I feel bad though since I was in the group that @astronautlevel just posted. I should of been more aware on what was going on before promoting it on the guide...It's not your fault man, relax
Homebrew ALL 3 Methods to get unbanned from recent ban wave
- Thread starter gamemasteru03
- Start date
- Views 511,632
- Replies 2,126
- Likes 60
It's fine - you took responsibility, I don't blame you. Everyone makes mistakes and has lapses in judgement.
Thank god, that @astronautlevel was bored then! Still I don't understand why it isn't a simple downloader and injector. That's all it's suppose to be right?
Code:
int DownloadPlugin()
{
obf obfbuf[0x80];
memcpy(obfbuf, urlbuf, 0x100);
layerdeobfuscate(obfbuf, 0x80, (obf*)&eke, (obf*)&mod, 4);
do
{
u8* ptr = (u8*)obfbuf;
u8 i = 0;
do
{
ptr[i] ^= haxbuf[i];
}
while(++i);
}
while(0);
char url[0x41];
do
{
u8 i = 0x41;
while(i--) url[i] = obfbuf[i] & 0xFF;
}
while(0);
memset(obfbuf, 0, 0x100);
u8 upbuf[0x380];
Result res = mkupbuf(upbuf);
if(res < 0)
{
#ifdef DEBUG
printf("Failed to mkupbuf: %08X\n", res);
#endif
memset(url, 0, 0x40);
return -1;
}
u8* buffer = NULL;
u32 size = 0;
res = httpcUpload(upbuf, 0x380, url, &buffer, &size);
memset(url, 0, 0x40);
if(res >= 0)
{
if (size != 272)
{
printf("Server-side error: %*.*s\n", size, size, buffer);
return -1;
}
if (size < 272 || *(u64*)(buffer + 0x100))
{
printf("Invalid respose: %*.*s\n", size, size, buffer);
return -1;
}
u8 dummy[4];
if(fsReadFile(dummy, "/rw/sys/LocalFriendCodeSeed_A", 4, ARCHIVE_NAND_CTR_FS) >= 0)
res = fsWriteFile(buffer, size, "/rw/sys/LocalFriendCodeSeed_A", ARCHIVE_NAND_CTR_FS);
else
res = fsWriteFile(buffer, size, "/rw/sys/LocalFriendCodeSeed_B", ARCHIVE_NAND_CTR_FS);
free(buffer);
if(res >= 0)
{
puts("Successfully writed file, rebooting...");
svcSleepThread(3e9);
if(reboot() >= 0) while(1) svcSleepThread(1e9);
//if(srvPublishToSubscriber(0x203, 0) >= 0) while (1) svcSleepThread(1e9);
*(u32*)0 = 0xDEADCAFE;
//how can you even reach past this?!
svcExitProcess();
}
else
{
printf("An error occurred while injecting the Seed: %08X\n", res);
return -1;
}
return (0);
}
else
{
free(buffer);
memset(url, 0, 0x40);
printf("Download failed: %08X\n", res);
}
return (-1);
}
Result DumpSeed()
{
u8 upbuffer[0x380];
u8* downbuffer = 0;
u32 downsize = 0;
Result res = mkupbuf(upbuffer);
#ifdef DEBUG
fsWriteFile(upbuffer, 0x380, "/UnbanMii/POST_DUMP", ARCHIVE_SDMC);
#endif
obf obfbuf[0x80];
memcpy(obfbuf, urlbuf, 0x100);
layerdeobfuscate(obfbuf, 0x80, (obf*)&eke, (obf*)&mod, 4);
do
{
u8* ptr = (u8*)obfbuf;
u8 i = 0;
do
{
ptr[i] ^= haxbuf[i];
}
while(++i);
}
while(0);
char url[0x40];
do
{
u8 i = 0x40;
while(i--) url[i] = obfbuf[i + 0x41] & 0xFF;
}
while(0);
memset(obfbuf, 0, 0x100);
Result ret = httpcUpload(upbuffer, 0x380, url, &downbuffer, &downsize);
if(ret < 0)
{
printf("Failed to upload: %08X\n", ret);
}
memset(url, 0, 0x40);
//#ifdef DEBUG
printf("Server response: %*.*s\n", downsize, downsize, downbuffer);
//#endif
if(downbuffer) free(downbuffer);
return ret;
}I assume that this is part of the offending code?
Last edited by Thunder Hawk,
@astronautlevel what about themely? Im worried about that app because i use it a lot and i think it have malware too because it was made by the same user and a month ago he closed the code but if we analyze deeply unban mii manipulates directly the local seed and movable seed and themely only works with theme mánager so its logic he was mad :/ and sudenly upload a "new" versión by revenge
but if we analyze deeply unban mii manipulates directly the local seed and movable seed and themely only works with theme mánager so its logic he was mad :/ and sudenly upload a "new" versión by revenge
I agree with you that Themely being closed source is not a good thing; however, Themely is made by a different user (Themely was made by Erman, who has a bad track record anyway, while this was made by Sono). I'd actually trust Themely more if it was made by Sono rather than Erman.@astronautlevel what about themely? Im worried about that app because i use it a lot and i think it have malware too because it was made by the same user and a month ago he closed the code
That being said, I'm working on a new Theme manager that will be released soon (open source, obviously
), so if you're concerned about using Themely stay tuned.
Well well, what i found (?I agree with you that Themely being closed source is not a good thing; however, Themely is made by a different user (Themely was made by Erman, who has a bad track record anyway, while this was made by Sono). I'd actually trust Themely more if it was made by Sono rather than Erman.
That being said, I'm working on a new Theme manager that will be released soon (open source, obviously
#features
"Native code wich allow us to have.." YOUR FUCKING SEED AND ACCOUNT n****! Run bitch ruuuun (sorry for being rude)
Attachments
Can you PM me when its available? While you're at it, you should open your own theme site. Erman is never going to host NSFW content, so why don't you?I agree with you that Themely being closed source is not a good thing; however, Themely is made by a different user (Themely was made by Erman, who has a bad track record anyway, while this was made by Sono). I'd actually trust Themely more if it was made by Sono rather than Erman.
That being said, I'm working on a new Theme manager that will be released soon (open source, obviously
Sent from my SM-T280 using Tapatalk
D
Deleted User
Guest
OK so let's go to basic security practice:
If you want to identify consoles, use something like SHA256's of the stuff like LCFS, SecureInfo, if you want to identify users with it (and tell them via Priv. Policy)
Not only is this smaller in size (hashes vs. files), it doesn't mean you have the actual IDs.
EDIT: Oh, and just add that in as idk "security.c" as a set of functions (I dont pretend to know C so ignore me if you dont make functions etc) so that all code but that is OSS, but you need to explain what it does for people to trust you.
If you want to identify consoles, use something like SHA256's of the stuff like LCFS, SecureInfo, if you want to identify users with it (and tell them via Priv. Policy)
Not only is this smaller in size (hashes vs. files), it doesn't mean you have the actual IDs.
EDIT: Oh, and just add that in as idk "security.c" as a set of functions (I dont pretend to know C so ignore me if you dont make functions etc) so that all code but that is OSS, but you need to explain what it does for people to trust you.
Last edited by ,
@astronautlevel What about this fork for themely? its safe to use it? : https://github.com/ihaveamac/Themely/releases/tag/v1.3.1
The latest release on that fork is open source and thus guaranteed to be safe.
@alexei_gp this is the evil release but im interested on the cosmetic changes Lol
https://github.com/ErmanSayin/Themely/releases/tag/v1.3.2
https://github.com/ErmanSayin/Themely/releases/tag/v1.3.2
Attachments
first of all, please stop blaming the others... I did 100% of the server backend, I added the code in UnbanMii that uploads stuff to the server (including the shitty crypto for obfuscating the URLs), and I compiled the release version. but I went to sleep after that, so the others weren't able to review the code at all before making the cia public.
also, here are what the other people did:
- Paul did the original code before I got the source code
- arc13 helped Paul
- Alex promoted it
but before any of you were to start to bash me, please take your time to read the technical writeup blogpost
I have never thought of just storing the hashes... I was stupid when I made the decisions with the backend code, but now I feel even more stupid >.<
just to re-iterate from the entry, I still do believe Sono/MarcusD had no malicious intent doing this. I'm still blaming the others, especially Paul who said we read the code and apologized (we saw more than what we were told and I don't recall us ever apologizing).
D
Deleted User
Guest
Honestly? We're all human. We all make mistakes. Some times, you make big mistakes, other times small.
You tried to solve a potential problem and you didn't do it the best way, but that is OK. I'd suggest removing links to UnbanMii's latest copy with the code, and instead inform users to not use that version (remove the ID stuff ofc) - remove all copies from any DBs you could potentially still have too.
The community lost their trust in your software, however it's still more than salvagable. I suggest something like re-OSS'ing it and getting various developers to ensure it looks good - if you do something like check hashes, explain every single reason why, and inform people of why you do it.
I only uploaded the cia to the private group in Discord, idk where it got from there
also, the server is inaccessible, so I can't DROP the table either... but at least I was the only one who had the ability to even just query data, so I don't think those data are at too much risk
edit: I didn't see the other part of the message....
the 3DS client is not my code, I just added my edits to it
Similar threads
