Homebrew [challenge] gw-sky-pasta detection

[gamesquest1]

step1, make a homebrew app, if it loads the user is using CFW or gateway.....do i win anything?

 

[MrJason005]

what the shit

 

[gamesquest1]

what the shit

tbh i can kinda see the point in regards to detecting sky3DS.....not sure about the "has to be open source & public domain", that just seems like "do some work for us as we cba"....but for curiosities sake it would be interesting to finally put the "can sky3DS be detected?" question to bed, im fairly sure it could be, but it would be good to have proof for the "IT CAN NEVER BE BLOCKED....EVVVVEEEERRR!" gang, tbh i think it seems more like a lack of motivation from nintendo....maybe just maybe since the release sales for the 3DS shot up so they are letting it slide for a while to increase sales figures for their investors sakes

but whatever the reason, maybe it truely cant be detected and blocked in a reasonable way that would be 100% safe for normal legit consumers.....but it does sound like a fun project (kinda)

 

[NewWorldOrder]

step1, make a homebrew app, if it loads the user is using CFW or gateway.....do i win anything?

no. that could still "just" be homebrew. if you manage to install an improperly signed cia tho, you'd detect a modified crypto-signature verification routine.

I think the OP is just screwing around. Though, a competition like that could be amusing, for those incredibly bored, but it should be closed source for obvious reasons.

but... but you'd unlock an achievement named "maturity"!!!1

 

[ody81]

You are just asking for trouble dude.

Have another drink.

 

[WulfyStylez]

Modified firmware is easily detectable all over??? I literally don't get what you're getting at. Nintendo doesn't seem to have detection for this atm, but there's literally thousands of different ways to detect tampered-with firmware.

AFAIK you owe gateway a kiss and unlimited uberhaxxor fame b/c they already check for stuff being tampered with FIRM-side (not just in their loaders or anything).

 

[tony_2018]

Of course the OP is being stupid. I don't even care if it can or can't. OP just wants someone else to do his work thats all.

 

[MRJPGames]

tbh i can kinda see the point in regards to detecting sky3DS.....not sure about the "has to be open source & public domain", that just seems like "do some work for us as we cba"....but for curiosities sake it would be interesting to finally put the "can sky3DS be detected?" question to bed, im fairly sure it could be, but it would be good to have proof for the "IT CAN NEVER BE BLOCKED....EVVVVEEEERRR!" gang, tbh i think it seems more like a lack of motivation from nintendo....maybe just maybe since the release sales for the 3DS shot up so they are letting it slide for a while to increase sales figures for their investors sakes

but whatever the reason, maybe it truely cant be detected and blocked in a reasonable way that would be 100% safe for normal legit consumers.....but it does sound like a fun project (kinda)

ninty doesn' fix so people thing Sky is holy and cannot be fixed, and they all just update as it will just work like all the times before, and then out of nowhere BOOM blocked, most sky users already updated as they at this point just assumed it would still work and nintendo removes more pirates from its user base than it would have otherwise

 

[MrJason005]

ninty doesn' fix so people thing Sky is holy and cannot be fixed, and they all just update as it will just work like all the times before, and then out of nowhere BOOM blocked, most sky users already updated as they at this point just assumed it would still work and nintendo removes more pirates from its user base than it would have otherwise

They should have the next update include a ticking timebomb, which goes off after a month, where people think it's safe.

 

[MRJPGames]

They should have the next update include a ticking timebomb, which goes off after a month, where people think it's safe.

yeah, that'd be great XD

--------------------- MERGED ---------------------------

Just in case you are actually serious, why not help you, it won't change much anyway.

Spoiler

void CFW_SecondStage(void) {
u8 patchO0[] = { 0x00, 0x20, 0x3B, 0xE0 };
u8 patchO1[] = { 0x00, 0x20, 0x08, 0xE0 };
u8 patchN0[] = { 0x01, 0x27, 0x1E, 0xF5 };
u8 patchN1[] = { 0xB4, 0xF9, 0xD0, 0xAB };
u8 patchN2[] = { 0x6D, 0x20, 0xCE, 0x77 };
u8 patchN3[] = { 0x5A, 0xC5, 0x73, 0xC1 };
//Apply patches
DrawDebug(0,"Apply patch for type %c...", cfw_FWValue);
switch(cfw_FWValue) {
//Old-3DS
case '1': // 4.x
memcpy((u32*)0x080549C4, patchO0, 4);
memcpy((u32*)0x0804239C, patchO1, 4);
break;
case '2': // 5.0
memcpy((u32*)0x08051650, patchO0, 4);
memcpy((u32*)0x0803C838, patchO1, 4);
break;
case '3': // 5.1
memcpy((u32*)0x0805164C, patchO0, 4);
memcpy((u32*)0x0803C838, patchO1, 4);
break;
case '4': // 6.0
memcpy((u32*)0x0805235C, patchO0, 4);
memcpy((u32*)0x08057FE4, patchO1, 4);
break;
case '5': // 6.1 - 6.3
memcpy((u32*)0x08051B5C, patchO0, 4);
memcpy((u32*)0x08057FE4, patchO1, 4);
break;
case '6': // 7.0-7.1
memcpy((u32*)0x080521C4, patchO0, 4);
memcpy((u32*)0x08057E98, patchO1, 4);
break;
case '7': // 7.2
memcpy((u32*)0x080521C8, patchO0, 4);
memcpy((u32*)0x08057E9C, patchO1, 4);
break;
case '8': // 8.x
memcpy((u32*)0x080523C4, patchO0, 4);
memcpy((u32*)0x08058098, patchO1, 4);
break;
case '9': // 9.x
memcpy((u32*)0x0805235C, patchO0, 4);
memcpy((u32*)0x08058100, patchO1, 4);
break;
//New-3DS
case 'a': // 8.x
memcpy((u32*)0x08053114, patchN0, 4);
memcpy((u32*)0x080587E0, patchN1, 4);
break;
case 'b': // 9.x
memcpy((u32*)0x08052FD8, patchN2, 4);
memcpy((u32*)0x08058804, patchN3, 4);
break;
}
DrawDebug(1,"Apply patch for type %c... Done!", cfw_FWValue);
}

This is pasta source code. Basicly the 2 memcpy commands patch parts of ram, if you read the first argument (aka adress in ram) of the memcpy function of ram and they match the second argument it has pasta.

 

[Slushie3DS]

Hue, Shiny was already explaining how Sky3DS could be detected and blocked.

This is false on so many levels, once again because it doesn't respond to certain commands normal carts do, and also because it does respond to some commands which a normal cart never replies to. And all you need is one verified and incorrect response to detect it as a sky cart. The diagnostic tests test the entire SPI memory, among other things. All you need is a single reply to a SPI command to invalidate the cart, which doesn't take long.

 

[pastaconsumer]

...
wow... just wow...
You want to ruin the HOURS of labor people at Sky3DS, Gateway, and Pasta because you don't want piracy?
Take this opportunity to look around the world. Corruption is everywhere. Shady, illegal shit will happen. Don't like piracy? Alright, but don't fuck with those who do. I won't give my opinion on whether or not I support piracy, as the internet sure as hell isn't the place for opinion, but I will say this:
Don't like it, don't do it.
That simple... Now, take your anti-piracy shit elsewhere. This is not the place for it.

 

[shinyquagsire23]

...
wow... just wow...
You want to ruin the HOURS of labor people at Sky3DS, Gateway, and Pasta because you don't want piracy?
Take this opportunity to look around the world. Corruption is everywhere. Shady, illegal shit will happen. Don't like piracy? Alright, but don't fuck with those who do. I won't give my opinion on whether or not I support piracy, as the internet sure as hell isn't the place for opinion, but I will say this:
Don't like it, don't do it.
That simple... Now, take your anti-piracy shit elsewhere. This is not the place for it.

Hey, look in the bright side. If I actually pull this off KARL gets a new feature

EDIT: And for the record, checking for CFW/other carts is impossible from ARM11, however you can do it from ARM9 so I'll try to look into it. Might not get anywhere though without going through the entire length of Gateway obfuscation stuff.

 

[pastaconsumer]

Hey, look in the bright side. If I actually pull this off KARL gets a new feature

EDIT: And for the record, checking for CFW/other carts is impossible from ARM11, however you can do it from ARM9 so I'll try to look into it. Might not get anywhere though without going through the entire length of Gateway obfuscation stuff.

By the way, I made a new logo

 

[Suiginou]

This is pasta source code. Basicly the 2 memcpy commands patch parts of ram, if you read the first argument (aka adress in ram) of the memcpy function of ram and they match the second argument it has pasta.

One day I'll understand why they use memcpy instead of direct assignment to a u32 for a four-byte patch. One day.

 

[NewWorldOrder]

EDIT: And for the record, checking for CFW/other carts is impossible from ARM11

dead wrong. no kisses for you :|

edit: no hugs either

--------------------- MERGED ---------------------------

One day I'll understand why they use memcpy instead of direct assignment to a u32 for a four-byte patch. One day.

my prediction is: once you do, you'll start contributing something meaningful.

 

[ody81]

...
wow... just wow...
You want to ruin the HOURS of labor people at Sky3DS, Gateway, and Pasta because you don't want piracy?
Take this opportunity to look around the world. Corruption is everywhere. Shady, illegal shit will happen. Don't like piracy? Alright, but don't fuck with those who do. I won't give my opinion on whether or not I support piracy, as the internet sure as hell isn't the place for opinion, but I will say this:
Don't like it, don't do it.
That simple... Now, take your anti-piracy shit elsewhere. This is not the place for it.

I second that motion, every week on the temp there's another asshole taking a shot at people for what they do in private.

Remember guys, you aren't Nintendo, it's not your job to prevent a damn thing, if it's that bad then I'm sure the multi-billion dollar company will deal with it themselves without the Social Justice Warriors.

 

[NewWorldOrder]

every week on the temp there's another asshole

the multi-billion dollar company will deal with it themselves without the Social Justice Warriors.

you're acting like a little kid that's afraid of his toy being taken away by his mommy. this is a technical challenge which you do not have to take part in, no need to insult people.

 

[Jiro2]

How's anyone here going to be able to detect Sky? To detect something you have to run detection code. Sky can only run cartridge dumps--it can't run your detection code. You'd only be able to detect it if you're running some CFW in addition to the Sky, or unless you're Nintendo.

 

[NewWorldOrder]

How's anyone here going to be able to detect Sky? To detect something you have to run detection code. Sky can only run cartridge dumps--it can't run your detection code. You'd only be able to detect it if you're running some CFW in addition to the Sky, or unless you're Nintendo.

for now, it's a technical challenge to get people into programming for the 3ds and demonstrating how much more enjoyable it can be than playing one title after another. if nintendo decided to take your detection code (which i highly doubt) and use it in future games/firmware updates, what would you lose (besides _temporarily_ being unable to play the newest games)? nintendo probably won't spend too much time developing AND testing countermeasures as it costs them too much money and time which must be considered wasted as soon as the countermeasures are being cracked.