What was patched in 9.3 that prohibits the OoT exploit?

Discussion in '3DS - Flashcards & Custom Firmwares' started by pokemoner2500, Mar 13, 2015.

  1. pokemoner2500
    OP

    pokemoner2500 GBAtemp Advanced Fan

    Member
    4
    Aug 14, 2013
    United States
    So I read that it only supports up to 9.2, it doesn't require internet (from what i can tell) so why does it not work on 9.3+?
     
  2. W4T4R1

    W4T4R1 GBAtemp Fan

    Member
    3
    Aug 20, 2014
    Italy
    I think is the kernel exploit used to launch the Gateway mode that has been patched
     
  3. Ra1d

    Ra1d GBAtemp Maniac

    Member
    6
    Jul 31, 2010
    Canada
    Well if Gateway says it doesn't, then it doesn't, they won't lie to you, because they're actually interested in new customers.
     
  4. Duo8

    Duo8 I don't like video games

    Member
    7
    Jul 16, 2013
    memchunkhax IIRC.
     
    Margen67 and RainThunder like this.
  5. pokemoner2500
    OP

    pokemoner2500 GBAtemp Advanced Fan

    Member
    4
    Aug 14, 2013
    United States
    I'm just curious, i'm not saying they're lying...
     
    Ra1d likes this.
  6. motezazer

    motezazer GBAtemp Maniac

    Member
    8
    Feb 6, 2015
    France
    Because OOT is only the entrypoint. To get full control of the console, Gateway uses 3 more flaws :
    -gspwn (not corrected yet)
    -memchunkhax, to gain kernel control (corrected in 9.3)
    -firmlaunchhax, to take over the security processor (corrected in 9.5)

    So as ONE system flaw is fixed in 9.3, it doesn't work
     
    Ra1d, Margen67 and RainThunder like this.
  7. Gadorach

    Gadorach Electronics Engineering Technologist

    Member
    6
    Jan 22, 2014
    Canada
    Canada
    Think of it this way. This game exploit is a car key, and the kernel is an engine. As it turns out, there's more than one shape of key this car will accept. With each new key we find, we can start the car in different ways.

    The problem is, the car only starts because there's a flaw in the key-slot, so all these odd keys are working. Nintendo got mad that the keys were working, but didn't want to make a new lock, so instead, they just made the engine only start when the owners voice was heard. As a result, though the keys themselves work, the engine won't start unless Nintendo asks it to nicely first.

    As long as you don't let Nintendo update your engine, the keys will always work to turn on your current engine. If you let Nintendo update your engine, the keys will still open the doors, but the engine wont start.
     
    bowser, Vickyle, emmanu888 and 4 others like this.
  8. pokemoner2500
    OP

    pokemoner2500 GBAtemp Advanced Fan

    Member
    4
    Aug 14, 2013
    United States
    That actually made sense lol, ok!
     
  9. Maximilious

    Maximilious *whistles his distinct tune*

    Member
    7
    GBAtemp Patron
    Maximilious is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Nov 21, 2014
    United States

    This kids going places... In more than one way!!
     
  10. nl255

    nl255 GBAtemp Addict

    Member
    6
    Apr 9, 2004
    Or more to the point. The Zelda exploit merely opens the car door. You still need another one to bypass the ignition lock and a third to bypass the engine computer lockout.
     
    Margen67 likes this.
  11. Gadorach

    Gadorach Electronics Engineering Technologist

    Member
    6
    Jan 22, 2014
    Canada
    Canada
    As true as that is, the point is to follow the KISS rule. Not everyone on this forum understands the ways in which these exploits work, so making it simple, or more relatable, is the best way to get your point across. Just because something is complex in nature, doesn't mean you need to force that expanded information onto others for them to understand why it works. Plus, if you try, you'll either confuse them due to them not having the technical background, or they simply won't care enough to absorb it, rendering your effort wasted.

    Those of us who get it either worked on this stuff for a long time, or we researched it as an enthusiast until our eyes bled. You can't expect the same from anyone who isn't an enthusiast.
     
    gamesquest1 and Vickyle like this.
  12. tony_2018

    tony_2018 GBAtemp Psycho!

    Member
    6
    Jan 3, 2014
    United States
    I believe it was cubic ninja itself that got blocked, Link made an attempt to bypass security checkpoints but the big N said "nah ah bitch".
     
  13. Gadorach

    Gadorach Electronics Engineering Technologist

    Member
    6
    Jan 22, 2014
    Canada
    Canada
    Actually, the core exploit in Cubic Ninja still works just fine, even on the latest firmware. However, without access to gspwn through memchunkhax, it cannot do anything with that exploit. The same applies to the OOT entry point. They are just basic code-loaders, they can't really do anything much on their own.
     
  14. zoogie

    zoogie playing around in the dsiware

    Member
    19
    Nov 30, 2014
    Micronesia, Federated States of
    Firmlaunch hax is what is used to get warez to work (arm9 control) on 9.2. You need arm11 kernel (memhunk-patched in 9.3) to even reach it. The Zelda save hax is arm11 userland.

    (3dbrew.org)
    firmlaunch-hax: FIRM header ToCToU
    This can't be exploited from ARM11 userland.
    During FIRM launch, the only FIRM header the ARM9 uses at all is stored in FCRAM, this is 0x200-bytes(the actual used FIRM RSA signature is read to the Process9 stack however). The ARM9 doesn't expect "anything" besides the ARM9 to access this data. With 9.5.0-22 the address of this FIRM header was changed from a FCRAM address, to ARM9-only address 0x01fffc00.
     
  15. Gadorach

    Gadorach Electronics Engineering Technologist

    Member
    6
    Jan 22, 2014
    Canada
    Canada
    Which is totally accurate, but again, the OP won't understand it. Just dumping intensive information on a person that's not regularly part of the scene isn't going to get you anywhere with them. As far as information is concerned, and questions answered, this thread has been resolved already. No point in dumping programmer-specific information on a novice, it's the same as telling a cat how to cook a hamburger. The cat might like the result, but it certainly won't understand the process in which you took to get there.
     
    gamesquest1 likes this.
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice