Hardware Is there any "3DS Bricker"?

[MegaGenesis]

Some time ago i heard about malware-like programs (disguised as games ROMs) for the NDS called "DS Brickers". They essentially corrupt the OS, bricking the console. I also heard some of them work on the 3DS (corrupting the TWLNAND). Now, is there such thing made for the 3DS?

 

[Blue]

Afaik the only malicious homebrew application in 3DS history is a spyware called UnbanMii. Plus in most cases you can restore a NAND backup if you were to get bricked.

 

[zoogie]

We've been pretty lucky not to have anyone make a bricker in this scene yet (at least a publicly known one).

It's definitely possible, even from userland, so be careful and only download homebrew from trusted open source projects.
And if you have to pirate, it'd be a good idea to check the executable out in Citra first or wait for forum responses when something is freshly uploaded.

 

[MegaGenesis]

We've been pretty lucky not to have anyone make a bricker in this scene yet (at least any well known one).

It's definitely possible, even from userland so be careful and only download homebrew from trusted open source projects.
And if you have to pirate, it'd be a good idea to check the executable out in Citra first or wait for forum responses when something freshly uploaded.

Oh, thanks for the tip. I never tried 3DS emulation. Thats one good to use, i guess. I program to look inside the .cia file would be good to. Like Ultra ISO can look inside .bin files.

 

[yacepi15]

3DSLink/R4i Gold 3DS Deluxe Edition/Gateway 2.0b2. But that is water under the bridge and there is not any known bricker to be afraid of yet.

 

[Hayato213]

Hex edit your nand in Godmode9 if you want to brick it

 

[thekarter104]

Afaik the only malicious homebrew application in 3DS history is a spyware called UnbanMii. Plus in most cases you can restore a NAND backup if you were to get bricked.

What happens to the 3DS when that app is installed? I'm curious now ^^

 

[TurdPooCharger]

Some time ago i heard about malware-like programs (disguised as games ROMs) for the NDS called "DS Brickers". They essentially corrupt the OS, bricking the console. I also heard some of them work on the 3DS (corrupting the TWLNAND). Now, is there such thing made for the 3DS?

DS Bricker can brick the 3DS (TWL firm)*.

• Recover DS mode after an NVRAM "brick" (eg after using a DS Bricker)

Shared by @NFates in another thread here. Within the Hispanic 3DS modding community:

• [r/3dshacks] Famous Colombian Youtuber causes brick of at least 1000 3ds consoles by editing the files to downgrade to 2.1 from 11.2

*****
*****

Freebrew - ??

• I had free brew give me an error and now a fakebrick screen pops up for a second

*****
*****

The three below are not malware.

MCU Bricker or RGB_rave.cia. This one doesn't actually brick your 3DS but does demonstrate how a real MCU brick looks like. See @Sono's post #15 below.


fefoSheep - A funny take on freeShop.

fefoSheep is the superior frii gam app

BrickedMode9 - April fool's edition of GodMode9 styled after the infamous hardmod bootrom brick.

What happens to the 3DS when that app is installed? I'm curious now ^^

Your 3DS console's soul gets stolen by the Themely devil. Your 3DS gets accused of bad deeds it didn't commit in online play or elsewhere. Nevertheless, the almighty Nintendo will smite your handheld with the ban hammer.

• http://malware.wikia.com/wiki/UnbanMii
• UnbanMii 2.0 technical writeup
• [YouTube] Unbanmii 2.0 - First 3DS Malware or Just a Mistake? | #Pixelnews
• [r/3dshacks] Warning for anyone thinking of using unbanmii

 

[MegaGenesis]

Wow, i wasn't expecting so many responses. Now to think about it, what would happen when you run a DS Bricker on a NDS emulator, like DeSmuME?

 

[Kubas_inko]

If you can find homebrew which dissables/changes the LED light (and downgrade to 8.0 and lower I think), you can get MCU brick, which is unrecoverable (iirc).

 

[Sono]

Yes, there are 3DS brickers, but all of them brick the NAND only and are recoverable (except one case where if you have a specific piece of hardware in the 3DS you could permanently render it by doing an undocumented behavior on it).

As for MCU brickers, there have been unsuccessful attempts, and some have been completely lost from existance without anyone running them, so we don't know if those were functional at all.

Afaik the only malicious homebrew application in 3DS history is a spyware called UnbanMii. Plus in most cases you can restore a NAND backup if you were to get bricked.

It doesn't brick your 3DS. The (questionable) files it uploaded were used to check if someone is using a real 3DS or someone is trying to hack into the system with garbage data. Now that the UnbanMii servers are dead, it's completely harmless.

What happens to the 3DS when that app is installed? I'm curious now ^^

Absolutely nothing. The servers are dead, so it should just error out and not do anything.

• http://malware.wikia.com/wiki/UnbanMii
• UnbanMii 2.0 technical writeup
• [YouTube] Unbanmii 2.0 - First 3DS Malware or Just a Mistake? | #Pixelnews
• [r/3dshacks] Warning for anyone thinking of using unbanmii

I remember the malware.wikia of UnbanMii conaining some bullshit, so take that with a grain of salt.
Edit: it seems like someone has updated the malware.wikia page since my last visit, so ignore this block.

If you can find homebrew which dissables/changes the LED light (and downgrade to 8.0 and lower I think), you can get MCU brick, which is unrecoverable (iirc).

That was just a joke to make people not stay on 4.5 with menuhax rxTools. Even though old MCU versions were filled with bugs, running my joke program on it did nothing. Remember, THERE IS NO SUCH THING AS INVALID RGB COLOR!
As for why I said 8.x is the safe point, it's because the mcu sysmodule was updated at that version, even though MCU_FIRM itself hasn't been updated in a year when it came out. So technically the latest MCU_FIRM was released in the 7.x system update.

 

[Kubas_inko]

Yes, there are 3DS brickers, but all of them brick the NAND only and are recoverable (except when the eMMC controller is locked read-only, but it only works with a specific NAND chip and I'm not aware of anyone knowing how to do it).

As for MCU brickers, there have been unsuccessful attempts, and some have been completely lost from existance without anyone running them, so we don't know if those were functional at all.



It doesn't brick your 3DS. The (questionable) files it uploaded were used to check if someone is using a real 3DS or someone is trying to hack into the system with garbage data. Now that the UnbanMii servers are dead, it's completely harmless.



Absolutely nothing. The servers are dead, so it should just error out and not do anything.



I remember the malware.wikia of UnbanMii conaining some bullshit, so take that with a grain of salt.



That was just a joke to make people not stay on 4.5 with menuhax rxTools. Even though old MCU versions were filled with bugs, running my joke program on it did nothing. Remember, THERE IS NO SUCH THING AS INVALID RGB COLOR!
As for why I said 8.x is the safe point, it's because the mcu sysmodule was updated at that version, even though MCU_FIRM itself hasn't been updated in a year when it came out. So technically the latest MCU_FIRM was released in the 7.x system update.

I am not talking about your joke program. But if you go to 8.0 and lower, start playing with mcu and remove power, you can fry the mcu firmware.

 

[Sono]

I am not talking about your joke program. But if you go to 8.0 and lower, start playing with mcu and remove power, you can fry the mcu firmware.

No, you can't. MCU_FIRM doesn't get downgraded by the mcu sysmodule.

Edit: I have reverse engineered the mcu sysmodule (just look at 3dbrew) and in the (very very long) process of reverse engineering 3 versions of MCU_FIRM, and I can assure you that you can't brick the MCU unintentionally if you downgrade to 8.x or below. I have not tested this below 2.1 though, but I have downgraded my original old3DS from 11.0 to 1.0 and it still works.

 

[SomeGamer]

No, you can't. MCU_FIRM doesn't get downgraded by the mcu sysmodule.

Edit: I have reverse engineered the mcu sysmodule (just look at 3dbrew) and in the (very very long) process of reverse engineering 3 versions of MCU_FIRM, and I can assure you that you can't brick the MCU unintentionally if you downgrade to 8.x or below. I have not tested this below 2.1 though, but I have downgraded my original old3DS from 11.0 to 1.0 and it still works.

Slightly off-topic but figured I'd ask. After spending so much timt with studying the MCU have you figured out what caused N3DSes bricking when put into sleep mode on 2.1?

 

[Sono]

Slightly off-topic but figured I'd ask. After spending so much timt with studying the MCU have you figured out what caused N3DSes bricking when put into sleep mode on 2.1?

Nope, not yet. However, I know that 2.1 MCU_FIRM behaves somewhat differently from new3DS MCU_FIRM. The main difference is that 2.1 has almost no safety checks. Luckily it still prevents you from writing into inaccessible areas, but it doesn't mask away them. Also, in 2.1 the default error value was 0xAA instead of 0xFF.

As ofr why the new3DS bricks, I have a suspicion that it might be caused by trying to write into a new3DS-only partition which is different on old3DS. But it's just a theory anyways.

--------------------- MERGED ---------------------------

I almost missed this one

MCU Bricker or RGB_rave.cia. This one doesn't actually brick your 3DS but does demonstrate how a real MCU brick looks like.

That's not how a real MCU brick looks like. The name of it is again - just to mock the peope who still believe in that bullshit.

A real MCU brick wouldn't look anyhow, because your 3DS wouldn't even turn on.

 

[TurdPooCharger]

That's not how a real MCU brick looks like. The name of it is again - just to mock the peope who still believe in that bullshit.

A real MCU brick wouldn't look anyhow, because your 3DS wouldn't even turn on.

Corrected my earlier post. I tried looking for info on MCU brick symptoms and that's all I could find.

However, that does bring up the question: Could a real MCU bricker be feasibly possible to program? A simply yes, no, or no comment answer will suffice.

If you answer this, I rather you don't delve into the technical aspects in how a supposed black hat programmer would pull it off. In case anyone out there with malicious intent decides to pursue this, it's best they don't gain knowledge in a working proof of concept.

Edit - It doesn't have to be a MCU. Anything that permanently renders a 3DS unusable or bricked with no recovery falls under that question.

 

[Sono]

Corrected my earlier post. I tried looking for info on MCU brick symptoms and that's all I could find.

However, that does bring up the question: Could a real MCU bricker be feasibly possible to program? A simply yes, no, or no comment answer will suffice.

If you answer this, I rather you don't delve into the technical aspects in how a supposed black hat programmer would pull it off. In case anyone out there with malicious intent decides to pursue this, it's best they don't gain knowledge in a working proof of concept.

Edit - It doesn't have to be a MCU. Anything that permanently renders a 3DS unusable or bricked with no recovery falls under that question.

Yes, it's sadly way too easy to intentionally brick the MCU

As for how a real MCU brick would look like if someone were to brick you from ARM11 then here's a recreation:

Spoiler: Video

As for how accurate this is: depends on the method someone used to brick.

</post>

damn man, it hurts NOT to explain something when I have the freedom of a physical keyboard

 

[Itzumi]

Yes, it's sadly way too easy to intentionally brick the MCU

As for how a real MCU brick would look like if someone were to brick you from ARM11 then here's a recreation:

Spoiler: Video

As for how accurate this is: depends on the method someone used to brick.

</post>

damn man, it hurts NOT to explain something when I have the freedom of a physical keyboard

Well that answers one burning question I had about the 3ds.