Hacking [WIP] KARL3DS - Kernel access on N3DS via Ninjhax + Loadcode

[NyaakoXD]

I guess we could just ask cearp about it.

 

[JPhantom]

just wanted to know about one thing. on the first or 2nd page they mentioned they would not be supporting rom loading as they could not be bothered to code it. does that mean that if they develop an exploit allowing the access needed to make it trivial to code it would be released in such a way that anyone with a modicum of knowledge could do program it using your work?

 

[Apache Thunder]

Regardless on what I believe about the whole piracy issue. I'll still support this project. I may not agree with it's direction, but at this point I'd rather have this then nothing.

I made my views known, but I won't constantly repeat them or argue over them in this thread. I would suggest others do the same. We don't need 20 more pages on the whole piracy debate.

 

[Death78793]

Regardless on what I believe about the whole piracy issue. I'll still support this project. I may not agree with it's direction, but at this point I'd rather have this then nothing.

I made my views known, but I won't constantly repeat them or argue over them in this thread. I would suggest others do the same. We don't need 20 more pages on the whole piracy debate.

Well said! I'd just prefer a better homebrew environment for N3DS and region-free, anything else is a nice bonus

 

[Zidapi]

Everyone should do themselve a favour, and add williamcesar2 to their ignore list.

Red avatar, a logo, perhaps for a football club? Waaaaay ahead of you.

just the point i was making was that imo for something to truly be a cfw it should work from boot up rather than needing to be started via additional exploits ........I'm sure people would disagree, but that's just my opinion

I do disagree, but really it's just semantics at this point.
My personal opinion is that modified system software, whether it be the actual NAND or an SD mounted red(irected)NAND is "Custom Firmware".

Everyone refers to the the PSP as the ideal model for a CFW. But when I got into the PSP scene (PSP 3000), I had to load up a corrupted image, that triggered an overflow, that then allowed me to boot into the CFW. Nobody squabbled over whether or not it was a "true" CFW because it didn't boot directly upon startup.

 

[gamesquest1]

Red avatar, a logo, perhaps for a football club? Waaaaay ahead of you.


I do disagree, but really it's just semantics at this point.
My personal opinion is that modified system software, whether it be the actual NAND or an SD mounted red(irected)NAND is "Custom Firmware".

Everyone refers to the the PSP as the ideal model for a CFW. But when I got into the PSP scene (PSP 3000), I had to load up a corrupted image, that triggered an overflow, that then allowed me to boot into the CFW. Nobody squabbled over whether or not it was a "true" CFW because it didn't boot directly upon startup.

oh don't get me wrong im not saying i wouldn't class the emunand/rednand options as a form of CFW, obviously they are, but the ultimate goal of nearly all cfw's i would imagine would be to get it loaded up on bootup, obviously where that's not possible i wouldn't be disregarding the work of creating "loaded into" CFW's, i was just pointing out that for any cfw most of the time the ultimate goal would be a permanent solution rather than having to boot up the system, then boot into the cfw after its already booted up

 

[cearp]

That's because there's nothing custom about it. All that does is install an old version of the whitelist title. It's signed by nintendo and everything, thus why it sticks around after reboot. It's like mixing and matching titles on the Wii.

yeah i think i replied to you talking about this before a few pages ago? system titles do need to have the correct signature, i break the tmd by changing the version number so that it installs.
=whitelist is broken = giving us the highest compatibility of ds flashcarts possible i guess, (apart from ones detected via the save chip check, in twl_firm)

 

[Artemis-kun]

I had to register an account just to say that what you guys are doing is awesome, and I hope that the wafflers and whiners continue to not get you down. As one of those people who hated how Nintendo shafted the NA region on colour options yet again, and so imported his N3DS, your project is the only hope I have of running 3DS games here in Canada. Looking forward to the day when you guys release!

 

[ody81]

Nothing to do with the PSP. I was active in the PSP homebrew community from very early on, and custom firmware was simply custom firmware, because it was custom firmware. Not sure where this 'cfw = rom loader' business has come from. Just a bunch of dumb, new kids? I dunno.

lol wtf?
I mean, EVERY CFW bar none had rom loading capabilities. After that CFW implied to some people to some degree that <your> system is yours now and <you> make the rules.
The custom in CFW implied you get a non-restricted system that you could customize how <you> chose.

gamesquest1 I agree there's much more to a CFW than loading those roms, but it used to be a very fair and correct assumption. But I also don't understand why people think it's gonna happen on this scene (if they've been paying attention) though lol

 

[WulfyStylez]

lol wtf?
I mean, EVERY CFW bar none had rom loading capabilities. After that CFW implied to some people to some degree that <your> system is yours now and <you> make the rules.
The custom in CFW implied you get a non-restricted system that you could customize how <you> chose.

Really? Like the only CFW that was what you described was PRO CFW (since it was open-source), and that didn't come out until basically EOL.

 

[ody81]

Really? Like the only CFW that was what you described was PRO CFW (since it was open-source), and that didn't come out until basically EOL.

Pro CFW, M-33, TN-V and ME. M-33's an oldie, hardly EOL

 

[dubbz82]

Historically, yes, CFW usually has equaled rom loading (at least as far as consoles go) but if you look at the broader picture, all a CFW is, is firmware with SOMETHING changed. dd-wrt and Tomato for routers count, as do custom roms on android phones. Maybe we'll see the level of the PRO CFW for PSP at some point eventually, but I wouldn't count on it for a while, as (relatively speaking) the homebrew scene on the 3ds is still relatively new. It takes a while to work out how to enable each feature (or disable, if so desired) and we certainly don't have anywhere near full control over the system yet.

 

[shinyquagsire23]

OK, so I've been working at getting firmlaunch hax all weekend, and while I haven't had success in taking over ARM9 as of yet, I did manage to get my 3DS to do a soft reboot from ARM11 kernel. Which means a regionthree-style region unlock might be possible if I can alter the FIRM launch flags before the launch occurs in order to boot the cartridge slot from firmlaunch.

EDIT:

 

[Death78793]

OK, so I've been working at getting firmlaunch hax all weekend, and while I haven't had success in taking over ARM9 as of yet, I did manage to get my 3DS to do a soft reboot from ARM11 kernel. Which means a regionthree-style region unlock might be possible if I can alter the FIRM launch flags before the launch occurs in order to boot the cartridge slot from firmlaunch.

EDIT:

Really loving the progress that you guys are making! Best of luck to you!

 

[Kikirini]

Nice!!

 

[nacimem]

Anyone know what is this?


http://pastebin.com/pBPqHHj4

 

[RodrigoDavy]

Anyone know what is this?


http://pastebin.com/pBPqHHj4

Seems like assemby code to me

 

[capito27]

Seems like assemby code to me

i can confirm, assembly, but no idea what this is for

 

[Reisyukaku]

Anyone know what is this?


http://pastebin.com/pBPqHHj4

Literally nothing. Looks like ARM9 fopen/fread/ etc and a function that reads code.bin into ram.

 

[Dazzozo]

Anyone know what is this?


http://pastebin.com/pBPqHHj4

First stage of the "leaked" CFW. Loads the second payload with Process9 FS functions, throws it in the instruction TCM and executes it. Nothing to do with its title, really.

Edit: their binary was probably too big with a FATFS library or something (there's a limit with VerifyRsaSha256) so they used a "payload loader" kind of thing which used the FS functions to get around it.