Hacking [WIP] KARL3DS - Kernel access on N3DS via Ninjhax + Loadcode

[motezazer]

Don't even need to do that.

I thought Nintendo enginners were better...
They don't use a secure built-in version value?

 

[Nollog]

Ninjhax only hijacks a service or two from skater/spider (iirc), using cubic ninja as the entry point. That's your second example.
Your first example is different, it's using a vulnerability in spider itself as an entry point.

Installing an old version of skater is not terribly helpful, because none of the released versions ever had discovered entry points (could also be wrong about this too, just going from the past conversation).

Oh, so it just uses them as a downloader basically, not using the browsers to actually do anything?

I wasn't talking about installing an older skater, I think this is where I confused people, I as asking why skater wasn't used, since in my mind smellinum used it for his nunjahox the same way as gateway did, looks like that assumption was wrong, and that's why we haven't seen anything use skater.
That I was talking about that, at the same time as talking about getting an older spider installed, as a way to keep the exploit(we could install it ourselves anyway, since it'd be signed all proper and that) in emunand, and if possible in higher versions of system exploits, since they went to all the trouble of getting mset back.

It would be cute to have this massively franenstien'd up 3DS console with holes everywhere, imo.

It's not nice or productive to speak in a condescending tone to begin with, and it's even worse when you aren't 101% confident that you are correct. So please, for the sake of post quality, don't.

Because I asked if she was following me too much?
I thought so.

Also, doesn't stop anyone else. Just joining the crowd, since it's impossible to beat them.

 

[Le Citron Vert]

Obviously it was a typo..you most be the only one here who didnt realize it was suppose to be 'competition'..it was obvious so i'm not sure why you came here to quote this..anyway..

What the heck is a "most" ? :v

 

[motezazer]

Oh, so it just uses them as a downloader basically, not using the browsers to actually do anything?

I wasn't talking about installing an older skater, I think this is where I confused people, I as asking why skater wasn't used, since in my mind smellinum used it for his nunjahox the same way as gateway did, looks like that assumption was wrong, and that's why we haven't seen anything use skater.
That I was talking about that, at the same time as talking about getting an older spider installed, as a way to keep the exploit(we could install it ourselves anyway, since it'd be signed all proper and that) in emunand, and if possible in higher versions of system exploits, since they went to all the trouble of getting mset back.

It would be cute to have this massively franenstien'd up 3DS console with holes everywhere, imo.


Because I asked if she was following me too much?
I thought so.

Also, doesn't stop anyone else. Just joining the crowd, since it's impossible to beat them.

Ninjhax use Spider/Skater to overwrite things (it's complex to explain) and take over ro (it's crohax)
So Ninjhax executes code in Spider/Skater BUT that doesn't mean there is a flaw : Ninjhax has already code execution.
Gateway uses a webkit flaw in spider to GAIN ROP (flaw is mandatory)

 

[Dazzozo]

Oh, so it just uses them as a downloader basically, not using the browsers to actually do anything?

I wasn't talking about installing an older skater, I think this is where I confused people, I as asking why skater wasn't used, since in my mind smellinum used it for his nunjahox the same way as gateway did, looks like that assumption was wrong, and that's why we haven't seen anything use skater.
That I was talking about that, at the same time as talking about getting an older spider installed, as a way to keep the exploit(we could install it ourselves anyway, since it'd be signed all proper and that) in emunand, and if possible in higher versions of system exploits, since they went to all the trouble of getting mset back.

It would be cute to have this massively franenstien'd up 3DS console with holes everywhere, imo.


Because I asked if she was following me too much?
I thought so.

Also, doesn't stop anyone else. Just joining the crowd, since it's impossible to beat them.

It doesn't download anything through the browser, it has no need to, Cubic Ninja has access to http:C (which is how the second stage payload is downloaded for ninjhax). The spider/SKATER takeover is just for service handles.

 

[Alkéryn]

Oppen source karl that my only request and it would change the future of 3ds hacking since every one could participate

 

[Nollog]

Ninjhax use Spider/Skater to overwrite things (it's complex to explain) and take over ro (it's crohax)
So Ninjhax executes code in Spider/Skater BUT that doesn't mean there is a flaw : Ninjhax has already code execution.
Gateway uses a webkit flaw in spider to GAIN ROP (flaw is mandatory)

thank you

 

[motezazer]

Oppen source karl that my only request and it would change the future of 3ds hacking since every one could participate

It's not because you insist that they will accept.

They don't want piracy, so they close the source (bootstrap being an exception).
And piracy debate is closed.

 

[Dazzozo]

Oppen source karl that my only request and it would change the future of 3ds hacking since every one could participate

So people can do nothing useful with it, and just enable warez? Great!

 

[mmn]

Oppen source karl that my only request and it would change the future of 3ds hacking since every one could participate

Anyone with skills who wants access for motives other than piracy can probably just ask to be a part of the KARL team; that's pretty much what the team is for, dicking around inside the 3ds together. If all you have to do is ask to join and prove you aren't gonna blow the 3ds wide open for piracy, there really isn't any need for open source—Unless you're RMS.

 

[Maximilious]

Someone mind telling me what the "NCCH" is?

NCCH is the encryption scheme for games on the 3DS. They made one for 7.0 (hence 7.x encryption issues), again in 9.5 which failed miserably, and now again in 9.6 to fix the broken 9.5.

 

[Alkéryn]

Anyone with skills who wants access for motives other than piracy can probably just ask to be a part of the KARL team; that's pretty much what the team is for, dicking around inside the 3ds together. If all you have to do is ask to join and prove you aren't gonna blow the 3ds wide open for piracy, there really isn't any need for open source—Unless you're RMS.

Actually I'm learning C and asm (already code in c++ and others) but I just want to have fun with my 3ds and that could be a pretty good exercise
I don't want it for piracy and I'm not gonna share the code if I had it because it would give me no advantage so yeah~

 

[WulfyStylez]

Anyone with skills who wants access for motives other than piracy can probably just ask to be a part of the KARL team; that's pretty much what the team is for, dicking around inside the 3ds together. If all you have to do is ask to join and prove you aren't gonna blow the 3ds wide open for piracy, there really isn't any need for open source—Unless you're RMS.

We are not currently looking for any more members, or testers, or anything like that. Our team is static for a good handful of reasons.

This applies more than ever, actually, since we're sitting on a pile of undisclosed exploits now. Nothing's stopping you from making your own team, though! Just make sure you don't spend all your time and effort leeching around like a certain 'open-source' developer we know...

 

[Alkéryn]

So people can do nothing useful with it, and just enable warez? Great!

I just want to understand how 3ds work for fun ^^,not gonna do it for piracy and not gonna share anythings

 

[mmn]

This applies more than ever, actually, since we're sitting on a pile of undisclosed exploits now. Nothing's stopping you from making your own team, though! Just make sure you don't spend all your time and effort leeching around like a certain 'open-source' developer we know...

Oh. Well, I'm not sure how I feel about that, then. Makes sense on your end, though.

 

[Maximilious]

I just want to understand how 3ds work for fun ^^,not gonna do it for piracy and not gonna share anythings

And I once flew to the moon with nothing but a jetpack.

 

[Alkéryn]

And I once flew to the moon with nothing but a jetpack.

You too ?I thougth i was the only one =/

 

[WulfyStylez]

Here's me getting ARM11 from mset on sysnand. ROP hell. We'll be porting our launcher stuff to this entrypoint soon.

I'm tired as fuck (it's like 7AM here right now) so it didn't occur to me that you can't actually tell this is sysnand since i don't show cold boot, but w/e. You'll see it later probably.

 

[Zidapi]

Ninjhax only hijacks a service or two from skater/spider (iirc), using cubic ninja as the entry point. That's your second example.
Your first example is different, it's using a vulnerability in spider itself as an entry point.

Installing an old version of skater is not terribly helpful, because none of the released versions ever had discovered entry points (could also be wrong about this too, just going from the past conversation).

It's not nice or productive to speak in a condescending tone to begin with, and it's even worse when you aren't 101% confident that you are correct. So please, for the sake of post quality, don't.

I don't put people in their place with the same finesse you do. Thanks.

 

[puss2puss]

What the heck is a "most" ? :v

..what the heck is a heck?..