DSi unlaunch (bootcode exploit)
Re: DSi unlaunch (bootcode exploit)
The unknown bootcode version error is shown when the retail/debug flag in SCFG_OP register doesn't match up with the expected corresponding retail/debug bootcode (on eMMC address 200h and up). Theoretically that should be working fine, and it should be also emulated okay in no$gba.
Ah, no. I forgot that most titles (all exploitable titles) do disable the SCFG registers, so SCFG_OP will always read as zero even on debug consoles. Hmmm, I guess I could simply accept either one of the two known bootcode versions (retail or debug) regardless of SCFG_OP what says.
Ah, no. I forgot that most titles (all exploitable titles) do disable the SCFG registers, so SCFG_OP will always read as zero even on debug consoles. Hmmm, I guess I could simply accept either one of the two known bootcode versions (retail or debug) regardless of SCFG_OP what says.
Re: DSi unlaunch (bootcode exploit)
Here's a Hello World example compiled.
- Attachments
-
- hello_world.zip
- (79.68 KiB) Downloaded 260 times
Re: DSi unlaunch (bootcode exploit)
Hi,
i tried installing unlaunch v2.0 and v1.9 on my EUR DSi with firmware 1.4.5E.
i'm using memory pit exploit to start hbmenu which is working great so far - i can load some emulators etc.
it's no problem to start the unlaunch installer from hbmenu, too. the installation runs through und says "installation complete".
if i powercycle the dsi after the unlaunch installation - it doesn't boot, both screens stay black.
my second try was to install unlaunch 2.0 in no$gba on my nand backup, the installation complets and after powercycle the no$gba is booting fine to the unlauch menu.
if i write back the modified nand to the dsi via hardmod, both screens stay black, too.
It's a Samsung KMAPF NAND
Has anyone an idea, what is going wrong? FAT-errors or is the path memory pit -> hbmenu -> unlaunch-installation correctly working at all?
have a nice weekend!
i tried installing unlaunch v2.0 and v1.9 on my EUR DSi with firmware 1.4.5E.
i'm using memory pit exploit to start hbmenu which is working great so far - i can load some emulators etc.
it's no problem to start the unlaunch installer from hbmenu, too. the installation runs through und says "installation complete".
if i powercycle the dsi after the unlaunch installation - it doesn't boot, both screens stay black.
my second try was to install unlaunch 2.0 in no$gba on my nand backup, the installation complets and after powercycle the no$gba is booting fine to the unlauch menu.
if i write back the modified nand to the dsi via hardmod, both screens stay black, too.
It's a Samsung KMAPF NAND
Has anyone an idea, what is going wrong? FAT-errors or is the path memory pit -> hbmenu -> unlaunch-installation correctly working at all?
have a nice weekend!
Re: DSi unlaunch (bootcode exploit)
Firmware 1.4.5E and Samsung KMAPF are standard and should work without problems, I have that firmware and chipset myself.
There must be something else that is different and somehow uncommon, either the console, or external hardware.
If you haven't already tried, try removing the SD card and game cartridge.
There must be something else that is different and somehow uncommon, either the console, or external hardware.
If you haven't already tried, try removing the SD card and game cartridge.
Re: DSi unlaunch (bootcode exploit)
Yes, i already tried removing the cartridge and sdcard. The sdcard was formated with the sdcard.org formating tool, 32kb cluster size and was checked for errors.
Re: DSi unlaunch (bootcode exploit)
Hi i think the site of unlaunch is down i cant reach the site, it says This site can’t be reached problemkaputt.de took too long to respond. Help plz
Re: DSi unlaunch (bootcode exploit)
Hmmm, then I don't know what is wrong, I am not aware of anyone else having that problem.
The console does still work with unlaunch uninstalled?
There aren't any broken cables/connectors... browser and cameras are still working?
There isn't anything special with it, like a large sticker saying "special prototype hardware - not for release"?
Did you do any manual/partial firmware upgrades/downgrades? version 1.4.5E as such should work... but it could screw up if you have it mixed with an older wifi-firmware.
The bootcode should be same on all DSi models, so I think the exploit should work everywhere. If there is a problem in my own init code, you could try some older unlaunch versions (which had less init code).
Okay, I've tried. It doesn't work on my DSi via wifiboot either. But it's working on my NDS via wifiboot. So it seems to be somehow DSi related.
The Hello World is doing only three DSi register accesses (and DSi touchscreen reading, and either DSi or NDS SWI functions).
If it's related to those reads then it should be easy, to change/remove that reads and see if it's helping.
For the touchscreen, how does it detect whether to use NDS or DSi touchscreen mode?
And same for SWI functions in NDS or DSi mode?
One eye-catching detail is that the DSi ARM9 bootcode is loaded to 2000000h (for DSi titles, the official address would be 2004000h and up). But I don't think that it is harmful (it does ju
st wipe-out some system values that could be useful on next warmboot).
Re: DSi unlaunch (bootcode exploit)
hi nocash,
yes, if i reflash the nand everything is working. it's a normal retail console that i bought once in a local store as a new device.
i haven't made any modifications in the past and i have used it only a few hours, it's like brand new.
i'll give it a try with an older unlaunch version, v1.3 seems to be the first sable for fw v1.4.5.
yes, if i reflash the nand everything is working. it's a normal retail console that i bought once in a local store as a new device.
i haven't made any modifications in the past and i have used it only a few hours, it's like brand new.
i'll give it a try with an older unlaunch version, v1.3 seems to be the first sable for fw v1.4.5.
Re: DSi unlaunch (bootcode exploit)
i have installed unlaunch v1.3 and now it is working for me.
thanks for your support, you have been a big help.
Re: DSi unlaunch (bootcode exploit)
Okay, fine. Glad that it's working.
Can you try the next newer versions, too?
It would be interesting to know which version stopped working.
Can you try the next newer versions, too?
It would be interesting to know which version stopped working.
Re: DSi unlaunch (bootcode exploit)
oh man, i was so happy that it's working and now i have to brick it again?
ok i did it for science anway. it stops working with unlaunch v1.5.
is it interesting for you to look into the nand with the broken v1.5 installation? i dumped it - just in case.
tested - not working
v2.0
v1.9
v1.7
v1.5
working
v1.4
v1.3
ok i did it for science anway. it stops working with unlaunch v1.5.
is it interesting for you to look into the nand with the broken v1.5 installation? i dumped it - just in case.
tested - not working
v2.0
v1.9
v1.7
v1.5
working
v1.4
v1.3
Re: DSi unlaunch (bootcode exploit)
Touch screen mode is detected by checking the touch screen mode bit in the DSi extended header.nocash wrote: ↑Tue Mar 24, 2020 5:37 pm Okay, I've tried. It doesn't work on my DSi via wifiboot either. But it's working on my NDS via wifiboot. So it seems to be somehow DSi related.
The Hello World is doing only three DSi register accesses (and DSi touchscreen reading, and either DSi or NDS SWI functions).
If it's related to those reads then it should be easy, to change/remove that reads and see if it's helping.
For the touchscreen, how does it detect whether to use NDS or DSi touchscreen mode?
And same for SWI functions in NDS or DSi mode?
One eye-catching detail is that the DSi ARM9 bootcode is loaded to 2000000h (for DSi titles, the official address would be 2004000h and up). But I don't think that it is harmful (it does ju
st wipe-out some system values that could be useful on next warmboot).
As for DSi mode and it's functions, I assume it checks for the DSi BIOS, if it wants to use DSi SWI functions.
-
- Posts: 3
- Joined: Mon Apr 27, 2020 9:46 pm
Re: DSi unlaunch (bootcode exploit)
Dear Mr NoCash.
While most of our users have successfully installed Unlaunch, a few users have reported a black screen brick after following the guide over at https://dsi.cfw.guide
Would you mind to please look into this? Thank you.
~NightScript
While most of our users have successfully installed Unlaunch, a few users have reported a black screen brick after following the guide over at https://dsi.cfw.guide
Would you mind to please look into this? Thank you.
~NightScript
Re: DSi unlaunch (bootcode exploit)
Hello! I have suggestions for the Uninstallation screen.
After the part where it says that the console will become mostly useless, can you add that the console will still work?
Some people have thought that the uninstall feature will brick their console(s).
Also, since we now have another way to open the installer (e.g. Memory Pit), please change "flipnote" to "exploit".
After the part where it says that the console will become mostly useless, can you add that the console will still work?
Some people have thought that the uninstall feature will brick their console(s).
Also, since we now have another way to open the installer (e.g. Memory Pit), please change "flipnote" to "exploit".
Re: DSi unlaunch (bootcode exploit)
As of 1.9 it's impossible to disable WiFi. Even if the setting is off in system settings, Unlaunch will always force it on on boot.