---
title: "BannerBomb3"
---
{% include toc title="Table of Contents" %}
{% capture technical_info %}
Technical Details (optional)
To launch custom code, we exploit a flaw in the DSiWare Data Management window of the Settings application.
To accomplish this, we use your system's encryption key (movable.sed) to build a DSiWare backup that exploits the system.
For a more technical explanation, see [here](https://github.com/zoogie/Bannerbomb3).
{% endcapture %}
{{ technical_info | markdownify }}
{: .notice--info}
### Compatibility Notes
These instructions work on USA, Europe, Japan, and Korea region consoles as indicated by the letters U, E, J, or K after the system version.
If you have a Taiwanese console (indicated by a T after the system version), follow [this page](bannerbomb3-fredtool-(twn)) instead.
{: .notice--warning}
### What You Need
* Your `movable.sed` file from completing [Seedminer](seedminer)
#### Section I - Prep Work
In this section, you will copy the files needed to trigger the BannerBomb3 exploit onto your device's SD card.
1. Slå av enheten
1. Sett inn SD-kortet i datamaskinen din
1. Open [Bannerbomb3 Injector](http://3dstools.nhnarwhal.com/#/bb3gen) on your computer
1. Upload your movable.sed using the “Choose File” option
1. Click “Build and Download”
+ This will download an exploit DSiWare called `F00D43D5.bin` and a payload called `bb3.bin` inside of a zip archive (`DSIWARE_EXPLOIT.zip`)
1. Copy `bb3.bin` from `DSIWARE_EXPLOIT.zip` to the root of your SD card
+ The root of the SD card refers to the initial directory on your SD card where you can see the Nintendo 3DS folder, but are not inside of it
+ This file does not need to be opened or extracted
![]({{ "/images/screenshots/bb3/bb3-root-layout.png" | absolute_url }}){: .notice--info}
1. Navigate to `Nintendo 3DS` -> `` -> `` on your SD card
+ `` is the 32-letter folder name that you copied in [Seedminer](seedminer)
+ `` is a 32-letter folder inside of the ``
+ If you have multiple `` folders, follow the instructions [here](troubleshooting#bannerbomb3)
![]({{ "/images/screenshots/bb3/dsiware-location-1.png" | absolute_url }}){: .notice--info}
1. Create a folder named `Nintendo DSiWare` inside of the ``
+ If you already had the folder *and* there are any existing DSiWare backup files (`<8-character-id>.bin`) inside, copy them to your PC and remove them from your SD card
1. Copy the `F00D43D5.bin` file from `DSIWARE_EXPLOIT.zip` to the `Nintendo DSiWare` folder
![]({{ "/images/screenshots/bb3/dsiware-location-2.png" | absolute_url }})
{: .notice--info}
#### Section II - Hardware Button Check
In this section, you will test the SAFE_MODE function of your device. This will determine which method you will follow in the next page.
1. With your device still powered off, hold the following buttons: (Left Shoulder) + (Right Shoulder) + (D-Pad Up) + (A), and while holding these buttons together, power on your device
+ Keep holding the buttons until the device boots into Safe Mode (a "system update" menu)
1. If prompted to update, press Cancel
+ Your device will power off
+ If the device boots to the HOME Menu, just power off your device
___
### Next steps: Choose an exploit
If your device booted into Safe Mode and prompted to you to do a system update in Section II, Safe Mode is working on your device.
If your device booted into Safe Mode, continue to [Installing boot9strap (USM)](installing-boot9strap-(usm))
{: .notice--primary}
If your device did NOT boot into Safe Mode, continue to [Installing boot9strap (Fredtool)](installing-boot9strap-(fredtool))
{: .notice--warning}