Report Blog Entry
Hello everyone!
i am not the best at introductions... i'm basically going to be retelling the hacking history of the console, starting off from the early days of it in 2011 and finishing on today! this is quite the long story so forgive me for the length of this blog post
The Beginning
the hacking started off really early on this console... well, techincally. as you may know, this console's predecessor was the Nintendo DS, a really similar handheld that had already been hacked with the use of R4 Flashcarts.
and well, since the 3DS has full backwards compability with the DS, these flashcarts worked perfectly on it! which meant you were able to use these from the moment the console launched. but here's the issue...
the 3DS doesnt exactly emulate the DS to be able to run these games. it's more like theres a DS INSIDE the 3DS. so whenever we launch a DS Game or Flashcart, this is opened on what we call DS Mode. this is an entirely separate mode from the actual 3DS, which means theres no way to access the console through R4 flashcarts. sure, you could still use homebrew, pirated games and ROM hacks, but only for DS games. of course, the hacking scene wasnt interested on this; their goal was to hack the actual 3DS.
Gateway
the story of Gateway on the 3DS hacking scene is suuuper long so bare with me here while i try to summarize it as much as possible
these flashcarts were incredibly controversial from day one. the fact that they existed and were the most popular way to hack a 3DS generated a huge conflict on the 3DS hacking scene. basically, it was a conflict of interests:
the hacking scene's main goal is usually stuff like: having full control of the system, enabling homebrew, ROM hacks, etc. but, on the other hand, Gateway had only one goal: enabling piracy. so the community kinda got divided in two: people who didn't want to enable piracy, and people who DID want to enable piracy.
me personally, i'm all in for it LOL
games are pretty much innaccesible for reasonable prices where i live (and Nintendo hates South America apprently). it's also great for preserving games that you may not be able to play anymore in the future, and generally, who gives a shit?? it's Nintendo after all... it's always morally correct to pirate games from huge companies idc
going back to the topic, not only was the hacking scene divided but also Gateway contributed absolutely nothing to homebrew and completely dominated the 3DS hacking scene. also, of course, this company had no actual interest on being useful to the community, they just wanted money
here's how Gateway cards worked:
for it to work you needed two cards: a blue one, and a red one. to enable custom code to run, the blue card used an exploit we know as MSET Exploit.
usually, if you wanted to change your name on a game you would go to the DS menu, but since this doesn't exist on the 3DS, what the mode does is get your name from the 3DS information and then displaying it on game. Gateway took advantage of this fact by doing the following:
the blue card changes the DS profile info to a random and super long string of characters, which overloads the console and creates what we know as a entry point.
this, however, didn't let you run any homebrew applications and it was patched by a system update some months later. which meant it was totally useless to the hacking scene and they had made no progress to run homebrew on the console
this part is a tad bit hard to explain but it's kinda important to the story, so i'll try my best to make it understandable
after the exploit was patched, Gateway cards had this sort of temporary update that let you still take advantage of the exploit AND update your console. they let you run emuNAND, which is basically like... emulating the console ON the console itself. kinda like dual booting.
emuNAND stands for Emulated NAND, which means that your entire NAND (system memory) runs off your SD card, but it's totally separated from your sysNAND.
so, you can run a newer 3DS version from your SD card, while having an older version on the console's firware which still let you use the MSET exploit. this was only temporary while Gateway tried to find another entry point
around this time a LOT of Gateway clones started to appear, doing basically the exact same thing as Gateway but for cheaper. of course, the company was not happy about this fact. the way they decided to approach the problem sure was... interesting.
they released a new update which supposedly added "Many stability improvements"... which wasn't entirely true. what this update did was basically search for any sort of change in the code of the card, and if it found any, it automatically self-destructed. but not only did it do that, but it actually destroyed the ENTIRE console system, rendering it useless. this of course was to damage the reputation of their competition, and it would have worked... if the code hadn't triggered on ACTUAL gateway cards too. it was basically self-sabotage... but even after all of this, Gateway remained the number one method to hack your 3DS. after all, no actual progress was being made on the scene and at the end of the day you would have to use Gateway if you really wanted to hack your console
from this point onward there WAS more controversy and stuff surrounding Gateway but i don’t think it’s that necessary to include so i’ll straight up skip to 2014
Ninjhax
the New 3DS was about to release, and if smea had shared what the exploit was, Nintendo could have just made a hardware revision to prevent the exploit from being used on the New 3DS. this meant the exploit was kept from the public for months on end, and without having many interesting updates on the hacking of the console, the patience from other people in the scene was running out
however, in November of 2014, smea finally released the exploit, announcing that in order for it to work we would have to use a specific game that created an entry point: Cubic Ninja
if you’ve never heard of it don’t worry, it was a low quality game that barely anyone knew, and it was picked for that exact reason; it had a very low price and was really easy to obtain. well, that was until literally a day after the announcement. Cubic Ninja ended up being three times more expensive than its original price and Nintendo had to take down the game from the eShop
of course, since this was a shitty game it also had shitty programming. you see, this game had a level creator mode in which you could. well. create levels and import levels from other people through a QR code
these levels had a certain size limit, but here’s the thing: the game NEVER checked the size of your level before loading it, so if you were to download a level with a much much bigger size, it would overload the console and therefore create an entry point.
this exploit did allow you to run homebrew but it did not enable piracy, since the creator of it was very against it
Other methods
by this i mean you could only play 10 games ever, and if you wanted to pirate more games you would have to buy more Sky3DS cards. there was literally no reason for this apart from making more money, which also caused a lot of controversy in the hacking scene. this eventually led to Sky3DS removing the 10 game limit tho
from this point onward many other methods of hacking a 3DS were released but i don’t think any of those are that important either. i’m trying to keep this as simple as possible so i’ll have to skip over some parts of the story sorry
if you do want to read more about these however, some that you can check out are browserhax and Soundhax, both pretty cool exploits that came after Ninjahax without the need for a game to hack the console
RXTools and emuNAND
this is a bit technical and complicated forgive me if i don’t explain it right, but the early custom firmwares of the 3DS also used emuNAND. there was a certain issue with this method tho
this is when Arm9LoaderHax was first released. this hack allowed 3DS homebrew to run before the sysNAND booted up, successfully bypassing the update
this was later on refined into Boot9Strap which allows CFW (Custom FirmWare) to boot at an even earlier point, and has a 100% bootrate, which means the console won’t ever freeze or crashing during the start up
How a magnet hacked the 3DS
around 2017, it was revealed that if you pressed down Select + Start + X + Power while the console was on Sleep mode you could make your 3DS boot up from an external card, instead of your sysNAND, leaving the 3DS was totally vulnerable. so where does the magnet fit into this?
in order for you to enter sleep mode, your 3DS must be closed. so of course, you would not be able to press the combination of buttons down while it’s closed. by putting down a magnet on a very specific part of the 3DS, you can trick the console into believing it’s closed, and then proceed to press down the buttons you need
this exploit is known as Magnethax, and while it isn’t used a lot nowadays, it is 100% unpatchable since it’s a hardware issue that was discovered when the last model of the 3DS had been released. this means that no firmware update can fix the issue, and it therefore makes every 3DS console in existence hackable. also, the Switch had already been released around this date, and even tho Nintendo did promise that both consoles would be supported simultaneously, they didn’t care that much about the 3DS at this point
Finishing off
me personally, i hacked my 3DS 3 years ago using the unSAFE_MODE exploit, which injects a corrupted WiFi profile into the SAFE_MODE firmware
i’ve also hacked other 3DSs using a method that takes advantage of DSiWare, running custom code from the DSiWare menu in the 3DS settings app
there has been many methods to run custom code and install CFW from 2017 to 2023 and mentioning every single one of them would take forever, so those are the 2 I personally used myself.
as a conclusion, we could say that the 3DS was one of the most vulnerable videogames consoles in history, but it did take quite some time for it to be hacked (at least in comparison to consoles like the Switch, which got hacked in 11 days. no i am not joking). it is also one of the easiest consoles to hack ever, and it’s custom firmware truly unleashes the true capacities of the console
i could even say that buying a 3DS is still worth it nowadays thanks to the hacking community. it allows you to install official games and stuff for free, add ROM hacks, emulators, tons and tons of homebrew apps, custom themes and a shit ton of other stuff i’m forgetting
i’m going to leave some links to the sources i got information from to make this blog and also some other useful resources if you ever want to hack your 3DS :]
that is all, bye guys!!! so sorry if you read this entire ramble... i will be making more of these tho
sources:
How a Terrible Game Cracked the 3DS Security - Early Days of 3DS Hacking
Homebrew (video games)
other useful resources:
3ds.hacks.guide - A guide on how to hack your 3DS
hShop - Nintendo 3DS content archive
Comments
Displaying 4 of 4 comments ( View all | Add Comment )
FR3EW1LL
I remember my dad used to be rlly into this stuff and at some point he even bought me a sky3ds cartridge. I still have said cartridge, but it doesn't work anymore due to the memory card currently being used fore a different device. Nice memories!
sad 🏳️🌈
Beautiful !!!
MonstersLuvMoss
Ahhhh the sweet memories of chewing on my 3DS :)
chewing..??? i am confused but curious why were u chewing ur 3DS
by LEOnel ★; ; Report
Idek I was just hungry all the time.
by MonstersLuvMoss; ; Report
☆Ray☆
i am going feral over this i loeve gobbling info