Edit Infobox 3DS Homebrews: Universal-otherapp 3DS

Free text:

{{#seo: |title= (Exploits) - GameBrew |title_mode=append |image=3ds.png |image_alt=universal-otherapp }} universal-otherapp is a payload that is capable of running on all system versions, ranging from 1.0 to 11.15, across all regions and models of devices. This payload utilizes complete exploit chains to execute a payload from the SD card. == Usage == This depends on the exploit. The recommended exploit for system versions 1.0 to 11.3 is [https://github.com/nedwill/soundhax soundhax], in which case you just have to put <code>otherapp.bin</code> onto the root of your SD card. == Technical details == We leverage a kernel exploit to alter L1 translation tables entries that were never previously accessed, then run <code>kernelhaxcode_3ds</code> which does the rest of the job. * '''Below system version 9.3''': we use memchunkhax1 * '''9.3 to 11.15''': we exploit <code>sm</code> then leverage this to exploit <code>spi</code>. SPI sysmodule has access to <code>GPUPROT</code>, subsequently allowing us to GPU DMA over the kernel memory ** <code>spi</code> vulnerability has been documented on 3dbrew for years, and hasn't yet been fixed ** <code>sm</code> vulnerability is an unreported 0day. Fixed in system version 11.16 ** <code>safehax</code> or <code>agbhax</code> used depending on version. <code>agbhax</code> hasn't yet been fixed == Testing with Luma3DS == Need to disable firmlaunch patches &amp; build without custom <code>sm</code> sysmodule if using [[Luma3DS]]. ==Media== '''PATCHED! Install CFW on a New Nintendo 3DS 11.14 with Browserhax & universal-otherapp [2021|HD] - ([https://www.youtube.com/watch?v=1DFUeFjYgUE NintendoBrew])'''<br> <youtube>1DFUeFjYgUE</youtube> ==Changelog== '''v1.4.0''' * Add support for system version 9.3, 9.4, 9.5 (previously missing by accident) * Even more LCD fill colors for troubleshooting (orange/magenta/pink) '''v1.3.0''' * New LCD fill colors for troubleshooting: gray before memchunkhax, white before smpwn, gray-blue after smpwn * Add a new exploit path for people with corrupted 3DS systems (mismatching kernel and system title versions). This is disabled by default, however, and needs a rebuild; refer to [https://github.com/TuxSH/universal-otherapp/commit/e5252ab7dd738dac3d0192bbefb77012f8145c6d#diff-7aaf2a1060a633eda3e75a71e84bdf8379c109b66a897e5094c655c602b6f71fR89 this line]. * Stop writing to lgy.log * Other minor changes '''v1.2.0''' * current browserhax exploit is now supported without changes to the latter: ** memory usage decreased ** payload is now position-independent * You may have to rename this file to arm11code.bin to use it with 11.14 browserhax. '''v1.1.0''' *Add support for up to 11.14 (current system version at the time of writing) '''v1.0.1''' * Fix support for 9.3-11.3 * Add more troubleshooting via LCD fill: ** top screen is filled with white when this otherapp starts running ** bottom screen is filled with red in case an error happens '''v1.0.0''' *This launches SafeB9SInstaller.bin at the root of your SD card by default. == Credits == * @zoogie: testing and debugging on exotic firmware versions * @fincs: exploitation ideas, etc. * @aliaspider: memchunkhax code [[Category:Exploits for 3DS]]