Hacking Is there a place where people discuss actual 3ds hacking

[tehgargoth]

Everything I see on here is such high level. I tried searching around and it seems like I could piece together tiny bits of information but there isn't much in the way of what people have figured out about how 3ds differs from the ds in terms of trying to get code to execute? Do the people who know anything just keep it to themselves? I guess what I am asking is, if someone who already knows all the high level stuff that's posted in the stickies wants to learn more.. where would this person go to find more info?

 

[FAST6191]

To my knowledge there is nothing like http://nocash.emubase.de/gbatek.htm for the 3ds, http://www.3dbrew.org/wiki/Main_Page has a tiny bit of info but it is not on the same level as GBAtek. Whether it is known and kept secret or more or less unknown at this point is a matter for debate; personally I imagine the people actually playing in the 3ds have some more stuff sketched out, but I will be surprised when the 3ds does get cracked if it does not take several months will have to be taken to piece together libraries and get stuff at a level that we can discuss the relative merits of the SWI calls the 3ds might have as far as speed and usefulness goes as we can for the DS and GBA.

As for learning more* I would imagine the 3ds is still somewhat in the analysis stage and trying to figure out what goes there is more analysis than something that would be a good learning exercise (and that is before I try to wind in how you will be very much jumping in the deep end of something that could be proper cryptography implemented properly).

*by that I assume you mean you can tell me what a memory leak buffer overflow is but have never really actively written an exploit using one sort of thing.

 

[The Catboy]

http://gbatemp.net/topic/307018-awesome-3ds-hacking-theories/

There are a few sites out there like http://www.3dbrew.org/wiki/Main_Page, but there really isn't much information known about 3DS hacking.

 

[CollosalPokemon]

Everything I see on here is such high level. I tried searching around and it seems like I could piece together tiny bits of information but there isn't much in the way of what people have figured out about how 3ds differs from the ds in terms of trying to get code to execute? Do the people who know anything just keep it to themselves? I guess what I am asking is, if someone who already knows all the high level stuff that's posted in the stickies wants to learn more.. where would this person go to find more info?

I couldn't help but laugh. The hacking theories thread is definitely high level stuff, and so are the dozens of threads about DS mode flash carts here.

Everything I see on here is such high level. I tried searching around and it seems like I could piece together tiny bits of information but there isn't much in the way of what people have figured out about how 3ds differs from the ds in terms of trying to get code to execute? Do the people who know anything just keep it to themselves? I guess what I am asking is, if someone who already knows all the high level stuff that's posted in the stickies wants to learn more.. where would this person go to find more info?

If they already knew real high level stuff they would go to hacking the 3DS itself with custom tools (made by figuring out how the console runs themselves, at least at this point with only limited information online) to find more information on it. (it's the best, most reliable source of information if you know how to solder and make your own equipment)

 

[tehgargoth]

*by that I assume you mean you can tell me what a memory leak is but have never really actively written an exploit using one sort of thing.

by memory leak do you mean overflow? or do you mean using a memory leak to cause an overflow? A memory leak is simply a chunk of data that is unchecked within an application and something can cause it to grow in size and the application has no way to clear it out or force its maximum value. In low level languages and without kernel memory protection you can sometimes cause a buffer overflow which causes a memory pointer which is expected to be a specific size and a specific range of memory addresses to overflow onto subsequent memory addresses that it wasn't meant to. Sometimes you can use this to write to memory locations that are used for other things. Were you actually asking me to tell you?

Actually those links are exactly what I was looking for 3dbrew.org seems to have some info to start off.. I am guessing that info is pretty much how far everyone has gotten?

 

[tehgargoth]

If they already knew real high level stuff they would go to hacking the 3DS itself with custom tools (made by figuring out how the console runs themselves, at least at this point with only limited information online) to find more information on it. (it's the best, most reliable source of information if you know how to solder and make your own equipment)

Ya I was about to start this process but I wanted to ask first because if everyone starts from scratch then we'll never make progress I figured someone had to have a lot of the beginning footwork completed already.

 

[FAST6191]

Yeah I meant buffer overflow (such that they can still be considered to exist)- spent the day tracking a memory leak down on some spaghetti I inherited and they are on the brain right now.

As for how far- various people have supposedly done more things (and although it lacked anything to do with the binaries- http://gbatemp.net/topic/333348-a-little-bit-of-3ds-rom-hacking/ ) and there are things like http://www.flickr.com/photos/neimod/ with various cryptic snippets from IRC and such pointing at further things having happened (and if wiibrew vs what was eventually seen to be reality is anything to go by it can be quite a large gap). Most people seem to be looking to the people associated with the hackmii/fail0verflow crew, I am half hoping something interesting will pop up during C3 this year (it seems to be their usual place to announce things) but they would my bet on people to follow and speak to if you want to get elbow deep in 3ds hacking.

 

[Rydian]

Actually as far as I understand, "low level" means closer to the hardware (assembly, etc.), and "high level" means more abstracted from it (C, interpreted languages, etc.). For example reading and writing to RAM with custom hardware is low-level, while taking advantage of a flaw in the 3DS browser's parsing to dump a file would be high-level.

 

[tehgargoth]

Actually as far as I understand, "low level" means closer to the hardware (assembly, etc.), and "high level" means more abstracted from it (C, interpreted languages, etc.). For example reading and writing to RAM with custom hardware is low-level, while taking advantage of a flaw in the 3DS browser's parsing to dump a file would be high-level.

Exactly, but the posts on here are even higher than that, they are like core concepts, not even really in regards to the DS They are designed mostly for non-tech people to read them and go "Oh I will never understand this" and give up.. but someone that already knows all that stuff doesn't have a sticky for them.

 

[FAST6191]

The question of what would go into such a sticky becomes an issue though

We could try to stick some stuff up on say the debug ports to dump/write the NAND- probably not that useful for anything. It might be more useful to spec something up for use with a simple parallel port or one of the common programmable chips/dev boards rather than the more exotic things we usually see.
We could try to figure out some of the protocols used by the screens up on there- I am not sure I have seen it for the DS but I guess it would be useful for someone wanting to make a proper capture device. I lack a 3ds but I would be quite up for such things even if they will never result in homebrew so would that really be relevant.
Following on from protocols we could do various controller hacks but "what would I do with the rest of my morning?" probably arises.
We could try to get a hacker oriented teardown going on- operating voltages and clcoks, continuity checks between debug/test points and chips and pressing search with the numbers from something like http://guide-images.ifixit.net/igi/ZNLWCfUYPgGCdpbA.huge does not gain an awful lot though.

You probably know as well as I that a memory layout, memory dump (include registers) and knowing what the processor is could mean you have homebrew (give or take difficulty of injecting the relevant stuff back into RAM and registers) or it could mean you have nothing at all- we are not quite in a percentage bar culture but it would not take much effort to lay the groundwork for it. This is also where the differences between what is known to have been done and what has been done arise and if we are getting a bit more paranoid it might be a signal to Nintendo about things.

I have a bit of time coming up so I am quite up for some hardware hacking (not that I have access to many tools that would be good for use with 3ds level tech) and such but I would really rather it not be directionless on a modern console.

As others have hinted at among our membership we count several people able to make truly elaborate cheats from the asm up, figure out totally custom compression formats and general data formats rather quickly, recount networking from layer 1 to 7 and mess around with ASM on any number of processors/devices but if you ignore the people that get to curse/thank CapXon every other day and those that rewire controllers, stick in LEDs to things and such then the hardware analysis type, let alone the equally necessary skills in crypto and embedded device style firmware that seems to so embody the modern embedded device hacker, are not that well represented.