11 March 2016 - Forum Rules

Main Menu


Started by 23icaro, February 14, 2016, 10:37:33 PM

Previous topic - Next topic


Guys, i'm trying to do some hacking stuff on a firmware for the AceKard 2i, the firmware file is an .nds file data when runed by the AKAIO Kernel flashes the instructions on the card. What I'm trying to do?
Change the exploit method for the firmware 1.4.3 that is Hello Kitty Dorasu exploit from DSi to the exploit for 1.4.5u with the Konamy Entertainement Game. I don't know how to it. I found that in the file ARM9.bin I can change some text in the installer of the firmware with some hex editting, but how can I change the entire exploit system that is flashed on the card?


Is this a cosmetic thing or did the AK2i not get updated for DSi 1.4.5 (which also introduced save type checking and thus made things a lot harder, to that end I hope the Konami game you want to use does not have a save). is a nice overview os what of what goes in DSi/3ds flash cart checks (others reading old games were whitelisted, new ones RSA signed, however they did not check the overlays of the old games (executable blobs loaded on demand) so find a game that loads an overlay early on...).

If you were on a 3DS I would say just use the DS backwards compatibility downgrade instead. I am not sure what the more recent DSi hacks have done for DS backwards compatibility/flashcard blocking but it is probably the better bet.

Also the ak2i was somewhat unique in being based on what was originally open source stuff. The acekard team handled the internal firmware for the flash cart where the AKAIO team provided the kernel which patched the games, did cheats and everything else. Playing with AKAIO is not going to get you far here.
The internal firmware for most flash carts is all encrypted to try to prevent clones. It does also mean you are not going to get far. Even if you somehow manage to break the encryption you are still faced with editing a nice binary blob that will end up running on either a CPLD or a FPGA.


First, I want to thank you for the reply, Fast6191! Your link has an usefull information that is how the console works on the header of the games.

AK2i was abandoned when DSi was at ver 1.4.4, thats why isn't a firmware to work on 1.4.5  :'( , my little brother made an fm atualization on my DSi when he was playing, I don't know why he did this, but when I saw that there's no patch for it, I went in a little "madness" because I like A LOT the Acekard and AKAIO kernel... It works really fine! And then I started to search a little to try something on it with reverse engineering, (I have some knowledge on it since I graduated on i.t)


I really need to find where on this Firmware are flashed the header information of the game that is used to exploit, by preference I'm using

inside it I found an sequence of Binary lines, I think that is on this sequence that is flashed the header

here it gets an header but I dunno if it is from the flashed game "DORASU" or just the header from the firmware "rom"


1.4.5 added a bunch more checks over the ones that the later firmwares were adding, in this case the save type itself was checked which also stopped most things in their tracks (it was only things made after this and the supercard dstwo that got around it). Thus it is not a simple header thing at this point, and in fact the only header thing was way back when the DSi still needed the game to fake/overlay to swap out but did not check the header which is why some carts could have their headers like they had on a normal DS/DS lite.

However it sounds like you missed the DSi hacking work that happened somewhat more recently. It is a far easier path than trying to work around firmware encryption, DS ROM encryption, binary editing a programmable chip code and getting it all put together again. has more on said DSi hacking work. It should allow downgrades.


I read this downgrade, but it requires hardmodding, at my country, hard mod something its really hard beacause a new console costs a bunch... :/