pretty sure its already been said that that's the plan in the long term, but right now they are focusing on cubic ninja + n3DS support first, once that's done look at porting to spider for 5.x+ old 3ds's and MSET for 4.x old 3ds's so its usable offline for those guys.....but i think they just want to focus on one thing at a time, which is a good idea, don't juggle too many balls or spin too many plates
pretty sure its already been said that that's the plan in the long term, but right now they are focusing on cubic ninja + n3DS support first, once that's done look at porting to spider for 5.x+ old 3ds's and MSET for 4.x old 3ds's so its usable offline for those guys.....but i think they just want to focus on one thing at a time, which is a good idea, don't juggle too many balls or spin too many plates
it was only on the last page, plus you can just skim over it for peoples comments who are involved in the project....just just to highlight it for the next page of people to ask
Hello everyone! After sensing some interest in the community after reading this thread, I thought I'd make a page for a project I've been working on, so people can join in, give advice etc.
The project is called KARL3DS(a bad acronym originally meant to stand for Kernel Anti-piracy Region-free Loader....3DS) - and its goal is to have usable kernel access on N3DS for Nand dumping and decrypting, cartridge dumping and decrypting and hopefully(!) the ability to launch a CFW that allows for the bypassing of region lock. A project outline is below.
1. Gathering of team and resources (the intent of this thread)
2. Gaining kernel access from within Ninjhax
1. Memchunkhax to get Arm11 kernel access using gspwn
2. Firmlaunchhax to Arm9code execution
2b. Gaining Arm11 userland code execution
1. Porting Yifan Lu's LoadCode to N3DS Skater(what I am currently working on) and mapping out the correct values in the global address space(can possibly be avoided by smart coding in the 2nd stage)
2. Injecting the ported code to replace Ninjhax's Thread 0 ROP
3. Testing with UVLoader(or some other publicly available code)
3b. Gaining kernel access from within userland
1. Converting Gateway's Arm11 exploit to New3DS(as usual, using Yifan's writeup and the info on 3dbrew) - fairly simple
2. Converting Gateway's Arm9 exploit to New3DS(it is possible we could use Roxas' work here, it'd probably be more work though) - quite difficult
3. Utilising our new-found power! (I haven't thought too much about this to be honest, so just ideas)
1. Work out nand interface and dump nand
2. Work out cartridge interface and dump cartridge
3. Work out decryption and do that (maybe look at VOID?)
4. Figure out how to create and boot a region free REDNand
5. On the fly game patching
6. Modify Sysnand to boot into our kernel code
7. Use 3ds as a remote control for our pet flying pig(with gyroscope function!)
So that's it... any help, advice or criticism is appreciated, I want this to be a community project so there'll be regular updates, if you're interested in joining the project PM me.
Please note that although the project's goal is region free via kernel access, we make no promises. We aren't getting paid for this and our motivation(well, at least my motivation) is mostly a hacker's curiosity, so no-one is entitled to receive anything we create.
That being said, I'm looking forward to working on this project, and working with the people of this forum. I hope we'll be able to release something in the near future! Watch this space.
You can, like, totally get some scene cred by having the idea of a 3DS CFW, which has never been thought of before.
I know my idea works that's why I asked. Smealum already confirmed it.
Hello! No, that's not what we are doing, nor what I was originally trying to do. At the moment we exploit Arm11 kernel by corrupting memory within the Ninjhax development environment using gspwn. Originally what I wanted to do was modify Ninjhax to run LoadCode instead of its SpiderRop to run Arm11 userland code to essentially do the same thing we do now, except in more steps and having to mess around with fiddly ROP code. I don't think I used your idea, but I might be misunderstanding you, I do that a lot, feel free to correct me
.
if you do something independently of someone saying "can we do this", you dont have to credit them.......you credit someone if you saw their idea and used it, not just if you had the same idea, so regardless of who said/did what first, unless you where aware of their "idea" and only started your work based on what they said the 2 things are separate, I'm sure before smealum released ninjhax some random person somewhere on gbatemp said "maybe we can make QR exploit"......should smealum credit them as the creator of ninjhaxHello! No, that's not what we are doing, nor what I was originally trying to do. At the moment we exploit Arm11 kernel by corrupting memory within the Ninjhax development environment using gspwn. Originally what I wanted to do was modify Ninjhax to run LoadCode instead of its SpiderRop to run Arm11 userland code to essentially do the same thing we do now, except in more steps and having to mess around with fiddly ROP code. I don't think I used your idea, but I might be misunderstanding you, I do that a lot, feel free to correct me
if you do something independently of someone saying "can we do this", you dont have to credit them.......you credit someone if you saw their idea and used it, not just if you had the same idea, so regardless of who said/did what first, unless you where aware of their "idea" and only started your work based on what they said the 2 things are separate, I'm sure before smealum released ninjhax some random person somewhere on gbatemp said "maybe we can make QR exploit"......should smealum credit them as the creator of ninjhax
I did attempt to make a working version as well, since I knew it was possible.Hello! No, that's not what we are doing, nor what I was originally trying to do. At the moment we exploit Arm11 kernel by corrupting memory within the Ninjhax development environment using gspwn. Originally what I wanted to do was modify Ninjhax to run LoadCode instead of its SpiderRop to run Arm11 userland code to essentially do the same thing we do now, except in more steps and having to mess around with fiddly ROP code. I don't think I used your idea, but I might be misunderstanding you, I do that a lot, feel free to correct me
I wasn't trying to come off as a douche with my question
You're good, I was just curious. I hope I didn't come off as a douche.(I may have used that word one to many times)
I wish you luck sir
@
Xdqwerty:
@
The Real Jdbye:
