JustPingo posted some TTP files on a certain site to be used with the upcoming application KernelTimeMachine. This application allows New 3DS users on FW 10.3 to downgrade to the more vulnerable FW 9.2. As of right now this application is still in testing and is not in a stable form at the moment. Upon further investigation I was able to find JustPingo’s GitHub. I downloaded the zip and analyzed the README.MD and it lead to the thread to find more info on KernelTimeMachine. Here’s the info for you to enjoy 🙂
https://twitter.com/JustPingo/status/683416132578050048
- First of all, and most importantly: DO NOT UPDATE WHATEVER FIRMWARE YOU’RE ON; IF YOU HAVE *HAX. IF YOU DON’T, AND THE MOST RECENT FIRMWARE VERSION AVAILABLE IS STILL 10.3, UPDATE AND INSTALL MENUHAX. Thanks. It is recommended for you to get a way to access Homebrew Launcher as soon as possible.
- snshax is indeed a way to downgrade without NAND backup (and install legit CIAs) for firmware under 10.2 as it was patched with that version. This is N3DS-only and not a kernel exploit. However, this is not the only way to do it and it is not very useful anyway because of the following.
- memchunkhax2 is a new kernel11 exploit. This one works on every firmware up to and including 10.3. This allows downgrade (without NAND backup), legit CIA installation, a lot of good stuff (but not direct piracy). This is a new version ofmemchunkhaxthat was not properly fixed by Nintendo in 9.3. This works on 3DS, 3DS XL, 2DS, N3DS and N3DS XL.
- ntrcardhax
is a kernel9 exploit, and this allows piracy (because of the control of ARM9). This exploit needs special hardware (something similar to the PassMe). This is basically an exploit of the fact that ARM9 handles NDS games. More or less. This works on 3DS, 3DS XL, 2DS, N3DS and N3DS XL. This is not 100% needed however as memchunkhax2 allows you to downgrade back to more vulnerable versions like 9.2. - arm9loaderhax is a way to inject a payload directly into a N3DS bootrom(just after thefirm boot). This is like a CFW coldboot N3DS-only.
There is also a way to calculate/bruteforce the constant used by the key scrambler and use that to generate missing KeyX for known normal (AES) keys + KeyY and bypass the keyscrambler all together, which is pretty cool to be honest. This is made to get more keys, nothing usable for the end user.
FAQ
Q: What will this allow ?
A: memchunkhax2 gives ARM11 kernel access, and will allow downgrading to 9.2 for 9.3-10.3, on 2DS, 3DS and New 3DS. That means that it will allow CFW (so, piracy), almost-full speed emulators, CIA decryption, and more.Q: How will this work ?
A: An homebrew using memchunkhax2 will be released for downgrading the firmware with CIA files.Q: What will I need for this ?
A: A way to run the Homebrew Launcher for the current version you are in and the CIA files for downgrading to 9.0-9.2 for your region and your model (New3DS or 3DS). DO NOT REMOVE THEM BEFORE DOWNGRADING!Q: Is it ready yet ?
A: No. It’s still being worked on.Q: When does it comes out ?
A: We can’t give any ETA. Please be patient, it will be released at some point. Developers will give news about this.Q: Where can I find these CIA packs ?
A: You can try downloading these with 3DNUS, or on that ISO site (Google is your friend).Q: Who is working on this ?
A: @Steveice10, @TuxSH, @julian20, @mid-kid, @delebile, and @MassExplosion213 are team-working on memchunkhax2. @motezazer is helping them, too.Q: Who found this ?
A: smealum found snshax, derrek found memchunkhax2 and plutoo found ntrcardhax and arm9loaderhax.Q: Will this allow 9.5+ emuNAND on N3DS ?
A: No.Q: Why can’t I compile the source on the Steveice10’s GitHub repository ?
A: It’s not finished yet, and needs the last modifications on ctrulib.Q: Will downgrade affect my console’s data? Will I loose savegames/games/anything?
A: No. The downgrade only touches to the system itself. All your data is safe. However, downgrading to a firmware version under 9.3 will remove the support of badges on sysNAND.Q: I want to ask something that is not in the FAQ, can I ?
A: Sure, but it has to be related to the topic. We’re not talking about how to download games CIAs, how to install CFW… but questions related to the exploits.
I can’t wait for this to release and this will put an end to all the confusion people had. Are you excited about this information? Leave your comments below and share this article to all users with a New 3DS with a FW above 9.2. I highly recommend everyone get access to the homebrew launcher you plan to take advantage of this application. Don’t miss out on your chance!!!! Get N or Get Out!
Team Hackinformer signing out