Changes

3,845 bytes added , 23 January

m

Edited MSET9

Line 7: Line 7:

! Supported firmwares

|-

−

| style="background: ~~DarkOrange~~" | ~~Only new3ds(XL)~~

+

| style="background: lightgreen" | Yes

| [https://smealum.github.io/3ds/ *hax payload]

−

| Booted by all of the below non-sysmodule exploits.

+

| Booted by all of the below non-sysmodule exploits. '''No longer needed as of [https://github.com/AuroraWright/Luma3DS/releases/tag/v8.0 Luma 8.0]'''

−

~~| From~~ '''9.0.0-7''' ~~up to and including~~ '''11.3.0-36''', '''11.4.0-37''' ~~only new3ds(XL)~~.

+

| From '''9.0.0-7''' up to '''11.9.0-42'''.

|}

Line 36: Line 36:

| style="background: lightgreen" | Yes

| [[ninjhax|Ninjhax 2.x]]

−

| From '''9.0.0-7''' up to and including '''11.3.~~0-36~~'''~~, '''11.4.0-37''' only new3ds(XL)~~.

+

| From '''9.0.0-7''' up to and including '''11.9.X'''.

| A cartridge or eShop version (JPN-only, not available anymore for purchase) of "Cubic Ninja".

| smea

Line 43: Line 43:

| style="background: lightgreen" | Yes

| [http://plutooo.github.io/freakyhax/ freakyhax]

−

| From '''9.0.0-7''' up to and including '''11.3.~~0-36~~'''~~, '''11.4.0-37''' only new3ds(XL)~~.

+

| From '''9.0.0-7''' up to and including '''11.9.X'''.

−

| A cartridge or eShop version (USA/EUR/~~JAP~~, not available anymore for purchase) of "Freakyform Deluxe".

+

| A cartridge or eShop version (USA/EUR/JPN, not available anymore for purchase) of "Freakyform Deluxe".

| plutoo

| [http://plutooo.github.io/freakyhax/ Install]

Line 54: Line 54:

| plutoo

| [http://plutooo.github.io/smilehax/ Install]

+

|-

+

| style="background: lightgreen" | Yes

+

| [https://github.com/zoogie/smilehax-IIe smilehax IIe]

+

| From '''9.0.0-7''' up to and including '''11.13.0-45'''

+

| SmileBASIC (JPN version 3.3.2 via app downgrade, USA/EUR 3.6.0, aka latest app version)

+

| zoogie

+

| [https://github.com/zoogie/smilehax-IIe/releases/latest Install]

|-

| style="background: salmon" | No

Line 64: Line 71:

| style="background: lightgreen" | Yes

| [[smashbroshax|smashbroshax]] (beaconhax)

−

| (New 3DS only) From '''9.0.0-X''' up to and including '''11.~~3.0-36''', '''11.4~~.0-37''' ~~only new3ds(XL)~~.

+

| (New 3DS only) From '''9.0.0-X''' up to and including '''11.9.0-37'''.

| Super Smash Bros 3DS (full-game) and a way to broadcast raw wifi beacons. The demo (prior to the updated November 2015 [https://github.com/yellows8/3ds_smashbroshax version]) isn't usable with the *hax payloads. Game-version v1.1.3 fixed the vuln used with this, see the repo for a workaround for that.

| [[User:Yellows8|Yellows8]]

Line 91: Line 98:

| [http://soundhax.com Install]

|-

−

| style="background: ~~darkorange~~" | Yes

+

| style="background: lightgreen" | Yes

| [https://github.com/MrNbaYoh/doodlebomb doodlebomb]

−

| From '''9.0.0-X'''(?) up to and including '''11.4.0-X'''.

+

| From '''9.0.0-X'''(?) up to and including '''11.6.0-X'''.

| An eShop-install of Swapdoodle (version 1.1.1 or lower). As of 2017-4-26, version 1.1.2 was released, blocking outdated app version from sending or receiving messages.

| MrNbaYoh

| [https://mrnbayoh.github.io/doodlebomb/ Install]

+

|-

+

| style="background: lightgreen" | yes

+

| [https://github.com/zoogie/MSET9 MSET9]

+

| From ''1.1.7=X (?) up to and including '''11.9.0'''.

+

| MSET 9 is a exploit installer that can be used on all platforms. It is basic and easy to use.

+

| Zoogie

+

|[https://github.com/zoogie/MSET9 Install]

+

|-

+

| style="background: lightgreen" | Yes

+

| [https://github.com/MrNbaYoh/rpwng2 RPwnG 2]

+

| From '''1.1.7-X'''(?) up to and including '''11.9.0-X'''.

+

| A digital copy of RPG Maker Player (free) ver. 1.1.4 on EUR, ver. 1.1.2 on USA. A 3DS on firmware 11.7.

+

| MrNbaYoh

+

| [https://mrnbayoh.github.io/rpwng2/ Install]

+

|-

+

| style="background: darkorange" | Only if installed before August 28, 2017

+

| [https://twitter.com/MrNbaYoh/status/899394739543437313 RPwnG]

+

| From '''9.0.0-X'''(?) up to and including '''11.9.0-X'''.

+

| An digital copy of RPG Maker Player (free) ver. 1.1.4 on EUR, ver. 1.1.2 on USA/JPN is required. As of August 28, 2017 the code is instantly removed after publishing.

+

| MrNbaYoh

+

| [https://mrnbayoh.github.io/rpwng/ Install]

+

|-

+

| style="background: salmon" | No

+

| [https://github.com/MrNbaYoh/notehax notehax]

+

| From '''9.9.0-X''' up to and including '''11.5.0-X'''.

+

| A digital copy of Flipnote Studio 3D on ver 1.3.1 (JPN) and ver 1.0.0 for EUR/USA (not the latest)

+

| MrNbaYoh

+

| [https://mrnbayoh.github.io/notehax/ Install]

+

|-

+

| style="background: darkorange" | Only if you already purchased Blockfactory before it was removed from the eShop

+

| [https://github.com/Stary2001/haxfactory haxfactory]

+

| From '''9.0.0-X'''(?) up to and including '''11.9.0-X'''.

+

| A digital copy of "Blockfactory" (USA/EUR)

+

| Stary2001

+

| [https://github.com/Stary2001/haxfactory Install]

|}

−

Note that ninjhax 1.x is still not obsolete. Even though ninjhax 2.x can be run on 9.3+, this was made possible (amongst other things) by sacrificing the memory remapping exploit used in ninjhax 1.x (rohax). Therefore, things like JIT engines for emulators can only be supported on ninjhax 1.x. Furthermore, ninjhax 2.x does not run on system versions below 9.0.0-X, while ninjhax 1.x does.

==Secondary Exploits==

Line 121: Line 161:

| style="background: lightgreen" | Yes

| [http://vegaroxas.github.io/ steelhax]

−

| From '''9.0.0-X''' up to and including '''11.3.0-X'''~~, for '''X''' up to and including 36.~~

+

| From '''9.0.0-X''' up to and including '''11.9.0-X'''

| A copy of Steel Diver: Sub Wars

| Vegaroxas

Line 128: Line 168:

| style="background: lightgreen" | Yes

| [https://github.com/yellows8/oot3dhax oot3dhax]

−

| From '''9.0.0-X''' up to and including '''11.3.0-X''', for '''X''' up to and including 36.

+

| From '''9.0.0-X''' up to and including '''11.9.0-X''', for '''X''' up to and including 39.

−

| A gamecard or eShop-install of Legend of Zelda: Ocarina of Time 3D. Besides using the installer app, writing raw saveimages with a save dongle for example is another option. Before compression was introduced in the 2016-7-18 release, the size of the *hax payload meant the exploit can't ~~coexist~~ with regular saves on a physical version of the game.

+

| A gamecard or eShop-install of Legend of Zelda: Ocarina of Time 3D. Besides using the installer app, writing raw saveimages with a save dongle for example is another option. Before compression was introduced in the 2016-7-18 release, the size of the *hax payload meant the exploit can't co-exist with regular saves on a physical version of the game.

| Yellows8 / smea et al.

| See [https://smealum.github.io/3ds/ here].

Line 143: Line 183:

| style="background: lightgreen" | Yes

| [https://github.com/shinyquagsire23/supermysterychunkhax supermysterychunkhax]

−

| From '''9.9.0-X''' (USA/JPN) / '''10.2.0-X''' (EUR) up to ~~and including~~ '''11.1.0-X'''~~, for '''X''' up to and including 34~~.

+

| From '''9.9.0-X''' (USA/JPN) / '''10.2.0-X''' (EUR) up to '''11.9.0-X'''.

| A gamecard or eShop-install of Pokémon Super Mystery Dungeon.

| Shiny Quagsire / SALT team

Line 158: Line 198:

| style="background: lightgreen" | Yes

| [https://github.com/Dazzozo/humblehax humblehax]

−

| From '''9.0.0-X''' (USA/EUR) up to and including '''11.2.0-X'''~~, for '''X''' up to and including 35~~.

+

| From '''9.0.0-X''' (USA/EUR) up to and including '''11.9.0-X'''.

| An eShop-install of Citizens of Earth (either v1 or v2), featured in the Humble "Friends of Nintendo" Bundle.

| Dazzozo / SALT team

Line 165: Line 205:

| style="background: salmon" | No

| [http://mrnbayoh.github.io/basehaxx/ basehaxx]

−

| From '''9.0.0-X''' up to and including '''11.1.0-X'''~~, for '''X''' up to and including 34~~.

+

| From '''9.0.0-X''' up to and including '''11.1.0-X'''.

−

| A gamecard or eShop-install of Pokémon Omega Ruby / Alpha Sapphire.

+

| A gamecard or eShop-install of Pokémon Omega Ruby / Alpha Sapphire v1 or v1.4 with the ability to have a secret base.

| MrNbaYoh

| [http://mrnbayoh.github.io/basehaxx/ install]

Line 172: Line 212:

| style="background: lightgreen" | Yes

| [https://github.com/yellows8/stickerhax stickerhax]

−

| From '''9.0.0-X''' up to and including '''11.3.0-X'''.

+

| From '''9.0.0-X''' up to and including '''11.6.0-X'''.

| A gamecard or eShop-install of Paper Mario: Sticker Star.

| [[User:Yellows8|Yellows8]]

Line 186: Line 226:

| style="background: lightgreen" | Yes

| [https://github.com/MrNbaYoh/painthax painthax]

−

| From '''9.0.0-X''' up to and including '''11.3.0-X'''.

+

| From '''9.0.0-X''' up to and including '''11.6.0-X'''.

−

| An eShop-install of ~~PixelPaint~~.

+

| An eShop-install of Pixel Paint.

| MrNbaYoh

| [https://github.com/MrNbaYoh/painthax/releases/latest install]

Line 204: Line 244:

| MrNbaYoh

| [https://mrnbayoh.github.io/doodlebomb/ Install]

+

|-

+

| style="background: darkorange" | Only if installed before August 28, 2017

+

| [https://github.com/ChampionLeake/RPwnG3 RPwnG3]

+

| From '''9.0.0-X'''(?) up to and including '''11.12.0-X'''.

+

| A Digital/Physical copy of "RPGMaker Fes Player/RPGMaker Fes" (USA/JPN 1.1.2 or lower ; EUR 1.1.4 or lower).

+

| [[User:ChampionLeake|ChampionLeake]]

+

| [https://github.com/ChampionLeake/RPwnG3/releases Install]

+

|-

+

| style="background: lightgreen" | Yes

+

| [https://github.com/luigoalma/nitpic3d nitpic3d]

+

| From '''9.6.0-X'''(?) up to and including '''11.13.0-X'''.

+

| A digital or physical of Picross 3D: Round 2

+

| Luigoalma and Kartik

+

| [https://github.com/luigoalma/nitpic3d Install]

+

|-

+

| style="background: lightgreen" | Yes

+

| [https://github.com/PabloMK7/kartdlphax kartdlphax]

+

| All system versions work.

+

| A digital or physical of Mario Kart 7 for the same region as both consoles

+

| PabloMK7

+

| [https://3ds.hacks.guide/installing-boot9strap-(kartdlphax) Install]

|}

−

==Exploits without Homebrew Launcher ~~(Not recommended)~~==

+

==Exploits without Homebrew Launcher==

−

<u>'''Warning:'''</u> The following exploits can run code, but are missing a 3DSX launcher. They cannot launch any homebrew in the 3DSX format.

+

<u>'''Warning:'''</u> The following exploits can run code, but are missing a 3DSX launcher. They cannot launch any homebrew in the 3DSX format, but could still prove useful by chaining to exploits with higher privileges.

{| class="wikitable" border="1"

Line 218: Line 279:

! Author

! Install

+

|-

+

| style="background: lime" | Yes

+

| [https://safecerthax.rocks safecerthax] (Safe Mode System Updater)

+

| (Old3DS (2DS) (XL)) ''' ALL '''

+

(New3DS (New2DS) (XL)) '''NOT SUPPORTED'''

+

|An O3DS or O2DS that can be booted into [[Recovery_Mode|Recovery Mode]] (hold L+R+Up+A at startup) & an internet connection.

+

|[[User:Nba_Yoh|MrNbaYoh]]

+

|[https://safecerthax.rocks/user-guide/ Install]

+

|-

+

| style="background: lime" | Yes (partially)

+

| [[bannerbomb3]] (System Settings)

+

| (USA / EUR / JPN) '''11.5.0''' to '''11.16.0'''

+

(KOR / TWN) '''(11.4.0)''' '''11.5.0''' to '''latest'''

+

An exploit that uses a buffer overflow in a TWL export banner's title strings to gain rop execution.

+

|A USA, EUR, JPN, KOR, or TWN system with its movable.sed keyY extracted.

+

|[[User:zoogie|zoogie]]

+

|[[bannerbomb3|Install]]

|-

| style="background: salmon" | No

Line 258: Line 339:

==Other Homebrew Loaders==

The [https://github.com/yellows8/hblauncher_loader hblauncher_loader] title can be used when running under modded-FIRM which allows running unsigned titles, to boot the *hax payloads.

+

[https://github.com/AuroraWright/Luma3DS Luma3DS], apart from providing signature patches for the installation and use of custom titles, includes the "Rosalina" system module, which among its features allows cleanly loading 3dsx applications as a native process with full ARM11 system permissions, by replacing an installed title's ExeFS and ExHeader during load time. It is currently the only option for running 3dsx applications on 11.4+ O3DSes; additionally, the *hax 2.x payload is incompatible with Rosalina and therefore so are homebrew applications requiring its target title system.

==Sysmodule Exploits==

BetaCat096

4

edits

Changes

Homebrew Exploits (edit)

Revision as of 12:27, 23 January 2024