherlands
    So usigned CIAS are games right? (as in MM3D or Animal Crossing etc.)
    If so I'm really hyped. Can't wait to ''backup'' games I ''already own''
     
  18. WateredFire19

    WateredFire19 Banned

    Banned
    643
    215
    Aug 23, 2014
    United States
    Well that and DLC, apps from the official SDK such as DevMenu and SaveDataFiler, and also Homebrew. Don't quite understand why you're so "hyped" though.
     
  19. Nintendo Fanboy

    Nintendo Fanboy GBAtemp Maniac

    Member
    1,014
    388
    Mar 6, 2015
    United States
    In Los Santos, GTA: San Andreas.
    Uhh, notice how the homebrew launcher on ninjhax 1 crashed when you pull the gamecard out... Makes me think, Is Ninjhax 2.0 sorta kinda running as it's own app? It may not say "Homebrew Launcher or whatever in the friends list", but, even region three/four/loader does the same thing, still says you're on cubic nina when youre not.
    And to load gamecarts, you need kernal access, (from what I know). So, a CIA installer or even a cfw doesn't look THAT far.
    Now, if the source code for Ninjhax 2.0 gets put out, it won't be that hard to maybe change some of the code for the regionfree launcher and turn it into a rom loader or even cfw.

    (Made this post without making a different thread). I'm so proud of myself! XD
     
  20. NoWeeb
    OP

    NoWeeb Advanced Member

    Newcomer
    69
    10
    Jul 25, 2015
    United States
    Chicago
    @smealum just posted how to install tubehax
     

    Attached Files:

    Xenon Hacks and Margen67 like this.
Thread Status:
Not open for further replies.