Hacking 3DS Hacking Ideas: Post Your Ideas Here!

DarkenSX · Feb 22, 2014

Heres an idea while we (We as in General Console Hacking scene ( psp, ds, ps3 blah blah blah blah)) have used in the past the tiff exploit which really is not usful anymore to execute code or create an exploit point...
Why not use the video player as a way... But Dark you yell at me it has a proprietary format with no exploit!!! while yes this is true (starting from that format) we forget we can convert our movies to that format... so what about injecting code into a movie converting it (may require a converter from the scene that ignores the code and converts it regardless not sure :S ) and attempting to run / play the file. ( on PC wma file used to always have virus injected into them and media player would still play it and *Cough* Destroy your pc) fact is video files and audio file have this ability more then the tiff file question is can it be applied to the 3ds in some form? either audio or video... or the videos audio channel.

cloud1250000 · Feb 22, 2014

impossible. When converting your video, the converter will notice there`s a problem with it and stop the conversion. The only way to launch a modded video would be with the youtube application hack to launch anykind of video.

Duo8 · Feb 22, 2014

DarkenSX said:
Heres an idea while we (We as in General Console Hacking scene ( psp, ds, ps3 blah blah blah blah)) have used in the past the tiff exploit which really is not usful anymore to execute code or create an exploit point...
Why not use the video player as a way... But Dark you yell at me it has a proprietary format with no exploit!!! while yes this is true (starting from that format) we forget we can convert our movies to that format... so what about injecting code into a movie converting it (may require a converter from the scene that ignores the code and converts it regardless not sure :S ) and attempting to run / play the file. ( on PC wma file used to always have virus injected into them and media player would still play it and *Cough* Destroy your pc) fact is video files and audio file have this ability more then the tiff file question is can it be applied to the 3ds in some form? either audio or video... or the videos audio channel.

It's not proprietary. It's just some common video format, but in 3D.
Also, we could just get a random video that the 3DS would read and inject code into it directly. No "converter" is needed.
Problem is, it is likely the 3DS camera app can already handle "corrupted" files like this.
Only hope is that amazingly badly-coded YouTube app.

Deleted User · Feb 22, 2014

why isnt anyone tryin this then

Deleted member 282441 · Feb 23, 2014

boomario said:
Isn't possible to load a corrupted picture in 3ds camera or one with a HUUUGGE resolution to make system freeze and crash? Just a idea.

It loads other parts of the picture into memory one at a time, i doubt that will work

Devrim · Mar 3, 2014

Duo8 said:
It's not proprietary. It's just some common video format, but in 3D.
Also, we could just get a random video that the 3DS would read and inject code into it directly. No "converter" is needed.
Problem is, it is likely the 3DS camera app can already handle "corrupted" files like this.
Only hope is that amazingly badly-coded YouTube app.

It is possible to run video's outside youtube from the youtube app. So you would only need a vid with injected code to try and see if it works. The app is based on the browser of the 3ds and supports .mp4 with H264 video. To play the video you only need to create a HTML5 page and put the vid between <video>

pokemoner2500 · Mar 12, 2014

If SSB 3DS has custom stages would it be possible to do something similar to smash stack?

Subtle Demise · Mar 12, 2014

pokemoner2500 said:
If SSB 3DS has custom stages would it be possible to do something similar to smash stack?

Possible, but highly unlikely. IF Nintendo implements custom stages, they have obviously already learned their lesson from the Wii.

Duo8 · Mar 12, 2014

pokemoner2500 said:
If SSB 3DS has custom stages would it be possible to do something similar to smash stack?

Even if there's an exploit identical to SmashStack in the new game, it's actually patchable now.

Apache Thunder · Mar 16, 2014

I'm curious as to if this has any application to the 3DS. 3DS uses RSA encryption yes?

RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis

This was used to exploit laptops, but nothing in there says a 3DS would by any more immune then a laptop. Unless the lower power consumption of the 3DS makes this more difficult? I would think it would be easier since there's no fans or other moving parts in the 3DS that operate while the console is powered up.

Duo8 · Mar 17, 2014

Apache Thunder said:
I'm curious as to if this has any application to the 3DS. 3DS uses RSA encryption yes?

RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis

This was used to exploit laptops, but nothing in there says a 3DS would by any more immune then a laptop. Unless the lower power consumption of the 3DS makes this more difficult? I would think it would be easier since there's no fans or other moving parts in the 3DS that operate while the console is powered up.

I did bring this up a few months back. It's difficult because the 3DS uses a low power SoC instead of a full CPU like in the example. Not to mention it's hard to pull off.

Thunderking>9000 · Mar 19, 2014

When the firmware gets decrypted and stored somewhere (nand?), can't we dump it from there?

X_Frost · Mar 19, 2014

I'm not a programmer and have no experience at all but would it be possible to use DLC from a game to launch an exploit, using it to redirect access to the SD card, and launch from there.

If Launching from 3ds home-brew from there, unless corrected, you could do so without the need to use an exploit on regular ds firmware, removing the need to relaunch when using ds mode, right?

If the idea has been presented, and debunked, I apologize for sounding foolish.

lambstone · Mar 20, 2014

X_Frost said:
I'm not a programmer and have no experience at all but would it be possible to use DLC from a game to launch an exploit, using it to redirect access to the SD card, and launch from there.

If Launching from 3ds home-brew from there, unless corrected, you could do so without the need to use an exploit on regular ds firmware, removing the need to relaunch when using ds mode, right?

If the idea has been presented, and debunked, I apologize for sounding foolish.

You don't launch exploits. You make use of it, exploits are found not created. You can't just say to use a DLC to launch an exploit. It's like trying to cook something by freezing it.

X_Frost · Mar 20, 2014

lambstone said:
You don't launch exploits. You make use of it, exploits are found not created. You can't just say to use a DLC to launch an exploit. It's like trying to cook something by freezing it.

Thanks for the clarification. I meant to say find an exploit similar to how to installing the Home-brew channel on Wii, using DLC in place of a letterbomb.

Duo8 · Mar 20, 2014

X_Frost said:
Thanks for the clarification. I meant to say find an exploit similar to how to installing the Home-brew channel on Wii, using DLC in place of a letterbomb.

DLCs are as secure as normal titles. And normal titles are very secure.

Thunderking>9000 said:
When the firmware gets decrypted and stored somewhere (nand?), can't we dump it from there?

Dump what? We can already dump NAND but encrypted.

Thunderking>9000 · Mar 20, 2014

Duo8 said:
Dump what? We can already dump NAND but encrypted.

I mean while the 3ds is running, it must decrypt the firm partition and store it somewhere. Can we dump it at that time?

Duo8 · Mar 20, 2014

Thunderking>9000 said:
I mean while the 3ds is running, it must decrypt the firm partition and store it somewhere. Can we dump it at that time?

Well, you can dump part of it if it's loaded into memory.

soulrazor · Mar 20, 2014

Thunderking>9000 said:
I mean while the 3ds is running, it must decrypt the firm partition and store it somewhere. Can we dump it at that time?

yes and its developments can be found at 3dbrew.org recent activity tab for latest modifications

Thunderking>9000 · Mar 20, 2014

Duo8 said:
Well, you can dump part of it if it's loaded into memory.

Okay, and would it be possible to modify a small part of the firmware to f.e. disable a rom decryptor/legitimacy check jump? Would this allow running homebrew/hacks/fan translations (maybe even from the sd card)?

Hacking 3DS Hacking Ideas: Post Your Ideas Here!

Well-Known Member

Well-Known Member

Well-Known Member

Deleted User

Guest

AKA ZeroTheSavior

Well-Known Member

Well-Known Member

h

Well-Known Member

I have cameras in your head!

Well-Known Member

New Member

Well-Known Member

No. Nyet. 不. Non. Nein.

Well-Known Member

Well-Known Member

New Member

Well-Known Member

Well-Known Member

New Member

Similar threads

Popular threads in this forum