CakesFW 3DS

Template:Infobox-3DS-Homebrews

This is homebrew software for the Nintendo 3DS, that assists with patching the system's NATIVE\_FIRM, thereby allowing it to perform unsanctioned operations.

Features right now:

• SPIDER 4.x-9.2, MSET 4.x and 6.x and Ninjhax 1/2 (up to firmware 9.2) support for old 3ds/xl/2ds.
• MSET 4.x and Ninjhax 1/2 (up to firmware 9.2) support for new 3ds/xl.
• Options to boot to sysNAND and emuNAND up to 10.7.
• Emunand supports redNAND and GW emuNANDs.
• Sig patches
• Patches are contained in "cakes". The .cake format is a simple format that bundles FIRM patches, and tells the patcher what those patches need to work.
• Autoboot.
• Supports multiple NATIVE_FIRM versions (see this for an explanation).

Just copy all the files to the root of your SD card, and launch it with either spider, MSET or Ninjhax. Files and stuff are on the bottom of the post. Copy the firmware.bin linked at the bottom of the post to the cakes directory. Do the same with cetk. If you have an old 3ds with a firmware lower than 7.0, and you plan to use a emuNAND version 7.0 or higher, you need to get a file named slot0x25keyX.bin from the internet, and place it on the root of your SD card, and make sure you enable the "Load 7.x NCCH crypto key" patches. If you have a new 3ds with a firmware lower than 9.6, and you plan to use a emuNAND version 9.6 or higher, you need to get a file named slot0x11key96.bin from the internet, and place it on the root of your SD card.

For MSET on 4.x or 6.x, I've modified zoogie's ROP installer to work with this. There's even a code.bin to install the rop via spider in the downloads page. For MSET on newer firmwares, first downgrade the MSET app to the 4.x or 6.x version (there's tutorials on this site for doing that), then use the CakesROP.nds or code.bin on the downloads page to install the correct ROP. For spider, see the bottom of the post for a launcher page. NOTE: The code.bin installs the correct ROP based on your firmware version. If you're on firmware 6.x or higher, the ROP for MSET 6.x will be installed. NOTE: Never rename the Cakes.dat. The arm9 payload is located there and the code expects it to be named like that.

In the "Select patches" menu, you select the features you want/may not want to enable. In the "More options..." menu, there's two submenus:

• Toggleable options. This menu contains two options:
  • Autoboot: This will skip the menu when cakes starts, and automatically load the CFW (way faster than usual). Hold the "L" button while booting to enter the menu.
  • Force saving patched firmware: This option is mainly used for debugging, but may also be needed if there's a problem with autobooting/the reboot patches. Cakes tries everything possible to not to have to write firmware_patched.bin, but it may not always be right. This option forces cakes to do it (this option isn't saved in the config file).
• Select emuNAND. This menu allows selecting which emuNAND will be booted if you enable the emuNAND patches, if you have more than one emuNAND available.

In the "Version info" menu, you can check your CakesFW and firmware versions. Once done, you select "Boot CFW", and the options you've selected will be saved and the CFW will boot.

Contributions are welcome on my github: https://github.com/mid-kid/CakesForeveryWan Just don't be scared if I end up rewriting/restructuring your code as I see fit. You may happily fork the project if you don't agree with something. I just ask you to rename it, give credits, publish source, and actually add/change something useful (a.k.a. don't be a smartass).

• Q: Why should I use this?

A: If you ask yourself that question, this is probably not for you. Other projects already provide a lot of stuff this provides.

• Q: Can I eat it?

A: Stop being so funny.

• Q: Is it possible to boot on sysNAND mode without using another SD card that doesn't have emuNAND set-up?

A: Yes.

• Q: what does [reboot patches] mean? It won't restart after closing smash? Or will GBA and smash work together (since the patched rxtools gives you one or the other)

A: The reboot patches are required to start smash. The console actually performs a reboot when starting it, and clears the patched firmware if these patches are not present.

• Q: Smash/Monster Hunter don't work on my old 3ds!

A: Enable the reboot patches.

• Q: Are these patches or "cakes" analogous to NTR CFW plugins?

A: No. NTR plugins are ARM11 userland code, cakes are FIRM patches.

• Q: I want to update/downgrade my console. Can I disable firmlaunch?

A: No. This, however, isn't a problem anymore with recent versions of sysUpdater. Cakes doesn't block writing NATIVE_FIRM like Gateway does, so you're fine.

• Q: Does cakes support ds carts in emunand?

A: Apparently they do on n3ds. They don't on my o3ds, but you may try. In any case disable the reboot patches for that to wok, as the current ones are sure to block it.

• Q: Cakes tells me about an error on the bottom screen and I don't know what it's about because it's not about something I was specifically trying to get to work. Am I going crazy? Have I confirmed illuminati? How do I fix this error because I can't use Cakes with an error?

A: If Cakes doesn't shove that error up your face on the top screen and the error that shows on the bottom screen has nothing to do with what you were trying to do (or you don't know what it means) you can safely ignore it (and you should).

• Q: But it looks really important...

A: NO.

• Q: Halp, I forgot how to enter the menu after configuring autoboot.

A: Hold "L" and get your alzheimer checked.

• Q: Just updated my n3ds emuNAND from 9.5 to [anything higher than 9.6], but I'm getting a black screen, what do?

A: Get the latest firmware.bin from the downloads section. Don't forget to select the patches again after swapping the firmware.bin.

• Q: I am getting yelled at about "Failed to decrypt the CETK Please make sure the CETK is right." even though I have the correct one. I am using arm9loaderhax to load CakesFW.

A: CakesFW doesn't support decrypting the CETK from an arm9loaderhax environment as of right now. Either boot CakesFW once without arm9loaderhax or get a firmkey.bin for your console from the internet.

http://dukesrg.no-ip.org/3ds/cakes?Cakes.dat
(Thanks to @duke_srg)

To load the code.bin, use this:

http://dukesrg.no-ip.org/3ds/cakes?code.bin

Downloads (Yes, I am a link. Click me.)
Nightlies (Not recommended, check logs to see what changed. Don't ask questions about these. Only report bugs if something's not working.)
Report bugs on GitHub.
(Releases are numbered by commit number. Changelogs can be found on the github.)

Editor's note: The firmware files linked here are for native_firm v11.4; currently, these work fine without causing issues on firmwares 11.8 and 11.12, as long as none of the games or apps you use require a higher firmware version. This may change in the future if newer firmwares are released; old enough native_firm versions will not boot on high enough firmwares, and there is a risk of firm0/firm1 being overwritten if you boot an older native_firm on a newer firmware with the firmprot patch off.
firmware.bin and cetk download urls
Rename the numbered file to firmware.bin yourself after download.

Editor's note 2: If you need older firmware versions, here are several ways in which you can obtain them. Note that the cetk is the same for all firmware versions.

Obtaining them from NUS

1. Find the firmware version you need in this file;
2. Replace the last two digits of the firmware.bin url from the download urls above, with the two-digits version number from ".version".

This will download the firmware version you need, instead of the 11.4 firm. Note: older firmware versions may not be available on NUS anymore. If that is the case, you will have to obtain them another way.

Obtaining them from NAND

If your 3DS is on a lower firmware version, you can extract native_firm from nand, instead of downloading from NUS.

1. Boot into GodMode9;
2. Navigate to 1:title/00040138/00000002/content if O3DS, or 1:title/00040138/20000002/content if N3DS;
3. Press A on 000000XX.app, where XX depends on the native_firm version you have;
4. Select "NCCH image options...", then "Mount image to drive", and press A to enter the path;
5. Navigate to G:/exefs, and copy the .firm file to your SD card. It may be necessary to decrypt it, if it is a N3DS firm (O3DS firms are fully decrypted already by this point, and can be copied as-is);
6. Move this file to the cakes folder at the root of your SD card, and rename it to firmware.bin as usual.

Note that if you obtain the firmware files in this way, you will not need the cetk.

Obtaining them from a Gamecard

If the firmware version you need is not available on NUS, and your 3DS is not on the right firmware version, you can extract native_firm from a Gamecard which has the firmware update you need.

1. Go to http://3dsdb.com/
2. Enter the firmware version you need in the search bar at the top-right (for example, 9.6.0);
3. Obtain one of the games which contains the firmware version you need. Both genuine cartridges and roms work, as long as the rom is a direct dump from gamecard and doesn't have the update partition scrubbed out;
4. Mount the .3ds in GodMode9. Inside will be update_n3ds and update_o3ds folders;
5. Enter the romfs folder within the update partition's folder, and find 0004013800000002.cia for O3DS, or 0004013820000002.cia for N3DS. Copy it to your SD card;
6. Mount this CIA in GM9, and navigate to G:/0000.000000XX/exefs, where XX depends on the version of native_firm included within the gamecard;
7. Copy the .firm file to the cakes folder, and rename it to firmware.bin as usual. It may be necessary to decrypt it as well, if it is a N3DS firm(O3DS firms are fully decrypted already by this point, and can be copied as-is).

Note that if you obtain the firmware files in this way, you will not need the cetk.

Always keep the firmprot patch enabled if booting older native_firm versions on newer firmware versions, unless you know what you are doing and/or have a way to recover from overwritten firm0/firm1 (such as ntrboot.)

MD5 checksums for keys:
slot0x25keyX.bin: 817fd1bffba60f79cf8cdf19caf28923
slot0x11key96.bin: af6dd85a583dbe1471661d2f3b90df15

3ds_injector (region free): http://gbatemp.net/threads/release-cakesfw.391200/page-139#post-6212124
New .cake format and general info in the last paragraph: http://gbatemp.net/threads/release-cakesfw.391200/page-139#post-6212211
TODO: https://github.com/mid-kid/CakesForeveryWan/milestones/Next release: New format
Senpai noticed me: http://gbatemp.net/threads/release-cakesfw.391200/page-139#post-6212258
AGB_FIRM patching: http://gbatemp.net/threads/release-cakesfw.391200/page-145#post-6229995
AGB_FIRM patching for n3ds: http://gbatemp.net/threads/release-cakesfw.391200/page-145#post-6232145
TWL_FIRM patching for o3ds and n3ds (with updated link for AGB_FIRM): https://gbatemp.net/threads/release-cakesfw.391200/page-147#post-6235438

A total of three (3) components are required: Python 3.x with PyYAML, devkitARM, and armips.

Ensure that the required cross compilers (arm-none-eabi-*), armips, and python3 directories are included in your $PATH system variable. Once the environment is configured, run the make command.

Thanks

• b1|1s for the POC based on a decompilation of rxTools, porting it to spider and a lot of help when creating this. He's the guy who reverse-engineered all the info I needed for this;
• Normmatt for the emuNAND patch;
• TiniVi for screen de-init;
• Roxas75 for the font and firmlaunchax on MSET (rxTools);
• 3dbrew for info;
• Apache Thunder for being a fearless test-kanninchen;
• Gateway for some offsets."