Homebrew Python Tools for 3DS

Snailface

Snailface

My frothing demand for 3ds homebrew is increasing
Member
Level 10
Joined
Sep 20, 2010
Messages
4,324
Trophies
2
Age
40
Location
Engine Room with Cyan, watching him learn.
XP
2,256
I mentioned this in the Fierce Waffle ram dump thread. He is working with naehrwert to get an open homebrew solution going on the 3ds by reversing the GW launcher.dat and gaining code execution. They each have their own separate repos for their projects although naehrwert is the author of these scripts.

The python scripts serve two purposes. One generates a Ram Dumping launcher.dat not unlike Fierce Waffle's. The second, 3dsploit, also generates a launcher.dat but this one loads a 'PAYLOAD' string* of ARM11 assembly presumably to do 'fun things' with 3ds. I'm not sure if this is in kernel mode or not, maybe someone could clarify that or any other lie I've might have told in this post.

*its empty, presumably for the user to fill in their own 133t haxx
 
  • Like
Reactions: emo kid 68
kalimero

kalimero

Uncle Rupee
Member
Level 3
Joined
Jun 28, 2006
Messages
211
Trophies
0
XP
334
Country
Gambia, The
Can someone explain these addresses?

ramdump.py

r.call(0x1B82AC, [0x279000, Ref("fname"), 6], 5)
r.call(0x1B3B54, [0x279000, 0x279020, 0x100000, 0x300000], 9)

3dsploit.py

r.pop_r4(0x279020)
r.i32(0x1C1958)
r.i32(0x44444444)
r.call_lr(0x10C2AC, [0x279024])
 
D

deoFusion

Well-Known Member
Newcomer
Level 3
Joined
Nov 26, 2005
Messages
48
Trophies
0
Location
London
XP
300
Country
United Kingdom
kalimero said:
Can someone explain these addresses?

ramdump.py

r.call(0x1B82AC, [0x279000, Ref("fname"), 6], 5)
r.call(0x1B3B54, [0x279000, 0x279020, 0x100000, 0x300000], 9)

3dsploit.py

r.pop_r4(0x279020)
r.i32(0x1C1958)
r.i32(0x44444444)
r.call_lr(0x10C2AC, [0x279024])
Click to expand...
kalimero said:
Can someone explain these addresses?

ramdump.py

r.call(0x1B82AC, [0x279000, Ref("fname"), 6], 5)
r.call(0x1B3B54, [0x279000, 0x279020, 0x100000, 0x300000], 9)

3dsploit.py

r.pop_r4(0x279020)
r.i32(0x1C1958)
r.i32(0x44444444)
r.call_lr(0x10C2AC, [0x279024])
Click to expand...

http://gbatemp.net/threads/merry-christmas-have-some-ram-dumping.359697/page-11#post-4871942
http://pastebin.com/6CGwGKyh
 
K

Kane49

Well-Known Member
Member
Level 3
Joined
Nov 4, 2013
Messages
446
Trophies
0
Age
36
XP
343
Country
Gambia, The
kalimero said:
Can someone explain these addresses?

ramdump.py

r.call(0x1B82AC, [0x279000, Ref("fname"), 6], 5)
r.call(0x1B3B54, [0x279000, 0x279020, 0x100000, 0x300000], 9)

3dsploit.py

r.pop_r4(0x279020)
r.i32(0x1C1958)
r.i32(0x44444444)
r.call_lr(0x10C2AC, [0x279024])
Click to expand...

#0x279000 is a handle

Apparently its not :)

deoFusion said:
http://gbatemp.net/threads/merry-christmas-have-some-ram-dumping.359697/page-11#post-4871942
http://pastebin.com/6CGwGKyh
Click to expand...


Thanks for the pastie :)
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew  A new way to experience StreetPass

Is it possible...?

Hacking Hardware  New Nintendo 3DS XL Louvre

Hardware  Why does my 3DS take so long to turn off?

Emulation  i have citra, i have my aes keys installed, how do i get the home menu

What's the best 3DS emulator (especially after Citra's shutdown)?

Hacking Misc  VCRUNTIME140.dll UCRTBASED.dll Master Thread

Tutorial  How to fix 007-2001

General chit-chat
Help Users
  • BigOnYa @ BigOnYa:
    Damn that case is huge, but is cool.
  • D @ dadadad:
    I was installing mods for games, but when I removed the romfs folder, an error occurred. Now when I try to launch the game, I see a yellow screen, and I have to reboot the switch. Reinstalling the game didn't help. Can you advise me on what to do to launch the game without mods?
  • The Real Jdbye @ The Real Jdbye:
    @dadadad delete sd:\atmosphere\contents
  • BigOnYa @ BigOnYa:
    You should find out from the mod dev how to uninstall it. Every mod is different on how you install/uninstall.
  • BigOnYa @ BigOnYa:
    @The Real Jdbye Wouldn't that take out bunch other stuff also?
  • D @ dadadad:
    Is it safe to delete the entire atmosphere folder? I don't remember what else was there, like edizon and tesla menu are installed through atmosphere, is it not a problem, will I not damage the system? There were too many mods, I won’t be able to contact each one, nothing was said about deleting in the description.
  • The Real Jdbye @ The Real Jdbye:
    @BigOnYa nothing that can't easily be replaced
     +1
  • The Real Jdbye @ The Real Jdbye:
    @dadadad no don't do that
  • The Real Jdbye @ The Real Jdbye:
    that will reset the configs
  • Arne214 @ Arne214:
    where can i find a clean copy of the mii maker for the wii u (EU)
  • SylverReZ @ SylverReZ:
    @Arne214, We don't ask for roms.
     +2
  • D @ dadadad:
    The installation was only through rofms and in the game folder in content. What else can I do?
  • Xdqwerty @ Xdqwerty:
    @SylverReZ, I already told them about that and yet they make a thread
  • SylverReZ @ SylverReZ:
    @Xdqwerty, Well I'm sure the mods will take care of it.
     +1
  • SylverReZ @ SylverReZ:
    Reminds me of that one Spanish guy who was in here a week or so ago, that wouldn't translate their messages.
  • Arne214 @ Arne214:
    ok sry
  • Xdqwerty @ Xdqwerty:
    @SylverReZ, I don't remember him
     +1
  • BigOnYa @ BigOnYa:
    @SylverReZ Si means yes, no means maybe
     +2
  • Xdqwerty @ Xdqwerty:
    @Arne214, it's fine but dont ask for roms here again
     +2
  • SylverReZ @ SylverReZ:
    @BigOnYa, I only know very little Spanish, haven't done it in 5 years lol.
     +1
  • Xdqwerty @ Xdqwerty:
    @SylverReZ, que tan poco?
  • BigOnYa @ BigOnYa:
    I took 3 years of Spanish in high school, ages ago but don't remb most of it. Like they say, if you don't use it, you lose it.
  • SylverReZ @ SylverReZ:
    @Xdqwerty, A bit. I only know greetings and some other parts. Its quite an easy language to learn.
  • SylverReZ @ SylverReZ:
    But I don't remember most of it.
     +1
  • Xdqwerty @ Xdqwerty:
    @SylverReZ, easy to learn despite having some relatively complex rules
     +1
    Xdqwerty @ Xdqwerty: @SylverReZ, easy to learn despite having some relatively complex rules +1