Hacking [WIP] open source Kernel access on 3DS

[daxtsu]

can you explain briefly why it's not possible if downgrading is now possible?

Because downgrading does not mean the same thing as having a bootrom hack (meaning you have control of the system from the instant you turn the power on).

 

[Tjessx]

can you explain briefly why it's not possible if downgrading is now possible?

You could write pages about why this isn't possible, this is an entire other thing than downgrading.
(Maybe after years of further CFW development, but probs not, or there has to come an entire new exploit where Nintendo loads code from the SD card on startup, but nintendo will probs never do this).

 

[daicon]

You could write pages about why this isn't possible, this is an entire other thing than downgrading.
(Maybe after years of further CFW development, but probs not, or there has to come an entire new exploit where Nintendo loads code from the SD card on startup, but nintendo will probs never do this).

I don't mean loading from the SD card. I mean writing the CFW to NAND

 

[Tjessx]

I don't mean loading from the SD card. I mean writing the CFW to NAND

The CFW itself is just a copy of your sysNAND, if you would write this to your Nand, you would have exactly the same.
You can't write the region free and stuff to your NAND.

 

[Tjessx]

I don't mean loading from the SD card. I mean writing the CFW to NAND

In order to achieve this, you need to run the code at startup of the 3DS, and that is not possible at the moment, maybe in future firmware versions (but probs not)

 

[daicon]

You can't write the region free and stuff to your NAND.

Why not?

Don't mean to noob up the thread, if you want you can PM me

 

[Tjessx]

Why not?

Don't mean to noob up the thread, if you want you can PM me

This would only work if the developers could sign their own code correctly,
and if we can decrypt/encrypt the NAND.

Nand decrytion is possible i believe, but it will take years before we can sign code ourselves, or find another way to do this (unless nintendo does something stupid of course)

 

[daicon]

This would only work if the developers could sign their own code correctly,
and if we can decrypt/encrypt the NAND.

Nand decrytion is possible i believe, but it will take years before we can sign code ourselves, or find another way to do this (unless nintendo does something stupid of course)

Oh, I see. For some reason I thought I heard that the system signs the NAND itself in a certain way when it's written to it or something, which prevented people from downgrading before unless they already had a NAND backup they dumped themselves.

 

[powersaver]

Can someone clarify what 'sakalak' is explaining because I don't think Cubic Ninja can be installed to sysNAND I don't think Cublic Ninja can be installed to sysNAND and used without software mods (which to this day none exist or have been released) and/or hardware mods/flashcards.

yes you can run ninjhax

install cia file
copy starter files to sdcard
and wifi connect scan qr code

work perfectly my pal cfw system 4.5.10E

No, you can run ninrhax, but i don't think you can boot into another CFW from that point.

but (i think) you can use PBT-CFW, install cubic ninja on your sysNand, launch it from there, and then run ninjhax to run this CFW.

 

[Oishikatta]

Can someone clarify what 'sakalak' is explaining because I don't think Cubic Ninja can be installed to sysNAND.

You can install anything you want to sysnand. You just can't run it outside of a patched environment, in that case the 4.5 cfw with redirection turned off.

 

[SaagiBols]

Can someone clarify what 'sakalak' is explaining because I don't think Cubic Ninja can be installed to sysNAND.

PBT-CFW installs all cias to sysnand, but only the Legal/properly signed cias will work without the exploit/CFW. its like Palantine but instead of using/booting emunand/rednand it boots back to sysnand...

 

[dubbz82]

This would only work if the developers could sign their own code correctly,
and if we can decrypt/encrypt the NAND.

Nand decrytion is possible i believe, but it will take years before we can sign code ourselves, or find another way to do this (unless nintendo does something stupid of course)

This made me somewhat curious - has anyone with a hard mod tried to take for example palentine cfw and extract it then flash it directly? Or is this patched on the fly at boot? I know I'm now a bit off topic, but I'm kinda curious.

 

[Raz266]

Edit: Wrong Thread.

 

[cearp]

This made me somewhat curious - has anyone with a hard mod tried to take for example palentine cfw and extract it then flash it directly? Or is this patched on the fly at boot? I know I'm now a bit off topic, but I'm kinda curious.

stuff like that wouldn't work, we need a hack in order to load the cfw, because it is not legit.

 

[dubbz82]

stuff like that wouldn't work, we need a hack in order to load the cfw, because it is not legit.

I sorta thought so, however figured it'd be worth asking if anyone had actually attempted this, or if it's just a presumption that it won't work.

 

[LoneGrenade]

I sorta thought so, however figured it'd be worth asking if anyone had actually attempted this, or if it's just a presumption that it won't work.

It's not really a presumption, it's known that it wouldn't boot if the NAND wasn't signed correctly.

That being said, I'm sure someone out there has attempted it and failed.

 

[Apache Thunder]

Direct modification of files on NAND require properly signed files or a bootrom exploit. None of which will happen any time soon.

 

[Kylecito]

its fine guys i'll go make a software RSA emulator

be back in a few centuries

 

[powersaver]

Thank you for the replies, overall it seems, Cubic Ninja can't be installed to sysNAND and used, even with PBT-CFW.

OSKA should be made working and then ported to MSET, Spider, and Zelda if possible. However, since Spider is available in most versions, I think that is the best.

 

[mordorer]

173210? Progress?