ROM Hack SSL Stripping?

gudenau

gudenau

Largely ignored
OP
Member
Level 16
Joined
Jul 7, 2010
Messages
3,882
Trophies
2
Location
/dev/random
Website
www.gudenau.net
XP
5,429
Country
United States
Is there a public way to strip the SSL of all of the 3DS internet connections? I think it would be useful to strip the SSL layer and create a proxy on a PC to dump the internet traffic and re-add the SSL with the keys on the 3DS; this would make it look like a normal 3DS to Ninty and allow us to reverse the protocols at the same time.
 
T

Twilight Princess

New Member
Newbie
Level 1
Joined
Sep 19, 2015
Messages
3
Trophies
0
Age
32
XP
50
Country
SSL strip doesn't work because the server only responds to https requests, the best way to see the transparent content is by intercepting the traffic, you can use wireshark or burpsuite for this with a self-signed certificate, though, I'm not sure if the 3DS requires a valid certificate to connect, and either way, what you want to accomplish with this?...
 
shinyquagsire23

shinyquagsire23

SALT/Sm4sh Leak Guy
Member
Level 13
Joined
Nov 18, 2012
Messages
1,977
Trophies
2
Age
26
Location
Las Vegas
XP
3,765
Country
United States
It's definitely possible, but creating a modified SSL module with another cert injected into it is difficult to recover from if done incorrectly, and current CFWs don't have easy ways of restoring a proper copy in the event that you're locked out of launching apps from the menu.
 
gudenau

gudenau

Largely ignored
OP
Member
Level 16
Joined
Jul 7, 2010
Messages
3,882
Trophies
2
Location
/dev/random
Website
www.gudenau.net
XP
5,429
Country
United States
Twilight Princess said:
SSL strip doesn't work because the server only responds to https requests, the best way to see the transparent content is by intercepting the traffic, you can use wireshark or burpsuite for this with a self-signed certificate, though, I'm not sure if the 3DS requires a valid certificate to connect, and either way, what you want to accomplish with this?...
Click to expand...

shinyquagsire23 said:
It's definitely possible, but creating a modified SSL module with another cert injected into it is difficult to recover from if done incorrectly, and current CFWs don't have easy ways of restoring a proper copy in the event that you're locked out of launching apps from the menu.
Click to expand...

Which is why I think we could dump the 3DS certs and add the SSL layer on the PC, so we do not need to change the certs on the 3DS.

--------------------- MERGED ---------------------------

Hrm, this could be usefull...
 
S

Suiginou

(null)
Member
Level 6
Joined
Jun 26, 2012
Messages
565
Trophies
0
Location
pc + 8
XP
738
Country
Gambia, The
gudenaurock said:
Which is why I think we could dump the 3DS certs and add the SSL layer on the PC, so we do not need to change the certs on the 3DS.
Click to expand...

Dumping and decrypting the cert is already possible.

Hrm, this could be usefull...
Click to expand...

*useful

Nope. If you're removing the SSL layer, there won't be any CA in the first place anymore.

What it can do is add a trusted cert to one connection; so instead of removing SSL entirely, you could instead hijack DNS, redirect requests to your own server for which you have a valid CA and individual certs per-domain signed by the CA. Then you'd need to make the ssl module call do what AddTrustedRootCert does whenever it's accessing your hijacked domain/IP before trying to connect.

Alternative solution: Edit the exefs of the process/module you want to inspect and install that; pretty much everywhere, they're URLs in the form of https://addr/, where you can just replace https with http and the code usually figures out how to deal with it. Remember to add padding at the end of the string to keep offsets the same. Then you'll need a piece of code on your server that proxies the connection to the Nintendo servers, with ClCertA if needed.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew  A new way to experience StreetPass

Hacking Hardware  New Nintendo 3DS XL Louvre

Hardware  Why does my 3DS take so long to turn off?

What's the best 3DS emulator (especially after Citra's shutdown)?

Tutorial  How to fix 007-2001

can't download system files on citra because im "not connected to the internet"

gacube emeleter

So what's the current state of hacking and freeshop?

General chit-chat
Help Users
    Sonic Angel Knight @ Sonic Angel Knight: That boi burning up, gonna melt those snowflakes.