Would no-browser Ninjhax be feasible?

Discussion in '3DS - Homebrew Development and Emulators' started by Jiro2, Jul 1, 2016.

  1. Jiro2
    OP

    Jiro2 GBAtemp Advanced Fan

    Member
    757
    184
    Mar 28, 2011
    United States
    Because this keeps turning up in cases where people have low browser versions. You have to update using a cart, either to 4.x/6.x and use mset, or to 9.3-10.7 and use a game entry point. But if you do that, you may have no browser or a very low browser, which means Ninjhax won't work. Would it be at all feasible for Ninjhax to be updated to run without using a browser? (And would it then be possible to cart update to 9.2 with no browser, and use Ninjhax to finish the a9lh/CFW process?)
     


  2. Swiftloke

    Swiftloke Hwaaaa!

    Member
    1,769
    1,505
    Jan 26, 2015
    United States
    Nowhere
    OK, this is a legit question. Unfortunately, no, any exploit at all needs a browser to run, as it needs to take it over to gain more permissions, the biggest one being SD card access to get to our boot.3dsx.

    — Posts automatically merged - Please don't double post! —

    You can find the ninjhax writeup, explaining this in more detail, here: http://smealum.net/?p=517
     
    Tomato Hentai and KapuDaKoopa like this.
  3. FenrirWolf

    FenrirWolf GBAtemp Psycho!

    Member
    4,347
    328
    Nov 19, 2008
    United States
    Sandy, UT
    Only ninjhax 1.0 and 1.1 require a browser. *hax 2.0 and above (such as ninjhax 2.0, oothax, menuhax, etc) have no need for a browser. With the natural exception of browserhax, of course.
     
  4. Jiro2
    OP

    Jiro2 GBAtemp Advanced Fan

    Member
    757
    184
    Mar 28, 2011
    United States
    I was pretty sure that even Ninjhax 2 required *some* browser, and this turned up when I was suggesting additions to the guide, but I can't find a reference.
     
    Last edited by Jiro2, Jul 1, 2016
  5. Swiftloke

    Swiftloke Hwaaaa!

    Member
    1,769
    1,505
    Jan 26, 2015
    United States
    Nowhere
    Where did you get that?
     
  6. Jiro2
    OP

    Jiro2 GBAtemp Advanced Fan

    Member
    757
    184
    Mar 28, 2011
    United States
    I am confused at this point.

    Ninjhax 2 is said by most people to not need a browser. However, the download page for it does not let you select a browser version less than -7, and Plailect's guide for updating to 9.2 does not contain the possibility "update to a cart using a 9.2 game like some versions of Smash Brothers, and then use Ninjhax for homebrew for the rest of this guide". I could swear the subject came up at some point in a discussion about the guide.

    https://github.com/Plailect/Guide/issues/131#issuecomment-222423646 mentions that 9.2 with a -4 browser cannot run Ninjhax (although he apparently could run it on 9.9 with a -4).
     
    Last edited by Jiro2, Jul 1, 2016
  7. Garro

    Garro Pendulum of souls!

    Member
    619
    307
    Aug 15, 2009
    Cote d'Ivoire
    Somewhere
  8. Jiro2
    OP

    Jiro2 GBAtemp Advanced Fan

    Member
    757
    184
    Mar 28, 2011
    United States
    Mod, please close this; I emailed Smealum and Ninjhax 2 doesn't use a browser at all (despite the -7 on the Ninjhax 2 page)
     
  9. Logan Pockrus

    Logan Pockrus Knawledge is key.

    Member
    1,338
    1,019
    Jan 1, 2016
    United States
    Smealum said that to you? I could have sworn it required a browser. Anyway, to answer the OP (even though I guess I don't need to at this point), an exploit that doesn't require the browser is always a possibility, but *hax already works fine, and there just aren't enough people with the interest, time, or skill to get the job done.
     
  10. Jiro2
    OP

    Jiro2 GBAtemp Advanced Fan

    Member
    757
    184
    Mar 28, 2011
    United States
    I'm the OP. I assumed it requires a browser for the reasons I gave:
    -- Ninjhax download page seems to require -7
    -- report of inability to run Ninjhax on -4
    But if it doesn't, it doesn't.
     
  11. zoogie

    zoogie simple pimp tool

    Member
    6,149
    7,727
    Nov 30, 2014
    United States
    Don't know why he doesn't just X out the NVER then to clarify things. One line of code to fix.
     
  12. Ricken

    Ricken Crawling from Hell, Falling from Grace

    Member
    2,169
    2,297
    Jan 19, 2016
    United States
    Shibuya, The small one from Vegas
    Just clearing this out of the way; That writeup Smealum made was of Ninjhax1. He hasn't written up 2 yet

    EDIT; Also, if someone wants me to, I don't mind using my 9.2 EmuNand to test Ninjhax 1 and 2 with Spider deleted from that Nand, just for proof
     
    Last edited by Ricken, Jul 1, 2016
  13. Logan Pockrus

    Logan Pockrus Knawledge is key.

    Member
    1,338
    1,019
    Jan 1, 2016
    United States
    Alright, then. I do remember one unfortunate fellow who installed Old 3ds (I.E., not 2DS or N3DS) update CIAs to a 2DS. Obviously, the 2DS doesn't have a 3d slider (or 3d at all), so he was stuck. However, you can launch a cart at startup by holding certain keys (allegedly), so he tried using Ninjhax to get access to sysUpdater, but it wouldn't launch, as certain services (presumably including the browser) weren't available. However, the legitimacy of this story depends on whether or not you actually can launch game carts at startup - I'm not entirely sure.
     
  14. kje123

    kje123 this title is false

    Member
    385
    229
    Aug 9, 2015
    United States
    Seattle
    Sounds fake to me. If that were possible, then there would be no such thing as a hard brick.
     
    Ricken likes this.
  15. Logan Pockrus

    Logan Pockrus Knawledge is key.

    Member
    1,338
    1,019
    Jan 1, 2016
    United States
    Well, I'd assume your system would need to be in working order to launch the cart. ¯\_(ツ)_/¯

    EDIT: It's like how recovery mode isn't accessible with a hard brick.
     
    Last edited by Logan Pockrus, Jul 1, 2016
  16. kje123

    kje123 this title is false

    Member
    385
    229
    Aug 9, 2015
    United States
    Seattle
    Yeah in a way.
     
  17. Logan Pockrus

    Logan Pockrus Knawledge is key.

    Member
    1,338
    1,019
    Jan 1, 2016
    United States
    But like I said, I'm not sure how legitimate the story was.
     
  18. dark_samus3

    dark_samus3 GBAtemp Addict

    Member
    2,314
    1,712
    May 30, 2015
    United States
    It's perfectly legit, you have to factory reset from recovery mode or something, then you can run games with a keycombo (I'm leaving out details, but I assure you it IS possible) however, the home menu, and by extension, it's applets (browser, etc.) aren't running, which limits the permissions we have. Simply put, it IS possible to recover from this state, but it's not as easy, as we have less to work with here... Depending on the system version, though, it might not be too hard (the RSAVerify vuln, for example, is rather simple, can be done from any system 4.x or less and doesn't need a lot of code or permissions to exploit)

    All that said, ninjhax 1.x needs browser running, *hax 2.x needs home menu running (which is the replacement for the browser requirement, essentially)
     
    Logan Pockrus likes this.
  19. Logan Pockrus

    Logan Pockrus Knawledge is key.

    Member
    1,338
    1,019
    Jan 1, 2016
    United States
    Glad to know I can rely on someone more knowledgeable than myself to swoop in and explain things! :rofl:
     
  20. TheCyberQuake

    TheCyberQuake Certified Geek

    Member
    2,742
    1,625
    Dec 2, 2014
    United States
    Las Vegas, Nevada
    As far as I'm aware the same CIA files are used on both the old 3ds and 2ds. Everytime I go to download an update/downgrade pack, the 2ds and 3ds are the same pack. I could be wrong and someone can correct me if so. But I'm fairly certain old 3ds and 2ds share the same update files. Unless they accidentally installed a CIA that isn't usually in an update, I'm going to claim it false. But again, I could be wrong so feel free to let me know if I am.