KartMiner7-Exploit the 3DS with Mario Kart 7

Yes, I know, there are already several ways to get a custom firmware on your 3DS. There are even other exploits for Mario Kart 7 out there, but another one wouldn’t hurt. Lots of you out there have a 3DS and have Mario Kart 7, so why not give this a go?

What is KartMiner 7?

This is a BETA stage exploit for Mario Kart 7. This is the 3rd public exploit of this extremely popular game, this time targeting the extdata savegame on the sd card. It works with both the digital and cartridge version of the game on app version 1.2.

How was KartMiner 7 Found?

The flaw was found by simply fuzzing the entire 1MB+ of extdata save file, creatively named “data.dat”, with continuous, indexed u32s. This resulted in multiple crashes, with some contexts, having my fuzzed data showing up in various registers, and near-branch instructions. The wide scope of this fuzzing naturally crashed multiple threads, but those were pretty easily handled by spraying their stacks with sleeping gas :p The US version 1.2 of the source code has comments if you need more precise (and messy) info.

How to use KartMiner 7?

What you need:

1. Unmodified USA, EUR, or JPN new3ds or old3ds. (I’m using the official instructions, it doesn’t mention 2DS or 2DSXL, but I’m 99% sure this will work on those too).
2. Any version of Mario Kart 7. This means digital or physical.
3. Windows PC with an SD card reader of some kind.
4. KartMiner 7 install from here.

Instructions:

1. Update your 3DS to 11.17.
2. Update your Mario Kart 7 to version 1.2. If you’ve played online recently, this should already be the case.
3. Start the steps at https://3ds.hacks.guide/seedminer.html but STOP it and continue here when you get your system’s movable.sed file. Place movable.sed inside the resources folder.
4. (Skip this step if you’ve done it before.) Boot up your 3ds and start mk7 and tap “Mario Kart Channel” at the bottom and then “Streetpass List” also at the bottom. Then agree to all the prompts to get sd extdata, spotpass, streetpass, etc. initialized.
5. Turn off Wifi on your 3DS (for several reasons).
6. Turn off your 3DS, remove SD card, and insert it into your PC.
7. In the Release folder of KartMiner 7, double-click on the .bat that matches your 3DS’s model type and region.
8. Your hax upload should work, this is confirmed if there is no red text and it says “finished” at the end.
9. Return your SD card into your 3DS and power it on.
10. Turn your 3ds on, boot Mario Kart 7, and go to Mario Kart Channel -> Streetpass List -> Press A repeatedly (but slowly) to get past all the menu screens until the hax launches.
11. If successful, you should arrive at a black-and-white screen titled “3DS ROP xPloit Injector”. You now have a choice of further exploits to install: unsafe_mode or menuhax67. From there you can follow any up to date YouTube video on how to use either of those to complete your installation.

Source