Hacking Exploit in youtube, might lead to something?

  • Thread starter Thread starter rondoh70
  • Start date Start date
  • Views Views 17,882
  • Replies Replies 94
The guy above is just messing with you (we have had thing like the ds profile exploit up everywhere for longer and nintendo didnt care for a long time) The isssue is that ppl that could use this (if possible, its probable tho that the 3ds just cannot handle that type of file and crashs?) dont care about us at all :(
 
Nintendo reads these forums, so I'm sure the exploit will be patched soon. Good job, OP.

The worst that could happen is that it turns into the sudohax situation. And i'm not the first person to find the youtube glitch, but i'm the first person to note that there is a possibly exploitable crash when loading a file with bad code.
 
You probably also know that there's some people that enjoy sending all these things in emails to Nintendo right? x'D
But anyway, I believe you guys are looking too deep into things, sometimes a crash or a freeze is just that. z.z
 
Or else it is a shot in the wild.

Funny but exactly ! Maybe if a buffer overflow happens when the 3GP/MP4 are loaded, we can make a code to edit the instruction register to jump an area with code to make the ROP Chain.
 
There are numerous 3gp video file formats
  • 3GPP H.263 128x96 4:3 AAC mono
  • 3GPP H.263 176x144 16:9 crop AAC mono
  • 3GPP H.263 176x144 16:9 letterbox AAC mono
  • 3GPP H.263 176x144 4:3 AAC mono
  • 3GPP H.264 320x240 16:9 crop AAC stereo
  • 3GPP H.264 320x240 16:9 letterbox AAC stereo
  • 3GPP H.264 320x240 4:3 AAC stereo

Few months ago, I wrote a program to convert any Audio / Video Format . Unfortunately, I lost it (I have formatted my hard disk)

fr3t.png

Here is the code to convert any Video to 3gp (ffmpeg.exe)
Code:
[3GPP H.263 128x96 4:3 AAC mono]
params=-r 15 -b:v 64k -ac 1 -vf scale=128:96 -ar 16000 -b:a 32k -acodec libvo_aacenc -vcodec h263
extension=3gp
 
[3GPP H.263 176x144 16:9 crop AAC mono]
params=-r 15 -b:v 64k -ac 1 -vf scale=256:144,crop=iw-2*40 -ar 16000 -b:a 32k -acodec libvo_aacenc -vcodec h263
extension=3gp
 
[3GPP H.263 176x144 16:9 letterbox AAC mono]
params=-r 15 -b:v 64k -ac 1 -vf scale=176:100,pad=iw:ih+2*22:0:22 -ar 16000 -b:a 32k -acodec libvo_aacenc -vcodec h263
extension=3gp
 
[3GPP H.263 176x144 4:3 AAC mono]
params=-r 15 -b:v 64k -ac 1 -vf scale=176:132,pad=iw:ih+2*6:0:6 -ar 16000 -b:a 32k -acodec libvo_aacenc -vcodec h263
extension=3gp
 
[3GPP H.264 320x240 16:9 crop AAC stereo]
params=-r 15 -b:v 128k -vf scale=426:240,crop=iw-52-54:ih:52 -ar 22050 -b:a 64k -acodec libvo_aacenc -vcodec libx264 -coder 1 -flags +loop -cmp +chroma -partitions +parti4x4+partp8x8+partb8x8 -me_method hex -subq 6 -me_range 16 -g 250 -keyint_min 25 -sc_threshold 40 -i_qfactor 0.71 -b_strategy 1 -qcomp 0.6 -qmin 0 -qmax 69 -qdiff 4 -bf 3 -refs 3 -direct-pred 1 -trellis 1 -wpredp 2 -threads 0
extension=3gp
 
[3GPP H.264 320x240 16:9 letterbox AAC stereo]
params=-r 15 -b:v 128k -vf scale=320:180,pad=iw:ih+2*30:0:30 -ar 22050 -b:a 64k -acodec libvo_aacenc -vcodec libx264 -coder 1 -threads 0
extension=3gp
 
[3GPP H.264 320x240 4:3 AAC stereo]
params=-r 15 -b:v 128k -vf scale=320:240 -ar 22050 -b:a 64k -acodec libvo_aacenc -vcodec libx264 -coder 1 -threads 0
extension=3gp
 
a part of the video is load in ram, that's where you look. You put your compiled code in the file and it's loaded in the ram... (or a part... or something.. ahah)

Anyway, since there's sandboxing, it requires more then a user exploit like this... but it's still one open door... no? (if it's exploitable by any means)
 

Site & Scene News

Popular threads in this forum