Hacking 3DS Hacking Ideas: Post Your Ideas Here!

DarkenSX

DarkenSX

Well-Known Member
Member
Level 4
Joined
Mar 28, 2009
Messages
109
Trophies
0
Age
38
Location
Earth
XP
445
Country
United States
Heres an idea while we (We as in General Console Hacking scene ( psp, ds, ps3 blah blah blah blah)) have used in the past the tiff exploit which really is not usful anymore to execute code or create an exploit point...
Why not use the video player as a way... But Dark you yell at me it has a proprietary format with no exploit!!! while yes this is true (starting from that format) we forget we can convert our movies to that format... so what about injecting code into a movie converting it (may require a converter from the scene that ignores the code and converts it regardless not sure :S ) and attempting to run / play the file. ( on PC wma file used to always have virus injected into them and media player would still play it and *Cough* Destroy your pc) fact is video files and audio file have this ability more then the tiff file question is can it be applied to the 3ds in some form? either audio or video... or the videos audio channel.
 
C

cloud1250000

Well-Known Member
Newcomer
Level 2
Joined
Dec 18, 2008
Messages
81
Trophies
0
XP
209
Country
Canada
impossible. When converting your video, the converter will notice there`s a problem with it and stop the conversion. The only way to launch a modded video would be with the youtube application hack to launch anykind of video.
 
Duo8

Duo8

Well-Known Member
Member
Level 12
Joined
Jul 16, 2013
Messages
3,613
Trophies
2
XP
3,032
Country
Vietnam
DarkenSX said:
Heres an idea while we (We as in General Console Hacking scene ( psp, ds, ps3 blah blah blah blah)) have used in the past the tiff exploit which really is not usful anymore to execute code or create an exploit point...
Why not use the video player as a way... But Dark you yell at me it has a proprietary format with no exploit!!! while yes this is true (starting from that format) we forget we can convert our movies to that format... so what about injecting code into a movie converting it (may require a converter from the scene that ignores the code and converts it regardless not sure :S ) and attempting to run / play the file. ( on PC wma file used to always have virus injected into them and media player would still play it and *Cough* Destroy your pc) fact is video files and audio file have this ability more then the tiff file question is can it be applied to the 3ds in some form? either audio or video... or the videos audio channel.
Click to expand...

It's not proprietary. It's just some common video format, but in 3D.
Also, we could just get a random video that the 3DS would read and inject code into it directly. No "converter" is needed.
Problem is, it is likely the 3DS camera app can already handle "corrupted" files like this.
Only hope is that amazingly badly-coded YouTube app.
 
  • Like
Reactions: cloud1250000
D

Devrim

Well-Known Member
Member
Level 5
Joined
Mar 2, 2014
Messages
113
Trophies
0
Age
54
XP
554
Country
Netherlands
Duo8 said:
It's not proprietary. It's just some common video format, but in 3D.
Also, we could just get a random video that the 3DS would read and inject code into it directly. No "converter" is needed.
Problem is, it is likely the 3DS camera app can already handle "corrupted" files like this.
Only hope is that amazingly badly-coded YouTube app.
Click to expand...

It is possible to run video's outside youtube from the youtube app. So you would only need a vid with injected code to try and see if it works. The app is based on the browser of the 3ds and supports .mp4 with H264 video. To play the video you only need to create a HTML5 page and put the vid between <video>
 
Apache Thunder

Apache Thunder

I have cameras in your head!
Member
Level 17
Joined
Oct 7, 2007
Messages
4,434
Trophies
3
Age
36
Location
Levelland, Texas
Website
www.mariopc.co.nr
XP
6,809
Country
United States
I'm curious as to if this has any application to the 3DS. 3DS uses RSA encryption yes?

RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis

This was used to exploit laptops, but nothing in there says a 3DS would by any more immune then a laptop. Unless the lower power consumption of the 3DS makes this more difficult? I would think it would be easier since there's no fans or other moving parts in the 3DS that operate while the console is powered up.
 
Duo8

Duo8

Well-Known Member
Member
Level 12
Joined
Jul 16, 2013
Messages
3,613
Trophies
2
XP
3,032
Country
Vietnam
Apache Thunder said:
I'm curious as to if this has any application to the 3DS. 3DS uses RSA encryption yes?

RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis

This was used to exploit laptops, but nothing in there says a 3DS would by any more immune then a laptop. Unless the lower power consumption of the 3DS makes this more difficult? I would think it would be easier since there's no fans or other moving parts in the 3DS that operate while the console is powered up.
Click to expand...

I did bring this up a few months back. It's difficult because the 3DS uses a low power SoC instead of a full CPU like in the example. Not to mention it's hard to pull off.
 
X_Frost

X_Frost

Well-Known Member
Member
Level 3
Joined
Aug 30, 2011
Messages
129
Trophies
0
XP
360
Country
United States
I'm not a programmer and have no experience at all but would it be possible to use DLC from a game to launch an exploit, using it to redirect access to the SD card, and launch from there.

If Launching from 3ds home-brew from there, unless corrected, you could do so without the need to use an exploit on regular ds firmware, removing the need to relaunch when using ds mode, right?

If the idea has been presented, and debunked, I apologize for sounding foolish.
 
lambstone

lambstone

No. Nyet. 不. Non. Nein.
Banned
Level 3
Joined
Aug 14, 2011
Messages
614
Trophies
0
XP
310
Country
X_Frost said:
I'm not a programmer and have no experience at all but would it be possible to use DLC from a game to launch an exploit, using it to redirect access to the SD card, and launch from there.

If Launching from 3ds home-brew from there, unless corrected, you could do so without the need to use an exploit on regular ds firmware, removing the need to relaunch when using ds mode, right?

If the idea has been presented, and debunked, I apologize for sounding foolish.
Click to expand...

You don't launch exploits. You make use of it, exploits are found not created. You can't just say to use a DLC to launch an exploit. It's like trying to cook something by freezing it.
 
  • Like
Reactions: pelago
X_Frost

X_Frost

Well-Known Member
Member
Level 3
Joined
Aug 30, 2011
Messages
129
Trophies
0
XP
360
Country
United States
lambstone said:
You don't launch exploits. You make use of it, exploits are found not created. You can't just say to use a DLC to launch an exploit. It's like trying to cook something by freezing it.
Click to expand...

Thanks for the clarification. I meant to say find an exploit similar to how to installing the Home-brew channel on Wii, using DLC in place of a letterbomb.
 
Duo8

Duo8

Well-Known Member
Member
Level 12
Joined
Jul 16, 2013
Messages
3,613
Trophies
2
XP
3,032
Country
Vietnam
X_Frost said:
Thanks for the clarification. I meant to say find an exploit similar to how to installing the Home-brew channel on Wii, using DLC in place of a letterbomb.
Click to expand...

DLCs are as secure as normal titles. And normal titles are very secure.

Thunderking>9000 said:
When the firmware gets decrypted and stored somewhere (nand?), can't we dump it from there?
Click to expand...

Dump what? We can already dump NAND but encrypted.
 
T

Thunderking>9000

New Member
Newbie
Level 1
Joined
Dec 30, 2013
Messages
4
Trophies
0
Age
26
XP
53
Country
Netherlands
Duo8 said:
Well, you can dump part of it if it's loaded into memory.
Click to expand...
Okay, and would it be possible to modify a small part of the firmware to f.e. disable a rom decryptor/legitimacy check jump? Would this allow running homebrew/hacks/fan translations (maybe even from the sd card)?
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew  A new way to experience StreetPass

Hacking Hardware  New Nintendo 3DS XL Louvre

Emulation  i have citra, i have my aes keys installed, how do i get the home menu

Hardware  Why does my 3DS take so long to turn off?

What's the best 3DS emulator (especially after Citra's shutdown)?

Tutorial  How to fix 007-2001

can't download system files on citra because im "not connected to the internet"

gacube emeleter

General chit-chat
Help Users
  • K3Nv2 @ K3Nv2:
    I'll reformat and have a 3tb raid0 m. 2 at least
     +1
  • K3Nv2 @ K3Nv2:
    Lmao that sold out fast
     +1
  • Veho @ Veho:
    https://i.imgur.com/h0w1HLp.mp4
     +1
  • Veho @ Veho:
    Yeet the cat.
     +1
  • K3Nv2 @ K3Nv2:
    Good idea
     +1
  • K3Nv2 @ K3Nv2:
    https://youtu.be/9kE3Env_2AY?si=Bs6lUZ0ZIlqmYaGT
     +1
  • Psionic Roshambo @ Psionic Roshambo:
    https://youtu.be/TECN1Gm7j3A?si=XwYKYHKwxoMNdFqN
  • Veho @ Veho:
    https://i.imgur.com/7bH4YgV.mp4
  • The Real Jdbye @ The Real Jdbye:
    i thought everybody knew cocktails are like 75% ice
  • Veho @ Veho:
    Yeah but not like this.
  • Veho @ Veho:
    It's not like they're complaining that their Slurpee is 99% ice or something, but if the cocktail calls for "shot of vodka, shot of vermouth, shot of gin, shot of Campari, three shots of juice, squirt of lemon" and ends up being a thimbleful of booze, that's a problem.
  • The Real Jdbye @ The Real Jdbye:
    the funny thing is cocktails in norway are only allowed to have 1 20ml shot of booze
  • The Real Jdbye @ The Real Jdbye:
    so..... yeah
  • The Real Jdbye @ The Real Jdbye:
    we're used to only having a thimbleful of booze
  • Veho @ Veho:
    Booo.
  • The Real Jdbye @ The Real Jdbye:
    same thing if you want whisky on the rocks or something, you can't get a double
  • The Real Jdbye @ The Real Jdbye:
    but you could buy as many shots of whisky (or anything else) as you want and ask for a glass of ice and pour them in
  • The Real Jdbye @ The Real Jdbye:
    it's dumb
  • Veho @ Veho:
    Maybe.
  • Veho @ Veho:
    There was a comparison of the number of Ibuprofen poisonings before and after they limited the maximum dosage per box or per pill (i'll look that up). No limit on the number of boxes you can still buy as many as you want, so people argued it was pointless.
  • Veho @ Veho:
    But the number of (accidental) poisonings dropped because drinking an entire package of ibuprofen pills went from "I need a new liver" to "I need a new box of Ibuprofen".
  • Veho @ Veho:
    Here we have ketoprofen that used to be prescription-only because of the risk of toxic dosages, but then they halved the dose per pill and sell them in bottles of six pills apiece instead of twenty and it doesn't need a prescription any more. Yes you can buy more than one bottle but people simply don't.
  • Psionic Roshambo @ Psionic Roshambo:
    Usually accidentally overdose of ibuprofen here is from people taking like cold medicine then ibuprofen for a headache and the combination is over what they need
  • Psionic Roshambo @ Psionic Roshambo:
    https://www.youtube.com/watch?v=1hp24nDVKvY
  • Veho @ Veho:
    https://imgur.com/gallery/QQkYnQu
    Veho @ Veho: https://imgur.com/gallery/QQkYnQu