Update: 25/05/11 An updated Sudokuhax(final update) will be released at the same time as the final DSiWareHax, but if you already have Sudokuhax and want to copy this updated Sudokuhax to “internal memory” you must still be on 1.4.1.(or below) This updated Sudokuhax and the final DSiWareHax uses an updated SD card loader, changes include faster boot.nds loading among other things.
DSi system update 1.4.2 blocks copying all current and future DSiWare exploits to “internal memory”. Most of you won’t have the final DSiWareHax target, but don’t update for now anyway. Only people who already have the target game, and stay on system version 1.4.1(or below) until exploit release could copy the exploit to “internal memory”. DSiWare savedata exploits are dead with system update 1.4.2, after the release of this exploit later, there will be no more DSiWare savedata exploits.
The EC certificate APCert in the DSiWare on SD card signs the hashes stored in the DSiWare on SD card, this includes hashes of savedata among other things. This APCert is signed by the console-unique TWCert, this cert is signed by Nintendo. This TWCert is stored in NAND.
The initial system settings title verified the APCert with the TWCert contained in the DSiWare stored on SD card. This allowed us to modify DSiWare savedata, since we could resign the APCert with any TWCert from other systems. The new 1.4.2 system settings title verifies the APCert with TWCert stored in NAND. This stops us from modifying DSiWare savedata for arbitrary systems, as the only way to get those system certs is from NAND. When you don’t already have DSiWareHax, it’s impossible to obtain your system certs without soldering NAND. The new system settings will not allow any DSiWare on SD card signed by other systems to copy to “internal memory”.
66 responses so far ↓
1 sciencematthew // Jul 25, 2011 at 6:46 pm
any ETAs or % of completion??? cant wait for the final release, and If I do have the Hax on my system can you make a filebrowser to look at the native OS and maby even theme it.
thank you for your great work!!!
2 sciencematthew // Jul 25, 2011 at 6:49 pm
another random but dumb question, is it possible to change the URL or source of the DSi Ware Shop to somewhere where you can download Homebrew for the DSi, mainly for the people on 1.4.1 or the people too scared to updated?
3 yellows8 // Jul 25, 2011 at 8:07 pm
I’d like to have dsiwarehax support JP, that’s the main thing delaying release. One game exploited for USA/EUR has the bug fixed for JP. For supporting JP another exploitable bug in the JP region of that game would need to be found, or exploit another JP game.(both are really difficult)
“and If I do have the Hax on my system can you make a filebrowser to look at the native OS and maby even theme it.” a) Use hbmenu. b) Use someone else’s loader or write your own.
“is it possible to change the URL or source of the DSi Ware Shop to somewhere where you can download Homebrew for the DSi” …It uses HTTPS, and all titles are RSA-signed of-course.
4 Coto // Jul 26, 2011 at 8:47 am
Hi guys thanks for your awesome job all these years!
You see, I’ve been wondering this since some time but here’s anyway, I do have a 1.41 DSi, but I don’t have any of the target games (sudoku..) but rather the default ones (Opera web br, flipnote studio, camera..).
So my question is:
Would DSiWare hax still work on my DSi even if it doesn’t have the required target game?
5 yellows8 // Jul 26, 2011 at 8:54 am
Coto: No.
6 2600 // Aug 15, 2011 at 7:33 am
I am unable to download the code. I put in MAC address and captcha code and then choose red or blue wire. A second later all details I filled in are wiped out and “The exploit will only work if you enter your Wii’s MAC address.”
TIA
7 yellows8 // Aug 15, 2011 at 8:17 am
2600: Wrong post.
8 Rodrigo Davy // Aug 16, 2011 at 10:43 am
When you release the new DSihack, are you gonna make a brand new post on the site, or you’re just gonna update this one? Are you having any progress with the JP regions problem? Also, are there any plans to, who knows, a 3ds hack?
9 yellows8 // Aug 16, 2011 at 11:47 am
@Rodrigo Davy:
Of course, it would be announced via another post.
And with that one game, I found several more bugs which are also present in the JP version, which includes string buffer overflows. But those buffer overflows are rather difficult to exploit, so far it has only crashed on stuff which isn’t exploitable.
10 Memedan // Aug 19, 2011 at 11:53 am
Will the new sudokuhax have write-access to SD-card if it comes? The new libNDS 1.5.3 will allow this and also allow you to use SDhc-cards. 🙂 So will the new sudokuhax and dsiware-hax base on libNDS 1.5.3???
11 yellows8 // Aug 19, 2011 at 12:01 pm
@Memedan: The apps loaded from DSiWareHax already can write to SD card, the exploit itself doesn’t need to write to SD card. DSiWareHax already had the new sdmmc IRQs code before my libnds patch was submitted.(which made loading boot.nds somewhat faster)
12 jpedro9966 // May 28, 2012 at 6:39 am
Why don’t use the SLOT-1 to create a exploit, too? Maybe this will work. Do like the Wii; make an exploit, then get the CERT, and create an new exploit to others updated consoles.
13 yellows8 // May 28, 2012 at 6:43 am
This is not Wii. You can’t access the SD/NAND bus from gamecard titles. Basically only titles which use NAND can access it.
14 jpedro9966 // May 28, 2012 at 6:43 am
Yeah, and maybe you can short the exploit’s commands, to fit on others games.
15 yellows8 // May 28, 2012 at 6:46 am
The size of the exploit doesn’t matter when it couldn’t access the SD bus from gamecard titles in the first place…
16 anpep // Mar 23, 2014 at 11:04 am
What about using a custom DNS and web server to override the DSi Shop domain and provide custom binaries for downloding though DSiWare?
You must log in to post a comment.