Nintendo DSi CFW

Discussion in 'Nintendo handhelds' started by ivamark, Jul 23, 2017.

  1. ivamark

    ivamark Well-Known Member

    3,958
    625
    113
    Nisam bas siguran kako ce ovo da radi ali izgleda da nam stize CFW za DSi.


    Naravno sada gledam i kod mene je DSi XL 1.4.5 a DSi 1.4.1 :/

    1. The exploit requires 1.4.0 firmware! Older or newer fw revisions do not work!
    2. The exploit requires a flashcart that you are able to modify the internal rom it presents to the system.
    3. Details on which cards will be compatible will be revealed at a later time.
    4. The exploit involves a buffer overflow flaw involving section 3 of the white list.
    5. This overflow occurs on arm7 thus allowing overwriting memory exclusive to arm7.
    6. As a result a large enough overflow will hit the IRQ interrupt handler. This is how we gain code execution.
    7. Arm9 was relatively easy to take over. Though data caching presented a minor roadblock while testing on hardware. :p
    8. I currently use a modified build of nds-bootloader from WinterMute's github. You know, that portion of hbmenu responsible for booting SRLs. :p
    9. Because we already gained arm7 we only had to put arm9 in the correct wait state so that nds-bootloader can do it's thing. :D
    10. The exploit in theory can work from the menu once it's running. But we currently make use of the auto boot feature to ensure a stable consistant environment. Tests with a second console suggest that is the case. Note that the exception vector for arm7 seems to either be somewhere else once the menu GUI is running or the overflow hits something else causing arm7 to crash early. Currently we plan to only target exploiting the system with an autoboot rom as it's more predictable.
    11. The exact machanics of the arm9 take over and how nds-bootloader is loaded may change. Currently the entire payload fits on the cart. But we may allow reading a payload off SD instead.

    Credits to NoCash, Gericom, and Normmatt for help testing/figuring this out. Big credit to StuckPixel who put in most of the coding needed to make this happen. My contribution was finding the flaw and help with testing on hardware.


    I will release further details as we finalize this exploit and prepare stuff that will make installing it easier.

    Note you will either need a nand mod or a DSiWare based exploit to downgrade your console/install the modified white list needed for this to work. Hopefully we'll have a better solution then simply using fwtool to do this so that may be the factor that determines release date so please be patient!

    When things are ready I will update this thread
     
    Last edited: Jul 23, 2017
  2. CTOJAH

    CTOJAH A GDE JE PC!?!?!?

    3,593
    550
    113
    @ivamark
    Dali ovo znaci da cemo sada dobiti i DSi fragment NDS emulacije ? (Ima nekoliko igara koje su izasle SAMO za DSi :()
     
  3. ivamark

    ivamark Well-Known Member

    3,958
    625
    113
    nisam ekspert, ali vervatno ne. Ovo samo ukida sigurnosne provere. A i DSi ware ekskluzive su buranija.
     

Share This Page