Hacking 3DS/Nintendo, HTTPS, and a new POODLE exploit...usable?

planetarian

planetarian

Well-Known Member
OP
Member
Level 4
Joined
Aug 5, 2014
Messages
143
Trophies
0
Age
37
XP
384
Country
United States
Edit: the 3DS service URLs are not vulnerable to this attack; nothing to see here.


OP:
So, this was discovered a few days ago:

http://arstechnica.com/security/201...sses-tls-crypto-bites-10-percent-of-websites/

I did a quick check and Nintendo.com is apparently vulnerable to this:
https://www.ssllabs.com/ssltest/analyze.html?d=nintendo.com
... which likely means that other Nintendo related domains (including those used by the 3DS for updates/etc) are vulnerable as well.

So, I'm not 100% familiar with SSL mechanisms and HTTPS encryption in general, but it does seem as though Ninty encrypting all of their communications has been one of the numerous roadblocks this community has had to deal with. Given my lack of familiarity on the subject, I hope to pose the question to the more knowledgeable members of the community before this vulnerability is plugged: Do you think this is exploitable for us in any way?
 
  • Like
Reactions: Margen67
Y

yuyuyup

Well-Known Member
Member
Level 12
Joined
Apr 30, 2006
Messages
3,810
Trophies
2
Location
USA MTN timezone
Website
Visit site
XP
3,290
Country
United States
POODLE exploit confirmed
eG42OTk1MTI=_o_nintendogs-cats-toy-poodle-new-friends-3d-3ds-rom-.jpg
 
  • Like
Reactions: filfat, Sirius64, Margen67 and 5 others
Celice

Celice

Well-Known Member
Member
Level 5
Joined
Jan 1, 2008
Messages
1,920
Trophies
1
XP
628
Country
United States
Pippin666 said:
The browser of the 3Ds is sandboxed right ??

Pip'
Click to expand...
So was the WiiU, but that didn't stop arbitrary memory changes in games, as as far as Mr. Bean et. all suggest, arbitrary file loading, from resource swapping to full-on back-up loading.

If this is a real exploit, the scene members will look into it, and we'll know something in the coming weeks.
 
  • Like
Reactions: Margen67
planetarian

planetarian

Well-Known Member
OP
Member
Level 4
Joined
Aug 5, 2014
Messages
143
Trophies
0
Age
37
XP
384
Country
United States
PhoenixWrightX : Please read more carefully, I wasn't saying that. I was wondering if the actual services used by the 3DS were vulnerable to the same exploit. Obviously Nintendo.com is meaningless to our efforts, but if one domain under a given company is vulnerable, others often are as well. That ended up not being the case here, but it was worth checking out.

Oishikatta : I expected as much; I was wondering if the ability to analyze communication directly might be of some utility.

einstein95 : Alrighty, that puts this subject to rest quite clearly. I find it rather unusual that they seemingly have different HTTPS configurations between their services, but props to them for keeping the actually important stuff more secure (though I admit I am somewhat baffled that they don't have a trusted SSL certificate...)
 
planetarian

planetarian

Well-Known Member
OP
Member
Level 4
Joined
Aug 5, 2014
Messages
143
Trophies
0
Age
37
XP
384
Country
United States
Friendsxix : this is actually a newly-discovered vulnerability regarding TLS, rather than SSLv3. TLS is supposed to have restrictions on whitespace (which is what the POODLE attack utilizes), but there are some servers that do not enforce these checks. Nintendo.com is still vulnerable, but the URLs used by 3DS services are not.
 
Friendsxix

Friendsxix

Introspective Potato
Member
Level 11
Joined
May 6, 2008
Messages
266
Trophies
1
Location
Best Hemisphere
XP
2,684
Country
United States
planetarian said:
Friendsxix : this is actually a newly-discovered vulnerability regarding TLS, rather than SSLv3. TLS is supposed to have restrictions on whitespace (which is what the POODLE attack utilizes), but there are some servers that do not enforce these checks. Nintendo.com is still vulnerable, but the URLs used by 3DS services are not.
Click to expand...
Check the page again: https://www.ssllabs.com/ssltest/analyze.html?d=nintendo.com
It says it is not vulnerable. >.>
Edit: Though it does say "Timeout" for "POODLE (TLS)," I swear earlier it said "POODLE (SSLv3)" was vulnerable. (When your thread was first made.)

EDIT#3: Retracting Edit#2 until I check it again. -.-

EDIT#4: Okay, clicked the wrong link in my history before, so edit 2 was wrong. However, just for fun, https://www.ssllabs.com/ssltest/analyze.html?d=npdl.cdn.nintendowifi.net is vulnerable. ("POODLE (SSLv3)")
 
planetarian

planetarian

Well-Known Member
OP
Member
Level 4
Joined
Aug 5, 2014
Messages
143
Trophies
0
Age
37
XP
384
Country
United States
Dunno. It's said this regarding nintendo.com (which, of course, is useless) for me the whole time:
3eca286244a2bdee4aa3778b8e5cea9f.png


And... once again I remain baffled at how inconsistent their HTTPS configuration is. lol
 
  • Like
Reactions: Friendsxix

Site & Scene News

Go to forum More news

Popular threads in this forum

Is it possible...?

After the 8th of April, will it still be possible to create a new NNID (Nintendo Network ID) and/or transfer a NNID from one console to another?

Need help

Hacking Homebrew  A new way to experience StreetPass

Hacking Homebrew  how to link pnid to 3ds/how to use juxtaposition?

Hacking  New 2ds Refuses to boot

Hacking Misc  VCRUNTIME140.dll UCRTBASED.dll Master Thread

Translation Project  DQM2SP translation

General chit-chat
Help Users
    Xdqwerty @ Xdqwerty: Why am I always late to the party?