---
title: "BannerBomb3"
---

{% include toc title="Sisällysluettelo" %}

<details>
<summary><em>Technical Details (optional)</em></summary>
<p>To launch custom code, we exploit a flaw in the DSiWare Data Management window of the Settings application.</p>
<p>To accomplish this, we use your system's encryption key (movable.sed) to build a DSiWare backup that exploits the system.</p>
<p>For a more technical explanation, see <a href="https://github.com/zoogie/Bannerbomb3">here</a>.</p>
</details>
{: .notice--info}

### Compatibility Notes

These instructions work on USA, Europe, Japan, and Korea region consoles as indicated by the letters U, E, J, or K after the system version.

If you have a Taiwanese console (indicated by a T after the system version), follow [this page](bannerbomb3-fredtool-(twn)) instead.
{: .notice--warning}

### Tarpeet

* Your `movable.sed` file from completing [Seedminer](seedminer)

#### Vaihe I – Valmistelut

In this section, you will copy the files needed to trigger the BannerBomb3 exploit onto your device's SD card.

1. Sammuta konsolisi
1. Aseta SD-korttisi tietokoneeseesi
1. Open [Bannerbomb3 Injector](http://3dstools.nhnarwhal.com/#/bb3gen) on your computer
1. Upload your movable.sed using the “Choose File” option
1. Click “Build and Download”
  + This will download an exploit DSiWare called `F00D43D5.bin` and a payload called `bb3.bin` inside of a zip archive (`DSIWARE_EXPLOIT.zip`)
1. Copy `bb3.bin` from `DSIWARE_EXPLOIT.zip` to the root of your SD card
  + The root of the SD card refers to the initial directory on your SD card where you can see the Nintendo 3DS folder, but are not inside of it
  ![]({{ "/images/screenshots/bb3/bb3-root-layout.png" | absolute_url }}){: .notice--info}
1. Navigate to `Nintendo 3DS` -> `<ID0>` -> `<ID1>` on your SD card
  + `<ID0>` is the 32-letter folder name that you copied in [Seedminer](seedminer)
  + `<ID1>` is a 32-letter folder inside of the `<ID0>`
  ![]({{ "/images/screenshots/bb3/dsiware-location-1.png" | absolute_url }}){: .notice--info}
1. Create a folder named `Nintendo DSiWare` inside of the `<ID1>`
  + If you already had the folder *and* there are any existing DSiWare backup files (`<8-character-id>.bin`) inside, copy them to your PC and remove them from your SD card
1. Copy the `F00D43D5.bin` file from `DSIWARE_EXPLOIT.zip` to the `Nintendo DSiWare` folder

![]({{ "/images/screenshots/bb3/dsiware-location-2.png" | absolute_url }})
{: .notice--info} 

#### Section II - Hardware Button Check

In this section, you will test the SAFE_MODE function of your device. This will determine which method you will follow in the next page.

1. With your device still powered off, hold the following buttons: (Left Shoulder) + (Right Shoulder) + (D-Pad Up) + (A), and while holding these buttons together, power on your device
  + Keep holding the buttons until the device boots into Safe Mode (a "system update" menu)
1. If prompted to update, press Cancel
  + Your device will power off
  + If the device boots to the HOME Menu, just power off your device

___

### Next steps: Choose an exploit

If your device booted into Safe Mode and prompted to you to do a system update in Section II, Safe Mode is working on your device.

If your device booted into Safe Mode, continue to [Installing boot9strap (USM)](installing-boot9strap-(usm))
{: .notice--primary}

If your device did NOT boot into Safe Mode, continue to [Installing boot9strap (Fredtool)](installing-boot9strap-(fredtool))
{: .notice--warning}