Some hacking concepts and links

Discussion in '3DS - Hacking & Homebrew' started by FAST6191, Apr 8, 2011.

Apr 8, 2011
    • Newcomer

    MewtwoEx New Member

    Member Since:
    Sep 12, 2009
    Message Count:
    19
    Country:
    Mexico
    Keep up the good work guys, if anyone have the brains to do this, that´s you!
    Which is easier said than done


    • Newcomer

    unicode2CP New Member

    Member Since:
    Oct 19, 2008
    Message Count:
    49
    Country:
    Croatia
    1 people like this.
    • Member

    elisherer I ♥ 3DS

    Member Since:
    Dec 16, 2009
    Message Count:
    778
    Location:
    3dbrew.org
    Country:
    Israel
    How is the app your using is different from 3DSaveTool which was made a year ago?
    Plus, 3dsexplorer do the same thing and lets you save the key from the file-tree...
    Unless you come up with a way to get the actual key for making that xorpad or figure out how to get the key for the newer files (i.e. mk7/sm3dl)
    this discussion is just repeating stuff that have been said a year ago...
    • Newcomer

    Mefisteso New Member

    Member Since:
    Mar 14, 2009
    Message Count:
    33
    Country:
    Poland
    Did you know about that site?
    User Shagraarath offer full roms releases of US and EUR regions. You could easily find his blogspot or facebook profile.
    If noone offers real 3ds roms(which are substantial during hacking) this guy seems legit.
    • Banned

    totalnoob617 Banned!

    Member Since:
    Sep 27, 2010
    Message Count:
    785
    Country:
    United States
    yes too bad damn letitbit has blocked US traffic , someone said a few days after the mega raid it would be reopened up to US in a week but last i tried a few days ago(which was over a week) it was still blocking US =( ,be lucky you dont live in this $hit hole police state, and now they are censoring torrents too,and btjunkie has closed
    i can get the torrents on other torrent sites that are "censored by a US court" with a proxy, but letitbit and proxies? i have tried proxy servers,but they slow my connection down so bad its not even worth it.

    people should have been out protesting ACTA here like they were in poland
    • Newcomer

    Mefisteso New Member

    Member Since:
    Mar 14, 2009
    Message Count:
    33
    Country:
    Poland
    Actually, I'm from Poland but I can use links without any restrictions :D
    And yes, ACTA caused great disgust in Poland, that's not easy to forget about the whole action but atm rectification of ACTA was moved by half year what is temporary success.


    If you have problem with downloading in US, maybe you should use european/asian proxy server? That's slower but well...free version of letitbit is slow already...
    • Newcomer

    RichardAnthonyMa New Member

    Member Since:
    Feb 17, 2012
    Message Count:
    2
    A fucking essay right there i couldnt be assed reading it :P
    • Member

    Mariosegafreak New Member

    Member Since:
    Aug 7, 2011
    Message Count:
    240
    Country:
    United States
    So, this fourm is about goals on hacking? When the 3DS is hacked, I want game icons on my homescreen, like the forwarder channels you can put on a hacked wii.
    • Newcomer

    high.kaze New Member

    Member Since:
    Feb 13, 2012
    Message Count:
    75
    Country:
    Vietnam
    If it actually/eventually get hacked, they've got to make it so that it ends up REGION-FREE. Some japanese games like Super Robot Wars will never come over to the states, so we just really need this for a gamer like me.
    • Member

    SifJar Not a pirate

    Member Since:
    Apr 4, 2009
    Message Count:
    6,022
    Country:
    United Kingdom
    These things are not what this thread is for. This is for serious discussion of actual hacking methods. Not for dreaming up what you want to happen when something is hacked.
    • Newcomer

    high.kaze New Member

    Member Since:
    Feb 13, 2012
    Message Count:
    75
    Country:
    Vietnam
    Oh, okay. There is a similar topic, so I didn't think this forum would take on the same discussion type. But I'm sorry.
    Anyway, I've come up with a theory: what if we grabbed the update download link, switch it with a custom firmware located on a different server, and force-install it? Viable solution?
    • Member

    SifJar Not a pirate

    Member Since:
    Apr 4, 2009
    Message Count:
    6,022
    Country:
    United Kingdom
    Again, actual hacking methods not "theories". There is a thread for those, and this is not it.
    • Newcomer

    high.kaze New Member

    Member Since:
    Feb 13, 2012
    Message Count:
    75
    Country:
    Vietnam
    Ah crap, so sorry =.=;
    • Member

    Mariosegafreak New Member

    Member Since:
    Aug 7, 2011
    Message Count:
    240
    Country:
    United States
    ...Sorry. I'll go there...
    • Member

    TheDreamLord New Member

    Member Since:
    Jun 8, 2011
    Message Count:
    898
    Location:
    Ireland
    Country:
    Ireland
    I had an idea, it may be stupid, but shoot me, I'm young.
    I was thinking, there are many different 3DS browser tricks, (Can't think of one) It let you move zelda around a map, and play a sound when you pressed A or B, would it be possible to insert some bad code inside of a .php or .html? It seems stupid, but I felt I had to say it, considering there are things like that, maybe we can utilize the hard drive inside of the 3DS too, like we used the a and b button?
    • Banned

    Luigi2012SM64DS G-old member

    Member Since:
    Aug 27, 2011
    Message Count:
    2,062
    Location:
    Minecrapt
    Country:
    Canada
    i think we already know the brower is sandboxed
    (btw wth does sandboxed mean)
    • Member

    TheDreamLord New Member

    Member Since:
    Jun 8, 2011
    Message Count:
    898
    Location:
    Ireland
    Country:
    Ireland
    Sandboxed means cut off from the rest. So is it sandboxed? I have a few other ideas then. With the 3DS save backup and restore, could you insert a .elf or whatever into it and use the buffer overflow in OoT to cause something?
    • Member

    SifJar Not a pirate

    Member Since:
    Apr 4, 2009
    Message Count:
    6,022
    Country:
    United Kingdom
    No to both ideas. No offence, but I suggest you leave the ideas to people who know what they're doing. Chances are they will think of the possibilities themselves, and they will know whether stuff is likely to work or not. Even better, learn all this stuff yourself, then you will have more of an idea of viable exploit vectors.
    • Reporter

    FAST6191 Techromancer

    Member Since:
    Nov 21, 2005
    Message Count:
    17,175
    Country:
    United Kingdom
    I tend not to note minor changes I make to the first post but this I will. In the opening post I mentioned a nice talk/writeup called 17 mistakes Microsoft made in the (original) xbox security system but the xbox linux wiki was and still is down. However the wayback machine decided to work for me today (it was being temperamental the night I typed this opening post) and drummed up a nice copy of the document which I previously/otherwise could not find (I could only find references to it and the slides made for the 2005 C3 congress presentation although I also found the paper* as a result of today's efforts). I highly recommend reading it if you have an interest in hacking

    http://web.archive.org/web/20090212084156/http://xbox-linux.org/wiki/17_Mistakes_Microsoft_Made_in_the_Xbox_Security_System

    I grabbed a copy as well so might try to port it back out.

    * http://events.ccc.de/congress/2005/fahrplan/attachments/591-paper_xbox.pdf
    • Member

    iNFiNiTY New Member

    Member Since:
    Apr 18, 2004
    Message Count:
    657
    Country:
    United Kingdom
    I don't see why 'it's sandboxed' is supposed to counter that point.. new Android versions were reported rooted recently with a not-yet disclosed webkit exploit, then a user mode to root seperate exploit. Pretty sure they use the same ideas of sandboxing on there though. The browser is a lot weaker area than savegames that people keep wanting to go back to. Nintendo knows savegames are a problem, and has done a fair bit to try and stop it. So more attractive is the more-and-more-each-day vulnerable webkit engine in the browser.. the Android non-disclosed was not system specific.

    I think it was an awful idea.. so many platforms devices using this engine now, it's going to be THE big target for hackers.. and no doubt 3DS/Vita will both be affected at least by some of them, and maybe even their own specific ones. There's some nice ways for testing devices for vulnerabilities with crafted webpages that try to just do everything possible to find a buffer overflow/force a crash. Maybe useful in future. If google can't sandbox Chrome to not allow code execution i'm not sure Sony/Nintendo can.

SPONSORED LINKS
 

Share This Page