This worked for me on my o3ds, but you can inject any app onto the health & safety banner.
search on gbatemp for '[Release] Inject any app into Health & Safety (O3DS/N3DS/CFW only)'
-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
3DS HOMEBREW Discussion Thread [exploits/carts/applications/games]
- Thread starter Dash Kappei
- Start date
This worked for me on my o3ds, but you can inject any app onto the health & safety banner.
search on gbatemp for '[Release] Inject any app into Health & Safety (O3DS/N3DS/CFW only)'
TenaciousNorth
Member
I downgraded my N3DS to 9.2 around a month ago and last night attempted to update my emunand. I was told to just update within emunand through the system settings as normal. This broke everything and rxtools would no longer boot, just a black screen. So I added reinand on to my sd card which replaced it and seems to work fine except fbi now doesn't install anything, it always reports an invalid signature. I'm assuming I should have installed something differently but not sure on the proper upgrade path and now unsure on how to repair fbi.
Nice, just a quick one Rich, im doing my N3DS now and on step 8....
Follow the options to dump "CTRNAND Padgen" to nand.fat16.xorpad and "CTRNAND Padgen 0x4" to nand.fat16.0x4.xorpad
did you find that when you try and dump CTRNAND Padgen 0x4 it dumps it as the same file name as the CTRNAND Padgen dump (nand.fat16.xorpad) ??
Yeah. Had to rename it and then dump the next one. You gotta be careful there not to mix them up.
Anyhow....
Feels weird man
JoeyJungle
Banned
Not sure if this is the right thread, but Fire Emblem Fates has an undub patch available. I wasn't expecting one to come out any time soon, so I was really surprised to see it on launch day.
https://www.reddit.com/r/3DS/comments/46o2no/fire_emblem_fates_hans_compatible_undubs_have/
^Links to the homebrew patch and instructions on how to enable homebrew and download/install the patch.
Also posted this in the FE Fates thread, but thought it might deserve a mention in this thread as well.
https://www.reddit.com/r/3DS/comments/46o2no/fire_emblem_fates_hans_compatible_undubs_have/
^Links to the homebrew patch and instructions on how to enable homebrew and download/install the patch.
Also posted this in the FE Fates thread, but thought it might deserve a mention in this thread as well.
Now you have the joy of trying to compile arm9loader.3dsx. I had to ask for assistance on GBATemp as there are no guides about on how the hell to compile the damn thing
This is what i did (with the help of Audioboxer on this thread) on my o3ds so should be more or less the same for n3ds but someone chime in if its different....
You need to download the Reinand Mod (AuReiNand 3.5) from GBAtemp and the FIRMs.zip file from the Reinand Mod guthub,
Take the rei-N3ds folder found in AuReiNand and place on the root of your 3ds sd card and rename it to just rei, also from the AuReiNamd archive take arm9loaderhax.bin and reinand.dat and also place that on the 3ds card
In the AuReiNand zrchive take the 'boot.3dsx' file from the Menuhax folder and place that on the root of your SD card also
In the FRIMs.zip take rei-N3DS and again rename to rei, or just copy the files inside it, to rei on your sd card, over write any it ask to.
Then place your complied arm9loader.3dsx in the '3ds' folder in a folder named 'arm9loader' or the like
Once you have done that, boot into sysnand mode and load up HLB and load arm9loader.3dsx to install the exploit. For me when i turn on my 3ds i got the error message on the lower screen and i need to hold down the L button to boot into sysnand mode, again this might be different for you.
No i couldnt find one, thats why i had to ask over on the thread at GBATemp.
Rich, while your here did you have any issues with the Health & Safety injector??, i didnt have any issues on my o3ds but with my n3ds i have injected FBI.cia over the h&s banner everything said it was inject successfully but after i rebooted from Decrypt9 into sysnand and went to the h&s banner and tried to load it it said something about the icon wasnt installed correctly and needed to be reinstalled, and now after a reboot the h&s banner isnt there anymore!!
Worked it out now, i needed to boot into minipasta (via HBL) for the h&s banner to show up again all good now, phew!
Alex Stroud
Banned
I'm trying to do the OTP dump, but when I'm dumping my nands and xorpads, I can only dump the nand.fat16.xorpad and not the one that says 0x4 after it, despite the option being available in my D9 build.
Dump the nand.fat16.0x4.xorpad one first, as for whatever reason it will only allow you to rename it to nand.fat16.xorpad (and not nand.fat16.0x4.xorpad as it should be named), once done press B to go back to the main menu on D9 and press select to unmount the sd card.
Place the sd card in your pc and find the newly created nand.fat16.xorpad file and rename it to nand.fat16.0x4.xorpad as it should be.
Place the sd card back in the 3ds and go and then dump the nand.fat16.xorpad and it will be named it as it should be.
You'll now have, nand.fat16.0x4.xorpad & nand.fat16.xorpad files
Alex Stroud
Banned
So I've done my OG 3DS with ease a while ago, and I'll be getting the Pokemon n3ds , and was hopefully going to downgrade that. But I'm scared that I'm gonna end up screwing it up.
Is the n3ds any more difficult to do than the og3ds? I'm probably just worrying about nothing, but I'd hate screwing it up.
Is the n3ds any more difficult to do than the og3ds? I'm probably just worrying about nothing, but I'd hate screwing it up.
Nope. Easy. I even downgraded my N3DS to 2.1 with no issues (although that was a biiiit more complicated)
Just make sure you use the N3DS 9.2 pack and not the one you used for the OG3DS.
I will! Glad it's easy.
Ive come come a cropper on Section III step 2...
2. Go to http://dukesrg.github.io/2xrsa.html?arm11.bin on your 3ds
when i enter that url in the browser it just seems to load Decrypt9 and not flash the screen a few time!
gingerbeardman
Member
You should make sure you're using the latest releases of the homebrew in your setup and only then update through system settings.
RX needs to be latest otherwise it doesn't work with 10.5 emunand.
FBI are you installing to the correct location?
ReiNand doesn't patch signatures. So run miniPasta if you need signatures patched.
BlueSilver
Member
Alright, so my roadmap so far is to -
Find the 9.2 n3ds files
Get sysupdater (or is safesysupdater better? I've heard conflicting stories)
Attempt the downgrade
These next parts are where it gets fuzzy, since I haven't researched that far, but...
Install a CFW
Backup the NAND
Use the emuNAND
Find a way into the eshop (do I use the trick in the OP?)
My biggest concern is being able to access the eShop while on 9.2 for now. If that's a case of trying to chase 2 rabbits that I'll never catch, just let me know.
Audioboxer
Member
Have you dumped your OTP already? If it's loading decrypt 9 it's because you're using the arm9 and arm11.bin files used to load decrypt9 for NAND restore.
The original arm11.bin file from the beginning of the guide is used for dumping OTP. This is the one that flashes the screen IIRC.
There's no need to have the arm9.bin file on your SD card yet if you've still to dump OTP. Just so you know when the browser is used to dump it saves as ar9f.bin I believe it is. That can just be renamed to OTP.bin.
eShop is easy. Just use the latest firmware on emuNAND, and it's the same as it's always been. Just keep sysNAND on 9.2, upgrade emuNAND as updates are pushed (assuming your CFW supports it)
Wowfunhappy
Member
Hey, just a heads up, I'm selling a hardmodded N3DS in the B/S/T thread.
Happy to negotiate on price.
I bought this foreeeever ago intending to region change it, but then the small N3DS was announced for North America and I haven't touched it since.
The advantage to a hardmodded system is that there's a microUSB port on the back that lets you backup and restore the system's NAND via a PC. So, if you make a backup of the System on 8.1J (which is what it's on now), you can update to the absolute latest system version with no holes whatsoever, and then downgrade again to 8.1J by restoring the backup you made.
Restoring a backup also allows you to unbrick a system—which is to say, the system is virtually unbrickable.
Alternately, you can just ignore the NAND mod altogether or use it as a regular system. But this is the homebrew thread
Happy to negotiate on price.
I bought this foreeeever ago intending to region change it, but then the small N3DS was announced for North America and I haven't touched it since.
The advantage to a hardmodded system is that there's a microUSB port on the back that lets you backup and restore the system's NAND via a PC. So, if you make a backup of the System on 8.1J (which is what it's on now), you can update to the absolute latest system version with no holes whatsoever, and then downgrade again to 8.1J by restoring the backup you made.
Restoring a backup also allows you to unbrick a system—which is to say, the system is virtually unbrickable.
Alternately, you can just ignore the NAND mod altogether or use it as a regular system. But this is the homebrew thread
gingerbeardman
Member
All done using one homebrew app: EmuNAND9
https://github.com/d0k3/EmuNAND9/releases
EmuNand can be updated to the latest (currently 10.5) and used as the latest without worry. eShop just works. Note: it's advisable to update all your homebrew before doing a big update on emuNand.
SysNand always stays untouched at 9.2.
protomouse
Member
Looks like people over at GBAtemp are being idiots and using a title ID spoofer to post arbitrary photos to Miiverse: https://miiverse.nintendo.net/posts/AYMHAAACAAADVHk7uluf8g
Alex Stroud
Banned
Dumped the OTP, restoring my SD backup now. EXCITING.
Which otp guide did you use?
Alex Stroud
Banned
Faster and more reliable booting into CFW in the end. For me, I'm happy with how things are working right now to bother, but if other advantages to it come into play, I may take the plunge.
Required to obtain a key (unique to your console) used for the arm9 hack. Result being homebrew launching on immediate boot - no need to go into sysnand first. Essentially, true custom firmware.
Well, I've been trying to get this working on my 2DS. The process came to a halt when I was supposed to reinstall a CIA manager on the newly-formatted emuNAND. I wasn't able to do anything at all: FBI didn't allow me to install anything, Decrypt9 doesn't boot.
I think I'll restore my emuNAND backup on my 2DS and leave my N3DS alone. I'm fine with using an emuNAND for the time being.
Edit: Wait. I think I was making a dumb. Let me try something...
I think I'll restore my emuNAND backup on my 2DS and leave my N3DS alone. I'm fine with using an emuNAND for the time being.
Edit: Wait. I think I was making a dumb. Let me try something...
Alex Stroud
Banned
Much success! Cold boots into AuReiNand in 7-8 seconds now. Now to begin on my girlfriends 3DS XL. Heard the process was less agonizing on O3DS, so that'll be relaxing at least.
Don't you just need to use CakesFW to install a CIA manager, because it's unsigned? Or am I mistaken?
I was trying to boot Decrypt9 from inside emuNAND. I've been conditioned to think that "things for emuNAND happen in emuNAND", but I hadn't realized that Decrypt9 is able to restore, backup and modify the emuNAND while booting from sysNAND.
I'm restoring the modified 2.1 emuNAND to sysNAND at the moment. Wish me luck.
Edit: Success! Dumping my OTP now
Edit2: Double success! Onto restoring my system now. I guess I'll leave figuring out how to use the OTP.bin and compile it for tomorrow.
Edit3: Meh. Something went wrong. I restored my sysNAND, but it just doesn't work. Nothing opens and it crashes if I try to open the browser. Well, no big loss. This was my throwaway 2DS. Maybe I'll send it to Nintendo to restore it, or whatever... I don't know if I'll try this on my N3DS, though
Yeah sorted it now, just copied over the wrong arm9 file.
Everythings installed now, only issue i have now is if i boot holding L button down i get the 'error has occurred' message and also im unable to get yellows8 hbl cia file to work, just hands on the red lower screen
HowardRoark
Member
I keep getting a "Failed to delete system title" error when attempting to downgrade my EmuNAND to 2.1.
EDIT: I think I may have figured it out, there were leftover 9.2 downgrade files in my /updates folder.
EDIT: I think I may have figured it out, there were leftover 9.2 downgrade files in my /updates folder.
HowardRoark
Member
Success! I now have an OTP.bin and am back on Reinand 10.5. I'll investigate ARM9Loader tomorrow, it's way too late.
I have a few questions about it though. My current setup is:
- Sysnand 9.2
- Emunand Reinand 10.5
- Menuhax/BootCTR to automatically load Reinand
If I want to use ARM9Loader with AuReiNAND, what are my next steps? Do I need to dismantle the Menuhax first?
I have a few questions about it though. My current setup is:
- Sysnand 9.2
- Emunand Reinand 10.5
- Menuhax/BootCTR to automatically load Reinand
If I want to use ARM9Loader with AuReiNAND, what are my next steps? Do I need to dismantle the Menuhax first?
Wait I'm still lost here. How did you get to that point?
Did you have to compile the 3dsx?
BlueSilver
Member
Trying to downgrade and I get the "failed to get cia file info" message. Tried through Browserhax and Menuhax. Used 2 different SD cards so far. Redownloaded the firmware files and redownloaded susupdater. Tried going into ftbrony and going out, then going into sysupdater. I believe that's all I've done. Anyone got any suggestions? I get the feeling that formatting the n3DS might be the way to go, but I'd rather save that as a last resort. I'm on 10.3 right now.
Edit: looks like it finally decided to work.
Edit 2: I just want to say that I've appreciated the help I got with downgrading. =D
Edit: looks like it finally decided to work.
Edit 2: I just want to say that I've appreciated the help I got with downgrading. =D
BrawlPurist
Member
Started backing up NAND files on my secondary n3DS in preparation for dumping OTP, but wound up getting cold feet.
Staring at a plaintext progress indicator for 15 minutes really gives you time to think.
Looking at the current guide, I figure the process is as "complete" and "safe" now as it's ever going to be, considering the unorthodox procedure you have to do to dump the registers. With that in mind, I came to the realization that I'm okay with not having full boot-time control on the 3DS.
Barring some ridiculous breakthrough that allows dumping OTP without mucking around with sysNAND (which as far as I understand is completely impossible due to the way the OTP registers are handled on startup), I think I'll be happy with my 3DS as is.
Since that reads more like a blog post than any kind of meaningful contribution to discussion, I'll call attention to TWL Save Tool which I've been using in combination with JK's SaveManager and some utilities from ProjectPokemon.org as a method to bring my Gen 3, 4, and 5 Pokemon forward to Gen 6 without removing them from their original cartridges.
It's pretty cool stuff.
Staring at a plaintext progress indicator for 15 minutes really gives you time to think.
Looking at the current guide, I figure the process is as "complete" and "safe" now as it's ever going to be, considering the unorthodox procedure you have to do to dump the registers. With that in mind, I came to the realization that I'm okay with not having full boot-time control on the 3DS.
Barring some ridiculous breakthrough that allows dumping OTP without mucking around with sysNAND (which as far as I understand is completely impossible due to the way the OTP registers are handled on startup), I think I'll be happy with my 3DS as is.
Since that reads more like a blog post than any kind of meaningful contribution to discussion, I'll call attention to TWL Save Tool which I've been using in combination with JK's SaveManager and some utilities from ProjectPokemon.org as a method to bring my Gen 3, 4, and 5 Pokemon forward to Gen 6 without removing them from their original cartridges.
It's pretty cool stuff.
Audioboxer
Member
For anyone using Aurora Reinand, there's been a few fast releases for bug fixes with a9lh. Make sure you're up to date
https://github.com/AuroraWright/AuReiNand/releases
https://github.com/AuroraWright/AuReiNand/releases
Even after yesterday's fiasco with my 2DS I'm still tempted to try this on my N3DS. But before I go through all the downgrading and dumping process, I need to know: has someone figured out an easy way to compile/use the OTP after it's been dumped?
Alternatively: can someone here do it for me, if I provide the file?
Alternatively: can someone here do it for me, if I provide the file?
BlueSilver
Member
Ok, now that I have my n3DS on 9.2 (yay!), I believe I now need a CFW and emuNAND. My ultimate goal is to just access the eShop to redeem a download ticket that I bought a few days ago. From what I understand, reiNAND with emuNAND set to 10.5 will allow me to do that, right?
Daniel Jackson
Member
Why is the compiling even neccessarry? Instead of just having a ready-to-run .3dsx available?
Is it just to create a barrier, to make sure only people who 'know' what they're doing will attempt this?
Is it just to create a barrier, to make sure only people who 'know' what they're doing will attempt this?
Because you need to have the machine specific OTP from your own 3ds when compiling. If you use a .3dsx with someone elses OTP your console will brick. That's the way the arm9loaderhax was programmed.
I'm hoping someone will create a version where you just have the OTP in a folder on the SD card instead of having to compile it, but none has done that yet.