So I read that it only supports up to 9.2, it doesn't require internet (from what i can tell) so why does it not work on 9.3+?
Well if Gateway says it doesn't, then it doesn't, they won't lie to you, because they're actually interested in new customers.
Think of it this way. This game exploit is a car key, and the kernel is an engine. As it turns out, there's more than one shape of key this car will accept. With each new key we find, we can start the car in different ways.
The problem is, the car only starts because there's a flaw in the key-slot, so all these odd keys are working. Nintendo got mad that the keys were working, but didn't want to make a new lock, so instead, they just made the engine only start when the owners voice was heard. As a result, though the keys themselves work, the engine won't start unless Nintendo asks it to nicely first.
As long as you don't let Nintendo update your engine, the keys will always work to turn on your current engine. If you let Nintendo update you engine, the keys will still open the doors, but the engine wont start.
Think of it this way. This game exploit is a car key, and the kernel is an engine. As it turns out, there's more than one shape of key this car will accept. With each new key we find, we can start the car in different ways.
The problem is, the car only starts because there's a flaw in the key-slot, so all these odd keys are working. Nintendo got mad that the keys were working, but didn't want to make a new lock, so instead, they just made the engine only start when the owners voice was heard. As a result, though the keys themselves work, the engine won't start unless Nintendo asks it to nicely first.
As long as you don't let Nintendo update your engine, the keys will always work to turn on your current engine. If you let Nintendo update your engine, the keys will still open the doors, but the engine wont start.
As true as that is, the point is to follow the KISS rule. Not everyone on this forum understands the ways in which these exploits work, so making it simple, or more relatable, is the best way to get your point across. Just because something is complex in nature, doesn't mean you need to force that expanded information onto others for them to understand why it works. Plus, if you try, you'll either confuse them due to them not having the technical background, or they simply won't care enough to absorb it, rendering your effort wasted.Or more to the point. The Zelda exploit merely opens the car door. You still need another one to bypass the ignition lock and a third to bypass the engine computer lockout.
Actually, the core exploit in Cubic Ninja still works just fine, even on the latest firmware. However, without access to gspwn through memchunkhax, it cannot do anything with that exploit. The same applies to the OOT entry point. They are just basic code-loaders, they can't really do anything much on their own.I believe it was cubic ninja itself that got blocked, Link made an attempt to bypass security checkpoints but the big N said "nah ah bitch".
Which is totally accurate, but again, the OP won't understand it. Just dumping intensive information on a person that's not regularly part of the scene isn't going to get you anywhere with them. As far as information is concerned, and questions answered, this thread has been resolved already. No point in dumping programmer-specific information on a novice, it's the same as telling a cat how to cook a hamburger. The cat might like the result, but it certainly won't understand the process in which you took to get there.Firmlaunch hax is what is used to get warez to work (arm9 control) on 9.2. You need arm11 kernel (memhunk-patched in 9.3) to even reach it. The Zelda save hax is arm11 userland.
(3dbrew.org)
firmlaunch-hax: FIRM header ToCToU
This can't be exploited from ARM11 userland.
During FIRM launch, the only FIRM header the ARM9 uses at all is stored in FCRAM, this is 0x200-bytes(the actual used FIRM RSA signature is read to the Process9 stack however). The ARM9 doesn't expect "anything" besides the ARM9 to access this data. With 9.5.0-22 the address of this FIRM header was changed from a FCRAM address, to ARM9-only address 0x01fffc00.