Homebrew Some hacking concepts and links

JaronMatthewHigg

Well-Known Member
Newcomer
Joined
Mar 26, 2012
Messages
81
Trophies
0
Age
23
XP
75
Country
United States
Just a thought>>> I know this is not 3DSWare Targeted, but what if someone were to unpack a Nintendo DS homebrew ROM and find a folder to put it in, and the 3DS will be a flashcart itself?
 

Rydian

Resident Furvert™
Member
Joined
Feb 4, 2010
Messages
27,880
Trophies
0
Age
36
Location
Cave Entrance, Watching Cyan Write Letters
Website
rydian.net
XP
9,111
Country
United States
Just a thought>>> I know this is not 3DSWare Targeted, but what if someone were to unpack a Nintendo DS homebrew ROM and find a folder to put it in, and the 3DS will be a flashcart itself?<<<Just a thought
No, there's multiple things standing in the way of that, too many for me to even start listing.
 
  • Like
Reactions: 1 person

Misterke

New Member
Newbie
Joined
Aug 23, 2012
Messages
3
Trophies
1
XP
112
Country
Belgium
Can anyone point me to some technical info on the actual ROM cartridges used by the 3ds? I'm wondering how Nintendo checks the validity of those cartridges instead of the validity of the content of them. I mean: if only the image stored on the cartridge would be signed, then copying that image completely to another cartridge would still ensure a valid indistinguishable signature. So somehow there must be an additional check by the console to guarantee that the cartridge is a legitimate one. Understanding that check can help exploit it: ex. if the check is only at startup, then you rig some hardware that at startup just passes everything through to a legit cartridge and only after startup reroutes to its own image. Depending on how the 3ds (or even the legit game) loads code (at startup or dynamically) this could then allow your own code-injection.

So, does anyone know of some docs on how the 3ds verifies its cartridges?
 

SifJar

Not a pirate
Member
Joined
Apr 4, 2009
Messages
6,022
Trophies
0
Website
Visit site
XP
1,175
Country
Hm..since 3DS can run home-brew in DS mod (via flashcards like DSTWO for example)
why not use that as an opened door to inject 3DS hacks to crack 3DS security somehow? ...somehow

(just an idea...)
Because it is "sandboxed" i.e. cut off from accessing all hardware and resources not available on a DS. In DS mode, the 3DS acts exactly like a DS i.e. no 3D, decreased CPU and RAM, decreased resolution etc. There are careful protections in place to prevent being able to re-enable the disabled hardware.
 

Metoroid0

Samus Aran
Member
Joined
Nov 2, 2012
Messages
2,231
Trophies
1
Location
Unknown region of space
Website
www.metroidwiki.org
XP
2,118
Country
Japan
Because it is "sandboxed" i.e. cut off from accessing all hardware and resources not available on a DS. In DS mode, the 3DS acts exactly like a DS i.e. no 3D, decreased CPU and RAM, decreased resolution etc. There are careful protections in place to prevent being able to re-enable the disabled hardware.
Sandboxed like GC mode in Wii?
Yeah, but maybe there is some hole in the sandbox to inject hacks...​
I mean, is that possibility checked or is it a theory?​
(sorry for being a noob..again :P )
ht_BuildaSandbox_hero_image.jpg
 

msansom

Member
Newcomer
Joined
May 26, 2013
Messages
12
Trophies
0
XP
73
Country
This is going to sound like a ridiculous question, but if all gateway 3ds does is mimics a 3ds game, what is stopping us making our own at home? What is actually preventing us from opening up a really crappy 3ds cart (sims 3 for example ;)), desoldering the memory chip that is used to store the game image, and replacing it with a micro sd holder? the sd card would have the rom dumped to it in the same file system format that the previous memory used and be formatted to the correct size? apart from the sd card not being compatible the only issue I can see here is the save game.
 

FAST6191

Techromancer
OP
Editorial Team
Joined
Nov 21, 2005
Messages
36,798
Trophies
3
XP
28,282
Country
United Kingdom
We do have a hacking theories thread -- http://gbatemp.net/threads/post-your-ideas-regarding-how-to-hack-the-3ds-here.307018/

Generally though, assuming you have a complete dump and there are no extra security measures, you also have to consider that microSD does not read in the same way as another type of memory-- the way you read memory can differ greatly between chips and SD for that matter is quite different to raw NAND (which is why you can get XD cards and sometimes add them to devices) or some other type of memory (memory speeds, some memory will only read 8,16 or 32 bit packets at once, some memory will require a reading confirmed command....).

It has happened in the past (the XD memory thing being used on the 360 for dual nand for instance) and http://www.ziegler.desaign.de/readplus.htm#Home made carts for the GBC but it does not mean it will happen here. You might be able to chain a logic device to a memory card format but at that point you have pretty much made a flash cart and might as well have just got one made for you.

On top of that you also have the save issue (various types of save with different sizes, different read/write methods ( http://nocash.emubase.de/gbatek.htm#gbacartbackupids ) and more. Some are speculating this is what is troubling the teams in question but I am not so sure.
 

isaac52

Well-Known Member
Member
Joined
Sep 22, 2008
Messages
277
Trophies
0
Age
33
Location
MD, USA
XP
224
Country
United States
Would editing the code of a DS game pokemon then transferring it to X/Y possibly cause it to crash and open up possibilities?

Just a thought, depends heavily on just how well the pokebank sorts out hacks.
 

FAST6191

Techromancer
OP
Editorial Team
Joined
Nov 21, 2005
Messages
36,798
Trophies
3
XP
28,282
Country
United Kingdom
We do have an ideas thread but OK.
Any time there is input into a game (including by the controls themselves) there is the potential for an crash and thus/also the potential for some type of exploit. As you say though they appear to be doing some kind of sanitisation on the data (even if it is not for device security it will likely frustrate device hacking efforts) and on top of that the 3ds already has a not unreasonable amount of protection against hacks delivered in this manner. To that end and for my money the best you can hope for by attempting to exploit the transfer options is a shortcut to making good pokemon.
That said I am curious to see what kinds of sanitisation and/or checks they try, improved general tools aside it would probably be one of the more interesting things to come out of pokemon hacking in some time.
 

WaryLouka

Official Representative of the SuperCard Team
Banned
Joined
Jun 22, 2013
Messages
216
Trophies
1
Age
40
Location
NO RECORDS
XP
176
Country
United States
I don't know if the bug can run code or anything, as it's not depending on a file, but

On the Youtube app, if you open a video with subtitles, and you put in the subtites, and then you start spamming the very right down corner, the Youtube app will "crash" by showing the homescreen for 3 seconds and displaying a black screen.
I doubt if you guys can reproduce it but whatever, I just feel like posting it
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
    Veho @ Veho: He's right behind me, isn't he?