Yeah, but still the only thing it's showing is 0000FE00, i tried bridging the R94 just for giggles and no luck. Bit offtopic now
Yeah, but still the only thing it's showing is 0000FE00, i tried bridging the R94 just for giggles and no luck. Bit offtopic now
If you can't find a smd resistor, use a regular one with a simillar value and wires.Yeah, but still the only thing it's showing is 0000FE00, i tried bridging the R94 just for giggles and no luck. Bit offtopic now
For sure i would, but i'm hunting for DSi XL now...If you can't find a smd resistor, use a regular one with a simillar value and wires.
So you are doing the hardmod? Go to the thread for it or start newSo confusing! Could somebody give me a guide? I have a white DSi from the UK and a rasberry pi. Sorry for being a noob. I've only done Wii and Android.
Yes I am. I need to Brute Force the cid and console Id to decrypt the nand. I don't have any DSi ware to get the console Id. And I don't know how to get the cid with my rasberry pi.So you are doing the hardmod? Go to the thread for it or start new
We use this string as a template:
MY ss ss ss ss 03 4D 30 30 46 50 41 00 00 15 00; DSi CID KMAPF0000M-S998
MY ss ss ss ss 32 57 37 31 36 35 4D 00 01 15 00; DSi CID KLM5617EFW-B301
MY ss ss ss ss 03 47 31 30 43 4D 4D 00 01 11 00; 3DS CID
In order to determine the eMMC CID, you must first open your DSi and read the 3 characters to Samsung for the "MY" byte on the NAND chip.
For me that was, for example: 943 and that means:
943 means 43rd week in 2009, ie 43 weeks in 2009 -> December -> month code B, 2009 -> year code C. For the month code you need 43/4 = 10.75 -> 11 (either on or round off if necessary)
Convert this value to hex, so "B"
For the years code we take this scheme:
B - 2008
C - 2009
D - 2010
E - 2011
F - 2012
So BC for the MY byte (at my NAND) The "s" is replaced by "0"
It follows from me (Since I have a KMAPF ...... NAND chip): "BC00000000034D303046504100001500"
Now we have to search for the [src] key by opening your NAND dump with HxD and searching for the line "000001F0".
You now use the 16 couples as [src] in the command. If you have the console ID now, then we can get started:
bfcL emmc_cid [Console ID] [EMMC CID] [offset] [src] [verify]
That's what it looks like for me:
bfcl emmc_cid 0820154919126126 BC00000000034D303046504100001500 001f DB2D16975DACA90176014EB4CCCE87FB 000000000000000000000000000055aa
If there is got hit then everything fits and you have your eMMC CID
You only need your NAND.img for the hex part to bruteforce the CID
Just like how you did for DubMonster, could you get my cid & Console id for me. I don't understand it one bit. I still need to solder my DSi but that might be done tomorrow. I will give you the NAND dump and the numbers on the chip.Yeah, and give me your numbers on the NAND Chip.
Send me a PM
yeah, but i only need the numbers from the NAND Chip.Just like how you did for DubMonster, could you get my cid & Console id for me. I don't understand it one bit. I still need to solder my DSi but that might be done tomorrow. I will give you the NAND dump and the numbers on the chip.
Ok, it saysyeah, but i only need the numbers from the NAND Chip.
Sorry, i forgot, i need the NAND Dump for the CIDOk, it says
Samsung 907
KMAPF0000M S998
N1KHCZJH
Ok I will try to do it soonSorry, i forgot, i need the NAND Dump for the CID
Sorry, i forgot, i need the NAND Dump for the CID
No, i don't know, but i can bruteforce the CID and Console ID with the dump.Oh yeah, I have a rasberry pi if you know how I can get the cid with the rasberry pi.
So I need some thinner wire for the hardmod, but I don't understand the diagrams for the hardmod from https://gbatemp.net/threads/dsi-downgrading-the-complete-guide.393682/
Ok thanks. On the diagram for the soldering. It's a bit confusing. Do you know which exact points I should do?No, i don't know, but i can bruteforce the CID and Console ID with the dump.
But you can also get those keys with a "The Biggest Loser" cart, a flashcard and one dsi app on the NAND, but you also need a exploitable DSi game.
I think the best option is to do a hardmod.
It is not that hard, only 4 solder points.
Don't solder with too much heat and use flux, so it should no problem
Ok thanks. On the diagram for the soldering. It's a bit confusing. Do you know which exact points I should do?
Where is GND? And also, does wires from old earbuds work? There seems two be a red and a blue copper wire in each silicone wrapped wire.https://puu.sh/jePkp/79bb5b1008.png
This is for the normal DSi (not XL)
you only need DAT0 (you can use the alternative point if you want), CMD, CLK and GND from the cartridge slot.
Solder those points to a Micro SD Card Adapter and dump it with win32 disk imager (DONT KLICK AT THE FORMAT PROMPT FROM WINDOWS, BECAUSE YOU WILL BRICK)
yeah, i will do that, but you have to wait 18 hours.maaaan. im trying to get my CID a console id ... the command line i got should be
bfcl console_id_bcd 0820100000000100 001f B1F43D7963FC7B89A040E21A87085483 000000000000000000000000000055aa 0000 A10C0D2499F29404D28426A92005FE9F 00000000000000000000000000000000
but im getting an error i believe due to my gpu's old age. Could anyone help me with that?
thanks man. let me know if you're missing anything.yeah, i will do that, but you have to wait 18 hours.
You boot a copy of Linux that boots from a ramdisk like TinyCore so the boot SD card can be removed and replaced with the DSi. You can then use a command like this to get the CID:Oh yeah, I have a rasberry pi if you know how I can get the cid with the rasberry pi.
You boot a copy of Linux that boots from a ramdisk like TinyCore so the boot SD card can be removed and replaced with the DSi. You can then use a command like this to get the CID:Oh yeah, I have a rasberry pi if you know how I can get the cid with the rasberry pi.