Hello everyone! After sensing some interest in the community after reading
this thread, I thought I'd make a page for a project I've been working on, so people can join in, give advice etc.
The project is called
KARL3DS(a bad acronym originally meant to stand for
Kernel
Anti-piracy
Region-free
Loader....
3DS) - and its goal is to have usable kernel access on N3DS for Nand dumping and decrypting, cartridge dumping and decrypting and hopefully(!) the ability to launch a CFW that allows for the bypassing of region lock. A project outline is below.
1. Gathering of team and resources (the intent of this thread)
2. Gaining kernel access from within Ninjhax
1. Memchunkhax to get Arm11 kernel access using gspwn
2. Firmlaunchhax to Arm9code execution
2b. Gaining Arm11 userland code execution
1. Porting Yifan Lu's LoadCode to N3DS Skater(what I am currently working on) and mapping out the correct values in the global address space(can possibly be avoided by smart coding in the 2nd stage)
2. Injecting the ported code to replace Ninjhax's Thread 0 ROP
3. Testing with UVLoader(or some other publicly available code)
3b. Gaining kernel access from within userland
1. Converting Gateway's Arm11 exploit to New3DS(as usual, using Yifan's writeup and the info on 3dbrew) - fairly simple
2. Converting Gateway's Arm9 exploit to New3DS(it is possible we could use Roxas' work here, it'd probably be more work though) - quite difficult
3. Utilising our new-found power! (I haven't thought too much about this to be honest, so just ideas)
1. Work out nand interface and dump nand
2. Work out cartridge interface and dump cartridge
3. Work out decryption and do that (maybe look at VOID?)
4. Figure out how to create and boot a region free REDNand
5. On the fly game patching
6. Modify Sysnand to boot into our kernel code
7. Use 3ds as a remote control for our pet flying pig(with gyroscope function!)
So that's it... any help, advice or criticism is appreciated, I want this to be a community project so there'll be regular updates, if you're interested in joining the project PM me.
Please note that although the project's goal is region free via kernel access, we make no promises. We aren't getting paid for this and our motivation(well, at least my motivation) is mostly a hacker's curiosity, so no-one is entitled to receive anything we create.
That being said, I'm looking forward to working on this project, and working with the people of this forum. I hope we'll be able to release something in the near future! Watch this space.