DSi mode homebrew, anyone?

It was about this time last year when I released open source save game hacks for two DSi hybrid games, Cooking Coach and Classic Word Games. I kind of expected somebody somewhere to pick these up and make them do something a little bit more useful than change the screen colors but it looks like I was a little optimistic on that front. Most people that have done anything at all seem to have been trying to do as much as possible in the 8KiB or so available in each save game. Interestingly not one single DSi hybrid game I’ve been able to find since appears to have a name entry – bit odd considering how easy it is to test for and correct buffer overflows for this specific situation. If anyone knows any different, please let me know.

Since last year I’ve spent a bit of time hunting around DSi hybrid games and playing around with a few ideas I had about how best to utilise the exploits for homebrew. Mostly I’ve been updating devkitARM & libnds with a few things needed to allow normally compiled homebrew to use the extra 12meg when run in DSi mode. I’m still a little undecided on how best to approach the hybrid model – Nintendo seem to be using a system where extra code is loaded in DSi mode from separate binaries in the .nds container format.

So anyway, lest I ramble on for several pages with background and random thoughts, on to the meat of this post. One of the first things that I did on getting into DSi mode was dump the DS mode firmware. As I expected this was identical to the dump made in DS mode – it contains only the wifi module settings and the user data at the end of a 128K flash chip. Most interesting of all was the large block of unwritten space between the two but unfortunately the first 64KiB is protected but that still leaves 61KiB writable – plenty for my nefarious purposes. After some further testing I confirmed that the wifi module flash chip could be written from DS mode and later read when we use the save game exploits to get into DSi mode. This gave me the motivation I needed to revisit a half finished project I had to upload homebrew to a DS over wifi. As an added bonus the wifi uploader also works with a standard DS, everything you need is in the archive.

Nintendo seem to have pre-empted an approach like this in more recent consoles, both the DSiXL and later model DSi units seem to deny write access to the wifi module chip. Even when using other methods to load code via the save exploits there seems to be no access to the wifi hardware at all – that’s probably dependent on a wifi enabled hybrid game. Whether Nintendo can or will update earlier units with similar security remains to be seen. Currently all early consoles I’ve tried this method with have been able to run code with wifi access regardless of updated firmware or not. I bought a DSiXL a few days ago to confirm this but I have another couple of methods which work on that – they’re not yet in a releasable state but hopefully that won’t be the case for long.

In order to use this method you’ll need three things, a DSi compatible flashcard,  one of the two exploited games and a means to write to the eeprom on your chosen game. Eepinator will work if you have a standard DS or there are a couple of devices which allow you to do this from a PC. If you’re one of the many homebrewers who likes to play with mcus then you can probably rig up something with a dev board. I have an arduino and a Fletchtronics Bumble-b sitting at the back of my desk, I might have a play around with those over the next few days and post a howto for those. If you’ve already done something like that then please do get in touch, no point in reinventing the wheel.

One word of warning before we get to the all important download link. Nintendo will probably declare your warranty void due to unauthorised software so proceed at your own risk. This method also won’t allow you to run rom dumps and it’s not something I plan to support at any point in the future. Obviously I can’t control what you do when you have the ability to run code but please consider not releasing anything that’s piracy related or has the potential to enable piracy. I believe homebrew can thrive as long as we distance ourselves from the people who want to get their games for free.

dslink 2.1.0
dslink 2.1.0
dslink.tar.bz2
View post
177.1 KiB
35984 Downloads
Details...

Please don’t mirror this file, I intend to update it as I add features. Pay attention to the  license in the README. It would also be nice if the various news sites that pick these things up would make a bit of an effort and not just copy this post verbatim.

If you’d like to help support devkitPro here are some amazon affiliate links for Cooking Coach

My Healthy Cooking Coach (US edition)

My Cooking Coach (UK edition)

Note for UK users, I ordered a couple of copies of Cooking Coach from the main amazon.co.uk listing from inet video. Unfortunately  no-one  told them that DSi hybrid games are region locked on the DSi, order from the Indigo Starfish listing instead.

If IRC is your thing then come join the rest of the homebrew gang in #dsdev on irc.blitzed.org.

58 thoughts on “DSi mode homebrew, anyone?”

  1. This is FANTASTIC news for all DSi owners. I have a couple of questions though:

    1. Does regular DS homebrew work via this (obviously minus audio and touchscreen)?
    2. Would it be possible to use a DS mode game (e.g. Fifa 09, which was already exploited by Blasty IIRC) to install the code onto the wifi chip instead of a DSi compatible flashcard (which are all illegal)?

    1. Regular DS homebrew works fine, assuming you’re using the latest devkitARM/libnds.

      FIFA 09 might work, I’ll see if I can track down a copy but it’s likely there’ll be a better way before I bother :p The legal situation with all flashcards is still not that clear despite recent court cases – there was one card that was excluded from the Dutch ruling, rumour says it’s the DS iPlayer but I’ve been unable to confirm that so far. There’s also a link to the Playables Ltd ruling in the UK in the devkitPro forums at http://devkitpro.org/viewtopic.php?f=34&t=2068

  2. Hello,

    First of all, congratulations for what you’ve find, this is really great for the DSi scene.

    I have a question:

    Can we reverse (erase) what the installer write into the wifi flash chip?

    So the DSi return at it’s “virgin” state?

    Thanks in advance.

    1. Absolutely, it’s a simple matter of erasing the flash blocks used by DSiLink. Obviously that might be difficult if you damage your DSi to the point where it won’t boot but nothing normally used by the DSi is overwritten, the installer & DSiLink are both perfectly safe.

  3. Great job, even though I didn’t understand half of what you said 😛
    Just one question – how do I know if my DSi is from the older series?
    I bought it like… almost one year ago. I sure hope it is :/

  4. @james,

    A year ago is probably old enough but I don’t really know until you try.

    No that’s the UK edition, it’ll only work on Australian & European DSi consoles.

  5. I just want to clarify what you mentioned about it working on regular DS too…

    Would I just run the installer from my regular DS compatible flash card on my DS Lite and then run the DS client? Is there really any point me bothering if I already have a flash card, or is it just more of a demonstration thing, for those of us who don’t have a DSi?

  6. No, you can stick dslink.nds (found in the archive) on your flashcard, run it from there and use the dslink host on your PC to upload nds files over wifi. It’s kind of handy for quick testing

  7. Cool! Unfortunately, I need to specify the ip of my ds and I forgot how. >.<
    One more thing: With this exploit, if someone was able to find out how to use the cameras, etc., we would have access to them, right?

  8. The ip address should be displayed by dslink on your DS, you tell the dslink host the ip address using -a . It’s in the README 🙂

    Yes, once we figure out how the cameras work this method will have access.

  9. Pingback: Anonymous
  10. Great finding!
    Just one question : Would it work if i download My Cooking Coach and use the hacked save (I guess not)?

  11. The problem is that the only way i can get this game is through ebay, because the stores and the auction sites here only have Cooking Guide, and i wanted to make sure that ebay is the only option left.

  12. Sorry for double post, but forgot to ask this : Will all version of Cooking Coach work with the hack? (Did Nintendo patch it?)

  13. The best thing that should be used for this is to maybe get GBA roms running on most flash cards that are DSI compatible. Cause Mother 3 sounds really great on the DSi right now. 😛

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.