Nintendo DS Hacks

nintendo ds hacks

Creating New Nintendo 3DS Hardware

June 6, 2015 by 32 Comments

For the last five years or so, Nintendo has been selling the 3DS, the latest in a long line of handheld consoles. Around two years ago, Nintendo announced the New Nintendo 3DS, with a faster processor and a few other refinements. The new 3DS comes in two sizes: normal and XL. You can buy the XL version anywhere in the world, but Nintendo fans in North America cannot buy the normal version.

[Stephen] didn’t want the jumbo-sized New 3DS XL, both because it’s too large for his pockets, and because there are no fancy cases for the XL. His solution? Creating a US non-XL 3DS with god-like soldering skills.

In manufacturing the XL and non-XL versions of the 3DS, Nintendo didn’t change much on the PCBs. Sure, the enclosure is different, but electronically there are really only two changes: the eMMC storage and the Nintendo processor. 3DS are region-locked, so simply swapping out the boards from a normal 3DS to an XL 3DS wouldn’t work; [Stephen] would also like to play US games on his modded console. That leaves only one option: desoldering two chips from a US XL and placing them on the board from a Japanese 3DS.

With a board preheater and heat gun, [Stephen] was able to desolder the eMMC chip off both boards. Of course this meant the BGA balls were completely destroyed in the process, which means reballing the package with solder bits only 0.3mm in diameter. With the US eMMC transplanted to the Japanese board, [Stephen] ended up with an error message that suggested the processor was reading the memory. Progress, at least.

[Stephen] then moved on to the processor. This was a nightmare of a 512 pin BGA package, with 512 pins that needed a tiny dot of solder placed on them. Here, sanity gave way and [Stephen] called up a local board and assembly house. They agreed to solder the chip onto the board and do an x-ray inspection. With the professional rework done, [Stephen] assembled his new US non-XL 3DS, and everything worked. It’s the only one in the world, and given the effort required to make these mods, we’re expecting it to remain the only one for a very long time.

Running Nintendo DS Unsigned Code With Audio

December 31, 2014 by 9 Comments

Even if you haven’t ripped off the top screen of your original DS to create an even better Game Boy Advance yet, there still might be some life left in that old bit of hardware. [Smea] is running unsigned code on the Nintendo DS, using only a bargain-bin game and an audio file.

The exploit this time comes in a form that might be familiar to anyone who has ever installed the homebrew channel on a Wii. Like SmashStack, this exploit uses a level editor/transfer feature in a game, this time with a 6 year old DS game Bangai-O Spirits.

[smea] is using the sound-based level transfer feature to load unsigned code into the DS. This level-transfer feature works by sending a single period sine wave at 1024Hz with a given amplitude; a binary 1 is a few dB louder than a binary 0, and with a buffer overrun it’s possible to load code into a DS and jump into that code. There’s no redundancy, error correction, and is not the thing you want when loading unsigned code onto a DS. It does, however, work.

The code to generate the audio payload for this exploit is available on github and if you have a copy of Bangai-O Spirits, you can try it out for yourself by playing this file (headphone warning).

Thanks [gudenau] for the tip

Continue reading “Running Nintendo DS Unsigned Code With Audio”

3DS Homebrew Channel and Custom Firmware

November 21, 2014 by 29 Comments

Nintendo has always been very wary about allowing independent and homebrew developers making games for their consoles, and the 3DS is no exception. It’s locked down, and a few 3DS and console hackers have spent years searching for a method that will easily allow anyone to run unsigned code. That day is finally here. The exploit is called NINJHAX, and it allows anyone to install the Homebrew Channel, the repository for everything awesome in the world of 3DS homebrew development.

The latest exploit relies on a bit of code in a retail game – Cubic Ninja – to run unsigned code. This game includes a level editor that allows players to share different levels by QR codes and 3DS’ camera. By carefully crafting one of these QR codes, the 3DS gains the ability to run the Homebrew Channel

If this exploit sounds familiar, you’re right. The most common way to open up a Wii for homebrew development is Smash Stack, an exploit found in Super Smash Bros. Brawl. This exploit also works by modifying custom stages, and opened the door to a wealth of homebrew development for the Wii.

In the video below, [smea] shows off his exploit by starting Cubic Ninja, going to the QR code level editor, then loading up homebrew games. A copy of the game that enables this exploit, Cubic Ninja, is required for this exploit. Last week, you could buy Cubic Ninja for a few dollars on eBay and Amazon. Today, the price has settled around $50, with a few very dumb or very eager people paying up to $300. If you already have the game, you’ll only need to get the homebrew starter kit, generate a QR code, and start installing unsigned code. All the instructions are available on [smeal]’s site.

Continue reading “3DS Homebrew Channel and Custom Firmware”

Hair Thin Wires Save a 3DS from the Landfill

May 13, 2014 by 28 Comments

Broken Nintendo 3DS

[Anton] recently acquired a broken Nintendo 3DS. When the power button was pressed, the device would start booting up only to shut back down after flashing a blue light and making a popping sound. It turns out this problem is pretty common with the 3DS.

[Anton] could have tossed this device into the landfill, but where’s the fun in that?  Instead, he cracked the device open like any self-respecting hacker would. It didn’t take him long to discover two broken flex ribbon cables. [Anton] could have then searched for replacement cables, but his inner hacker told him he could repair this himself. He carefully scraped the insulation off of the broken traces and then soldered on some hair thin wires to bridge the gap.

All that was left to do was to glue the wires securely in place and feed them back through the hinges. This project is a great example of how a little determination and know-how can keep a useful device from the landfill. If you attempt this repair yourself, you may find this 3DS teardown to be a helpful reference. What devices have you been able to save from an untimely demise?

Gotta Catch ‘Em All, With An Arduino

January 1, 2014 by 13 Comments

PKMN

For every pokemon you encounter on your adventure to become the world’s greatest trainer, you have about a 1 in 8000 chance of that pokemon being ‘shiny’, or a different color than normal. Put an uncommon event in any video game, and of course a few people will take that feature to the limits of practicality: [dekuNukem] created the Poke-O-Matic, a microcontroller-powered device that breeds and captures shiny pokemon.

We’ve seen [dekuNukem]’s setup for automatically catching shiny pokemon before, but the previous version was extremely limited. It only worked with a fishing rod, so unless you want a ton of shiny Magikarp the earlier setup wasn’t extremely useful.

This version uses two microcontrollers – an Arduino Micro and a Teensy 3.0 – to greatly expand upon the previous build. Now, instead of just fishing, [dekuNukem]’s project can automatically hatch eggs, search patches of grass for shiny pokemon, and also automatically naming these new shiny pokemon and depositing them in the in-game pokemon storage system.

The new and improved version works a lot like the older fishing-only automated pokemon finder; a few wires soldered on to the button contacts control the game. The Teensy 3.0 handles the data logging of all the captured pokemon with an SD card and RTC.

What did [dekuNukem] end up with for all his effort? A lot of shiny pokemon. More than enough to build a great team made entirely out of shinies.

Video below, with all the code available through a link in the description.

Continue reading “Gotta Catch ‘Em All, With An Arduino”

Finding Shiny Pokemon Automatically

November 5, 2013 by 18 Comments

In case you’re not up to speed with the world of Pokemon, nearly every species of this game’s titular creatures have a ‘shiny’ variety – a differently colored sprite for each pokemon. As far as gameplay goes, they’re exactly the same as their non-shiny brethren, but the shiny varieties are so impossibly rare not many players have seen them. [dekuNukem] over on Youtube has come up with a great way to find these shiny Pokemon automatically with the Hackaday reader’s favorite tools – an Arduino and a few parts from Sparkfun.

The build hinges on the fact that all shiny pokemon have a short animation whenever the player encounters them in the wild. This setup uses a fishing rod, so an Arduino Micro first presses the Y button to cast the rod, while the ‘duinos ADC listens to the audio signal until a bite is indicated.

A light sensor taped to the bottom screen of the 3DS then measures the amount of time the screen is blacked out. The extra animation for every shiny pokemon means this blackout period is about half a second longer. If the Arduino doesn’t see a shiny, it ‘runs away’, but if a shiny is detected a buzzer sounds to tell the extremely lazy pokemon trainer they have a shiny on their line.

From the video, it took about 36 minutes to find a single shiny pokemon, and about 8 shinies in the three hours of testing this rig has under its belt.

Continue reading “Finding Shiny Pokemon Automatically”

Galaga Mini-Cabinet using a Nintendo DS

October 14, 2013 by 16 Comments

galaga-cabinet-from-nintendo-ds

We’re not showing you the finished version of this tiny Galaga arcade cabinet because it doesn’t really testify to the awesome that was packet into this hack. In regards to the features the build is just nuts!. The user controls were customized to look like the real thing, and the attention to detail would make craftsmen from the gilded age of dollhouses proud.

Update: [eLRIC] left a link to an even better forum thread build log as a comment. Among other thing it fully details the joystick modifications.

The machine is driven by a Nintendo DS, which donates its upper screen as the cabinet display. In the image to the right you can see that the lower display is still accessible through an opening in the back of the cabinet. The joystick is a small multi-directional switch which was altered by adding the red ball. It was also housed in a custom metal bracket that includes a washer to limit the movement of the stick. Also shown on the right are the lights for the marquee as well as the two coin-slots.

Check out the video after the break to see the game play. Despite its size it still seems really playable, but if you need something larger you could model your own build off of this project.

Continue reading “Galaga Mini-Cabinet using a Nintendo DS”