Hacking Malware on Roms

yee · Sep 7, 2006

Hmm.. I thought the only way of writing to the DS' firmware was shorting the SL1?

fluxrez · Sep 7, 2006

FYI, its IMPOSSIBLE to be infected by any sorta virus on a DS

why?
by definition a virus self replicates
so unless its using the wifi connection, wont happen

malware is another story

-Johnny

Covarr · Sep 7, 2006

QUOTE(OrR @ Sep 6 2006 said:
Embedding a trojan into a commercial rom should be possible for some people. However, replacing a commercial rom with a trojan is easy for everyone.

QUOTE(Covarr @ Sep 5 2006 said:

A ROM can't harm your machine unless you're flashing your firmware. End of story.

Actually it's the other way around: A rom can brick your machine unless you're flashing your firmware with FlashMe. End of story.

Click to expand...

I meant, actually in the process of flashing. But, I take back what I said, as I thought that firmware could only be harmed if the SL1 was shorted. I stand corrected.

bobbyblunt · Sep 7, 2006

QUOTE(fluxrez @ Sep 7 2006 said:
FYI, its IMPOSSIBLE to be infected by any sorta virus on a DS

why?
by definition a virus self replicates
so unless its using the wifi connection, wont happen

malware is another story

-Johnny

We're talking about trojans though, not viruses.

Trojan - Computer Science. A program that appears to be legitimate but is designed to have destructive effects, as to data residing in the computer onto which the program was loaded.

KidIce · Sep 8, 2006

QUOTE(yee @ Sep 6 2006 said:
Hmm.. I thought the only way of writing to the DS' firmware was shorting the SL1?

No, if that were the case you would have to save your WFC to every game that supported it.

The reason you have to short the SL1 to install FlashMe is because the first some-odd bytes are protected by it... Sorry I don't recall how many bytes it is and IIRC it's different for the varius revisions of DS's. The rest of the firmware is free to be written to at anytime. Anyway, those protected bytes are where FlashMe puts its fail-safe code and why that code survives even if one were to run something that trashed their firmware.

Obviously since the DS has no such fail-safe, if the firmware is trashed there is really not much one can do about it w/o serious technical skill. This is why one of the items on all those "why you should flash" lists is "protection from trojans"

Rxq · Sep 9, 2006

so malware is only found on homebrew and now nds roms? (usually)

neojei · Sep 13, 2006

Sorry to bring this topic back, but from what I'm understanding the only way to check a comercial ROM is to compare the CRC. Sya its possible to embedd mallware into the ROM, the CRC from what I understand would chance. Is it possible to mask the outputted CRC on the rom with the original CRC of the rom to hide the embedded trojan?

throwingks · Sep 13, 2006

No, the CRC is an algorithm that gives a different output for any change. It does not care what file you are checking. It is a totally different program. That is why you should check the CRC yourself and not just trust the CRC data that comes with the NFO file.

If someone embedded the trojan in a .NDS the CRC would change and you would know it isn't a good ROM.

The best way is to generate your own CRC and cross reference that with a known database of CRCs.

neojei · Sep 13, 2006

Ah... basically its adding thigns with some mathematical equation, and obviously if there's a small change in any one variable, the output would change. Makes sense. Thanks

Hacking Malware on Roms

Well-Known Member

New Member

Sentient Cash Register

Well-Known Member

Smart Ass

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Similar threads

Popular threads in this forum