N-archive/Guide_3DS
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

kartdlphax: (mostly) apply #2103

Browse source 
Sync the last 3 sections with HBL-USM. Add descriptions.
This commit is contained in:
lifehackerhansol 2022-10-13 23:23:59 -07:00
parent ae3453e8a9
commit e3e4d269d4
1 changed files with 26 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
_pages/en_US/installing-boot9strap-(kartdlphax).txt
View file

@ -4,24 +4,33 @@ title: "Installing boot9strap (kartdlphax)"
{% include toc title="Table of Contents" %}
### Required Reading
<details>
<summary><em>Technical Details (optional)</em></summary>
<p>In order to exploit the SAFE_MODE firmware of our system, we need to inject an exploited WiFi profile.</p>
<p>To accomplish this, we can use the Download Play functionality of the game Mario Kart 7, using a 3DS with custom firmware already installed along with a custom game plugin.</p>
<p>This custom plugin will send a hacked payload to an unhacked console, which then exploits the system in order to inject the exploited WiFi profile into your connections list.</p>
<p>Once the WiFi profile has been injected, we will use SAFE_MODE, which is a recovery feature present on all 3DS consoles, to activate the exploited WiFi profile.</p>
<p>For a more technical explanation, see the following links for information on the kartdlphax and unSAFE_MODE exploits: <a href="https://github.com/PabloMK7/kartdlphax">kartdlphax</a>, <a href="https://github.com/zoogie/unSAFE_MODE/">unSAFE_MODE</a>.</p>
</details>
{: .notice--info}
kartdlphax is an exploit for the Download Play mode of Mario Kart 7. It can be used with unSAFE_MODE to install custom firmware on target devices.
### Compatibility notes
In order to follow these instructions, you will need the following:
- A second 3DS with custom firmware (the **source 3DS**) that is the same region as the 3DS you are trying to modify (the **target 3DS**)
- The consoles must be USA, JPN, or EUR region consoles
- A physical or digital copy of Mario Kart 7 that is the same region as both consoles
- An SD card for both devices
If the (Right/Left Shoulder), (D-Pad Up), or (A) buttons on the **target 3DS** do not work, you will not be able to follow these instructions. For further assistance with this matter, join [Nintendo Homebrew on Discord](https://discord.gg/MWxPgEp) and ask, in English, for help.
{: .notice--warning}
### What You Need
On the **source 3DS** (the 3DS with custom firmware):
* The latest release of [kartdlphax](https://github.com/mariohackandglitch/kartdlphax/releases/latest) (`plugin.3gx`)
* The latest release of [kartdlphax](https://github.com/PabloMK7/kartdlphax/releases/latest) (`plugin.3gx`)
* The latest release of [Luma3DS 3GX Loader Edition](https://github.com/Nanquitas/Luma3DS/releases/latest) (`boot.firm`)
On the **target 3DS** (the 3DS that you are trying to modify):
@ -33,6 +42,8 @@ On the **target 3DS** (the 3DS that you are trying to modify):
#### Section I - Prep Work (source 3DS)
In this section, you will set up your source 3DS (the 3DS with custom firmware) for delivery of the exploit data to the target 3DS.
1. Insert the SD card of your **source 3DS** in your computer
1. Copy Luma 3GX Loader Edition's `boot.firm` to the root of the **source 3DS**'s SD card, replacing any existing file
+ The root of the SD card refers to the initial directory on your SD card where you can see the Nintendo 3DS folder, but are not inside of it
@ -45,6 +56,8 @@ On the **target 3DS** (the 3DS that you are trying to modify):
#### Section II - Prep Work (target 3DS)
In this section, you will copy the files needed to trigger the unSAFE_MODE exploit onto your target 3DS (the 3DS that you are trying to modify)'s SD card.
1. Insert the SD card of your **target 3DS** in your computer
1. Copy `boot.firm` and `boot.3dsx` from the standard Luma3DS `.zip` to the root of your SD card
1. Create a folder named `boot9strap` on the root of your SD card
@ -91,22 +104,25 @@ You will **not** need to use your **source 3DS** to complete any further steps o
#### Section IV - unSAFE_MODE
In this section, you will enter Safe Mode (a feature available on all 3DS family devices) and navigate to a menu where unSAFE_MODE will be triggered, which will launch you into the boot9strap (custom firmware) installer.
1. With your device still powered off, hold the following buttons: (Left Shoulder) + (Right Shoulder) + (D-Pad Up) + (A), and while holding these buttons together, power on your device
+ Keep holding the buttons until the device boots into Safe Mode
+ Keep holding the buttons until the device boots into Safe Mode (a "system update" menu)
+ If you're unable to get into Safe Mode after multiple attempts, one of your buttons may be failing or broken. If this is the case, join [Nintendo Homebrew on Discord](https://discord.gg/MWxPgEp) and ask, in English, for help.
1. Press "OK" to accept the update
+ There is no update. This is part of the exploit
1. Press "I accept" to accept the terms and conditions
1. The update will eventually fail, with the error code `003-1099`. This is intended behaviour
1. When asked "Would you like to configure Internet settings?", select "Yes"
1. On the following menu, navigate to `Connection 1` -> `Change Settings` -> `Next Page (right arrow)` -> `Proxy Settings` -> `Detailed Setup`
+ This is a [visual representation](/images/safemode_highlighted.png)
1. On the following menu, navigate to `Connection 1` -> `Change Settings` -> `Next Page (right arrow)` -> `Proxy Settings` -> `Detailed Setup` ([image](/images/screenshots/bb3/safemode_highlighted.png))
1. If the exploit was successful, your device will have booted into SafeB9SInstaller
#### Section V - Installing boot9strap
In this section, you will install custom firmware onto your device.
1. When prompted, input the key combo given on the top screen to install boot9strap
+ If the top screen is blank, power off your device and re-do Section IV
+ If the top screen is blank, power off your device and re-do Section III
1. Once it is complete, press (A) to reboot your device
1. Your device should have rebooted into the Luma3DS configuration menu
+ If your device shuts down when you try to power it on, ensure that you have copied `boot.firm` from the Luma3DS `.zip` to the root of your SD card
@ -118,6 +134,8 @@ At this point, your console will boot to Luma3DS by default.
#### Section VI - Restoring WiFi Configuration Profiles
In this section, you will enter the Homebrew Launcher so that you can restore the Wi-Fi connection slots that were overwritten in Section III.
1. Launch the Download Play application
1. Wait until you see the two buttons
+ Do not press either of the buttons