We found an "Exploitable Exploit"

NeoSlyde

NeoSlyde

Let us start the game
OP
Banned
Level 11
Joined
Mar 6, 2015
Messages
1,899
Trophies
0
Location
Morocco
XP
2,565
Country
France
So today a guys named "migles" brought an idea! a good idea, there is his message:

"I FOUND A SECURITY BUG

YOU CAN SEND MIIS FROM THE WII TO 3DS,
DID ANYONE TRIED MIIFLOW? (mii+overflow, send overflow via mii to launch data)
OMG EXPLOIT!"

----->That mean that if we put exploit code with mii+overflow in a wii and then send the mii to the 3ds that will launch it!

then another guys named "weatMod" said:

"thanks best korea
so i assume it works on latest FW right?
i never use MM so can you do it from another 3ds also?

i wonder if this was GW's original N3ds solution with mii maker perhaps they found a way to trigger the sameor similar bug without using a wii?
maybe they had setup spoofed sever?is that possible for someone to make a site that 3ds mii maker connects to and thinks it's a wii using miimaker and send it the overflow?"

----->So if we found a trick to make a spoofed server that the 3ds Mii Maker that thinks that is using wii Mii Editor and send the Mii with the overflow without a Wii


So i think that is possible but we need some Devloppers and Hackers that can do it!
 
migles

migles

All my gbatemp friends are now mods, except for me
Member
Level 15
Joined
Sep 19, 2013
Messages
8,033
Trophies
0
Location
Earth-chan
XP
5,299
Country
China
i posted that on EOF, "edge of forum", where we play and just say random shit,
think of EOF like the kids sandbox where they can build castles and talk about the uncle who works at fbi... nothing is serious on there... i was just kidding.

TL;DR it was a joke, nothing on that area of the forum is serious, please don't startle the gateway hypetrain based on a joke
 
Last edited by migles,
NeoSlyde

NeoSlyde

Let us start the game
OP
Banned
Level 11
Joined
Mar 6, 2015
Messages
1,899
Trophies
0
Location
Morocco
XP
2,565
Country
France
migles said:
that was EOF, it means, edge of forum, where we play and just say random shit,
think of EOF like the kids sandbox where they can build castles and talk about the uncle who works at fbi...

TL;DD it was a joke, nothing on that area of the forum is serious, please don't startle the gateway witch
Click to expand...
but your idea is possible
 
Mazamin

Mazamin

Well-Known Member
Member
Level 12
Joined
Sep 4, 2014
Messages
1,895
Trophies
0
XP
3,088
Country
Italy
But we already have two entrypoints on 9.8: CN and OOT
The only problem is that we need another exploit to execute code, like rohax, gspwn...
 
GhostLatte

GhostLatte

GBAtemp's Official Van Master™
Member
GBAtemp Patron
Level 21
Joined
Mar 26, 2015
Messages
3,645
Trophies
3
Age
24
XP
11,111
Country
United States
Omg
Emoticon-Facepalm.gif
 
Gadorach

Gadorach

Electronics Engineering Technologist
Member
Level 6
Joined
Jan 22, 2014
Messages
970
Trophies
0
Location
Canada
XP
956
Country
Canada
NeoSlyde said:
the Mii Maker Exploit ?
Click to expand...
Even the real Mii Maker Exploit wouldn't work that way, in reference to Gateway's version. That's actually a working QR-Code based exploit, though it isn't public. The issue being that you need two exploits to take over a 3DS, or really any modern system. First, you need to take control of code execution at a low level. Think of it like stealing a car key. This is known as an "entry point", and is needed to set up and perform the next exploit. You can drive the car with just that, but you still don't own the car in the eyes of the law. The second exploit, the one that really matters, is a privilege escalation exploit to increase that process's rights in the system, and ultimately take over the console. You can think of it like forging the ownership documents for the car, and getting a government worker to sign off on it. You then "own" the car, and can sell it and keep it legally. Same idea, as we can then make the 3DS do whatever we want, within the console's abilities. The issue, is every time we reveal the best way to forge those ownership documents, the government changes them up and adds more security features, making it progressively harder to get your car signed off on. Same deal with the 3DS. That's why getting more entry points isn't either particularly useful right now, or required. We need more privilege escalation exploits before anything else. The top hackers have all given the current update a good hard look over though, and they say it's pretty solid. Don't expect a new one of those exploits to come out any time soon as a direct result. 9.2.0 will likely stay the definitive firmware for a good year minimum.
 
  • Like
Reactions: DarkFlare69 and Obi123
Mazamin

Mazamin

Well-Known Member
Member
Level 12
Joined
Sep 4, 2014
Messages
1,895
Trophies
0
XP
3,088
Country
Italy
Gadorach said:
Even the real Mii Maker Exploit wouldn't work that way, in reference to Gateway's version. That's actually a working QR-Code based exploit, though it isn't public. The issue being that you need two exploits to take over a 3DS, or really any modern system. First, you need to take control of code execution at a low level. Think of it like stealing a car key. This is known as an "entry point", and is needed to set up and perform the next exploit. You can drive the car with just that, but you still don't own the car in the eyes of the law. The second exploit, the one that really matters, is a privilege escalation exploit to increase that process's rights in the system, and ultimately take over the console. You can think of it like forging the ownership documents for the car, and getting a government worker to sign off on it. You then "own" the car, and can sell it and keep it legally. Same idea, as we can then make the 3DS do whatever we want, within the console's abilities. The issue, is every time we reveal the best way to forge those ownership documents, the government changes them up and adds more security features, making it progressively harder to get your car signed off on. Same deal with the 3DS. That's why getting more entry points isn't either particularly useful right now, or required. We need more privilege escalation exploits before anything else. The top hackers have all given the current update a good hard look over though, and they say it's pretty solid. Don't expect a new one of those exploits to come out any time soon as a direct result. 9.2.0 will likely stay the definitive firmware for a good year minimum.
Click to expand...
This is just what I was trying to explain :P
 

Site & Scene News

Go to forum More news

Popular threads in this forum

OFFICIAL : Nintendo Unveils Revolutionary Hybrid Console: Switch U! Brings Wii U Back to Life

I was on the wanted list

Anyone else think the world inside Conspiracy theorists heads sounds like a lot of fun?

Review  My (Braddu) Pitchu to Sega

I buy souls for big bucks...

It's 420

Test  Guess what

eof

General chit-chat
Help Users
  • K3Nv2 @ K3Nv2:
    10 tabs open on chrome and no slow downs suck it low ram plebs lol
  • Veho @ Veho:
    Firefox users be like "look at what they have to do to mimic a fraction of our power."
  • K3Nv2 @ K3Nv2:
    they be like which lite firefox exe pls
  • Veho @ Veho:
    Wut.
  • Maximumbeans @ Maximumbeans:
    GM all
  • K3Nv2 @ K3Nv2:
    butt
  • Maximumbeans @ Maximumbeans:
    butte
  • SylverReZ @ SylverReZ:
    douche
  • Veho @ Veho:
    Touché.
  • SylverReZ @ SylverReZ:
    https://www.youtube.com/watch?v=vCadcBR95oU
  • SylverReZ @ SylverReZ:
    Push it :creep:
  • Veho @ Veho:
    https://i.imgur.com/T0X6JND.jpg
     +1
  • Veho @ Veho:
    Talk about propaganda.
  • Veho @ Veho:
    Illinois is working to ban toxic food additives that have been banned for decades in other countries; additives that can be replaced and all those countries still have Skittles and Mountain Dew. Title of the piece: GUBMINT WANTS TO TAKE AWAY YOUR CANDY
  • Veho @ Veho:
    Gee, I wonder if the author is biased?
  • SylverReZ @ SylverReZ:
    @Veho, Sounds and smells like bullshit. They don't give you cancer, and California should know that. I don't get why they stick labels that say "may or may not cause reproductive harm or cancer".
  • Veho @ Veho:
    Arsenic doesn't give you cancer either.
     +1
  • Veho @ Veho:
    California has already banned those additives BTW.
     +1
  • Psionic Roshambo @ Psionic Roshambo:
    https://www.youtube.com/shorts/uTiClR8keU4
  • Veho @ Veho:
    Psi has been banned in the state of California.
     +1
  • Psionic Roshambo @ Psionic Roshambo:
    I am the cancer!!! lol
  • Psionic Roshambo @ Psionic Roshambo:
    Yayyy got arcade games on the Pi working lol
  • Veho @ Veho:
    Cool.
  • Psionic Roshambo @ Psionic Roshambo:
    Now to spend 6 months deleting all the garbage lol
  • Psionic Roshambo @ Psionic Roshambo:
    Mame should be two sets one for preservation of everything and one set for people who just want to play and enjoy the old old ganes
    Psionic Roshambo @ Psionic Roshambo: Mame should be two sets one for preservation of everything and one set for people who just want...