Nintendo 3DS Hack Compilation

Discussion in '3DS - Hacking & Homebrew' started by Roguezz, Jan 1, 2013.

?

What do you think about this "hack"?

It's all a hoax! 51 vote(s) 9.5%
It's true! It took almost two years, but WE WIIIIIINNNNN!!!! 237 vote(s) 44.0%
Umm....it might all be a marketing stunt by the big N? 15 vote(s) 2.8%
It's probably real, but it might not be able to launch homebrew or roms... 179 vote(s) 33.2%
I don't care. -.- 57 vote(s) 10.6%
Jan 1, 2013

Nintendo 3DS Hack Compilation by Roguezz at 5:11 AM (521,574 Views / 38 Likes) 1,232 Comments

    • Newcomer

    Isle41 Pedophile

    Member Since:
    Nov 24, 2011
    Message Count:
    91
    Country:
    Denmark
    Look up the Twilight Hack, an exploit for the wii.

    Sometimes you can modify the save data and when the game loads it, it does stuff it's not supposed to. The Twilight Hack had Epona's name (iirc) so long that the game crashed and allowed homebrew to be ran.

    In the 3DS case, you can't just replace a save file, you need to sign it before the 3DS will load it.
    Last edited by Isle41, Jan 6, 2013


    • Member

    shub13 The Shubinator

    Member Since:
    Oct 16, 2009
    Message Count:
    283
    Country:
    New Zealand
    So basically we edit a save file to Change say the Players name to go beyond the allowed character's thus causing the game to crash?
    • Newcomer

    Isle41 Pedophile

    Member Since:
    Nov 24, 2011
    Message Count:
    91
    Country:
    Denmark
    Something along those lines. I don't know what they're doing to this save game, but I imagine it's something like that.
    • Member

    shub13 The Shubinator

    Member Since:
    Oct 16, 2009
    Message Count:
    283
    Country:
    New Zealand
    So its going to be pretty easy to exploit the 3ds

    Im guessing what your saying is once you exploit the savegame
    All your Unsigned homebrew and roms and stuff will appear on the home menu allowing you to run them?
    • Member

    Naridar New Member

    Member Since:
    Oct 26, 2008
    Message Count:
    213
    Country:
    Hungary
    That's the very basic concept of it. More specifically, any variable (but strings generally works the best) is longer than what the system expects and it has no specific command for this event, and thus the memory block that holds it "overflows", rolling over to the next block of RAM. In the Twilight hack's case, a RAM block contained the code to be ran. By making that the continous overflowing (since the TP game had no command for "if the string doesn't end with 8 characters, stop reading and report a corrupt save error) caused a memory block pointer to get into the running code, pointing to the internal SD slot. It's a programming oversight not to think of overly long strings, so I guess Nintendo pays big attention to this one from now on.

    I hope it's understandable, I'm not too much of a tech junkie. I also hope it's at least rudimentarily correct :)
    Last edited by Naridar, Jan 6, 2013
    • Newcomer

    Isle41 Pedophile

    Member Since:
    Nov 24, 2011
    Message Count:
    91
    Country:
    Denmark
    Naridar has it right.

    Well, no. Not at all.
    Unless of course you sign all the stuff and make it into a channel format for the home menu, or modify the home menu a ton, you're probably going to have to boot into a loader (think homebrew channel).
    • Newcomer

    Makapaka12345 New Member

    Member Since:
    Oct 15, 2012
    Message Count:
    41
    Country:
    United Kingdom
    How long do you expect for the 3DS to be officially hacked?
    Last edited by Makapaka12345, Jan 6, 2013
    • Member

    wiiluver135 New Member

    Member Since:
    Oct 7, 2008
    Message Count:
    293
    Country:
    United States
    wouldn't it be ironic if the game they are using to hack the 3DS is OoT 3D :p
    I'd be all like "DAMN NINTY Y U NO FIX UR ZELDAS!?!?!?"
    lol only time will tell
    • Member

    Thorhian My CPU's prefer Water

    Member Since:
    May 23, 2012
    Message Count:
    350
    Location:
    Shazezar
    Country:
    United States
    It has been officially hacked. When will people see any fruition? Well, maybe months, maybe not until towards the end of the year, nothing has been said, but seeing as the exploit was just found, it is a bit naive to ask for a release date right now.
    • Member

    Tokiopop Caffeine fiend

    Member Since:
    Apr 14, 2009
    Message Count:
    1,534
    Location:
    UK
    Country:
    United Kingdom
    Yeah, that's pretty much it.

    The Twilight hack was a smash stack (otherwise known as a stack buffer overflow), and yellows8 has confirmed that the 3DS exploit is also a smash stack. You're correct about the string being too long; there's no contingency in the code for a long string. So when Epona's name is longer than the allocated buffer, it overflows and it fills adjacent buffers too. Epona's name wasn't just a long string though, it was executable code.

    I've always been interested in this stuff, and I found this book quite good (it has some simple demonstrations of smash stacks in the programming section). If you're interested you should give it a read!

    Edit: This means, of course, you're going to need a specific game for the hack and a way of moving a save file onto it.
    Last edited by Tokiopop, Jan 6, 2013
    spett likes this.
    • Newcomer

    Isle41 Pedophile

    Member Since:
    Nov 24, 2011
    Message Count:
    91
    Country:
    Denmark
    I highly doubt this game was made by Nintendo though. I can't imagine them making the same mistake twice.

    Lego Star Wars 3? Sure, lego never learned XD
    • Member

    the_randomizer The Temp's official fox whisperer

    Member Since:
    Apr 29, 2011
    Message Count:
    9,098
    Location:
    Unknown
    Country:
    United States
    Like this?
    [IMG]
    Last edited by the_randomizer, Jan 6, 2013
    • Member

    kehkou does what Nintendon't

    Member Since:
    Dec 19, 2009
    Message Count:
    360
    Location:
    Navajo Nation
    Country:
    United States
    I wonder if this will allow flipnote studio to be installed on a 3ds...
    • Member

    wiiluver135 New Member

    Member Since:
    Oct 7, 2008
    Message Count:
    293
    Country:
    United States
    pretty much lol
    • Newcomer

    Sohakes New Member

    Member Since:
    May 31, 2009
    Message Count:
    9
    Country:
    Brazil
    Yeah. Reading what yellows8 said on the IRC, the only different thing is that in the case of the 3DS exploit, it's not executable code. There is a protection on the arm processor that makes the save not executable, so it's impossible to use buffer overflow to put code there. The thing is that it's still possible to control the flow of the code if you can change the stack (where the data is stored), you just need to change the return address of the function to where you want. If you do it many times, you can program anything (probably turing complete depending of the 3ds system library) just changing the return values. That's why yellows8 said it's a ROP exploit, ROP stands for return oriented programming. Anyway, I guess it's not practical to use that to do complex thing, so I think there is still another exploit he explored using ROP, that kernel one someone talked about.

    That's what I understood anyway, yellows8 is really friendly and tried to explain on IRC, but maybe I misunderstood. It's a really interesting concept anyway.
    • Member

    alirezay New Member

    Member Since:
    Oct 14, 2012
    Message Count:
    126
    Country:
    Iran
    Hey guys nintendo will test all the games and soon they will erase the exploit so its better for neimomd to release the exploit
    And ofcourse nintendo would not only wait for neimond to release the exploit...
    • Newcomer

    Cazoup New Member

    Member Since:
    Jan 3, 2013
    Message Count:
    2
    Country:
    Canada
    I'm not sure if I understood you correctly but from my knowledge ( which isn't much trust me) I think if you don't update your 3ds you should be fine since its card based and only really way to stop it is to update firmware. Yes no did I get it right? Kinda just going out on a limb. Just in case I just leave wifi totally turned off
    • Member

    Technicmaster0 New Member

    Member Since:
    Oct 22, 2011
    Message Count:
    1,496
    Country:
    Germany
    It's not as easy as "testing all games". They don't know which game they're using and they don't know which part of the savegame they edit.
    • Member

    alirezay New Member

    Member Since:
    Oct 14, 2012
    Message Count:
    126
    Country:
    Iran
    Its very easy for nintendo cause nintendo isnt a person ... Even 20 people from nintendo can find the exploit under 3 mouth.and i dont get the point of keeping it secret cause if we dont update even if nintendo releases a update for fixing this neimond can still do it in corrent version!!!!!and he still have time to search for that great exploit(!!!)...
    • Member

    alirezay New Member

    Member Since:
    Oct 14, 2012
    Message Count:
    126
    Country:
    Iran
    No....you can turn ur wifi on cause you have to accept update and 3ds has not an automatic update...

Share This Page