1. Gnarmagon

    OP Gnarmagon Noob <3
    Member

    Joined:
    Dec 12, 2016
    Messages:
    647
    Country:
    Germany
    Hello,

    I know that you need the OTP's to install A9LH but what does A9LH with these OTP's ?
    How is A9LH installed ? (just a new Line in a Script / .txt ?)
    The Wii and WiiU have these OTP's too ?
     
  2. Lilith Valentine

    Lilith Valentine GBATemp's Official Imp: Am imp
    Member

    Joined:
    Sep 13, 2009
    Messages:
    24,144
    Country:
    Antarctica
    The OTP is used to get the keys needed to install A9LH.
    How is it installed? You follow the guide
    3ds.guide
    Both the Wii and Wii U have an OTP
     
    Last edited by Lilith Valentine, Feb 1, 2017
    proflayton123 likes this.
  3. proflayton123

    proflayton123 Sakura思い
    Member

    Joined:
    Jan 11, 2016
    Messages:
    6,032
    Country:
    Japan
    Last edited by proflayton123, Feb 1, 2017
    Gnarmagon likes this.
  4. Searinox

    Searinox Dances with Dragons
    Member

    Joined:
    Dec 16, 2007
    Messages:
    2,050
    Country:
    Romania
    OTP stands for One-Time Pad, which is actually a bit of an odd thing since the definition rather closer fits XOR pads than what the OTP actually is. The OTP is a 256-byte unique value from which several important keys are derived. Admittingly, it's too big to be outright considered a "key" in its own right since most keys are 16-byte(128bit) or 32-byte(256bit) long and the OTP is much larger. I believe -how- the keys are derived is yet unknown but then the OTP can still be used to encrypt or decrypt stuff in a valid fashion.
     
  5. adrifcastr

    adrifcastr GBAtemp Addict
    Member

    Joined:
    Sep 12, 2016
    Messages:
    2,038
    Country:
    Germany
    no clue what you mean by Line in a script, but the a9lh payloads are written to the FIRM partition of the nand. the arm9loader then executes the arm9 payload on the root of the sd card which should be called "arm9loaderhax.bin" and has to be a valid arm9 payload.
     
  6. Goombi

    Goombi my_crypto = meme_crypto
    Member

    Joined:
    Jun 1, 2014
    Messages:
    144
    Country:
    France
    One Time Programmable*. It's a unique-per-console read-only randomly-generated-at-factory piece of data used by the Kernel9Loader on New 3DS to decrypt the secret sector (on N3DS NAND). The decrypted secret sector contains keys used by the K9L to decrypt the NATIVE_FIRM.

    About A9LH, providing a carefully chosen key to K9L will allow to gain code exec, not going for the full explanation here. That key is known but in order to provide it to K9L, we need to encrypt it with the OTP and write it in the secret sector.

    There's much more to it, you should check 32c3 presentation on 3DS hacking
     
    Deleted User and XRaTiX like this.
  7. Searinox

    Searinox Dances with Dragons
    Member

    Joined:
    Dec 16, 2007
    Messages:
    2,050
    Country:
    Romania
    Thanks for clearing that up. You mentioned what it does on the N3DS, so what does it do on the O3DS?
     
  8. smileyhead

    smileyhead I like cute stuff.
    Member

    Joined:
    Aug 31, 2015
    Messages:
    4,546
    Country:
    Hungary
    [​IMG]
     
Draft saved Draft deleted