We found an "Exploitable Exploit"

NeoSlyde

Let us start the game
OP
Banned
Joined
Mar 6, 2015
Messages
1,899
Trophies
0
Location
Morocco
XP
2,564
Country
France
So today a guys named "migles" brought an idea! a good idea, there is his message:

"I FOUND A SECURITY BUG

YOU CAN SEND MIIS FROM THE WII TO 3DS,
DID ANYONE TRIED MIIFLOW? (mii+overflow, send overflow via mii to launch data)
OMG EXPLOIT!
"

----->That mean that if we put exploit code with mii+overflow in a wii and then send the mii to the 3ds that will launch it!

then another guys named "weatMod" said:

"thanks best korea
so i assume it works on latest FW right?
i never use MM so can you do it from another 3ds also?

i wonder if this was GW's original N3ds solution with mii maker perhaps they found a way to trigger the sameor similar bug without using a wii?
maybe they had setup spoofed sever?is that possible for someone to make a site that 3ds mii maker connects to and thinks it's a wii using miimaker and send it the overflow?
"

----->So if we found a trick to make a spoofed server that the 3ds Mii Maker that thinks that is using wii Mii Editor and send the Mii with the overflow without a Wii


So i think that is possible but we need some Devloppers and Hackers that can do it!
 

migles

All my gbatemp friends are now mods, except for me
Member
Joined
Sep 19, 2013
Messages
8,033
Trophies
0
Location
Earth-chan
XP
5,299
Country
China
i posted that on EOF, "edge of forum", where we play and just say random shit,
think of EOF like the kids sandbox where they can build castles and talk about the uncle who works at fbi... nothing is serious on there... i was just kidding.

TL;DR it was a joke, nothing on that area of the forum is serious, please don't startle the gateway hypetrain based on a joke
 
Last edited by migles,

NeoSlyde

Let us start the game
OP
Banned
Joined
Mar 6, 2015
Messages
1,899
Trophies
0
Location
Morocco
XP
2,564
Country
France
that was EOF, it means, edge of forum, where we play and just say random shit,
think of EOF like the kids sandbox where they can build castles and talk about the uncle who works at fbi...

TL;DD it was a joke, nothing on that area of the forum is serious, please don't startle the gateway witch
but your idea is possible
 

Mazamin

Well-Known Member
Member
Joined
Sep 4, 2014
Messages
1,895
Trophies
0
XP
3,063
Country
Italy
But we already have two entrypoints on 9.8: CN and OOT
The only problem is that we need another exploit to execute code, like rohax, gspwn...
 

GhostLatte

GBAtemp's Official Van Master™
Member
GBAtemp Patron
Joined
Mar 26, 2015
Messages
3,643
Trophies
3
Age
23
XP
11,025
Country
United States
Omg
Emoticon-Facepalm.gif
 

Gadorach

Electronics Engineering Technologist
Member
Joined
Jan 22, 2014
Messages
970
Trophies
0
Location
Canada
XP
956
Country
Canada
the Mii Maker Exploit ?
Even the real Mii Maker Exploit wouldn't work that way, in reference to Gateway's version. That's actually a working QR-Code based exploit, though it isn't public. The issue being that you need two exploits to take over a 3DS, or really any modern system. First, you need to take control of code execution at a low level. Think of it like stealing a car key. This is known as an "entry point", and is needed to set up and perform the next exploit. You can drive the car with just that, but you still don't own the car in the eyes of the law. The second exploit, the one that really matters, is a privilege escalation exploit to increase that process's rights in the system, and ultimately take over the console. You can think of it like forging the ownership documents for the car, and getting a government worker to sign off on it. You then "own" the car, and can sell it and keep it legally. Same idea, as we can then make the 3DS do whatever we want, within the console's abilities. The issue, is every time we reveal the best way to forge those ownership documents, the government changes them up and adds more security features, making it progressively harder to get your car signed off on. Same deal with the 3DS. That's why getting more entry points isn't either particularly useful right now, or required. We need more privilege escalation exploits before anything else. The top hackers have all given the current update a good hard look over though, and they say it's pretty solid. Don't expect a new one of those exploits to come out any time soon as a direct result. 9.2.0 will likely stay the definitive firmware for a good year minimum.
 

Mazamin

Well-Known Member
Member
Joined
Sep 4, 2014
Messages
1,895
Trophies
0
XP
3,063
Country
Italy
Even the real Mii Maker Exploit wouldn't work that way, in reference to Gateway's version. That's actually a working QR-Code based exploit, though it isn't public. The issue being that you need two exploits to take over a 3DS, or really any modern system. First, you need to take control of code execution at a low level. Think of it like stealing a car key. This is known as an "entry point", and is needed to set up and perform the next exploit. You can drive the car with just that, but you still don't own the car in the eyes of the law. The second exploit, the one that really matters, is a privilege escalation exploit to increase that process's rights in the system, and ultimately take over the console. You can think of it like forging the ownership documents for the car, and getting a government worker to sign off on it. You then "own" the car, and can sell it and keep it legally. Same idea, as we can then make the 3DS do whatever we want, within the console's abilities. The issue, is every time we reveal the best way to forge those ownership documents, the government changes them up and adds more security features, making it progressively harder to get your car signed off on. Same deal with the 3DS. That's why getting more entry points isn't either particularly useful right now, or required. We need more privilege escalation exploits before anything else. The top hackers have all given the current update a good hard look over though, and they say it's pretty solid. Don't expect a new one of those exploits to come out any time soon as a direct result. 9.2.0 will likely stay the definitive firmware for a good year minimum.
This is just what I was trying to explain :P
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
  • Veho @ Veho:
    Mkay.
  • Veho @ Veho:
    I just ordered another package from China just to spite you.
  • SylverReZ @ SylverReZ:
    Communism lol
  • SylverReZ @ SylverReZ:
    OUR products
  • The Real Jdbye @ The Real Jdbye:
    @LeoTCK actually good quality products are dying out because they can't compete with dropshipped chinese crap
    +2
  • BakerMan @ BakerMan:
    @LeoTCK is your partner the sascrotch or smth?
  • Xdqwerty @ Xdqwerty:
    Good morning
  • Xdqwerty @ Xdqwerty:
    Out of nowhere I got several scars on my forearm and part of my arm and it really itches.
  • AdRoz78 @ AdRoz78:
    Hey, I bought a modchip today and it says "New 2040plus" in the top left corner. Is this a legit chip or was I scammed?
  • Veho @ Veho:
    @AdRoz78 start a thread and post a photo of the chip.
    +2
  • Xdqwerty @ Xdqwerty:
    Yawn
  • S @ salazarcosplay:
    and good morning everyone
    +1
  • K3Nv2 @ K3Nv2:
    @BakerMan, his partner is Luke
  • Sicklyboy @ Sicklyboy:
    Sup nerds
    +1
  • Flame @ Flame:
    oh hi, Sickly
  • K3Nv2 @ K3Nv2:
    Oh hi flame
  • S @ salazarcosplay:
    @K3Nv2 what was your ps4 situation
  • S @ salazarcosplay:
    did you always have a ps4 you never updated
  • S @ salazarcosplay:
    or were you able to get new ps4 tracking it \
    as soon as the hack was announced
  • S @ salazarcosplay:
    or did you have to find a used one with the lower firm ware that was not updated
  • K3Nv2 @ K3Nv2:
    I got this ps4 at launch and never updated since 9.0
  • K3Nv2 @ K3Nv2:
    You got a good chance of buying a used one and asking the seller how often they used or even ask for a Pic of fw and telling them not to update
    K3Nv2 @ K3Nv2: You got a good chance of buying a used one and asking the seller how often they used or even ask...