Hacking [WIP] KARL3DS - Kernel access on N3DS via Ninjhax + Loadcode

[shinyquagsire23]

So anyway, with the 9.6 release is karl stuck at 9.5 for the foreseeable future, or do you folks have something up your sleeves that might get past that?

We might have a few tricks up our sleeves, I guess you could say that.

Edit:

 

[laramie]

Don't Think Its Available yet. Just my 2 cents.

I know someone who can do it.

 

[gamesquest1]

We might have a few tricks up our sleeves, I guess you could say that.

We might have a few tricks.

good to see you guys are in sync

 

[Zidapi]

You can be as much of an ass as you want. My point still stands.

Look. I've said what I wanted to. The topic just needs to be dropped on both sides. Devs included. Everything that needs to be said about it already has been. Mine was pretty clear and wasn't entirely aimed at the temp or its users. It's a statement about 3ds users as a whole. Anyone who wants to pirate already has options and most of those users have said options.

Ugh. I wasn't trying to be an ass. Sorry.

I don't think your point was clear at all. So thanks for expanding and clarifying things further. It seems we're on the same page after all.

I did indeed think your point was about GBAtemp members exclusively. Realising now that you meant 3DS users as a whole changes things entirely and makes my reply completely irrelevant.

 

[Le Citron Vert]

Weren't on the site for a few hours and everyone is hyped now.Keep up the good work!

 

[AugustoKazt]

Found a crazy vuln. Allow me to take this moment to remind people: IF YOU'RE ON SYSNAND 9.5 OR LOWER (9.6 or lower on old3ds maybe, don't chance it though) MAKE A NAND BACKUP. DO IT RIGHT NOW. You will regret not doing it in the future, otherwise.

That is all I'll say for now.

if i im on sysNAND 9.4 this will work or i have to update?, i have to say i dont have Hardmod and i dont have the kills for that (i have a NAND backup from 4.5 if that will help for something)

 

[Hashtastrophe]

if i im on sysNAND 9.4 this will work or i have to update?, i have to say i dont have Hardmod and i dont have the kills for that (i have a NAND backup from 4.5 if that will help for something)

Well, it does say 9.5 or lower. That 4.5 backup might be useful but only if you had a hardmod so you can restore it in an emergency.

You could pay someone with the skills to solder fairly well to install the mod for you. It's really cheap to do on your own (like $25 $35 USD gets you many, many multiples of parts from ebay) and not very difficult. If you have a friend with a soldering iron just get them to do it, takes like 15 minutes from start to finish.
(hint: don't use miniUSB, use JST connectors. At least 4 pin)

 

[Myria]

I think that the community should wait a while before burning another exploit.

BTW, Wulfy, mail me or talk to me on IRC about 9.6.0 stuff. I ended up figuring out the same trick as you guys. Hugs

 

[Nollog]

Again, you can't re-enable something that was never enabled in the first place.

Why has nobody done anything with skater? Because it doesn't have the same vulnerabilities as spider.

Perhaps there's nothing useful that can be done with skater?

Okay, I'm done with you. You're either a moron or you're having a stroke.

Either way, conversing with you requires patience I just don't have. Sorry.

calm down sweetheart.

go to your 9.5.p-23 emunand, still with me? okay, now start up pokemon shuffle as an example. still following? okay, now google for any pokemon shuffle hack, you done? go to the site for it from your 3ds following the instructions you find in google results.

what happens? oh, nothing because it was fixed in -23?

you follow me?

now, imagine if Karl released the 9.5 thing, if you're on -23 you've lost your spier :'( you still with me?

for them, its a remedial task to auto instal a slightly older spider.


okay, now we move on to the new 3ds console.
yes, skater is something that exists. smellenium released ninjohox for every n3ds version except the one without skater, and needs to connect online the first time.
did he simply use skater to handle a download and this didn't exploit anything at all in the browser, or what?

still with me? all this was typed from my phone, expect errors.

 

[urherenow]

1) yes
2) probably also yes, else he wouldn't ask

EDIT:
If he would ask everyone to make a buckup, and says that people between 9.3 and 9.5 should hardmod their 3DS to make a backup, without any use for it, that would be funny though

You do not need a hard mod to either backup OR restore your NAND. You don't need a Gateway card either. You just need to be able to trigger their Launcher.dat. The card is only needed to enter Gateway mode or Gateway Classic. A hard mod is only needed if you actually brick your sysnand or upgrade to a FW that can't launch the Launcher.dat.

This really should be in a sticky thread if it isn't already.

 

[MrJason005]

You do not need a hard mod to either backup OR restore your NAND. You don't need a Gateway card either. You just need to be able to trigger their Launcher.dat. The card is only needed to enter Gateway mode or Gateway Classic. A hard mod is only needed if you actually brick your sysnand or upgrade to a FW that can't launch the Launcher.dat.

This really should be in a sticky thread if it isn't already.

Honestly I think the only users who would care are the ones who are not on an exploitable firmware, if you are on 9.2 or below (N3DS) why bother, you have OoT and CN

 

[mmn]

calm down sweetheart.

go to your 9.5.p-23 emunand, still with me? okay, now start up pokemon shuffle as an example. still following? okay, now google for any pokemon shuffle hack, you done? go to the site for it from your 3ds following the instructions you find in google results.

what happens? oh, nothing because it was fixed in -23?

you follow me?

now, imagine if Karl released the 9.5 thing, if you're on -23 you've lost your spier :'( you still with me?

for them, its a remedial task to auto instal a slightly older spider.


okay, now we move on to the new 3ds console.
yes, skater is something that exists. smellenium released ninjohox for every n3ds version except the one without skater, and needs to connect online the first time.
did he simply use skater to handle a download and this didn't exploit anything at all in the browser, or what?

still with me? all this was typed from my phone, expect errors.

Ninjhax only hijacks a service or two from skater/spider (iirc), using cubic ninja as the entry point. That's your second example.
Your first example is different, it's using a vulnerability in spider itself as an entry point.

Installing an old version of skater is not terribly helpful, because none of the released versions ever had discovered entry points (could also be wrong about this too, just going from the past conversation).

It's not nice or productive to speak in a condescending tone to begin with, and it's even worse when you aren't 101% confident that you are correct. So please, for the sake of post quality, don't.

 

[Tjessx]

You do not need a hard mod to either backup OR restore your NAND. You don't need a Gateway card either. You just need to be able to trigger their Launcher.dat. The card is only needed to enter Gateway mode or Gateway Classic. A hard mod is only needed if you actually brick your sysnand or upgrade to a FW that can't launch the Launcher.dat.

This really should be in a sticky thread if it isn't already.

You do need one if you're on 9.5
EDIT: nevermind

 

[MrJason005]

You do need one if you're on 9.5
EDIT: nevermind

You never edited the post...

 

[Tjessx]

You never edited the post...

I posted it, afterwards i read something, and then i clicked "edit" -> added "EDIT: never mind".
did i understand the "EDIT: " part wrong?

 

[motezazer]

No. My comment was directed at users of firmware versions 9.3 or higher.

Also, we can do 9.6 emunand without the secure4-signed modules, but it's nowhere near ideal or something we'd want to release. Watch this space, though. We've got quite a few things we can try.

Those things being said, we don't really want to talk any more about 9.6 or the reason users should be taking backups until feature announcements (or at least demonstrations) are working. kthx.

9.6 emuNAND without the secure4-signed modules would be useless...
Pros to be on latest version :
-eShop access (latest eShop ist a secure4-signed module)
-new games (but new games 9.6 N3DS only will certainly use the new NCCH flag)
-new features (that are encrypted)

So I understand that you won't release 9.6 emuNAND.

 

[samiam144]

I posted it, afterwards i read something, and then i clicked "edit" -> added "EDIT: never mind".
did i understand the "EDIT: " part wrong?

Lol it's because it doesn't say that you edited your post but it could just be an error

EDIT: See below my post

 

[Dazzozo]

9.6 emuNAND without the secure4-signed modules would be useless...
Pros to be on latest version :
-eShop access (latest eShop ist a secure4-signed module)
-new games (but new games 9.6 N3DS only will certainly use the new NCCH flag)
-new features (that are encrypted)

So I understand that you won't release 9.6 emuNAND.

There are still other ways in to the eShop.

 

[motezazer]

There are still other ways in to the eShop.

Yes, I forgot you could intercept the new version value with a MITM (and then spoof eShop)

 

[Dazzozo]

Yes, I forgot you could intercept the new version value with a MITM (and then spoof eShop)

Don't even need to do that.