-
Notifications
You must be signed in to change notification settings - Fork 4
A9lh fork
This arm9loaderhax fork is based on delibles implementation of the arm9loaderhax exploit, documented here and also presented in this conference. It provides ARM9 code execution directly at the console boot, exploiting a vulnerability present in 9.6+ version of New3DS arm9loader.
It works on both New and OLD 3DS.
This fork of ARM9loaderhax supports the direct loading of an arm9bootloader.bin into the memory (address 0x24F00000). Besides this it supports loading a arm9loaderhax.bin as fallback (address 0x23F00000), and it will directly setup the ARM11 thread for the upcoming ARM11-API, so every arm9payload loaded after this is able to use it. If it fails to find one of the 2 files, the console will shutdown.
After the compilation you'll have three files in the data_output directory:
- arm9loaderhax.3dsx
- arm9loaderhax.bin
- arm9loaderhax.pack
The .pack file contains all the content that will be installed (in case of a full package, your console-unique data too), and has to be placed in the root of your SD card.
The .bin file is an indipendent payload that can be launched from Brahma2, CakeHax, Arm9LoaderHax itself (mainly for update the exploit), and so on. It is the installeing software, once you find your way to launch it, just follow the instruction.
The .3dsx file is a pre-buildt Brahma2 3dsx that can be launched on consoles with firmware below 9.2 through the Homebrew Launcher. It is a loader for the .bin file, wich is included in the 3dsx.
When some essential parts of the software will be released, you'll be able to update your setup with the installer by using .pack files that i will provide in future releases.