Hacking [IN PROGRESS] New Homebrew Launcher Exploit for 3DS

[TheHomesk1llet]

Wait, now I'm confused. Is it going to launch a .3ds/.cia for something like the Ninjhax launcher, or is it going to launch something like Big Blue Menu?

I'm still thinking about that. Putting anything devmenu or bbb will render my exploit illegal, and I won't be able to post it here. As far as I know, those are the only options. Worst case scenario, I make two exploits; one that installs a way to launch code from the SD card and another that runs the homebrew launcher using the exploit made with the previous launcher.

just a question here,
does your statement 1 above means your CFW will totally not work on N3DS regardless if it is <9.2 or 9.2+?
or theres a posibility that it will work once you can work with it (once N3DS is available worldwide so someone can test your CFW) if the N3DS is <9.2?

hope theres i still a chance for N3DS if it comes with <9.2
thanks...

As of now, the CFW will not work with the N3DS, regardless of the firmware version. I may be able to make a new CFW if people manage to decrypt and reverse the N3DS, and I don't know how long that'll take.

 

[0xFFFF]

Nah, I'm not insulted. I wouldn't believe someone, either, if they didn't have any previous work to show for it.

I have been programming since I was in...I dunno, 7th grade? I started off with javascript and later moved on to Java. After about half a year of learning Java, I took a break from programming until about two years ago, when I started learning C++ and picked up Java again. I studied that off and on for a little while and then switched to C# a year ago.

As for the programs I've made, I made an android benchmarking program using Java, but I have no idea where it is. My first application (and the one I'm most proud of) is a PC game. It is meant as a project for myself to learn C#. The version I have (that has not been released) is much more complicated than the one that I have ready for public view. I can post the current beta if you'd like, but it's not nearly as impressive as the build I'm working on right now.

All other stuff is just testing random functions, some programs putting them together to make useless applications. It's practice for when I actually make an application (such as this one).

That's sounds good. You seems to know what you are doing.
Very well, I'm looking forward to this.
Hey, if you need any help regarding reverse engineering, hit me up, I might help you.

 

[leerpsp]

I'm still thinking about that. Putting anything devmenu or bbb will render my exploit illegal, and I won't be able to post it here. As far as I know, those are the only options. Worst case scenario, I make two exploits; one that installs a way to launch code from the SD card and another that installs the homebrew launcher, or anything else you want.

I Think making 2 would make every one happy one that is for just hombrew and the other one to install anything else like me for one just would like to back up my games i own and run it with out switching game cards!

 

[Zidapi]

Working with?
She's reading his blog.

I'm working with Bill Gates because I started programming on windows 95


http://yifan.lu/2015/01/17/reversing-gateway-ultra-stage-3-owning-arm9-kernel/

She even copied the word "owning" from the blog.

Ugh sorry, I confused this thread with this one "using-custom-launcher-dat-with-gateway-go" to which both Yifan Lu and st4rk are contributing to.

 

[TheHomesk1llet]

That's sounds good. You seems to know what you are doing.
Very well, I'm looking forward to this.
Hey, if you need any help regarding reverse engineering, hit me up, I might help you.

Sounds awesome, thanks.

 

[VinsCool]

Well that is a thread to follow.
A homebrew launcher WIP, and some bullshit to read
Good luck to you

 

[Bond697]

so basically, you read yifanlu's posts and from that you're able to make a custom firmware and a new homebrew launcher? wow. and why would you need to "translate" yifanlu's pseudocode into actual C? it's already in the gateway launcher you're supposedly going to use. if you had actually analyzed the launcher like you said you did, then you would know that.

this is crazy.

e: wait, you're doing this for 4.x? what the fuck? why would you need any of this? the old exploit is easier to use.

 

[leerpsp]

so basically, you read yifanlu's posts and from that you're able to make a custom firmware and a new homebrew launcher? wow. and why would you need to "translate" yifanlu's pseudocode into actual C? it's already in the gateway launcher you're supposedly going to use. if you had actually analyzed the launcher like you said you did, then you would know that.

this is crazy.

e: wait, you're doing this for 4.x? what the fuck? why would you need any of this? the old exploit is easier to use.

So you can use just the 3ds and SD card with out out going out buying other stuff like flash cards,Also other reasons im sere but I don't see why it matters how its being done at lest some one is doing something.

 

[TheHomesk1llet]

so basically, you read yifanlu's posts and from that you're able to make a custom firmware and a new homebrew launcher? wow. and why would you need to "translate" yifanlu's pseudocode into actual C? it's already in the gateway launcher you're supposedly going to use. if you had actually analyzed the launcher like you said you did, then you would know that.

this is crazy.

e: wait, you're doing this for 4.x? what the fuck? why would you need any of this? the old exploit is easier to use.

Read the thread.

 

[Bond697]

i did. this is never going to happen.

 

[Fusionz]

yay this sounds promising, TheHomesk1llet if you ever want graphics/pictures etc. for the launcher just ask me and I could help i'll send you samples when you ask. (If the time comes for that and if you want an awesome GUI)

 

[TheHomesk1llet]

yay this sounds promising, TheHomesk1llet if you ever want graphics/pictures etc. for the launcher just ask me and I could help i'll send you samples when you ask. (If the time comes for that and if you want an awesome GUI)

Thanks for the offer, but I specialize in graphic design c: I'd like to do that part myself.

 

[leerpsp]

i did. this is never going to happen.

there were people like you back when psp 3,000 and go come out and they were saying that they would not ever be hacked or things made for them, Now they look like fools. it's gonna happen and when it does its gonna be the biggest thing to happen to the 3DS then pokemon

 

[noctis90210]

As of now, the CFW will not work with the N3DS, regardless of the firmware version. I may be able to make a new CFW if people manage to decrypt and reverse the N3DS, and I don't know how long that'll take.

but theres already a video on gateway site that shows GW3DS is working for N3DS JAP version? am i right?
so once GateWay release a launcher that works on N3DS, it means you can reverse engineer it too?

 

[TheHomesk1llet]

but theres already a video on gateway site that shows GW3DS is working for N3DS JAP version? am i right?
so once GateWay release a launcher that works on N3DS, it means you can reverse engineer it too?

Someone can, probably. I'm not going to.

 

[VinsCool]

there were people like you back when psp 3,000 and go come out and they were saying that they would not ever be hacked or things made for them, Now they look like fools. it's gonna happen and when it does its gonna be the biggest thing to happen to the 3DS then pokemon

Bond697 knows his stuff, don't be fooled.

 

[yifan_lu]

so basically, you read yifanlu's posts and from that you're able to make a custom firmware and a new homebrew launcher? wow. and why would you need to "translate" yifanlu's pseudocode into actual C? it's already in the gateway launcher you're supposedly going to use. if you had actually analyzed the launcher like you said you did, then you would know that.

this is crazy.

e: wait, you're doing this for 4.x? what the fuck? why would you need any of this? the old exploit is easier to use.

Yeah I didn't get that part either. Launching custom code with GW's code and stuff is as simple as putting your arm code at the right offset in the launcher.dat and reencrypting it. Maybe OP wants to do it in a simpler way (aka don't require reencryption) but that isn't the case because you don't need to recreate anything, it'll just be taking bits and pieces from my annotated rop listing. But then also... converting ROP payload to C code? Wtf. Yeah, I don't know what's going on here at all.

 

[Slushie3DS]

Hopefully, someone figures out how to put GPU DMA hacks to more use before patching has been made.

Anyway...

 

[Zidapi]

How is he a joke? Not only is he helping the community but he actually knows what he's doing unlike you

Ignore the haters, you guys can make a really good exploit

Ignore json, he's just a sad, pathetic person. 90% of his "contributions" to this community are posts insulting others.

As you suggested, he doesn't know anything about hacking, coding, REing or anything pertaining to this thread.

Therefore can't make any meaningful contribution, instead he resorts to insulting people. It's all rather pathetic really.

 

[TheHomesk1llet]

Yeah I didn't get that part either. Launching custom code with GW's code and stuff is as simple as putting your arm code at the right offset in the launcher.dat and reencrypting it. Maybe OP wants to do it in a simpler way (aka don't require reencryption) but that isn't the case because you don't need to recreate anything, it'll just be taking bits and pieces from my annotated rop listing. But then also... converting ROP payload to C code? Wtf. Yeah, I don't know what's going on here at all.

If it's as simple as that, you wouldn't happen to know the right offset from the beginning to the end, would you?

...Shit, I bet it's on your page...gimme a second.