Hacking Updating 3ds and Exploits

Kakkoii

Kakkoii

Old fart
Member
Level 5
Joined
Sep 14, 2007
Messages
631
Trophies
0
XP
586
Country
Canada
lambstone said:
Wait what?

So there's still an exploit available on 6.3.0 but just that there has been no progress in making use of it?
Click to expand...

No. There is a user level exploit still available, but you can't do much with it. The other exploit was kernel level. So you'd use the userlevel one to get your foot in the door, then the kernel level to take control of the system. We can only get our foot in the door on 5.0+, until hopefully a new kernel exploit is found...

NATIVE_FIRM confirmed updated on 3DBrew, in 7.0.
http://3dbrew.org/wiki/7.0.0-13
So yeah, seems like that last standing vulnerability was patched.
 
M

mathieulh

Well-Known Member
Member
Level 6
Joined
Feb 28, 2008
Messages
378
Trophies
0
Website
keybase.io
XP
897
Country
France
Pong20302000 said:
yup
DS Settings now boots SAFE_FIRM instead of NATIVE_FIRM now :P
Click to expand...


So what ? Whatever firmware mset runs on top of has nothing to do with mset itself, the question is: Is mset still exploitable ?

A lot of people claim the mset vulnerability hasn't been fixed in 6.3.x presumably because changing the lenght value still makes it crash, but a crash doesn't necessarily mean an exploit.
There are plenty of ways Nintendo could have fixed the vulnerability itself while still letting mset crash. In fact, if I were them, I'd call the panic function as soon as I detect a lenght that's set too large. I am not them though, so who knows what they did ? Until someone posts actual assembly of the 6.3.x mset or test more than just the fact that it "crashes" I will assume the vulnerability might have been fixed already.

Also should someone exploit SAFE_FIRM, he would most likely gain enough privileges to softload a patched version of NATIVE_FIRM. (though it would require changing the base addresses and so on, so it would be more of a pain, but doable)

That said, there is little hope of someone finding a new NATIVE_FIRM exploitable vulnerability considering how limited people are while using ROP chains in the first place.
 
  • Like
Reactions: Schizoanalysis and cearp

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew  A new way to experience StreetPass

Is it possible...?

Hacking Homebrew  how to link pnid to 3ds/how to use juxtaposition?

Hacking Hardware  New Nintendo 3DS XL Louvre

Emulation  i have citra, i have my aes keys installed, how do i get the home menu

Hacking Misc  VCRUNTIME140.dll UCRTBASED.dll Master Thread

Hardware  Why does my 3DS take so long to turn off?

Translation Project  DQM2SP translation

General chit-chat
Help Users
    Psionic Roshambo @ Psionic Roshambo: I am the cancer!!! lol