Homebrew [Question] Would it be possible to send older firmware updates with a custom Server?

[human_kirby]

The thing is, we can block Nintendo server access with Tubehax DNS server, which makes me wonder, would we be able to redirect the 3ds via a DNS server to a custom server wich sends out "fake" new firmware, containing the old 9.2 one. Im not into hardware near coding nor networking and do not know if the updates are specialy decrypted. I mean, the concept is straight forward, so I wonder if its possible and if not, what is the thing preventing it.

 

[JustPingo]

No, because when you want to change NATIVE_FIRM, the new version is checked so it has to be bigger than what is installed.

 

[KFC Double Down]

I'm afraid not, to my memory firmware updates and such require a Nintendo-specific authentication key and nobody knows what the hell it is.

 

[human_kirby]

No, because when you want to change NATIVE_FIRM, the new version is checked so it has to be bigger than what is being installed.

Ok, thanks for the fast answer. And most likely it also is not possible to manipulate NATIVE_FIRM, right?

 

[JustPingo]

Ok, thanks for the fast answer. And most likely it also is not possible to manipulate NATIVE_FIRM, right?

Some apps can, some doesn't even check, but System Updater does. And by the way, I'm pretty sure System Updater also uses authentified SSL to communicate with Nintendo's server so you can't fake it.

 

[Ev1l0rd]

Some apps can, some doesn't even check, but System Updater does. And by the way, I'm pretty sure System Updater also uses authentified SSL to communicate with Nintendo's server so you can't fake it.

Is it impossible then to spoof the browser with a fake server? Does it check NATIVE_FIRM when doing this or not?

 

[JustPingo]

I don't understand what you mean.

 

[Ev1l0rd]

I don't understand what you mean.

Is it possible to spoof the browser nag that is currently bothering browserhax users? Because that would be interesting.

 

[Mrrraou]

Is it possible to spoof the browser nag that is currently bothering browserhax users? Because that would be interesting.

No. The thing that downloads and updates the system uses Nintendo's private encryption key which only Nintendo owns, and it checks everything at update.

 

[JustPingo]

I don't think so (even tho I didn't studied a lot the thing), because like I said the console uses authentified SSL, so you can't spoof what the server and the console are saying, and if the server says that there's an update, then you can't do much against it without already having code execution.

However I've seen some people managing to use it even with the blocker, no?

 

[Ev1l0rd]

I don't think so (even tho I didn't studied a lot the thing), because like I said the console uses authentified SSL, so you can't spoof what the server and the console are saying, and if the server says that there's an update, then you can't do much against it without already having code execution.

However I've seen some people managing to use it even with the blocker, no?

That's the weird part: Some users either had the Tubehax DNS still active, or have a new 3ds and speedy fingers to beat the internet check, hence the reason why I asked. I myself tried activating Tubehax DNS but it doesn't work.

 

[JustPingo]

Maybe because Nintendo devs made a security margin. If Nintendo's servers are lagguy, it might leave some time for it to respond, and so you can abuse that time. That's just a theory. If that's right tho, it sure can be patched in future updates.

 

[Ev1l0rd]

Maybe because Nintendo devs made a security margin. If Nintendo's servers are lagguy, it might leave some time for it to respond, and so you can abuse that time. That's just a theory.

I don't think so. It only works on a n3ds. o3ds users are out of luck. If nintendo's servers are lagging it should work on a o3ds as well right? The author that says this (and all the confirmers) give about a 20 second margin.

 

[JustPingo]

No, I mean, maybe the guys making skater made it so in case of Nintendo servers lagging, it would not punish the user instantly (and instead wait for the server to potentially respond). But I don't even have a console on 9.3+, so yeah, I don't really know much.