How to run code

From DSWiki

Jump to: navigation, search

Contents

Introduction

[buzz] So, you want to run homebrew code on your DS? There are a lot of possibilities how to do that, each one has its own advantages or disadvantages. In most of the cases (i.e. if you haven't developed for the GBA before) you will need extra hardware. This page will give an overview of what hardware is available and the possible solutions for running your own code.

Terminology: in the following text (and in console homebrew scene, in general), "cart." stands for "cartridge" (such as Mario Kart cart. or the GBAMP cart.) and "card" is used to refer SD or CF flash card. So if you read "flash cart.", you should read "your GBAMP/M3/SuperCard/whatever"

Tricking the DS - A short history lesson

The DS can play DS games from the DS slot and GBA games from the GBA slot. Normally, it is not possible to play DS software from the GBA slot. Normally, I say. And this is where it starts.

The PassMe - The device that started it all

Natrium42 and DarkFader thought it would be cool if you could somehow trick the DS into running DS code from the GBA slot, thus enabling DS homebrew to be stored on GBA flash carts. They reverse engineered the communication protocol between the DS and the DS Cartridges and found out that the DS Cartridge tells the DS the address where the beginning of the code is stored on the card. Then the DS jumps to this position and executes that code. The idea of PassMe, a device that sits between the DS and the cartridge, is to basically pass through all communications between the DS and the cartridge until the execution pointer is sent to the DS. This pointer is replaced by the address of the GBA slot, so that the DS starts the code from there instead of from the DS cartridge.

WifiMe - The Wireless PassMe

The DS has the possibility to download game demos using the integrated WiFi capabilities. It uses a custom network protocol (NiFi) made by Nintendo that is incompatible to TCP/IP. Firefly has reverse engineered this protocol and figured out how to emulate a DS download station using a special kind of WLAN Adapter, a customized driver for it, and an application he called WMB (Wireless Multiboot). Using this, it is possible to send software to the DS, but still with one major problem: The software has to be digitally signed by Nintendo. Faking such a signature is close to impossible because a 1024 bit RSA signature is just not that easy to guess. But Firefly had another idea how to work around this problem which was similar to the idea of the PassMe: Like the hardware game cartridges, the game binaries that are sent via WiFi contain a pointer to the beginning of the code, two pointers to be precise. One of them is signed and thus cannot be changed as this would invalidate the binary, but the other pointer is not signed. So, Firefly modified a game dump that was signed by Nintendo (the Mario 64 DS multiplayer binary) and set the unsigned pointer to the address of the GBA slot. This modified binary, known as WifiMe, now accomplishes the same as PassMe. You download it to your DS using Firefly's WMB and it runs code that is stored on a GBA cartridge.

WifiMe does not work with a DS with new firmware.

FlashMe - Voiding the warranty

PassMe and WifiMe are pretty cool, but require either custom-made hardware or a special WLAN adapter and also a GBA flash cart. Loopy created a modified version of the DS firmware that just does not check for the Nintendo signature of a game from an inserted DS Cartridge or that is downloaded via WiFi. This makes it possible to run code from an inserted GBA Flash-Cartridge without having to use PassMe or WifiMe. Also, custom code can be sent to the DS via Firefly's WMB. But to install FlashMe, you must already have the possibility to run homebrew code, so either PassMe or WifiMe is required. Also, FlashMe of course voids your warranty and although the process is rather easy, it is a little risky.The FlashMe is something that should not be done unless you are CERTAIN that you know what you are doing. Otherwise you can seriously mess up your DS.

The new DS Firmware - Nintendo strikes back

Because the tools developed by the homebrew community were starting to get used by software pirates to illegally play dumped DS games, Nintendo was forced to improve the protection of the DS. So, starting with the Chinese iQue DS, the DS units were shipped with a new firmware that no longer uses the unsigned pointer of a downloaded binary, but the signed pointer that cannot be changed. For games played from cart, it also rejects pointers that go to the GBA slot, or the header of the game. Loopy found out how to work around this protection and still run homebrew code with the new firmware, but the method requires PassMe to be programmed to a specific DS game and it also requires a GBA flash cart that has SRAM (i.e. memory for game saves). This is not the case with some compact flash adapters for the GBA slot like the GBAMP. So, people with the new firmware have to buy (or build) a PassMe2 programmed for a DS game they have.

NoPass - A PassMe without the PassMe

When the homebrew scene found out how the DS's cartridge encryption worked, it was (in theory, at least) possible to make their own DS cartridges that behave exactly like DS games and could thus be used even on unmodified DSes. Using this method, it was also possible to build an alternative for PassMe, called NoPass, which is just a DS cartridge that tells the DS to run code from the GBA slot. They do the same as PassMe, but NoPass devices do not stick out of the DS and are compatible with old and new firmware DSes (i.e. also with the DS Lite). The first NoPass that occured was the Max Media Launcher by Datel.

Let's get to the point: The possibilities

There are a number of ways to run homebrew code using one of the four methods mentioned above together with various FlashCarts or Compact Flash /SD / mini-SD adapters for the GBA slot.

NoPass

A cheap method to get homebrew running on your DS is a NoPass. It works on all DSes (you don't have to worry about your firmware version at all) and does not stick out like PassMe devices. Also, it works with all kinds of CF/SD adapters like the GBAMP, SuperCard, M3, FlashCarts, etc.

keep in mind that the max media launcher WILL NOT work with the SD version of the GBAMP. It will only work with the CF version, provided that you use chishm's firmware hack, which you can download from here: http://chishm.drunkencoders.com/NDSMP/index.html

As there have been some issues with the Max Media Launcher, such as long shipping times and possible damage to the DS's card ejection mechanism, you might want to read on and check the alternatives.

What kind of DS do you have?

Newer DSs have a firmware that makes the original PassMe and WifiMe impossible. It is still possible to run code from the new DSes and even to install FlashMe, but you have to use PassMe2 or a NoPass then.

This works for the "old" DS (the "big" one, not the new DS lite.). The method of firmware checking has been figured out by MaHe and it's quite simple. You'll need a DS and a GBA/NDS cartridge (anything will do, except PassME may not work (untested)). Instructions:

- Insert the GBA or NDS slot cartridge in your DS unit;

- Turn on the DS and go to Pictochat menu, then select a random room;

- Remove the cartridge from your DS (don't worry, you can't do much harm);


The DS will freeze, or turn both screens in the same color. According to this chart, you can figure out your firmware version (FM stands for FlashME):

NDS-V1: Will freeze on the cartridge removal.

NDS-V2: Both screens will turn Grayish Blue.

NDS-V3: Both screens will turn Dark Green. (see below)

NDS-V4: Both screens will turn Yellow. PassMe 2 needed!

NDS-V5: Both screens will turn Magenta PassMe 2 needed!

NDS-V6: Both screens will turn Blue (more saturated than V2) PassMe 2 needed!

FM-V*: Both screens will turn Dark Green (it's based on V3).

iQue-V1: Both screens will turn Dark Green. PassMe 2 needed!


My screen turned Dark Green. I don't know if I have FlashME, NDS-V3 or iQue firmware installed.

The iQue-V1 DS is recognizable by a iQue sign under the touch-screen and is available only in Asia (China, Singapore and so on) and is using Chinese menus. When you make sure your DS isn't iQue, you're left with the only last test: FlashME or NDS-V3. This is quite simple to find out. Hold A+B+X+Y on startup and if FlashME is installed, both screens will turn white. If not - you most certainly have V3 on your DS unit.

You need PassMe2 ONLY if you have iQue-V1, NDS-V4 or newer installed (although it's compatible with ALL DS firmwares). Otherwise, PassMe will do the job just fine.

Additional info about the available PassMes and their clones can be found on the Hardware page.

PassMe(2)

PassMe 1 is slightly cheaper, but only works with the old firmware, so you really have to be sure you have the old firmware before buying a PassMe 1. PassMe can be bought either from Natrium42's Shop or from dspassme.com. If you buy PassMe2, be sure to have it programmed for a DS game that you own.

If you are into hardware and soldering, you can also build your own PassMe. Instructions for this can be found here.

To run code:

  • insert your DS game into the PassMe
  • insert the PassMe into your DS
  • either flash the DS program to your flash cart
  • or copy the DS program to a CF card and insert it into your CF adapter
  • insert your flash cart / cf adapter into your DS
  • turn the DS on and tell it to start the DS game

WifiMe

To use WifiMe, you have to have a DS with the old firmware and a wireless card from this list (not the USB adapters though!). WiFiMe works with Windows and Linux. A setup guide for the Linux version is here.

To set up WiFiMe under Windows:

  • download WMB, the custom Ralink driver and WiFiMe from here.
  • install the custom driver for the wireless card using the device manager
  • extract WMB to some folder
  • put the WiFiMe zip file into the data subfolder of the WMB folder
  • either flash the DS program to your flash cart
  • or copy the DS program to a CF card and insert it into your CF adapter
  • insert your flash cart / cf adapter into your DS
  • open a command line window, navigate to the WMB folder and run
 WMB -data WiFiMe

If you get the error:

 Error! : Could not load "header.bin"

You did extract wifime.zip. Don't do that.

  • turn on your DS
  • select "DS Download play"
  • download WiFiMe

FlashMe

tools used for this tutorial
tools used for this tutorial


DS Lite warning

Although, the process of flashing the DS Lite is the same as for the old DS, it is much more risky. There are several reports of people for who the DS Lite has turned off during the flash operation, leaving the DS Lite without useable firmware. This is probably caused by a screw that sits next to the SL1 contact on the DS Lite. If this screw is touched during the flash process, the DS Lite turns off. Do not try to flash your DS Lite if you don't know what you're doing!


FlashMe can be downloaded from here. You need to have either PassMe or WiFiMe already working to install it. Instructions for installing it can also be found on the site, but here's a quick guide using WifiMe and a GBAMP:

  • Test WMB with an official demo (you don't need FlashMe to do that much)
  • Make sure your battery is full and that the power cable is plugged in (loss of power while flashing will almost certainly destroy your DS)
  • Download the FlashMe program (flashme.nds)
  • Put it on your flash card in the correct place (on a GBAMP, that's _BOOT_MP.NDS)
  • Open your DS' battery compartment
  • Remove the little red sticker to expose the hole behind it
  • At the bottom of this hole is the SL1 contact that must be temporarily shorted out to rewrite part of the firmware
  • Get a small piece of metal (a little screwdriver, piece of tin foil, or nail will do) that fits into this hole
  • Put your flash card in your DS and turn your DS on
  • Start WifiMe on your PC
  • Choose to download a wireless game on your DS (the "game" is actually WifiMe, which will start the FlashMe program from your card)

Up till now, everything has been safe. Nothing has been changed on your DS, so if you screwed up any of those steps, you haven't lost anything. However, the risky part starts now, so read the next section very carefully:

FlashMe will start flashing after you pressed X B X B
FlashMe will start flashing after you pressed X B X B
  • Start FlashMe with the key combination X B X B (you know you have it right if the "0%" starts to blink)
  • You have to short out the SL1 now by putting the bit of metal into the hole
  • Stay calm and Don't Panic!
  • If you are shorting the SL1 correctly, the percent value on the screen will stop blinking and get higher
  • If your short is not working or if your hand slips and you lose contact, don't worry. The process will pause and the percent value will blink again. Just try again, possibly with a different metal object if you are having trouble keeping SL1 shorted. You have a lot of time to continue, so stay cool.
  • Be Warned! If you turn your DS off or it loses power right now, you will have a shiny, Nintendo-brand brick that cannot play anything
  • Shorting SL1 is actually only necessary for the first 25% or so of the process, but I recommend you leave it shorted just to be safe
  • When it reaches 100%, the screen should say "Firmware flashing completed successfully"
  • Turn off your DS, remove the flash card, remove the bit of metal, put the battery cover back on, and boot your DS again
  • If all has gone well, the DS will boot, but with its new firmware (one way to know that the new firmware is being used is that the "health warning" will no longer appear, unless you chose the version of FlashMe that leaves this intact)

Now that you have installed FlashMe, you can run homebrew code from a flash card just by inserting it and turning the DS on. The new firmware will boot the DS code from the flash card automatically. (As an added bonus, this means you can upgrade to newer versions of FlashMe or even downgrade back to the original firmware without using WifiMe or PassMe again.) You can also download and run homebrew code via WMB by passing the DS binary as the "-data" argument to WMB and downloading it just as you would an official downloadable demo:

 wmb.exe -data mycode.nds

(If you get an error, that header.bin is missing, you forgot the "nds" ending.)

Where to put your code on?

As mentioned before, there are Flash Carts and Compact Flash / SD / miniSD adapters for the GBA slot. There are also some unofficial "Dev-Kits" that provide Flash Carts and PassMe clones, but these are rather expensive and mainly targeted at software pirates. A list of flash carts and CF adapters can be found on the Hardware page here.

.nds/.nds.gba/.ds.gba ???

Depending on whether you use a flash cart or a CF/SD/miniSD adapter, you will have to use different kinds of DS binaries that have different headers. An explanation of these different formats can be found here.

Personal tools