Hardware Using a hard mod to manually edit the sysNAND on your PC then transferring it back to the 3DS?

[cheesylard]

So I was thinking, if you were on 9.8 or something that wasn't exploitable, couldn't you possibly hex edit the sysNAND itself to be exploitable?

You'd need a hard mod, and transfer the sysNAND image to the computer so you could manually edit it. Then once you're done making your changes, transfer it back to the 3DS and boom, it's now exploited.

Like, for example, you could take a look at Pasta CFW, look at the offsets for it, then manually hex edit the sysNAND of 9.8. You wouldn't need any exploits since you're directly modifying the sysNAND anyway. Just find the code that checked for CIA signing or whatever, and patch that, then transfer it back...

Would that be possible / easily feasible, given good knowledge of C/C++ and a basic understanding of operating systems and filesystem formats? Hopefully the sysNAND isn't encrypted or anything like that.

 

[hippy dave]

Hopefully the sysNAND isn't encrypted or anything like that.

Bad news.

Only way to decrypt the nand is using the console itself, so only if it's exploitable. No chance for 9.8 for the forseeable future.

 

[d0k3]

Bad news.

Only way to decrypt the nand is using the console itself, so only if it's exploitable. No chance for 9.8 for the forseeable future.

That's not entirely correct. You could generate xorpads on 9.2 (for the NAND) and these will still work on 9.9 and most likely any future version. The Pasta offsets, though, they cannot be hardcoded to my knowledge.

 

[hippy dave]

That's not entirely correct. You could generate xorpads on 9.2 (for the NAND) and these will still work on 9.9 and most likely any future version. The Pasta offsets, though, they cannot be hardcoded to my knowledge.

Yeah, the console needs to be exploitable in the first place. I meant no chance for a console that's already on 9.8.