N-archive/Guide_3DS
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
Guide_3DS/_pages/DSiWare-Downgrade-(Save-Injection).md
Plailect 27d1e07afe
Anniversary Edition
2018-11-18 19:15:01 -05:00

12 KiB
Raw Blame History

title permalink
DSiWare Downgrade (Save Injection) /dsiware-downgrade-(save-injection).html

If you are between on version 11.0.0 or 11.1.0, you must follow this guide to downgrade your NATIVE_FIRM using DSiWare {: .notice}

This takes advantage of an oversight which allows DSiWare titles to read and write anywhere in NAND. {: .notice--info}

Be prepared to wait 20 minutes (New 3DS) to an hour (Old 3DS). Slowhax (waithax) is named so for a reason. {: .notice--info}

This is a currently working implementation of the "FIRM partitions known-plaintext" exploit detailed here. {: .notice--info}

Your DSiWare's save will be backed up before getting replaced by the hacked save. {: .notice--info}

What you need

Instructions

Section I - Prep Work
  1. Copy and merge the 3ds folder from the 3ds_dsiwarehax_installer .zip to the root of your SD card
  2. Copy the 4B51394A folder from 4B51394A.zip to the /3ds/3ds_dsiwarehax_installer/dsiware/ folder on your SD card.
  3. Copy and merge the 3ds folder from the 3DSident .zip to your SD card
  4. Copy waithax.3dsx to the /3ds/ folder on your SD card
  5. Copy boot.nds to the root of your SD card
  6. Copy boot.3dsx to the root of your SD card, replace existing files
  • This will ensure that the Homebrew Launcher is up to date; older versions will freeze when your try to launch 3ds_dsiwarehax_installer
  1. Copy and merge the 3ds folder from the TinyFormat .zip to the root of your SD card
  2. Create a folder named dgTool on the root of your SD card if it does not already exist
  3. Copy the contents of the NFIRM .zip to the dgTool folder on the root of your SD card
  4. Reinsert your SD card into your 3DS
Section II - Backup DSiWare

After completing the entire guide, you can use this backup to restore your DSiWare saves by deleting the DSiWare from your System Memory and copying it from your SD Card. {: .notice--info}

This backup can only be used on this NAND. If you format your 3DS or restore another NAND (specifically if movable.sed is ever modified), it will become unusable. {: .notice--info}

  1. Go to System Settings, then "Data Management", then "DSiWare"
  2. Copy the DSiWare game you intend to use to the SD Card
  3. Exit System Settings
Section III - waithax
  1. Get into the Homebrew Launcher using your entrypoint
  2. Launch waithax
  3. Wait
  • On New 3DS, this will take about 20 minutes (due to a bug, this can take the same time as an Old 3DS for some systems)
  • On Old 3DS, this will take about an hour
  1. Once it's done, press (Start) to exit
  2. Launch 3ds_dsiwarehax_installer
  3. Select the DSiWare game you want to install the exploit on
  4. Once it's done, press (A) to exit
  5. Press (Start) to open the homebrew launcher exit menu
  6. Press (A) to exit
Section IV - Backing up NAND
  1. Launch your DSiWare game
  2. Launch dgTool using your DSiWare game
  • Fieldrunners: Touch the 'Scores' button at the main menu
  • Legends of Exidia: After pressing (A) or (Start) at the two title screens, select the first save slot and press continue
  • Guitar Rock Tour: Scroll down and go to High-Scores -> Drums -> Easy
  • The Legend of Zelda: Four Swords (Anniversary Edition): Just start the game
  • If your game does not have the hacked save file installed, restart from the beginning
  1. Select "Dump nand" to backup your NAND
  • This will take a while
  1. Make note of the NAND backup's location
  2. Exit dgTool
  • You may have to force power off by holding the power button
  1. Put your SD card in your computer, then copy NAND_N3DS.bin or NAND_O3DS.bin (depending on your device) to a safe location
  • Make backups in multiple locations
  • This backup will save you from a brick if anything goes wrong in the future
  • You will format your device as part of the steps on this page in order to prevent the soft brick described on 9.2.0 Downgrade; this backup will be used to restore your device once you get to the Installing arm9loaderhax
  • Your backup should match one of the sizes on this page; if it does not, you should delete it and make a new one!
Section V - Flashing NFIRM

Never downgrade with dgTool on a device that already has arm9loaderhax installed or you will BRICK! {: .notice--danger}

  1. Launch your DSiWare game on
  2. Launch dgTool using your DSiWare game
  • Fieldrunners: Touch the 'Scores' button at the main menu
  • Legends of Exidia: After pressing (A) or (Start) at the two title screens, select the first save slot and press continue
  • Guitar Rock Tour: Scroll down and go to High-Scores -> Drums -> Easy
  • The Legend of Zelda: Four Swords (Anniversary Edition): Just start the game
  1. Select "Downgrade FIRM to 10.4" and confirm to flash the 10.4.0 NFIRM bin
  2. Exit dgTool
  • You may have to force power off by holding the power button
  1. Reboot
Section VI - Exploit verification
  1. Reinsert your SD card into your 3DS
  2. Launch the homebrew launcher on using your entrypoint
  3. Launch 3DSident
  4. Verify that the following:
  • Kernel version: 2.50-11
  • FIRM version: 2.50-11
  • If either of these do not display the versions above, make sure you used the correct NFIRM zip and try flashing NFIRM again
  1. Press any button to exit back to the Homebrew Launcher
Section VI - Formatting device

This will prevent the soft brick described in 9.2.0 Downgrade. The backup you made earlier will be used to restore your device once you get to the Installing arm9loaderhax. {: .notice--info}

You will not lose any data as long as you have that backup and restore it once you get to the Installing arm9loaderhax. {: .notice--info}

  1. From the Homebrew Launcher, launch TinyFormat
  2. Press (Y) to format the device
  3. Do the initial setup of your device

Your version number will not have changed in the settings. {: .notice--info}

Continue to 9.2.0 Downgrade {: .notice--primary}