Hacking Any luck on fake eshop/update server?

[Yil]

If you can trick the 3ds, you probably could install your own os/ application without hacking the hardware. Say boot with home-brew that has eshop and other features. Too bad this is too technical.

 

[Dramamine!]

You can't. The 3DS verifies the server it's talking to is authentic, or at least the file it receives is legitimate.

 

[Typhin]

It should be possible to spoof the eShop server, especially if someone had captured the responses/data from the official server. But since anything downloaded and installed would need a valid signature, it wouldn't be useful. Only Nintendo has the private key to generate a valid signature for your system, so you wouldn't even be able to use it to grab old versions of apps (like the vulnerable YouTube app, for instance).

 

[Apache Thunder]

I believe it's theoretically possible to spoof a eShop update server. But I don't think you can use it to downgrade the console without first having a Arm11 kernel hack or access to the needed services as Arm11 normally verifies what it's installing is newer then what's being replaced. It doesn't normally allow you to downgrade and even a server spoof will not get around that if you don't have Arm11 at the least.

 

[Yil]

I believe it's theoretically possible to spoof a eShop update server. But I don't think you can use it to downgrade the console without first having a Arm11 kernel hack or access to the needed services as Arm11 normally verifies what it's installing is newer then what's being replaced. It doesn't normally allow you to downgrade and even a server spoof will not get around that if you don't have Arm11 at the least.

Of course not downgrade, but custom OS with higher system signature.

 

[Apache Thunder]

You need Arm9 access to fool sig checks. That or find a way to create valid signatures which requires gaining access to highly secret company data like the private keys. That is highly unlikely. It's a pipe dream to ever think you will be able to run a modified CFW natively on sysnand without using exploits.

 

[Yil]

You need Arm9 access to fool sig checks. That or find a way to create valid signatures which requires gaining access to highly secret company data like the private keys. That is highly unlikely. It's a pipe dream to ever think you will be able to run a modified CFW natively on sysnand without using exploits.

Okay, I thought some guy already have the private keys cracked. but what I mean is to replace sysnand.

 

[Apache Thunder]

I don't think so. Unless you were thinking of the homemenu hax that recently came out. That also depends on a exploit. (specifically an exploit involving the theme system and if your above 9.2 firmware, it won't get you Arm11 nor Arm9 access) A full custom CFW that doesn't rely on exploits would either have to exploit a flaw in bootrom or having the private keys. Which as far as I know, no one has gotten even close to doing.

 

[Psi-hate]

Okay, I thought some guy already have the private keys cracked. but what I mean is to replace sysnand.

Nope. Nintendo is the only people who can sign stuff. All we can do is run unsigned stuff via arm9hax. Other than that, there's really no point unless you are able to use homemenuhax to autoload kernel exploits to boot into a modified emunand. (I don't even think modifying emunand is even possible in a lot of ways. Merely minor stuff like tools and software, not anything near OS stuff.)

 

[Sonansune]

crazy stuff.
I believe 3ds verify some ticket or whatever with the server.

 

[shinyquagsire23]

crazy stuff.
I believe 3ds verify some ticket or whatever with the server.

This happens as well, all tickets (even common ones) must be retrieved from the Nintendo servers, and non-common ones need proper signing from Nintendo as well. So even before issues with the app you're downloading's signature, you'd sooner have ticket issues.