The exploit and Homebrew Channel are not installed on the system. It is installed in the writable portion of the game card. No kernel access is ever used. End of story.
It doesn't overwrite any system modules, if it did, the whole firmware would become corrupt because it's signed and you can't just randomly resign it. As it stands today, the firmware is wholly protected. If HBMenu uses services and syscalls, it can only use them because Cubic Ninja can - it inherits privileges. It's the exact same case with VHBL and userland exploits - they can run code, but only to the extent of what the original binary was allowed to do.overwriting an systemodul souns pretty kernel for me.
i know what it means afaik full access to the system aside from sig checks etc
Ooohhhh okay. So Relys, the guy who *ahem* analyzed the exploit probably knows more about how it works that the guy who made the exploit. Noooww I get it. I herd Smealum iz illuminaty, too.
well we are talking about the guy who created the decryptors Nand and decryptor I'm pretty sure relys is able to understand a basic exploit ;3
well we are talking about the guy who created the decryptors Nand and decryptor I'm pretty sure relys is able to understand a basic exploit ;3
Decryptors for 3DS games. Not userland exploits.
Even if he is right, that still doesn't mean kernel access.
Not really basic
That's the magic of it - Cubic Ninja is signed, it's a legit retail game. For all the ARM knows, the code is signed and verified - eXecute Never doesn't kick in because it thinks it's running something else entirely.All this guy does is talk shit, I wouldn't take his word for it.
However, that doesn't mean SSSpwn doesn't obtain kernel access. A while back it was claimed that you could not execute unsigned code without a kernel exploit. So if there's no kernel exploit there is at least something beyond simply userland that allows running homebrew.
I'll take smea's word for it that it doesn't obtain kernel access for now though
1. QR Code Overflow
2. Jump to ROP chain in QR code payload
3. Download AES encrypted payload smealum.net/ninjhax/p/POST5_WEST_4096_4096.bin from internet.
4. Escalate privilege level by overwriting a sysmodule.
5. Transfer execution over to boot.3dsx
It doesn't overwrite any system modules, if it did, the whole firmware would become corrupt because it's signed and you can't just randomly resign it. As it stands today, the firmware is wholly protected. If HBMenu uses services and syscalls, it can only use them because Cubic Ninja can - it inherits privileges. It's the exact same case with VHBL and userland exploits - they can run code, but only to the extent of what the original binary was allowed to do.
All this guy does is talk shit, I wouldn't take his word for it.
However, that doesn't mean SSSpwn doesn't obtain kernel access. A while back it was claimed that you could not execute unsigned code without a kernel exploit. So if there's no kernel exploit there is at least something beyond simply userland that allows running homebrew.
I'll take smea's word for it that it doesn't obtain kernel access for now though
He will only be seen as a liar if someone proves him wrong.
So far GovanifY's only achievement was leaking something he hasn't even made himself, so his word isn't exactly worth much. He's more than welcome to demonstrate kernel-level access if he feels like it. In fact, anyone can investigate this - Homebrew Launcher is open source. Go nuts.The burden of proof lies on the accuser, in this case GovanifY.
I don't remember him ever saying that, but such a modification would normally require kernel level access, unless there's some clever trick up smea's sleeve.smea said he is willing to add region free support, and I don't think how such thing could be possible without kernel access...
the launcher is, not the exploit.So far GovanifY's only achievement was leaking something he hasn't even made himself, so his word isn't exactly worth much. He's more than welcome to demonstrate kernel-level access if he feels like it. In fact, anyone can investigate this - Homebrew Launcher is open source. Go nuts.
he did, but somewhere he also said its quite compilcated if i remember right.I don't remember him ever saying that, but such a modification would normally require kernel level access, unless there's some clever trick up smea's sleeve.
You still can't execute your own code though.That's the magic of it - Cubic Ninja is signed, it's a legit retail game. For all the ARM knows, the code is signed and verified - eXecute Never doesn't kick in because it thinks it's running something else entirely.