869
edits
Changes
Jump to navigation
Jump to search
Line 156:
Line 156: − + + + + + + + + + + + +
→FIRM Process9
|
|
| March 2015, originally 2012 for the first issue at least
| March 2015, originally 2012 for the first issue at least
| plutoo/[[User:Yellows8|Yellows8]], maybe others(?)
| plutoo, [[User:Yellows8|Yellows8]], maybe others(?)
|-
| [[CONFIG Registers#CFG_SYSPROT9|CFG_SYSPROT9]] bit1 not set by Process9
| Old versions of Process9 never set bit1 of [[CONFIG Registers#CFG_SYSPROT9|CFG_SYSPROT9]]. This leaves the [[OTP Registers|0x10012000]]-region unprotected (this region should be locked early during boot!). Since it's never locked, you can dump it once you get ARM9 code execution. It is unknown what this region contains, but most likely per-console keys.
From [[3.0.0-5|3.0.0-5]] this was fixed by setting the bit in Process9 after poking some registers in that region. On New3DS arm9loader sets this bit instead of Process9.
| Dumping of per-console keys, probably
| [[3.0.0-5|3.0.0-5]]
|
| February 2015
| plutoo, Normmatt independently
|}
|}