Front-page Homebrew  Updated

HaxxStation: DS Download Station exploit



13 years.

The original DS was released in 2004, and to this day, no hax for Download Play had been made.

Until now.

Gericom found an exploit in DS Download Station, allowing us to run any homebrew we'd like over DS download play.

Source code for dspatch: https://github.com/Gericom/dspatch

Enjoy!

Credits:
Exploit: shutterbug2000, Gericom, and Apache Thunder
Graphics: Jaames, Robz8

And if you want to load unsupported flashcarts on a DSi:

Robz8 said:
Yes.
Here's Apache Thunder's flashcard launchers edited for HaxxStation. @shutterbug2000 should put this in the first post.
https://www.odrive.com/s/23b9f39c-ae15-4c1b-8ff7-64344fa6f2d2-5939fc7f
Click to expand...
 

Attachments

  • dspatch.zip
    19.4 KB · Views: 2,281
  • dspatchv1.1.zip
    19.8 KB · Views: 1,723
Last edited by shutterbug2000,
  • Like
Reactions: furbi963, Darukeru, RetroHeim and 129 others
Click to expand...
D

Deleted User

Guest
Gericom said:
Thanks. It's strange that nobody looked into that indeed. I have not reversed the protocol yet, but I can sniff wifi packets with my raspberry pi and an usb wifi adapter, so I'm sure we can figure that out.

Maybe we could talk on discord. Send me a pm if you like.
Click to expand...
@FIX94 incase it doesnt pick him up: Wiis have RevoEX functionality, native Wii stuff used DLP a ton; I know that yellows8 was doing a bit of RE on Nintendo Channel years ago :P

The DLP protocol was also covered on somewhere-I-can't-remember (I think No$GBA's debug stuff?)
 
FIX94

FIX94

Former Staff
Former Staff
Level 21
Joined
Dec 3, 2009
Messages
7,284
Trophies
0
Age
30
Location
???
XP
11,248
Country
Germany
PokeAcer said:
Wiis have RevoEX functionality
Click to expand...
yea, I do have all that loaded up in IDA right now, trying to understand the wii WD IOS interface since that seems to be the "core" that basically does all the I/O, from all I see so far the wii and ds can pretty much communicate just like a ds and a ds will so that makes me hopeful this will work out :P
 
  • Like
Reactions: Billy Acuña and Deleted User
Gericom

Gericom

Well-Known Member
Member
Level 15
Joined
Jun 30, 2011
Messages
1,383
Trophies
2
Age
25
XP
4,707
Country
Netherlands
PokeAcer said:
@FIX94 incase it doesnt pick him up: Wiis have RevoEX functionality, native Wii stuff used DLP a ton; I know that yellows8 was doing a bit of RE on Nintendo Channel years ago :P

The DLP protocol was also covered on somewhere-I-can't-remember (I think No$GBA's debug stuff?)
Click to expand...
FIX94 said:
yea, I do have all that loaded up in IDA right now, trying to understand the wii WD IOS interface since that seems to be the "core" that basically does all the I/O, from all I see so far the wii and ds can pretty much communicate just like a ds and a ds will so that makes me hopeful this will work out :P
Click to expand...
I have patched out the digest check in Big Beach Games which allows to send arbitrary signed roms. I have the wii sdk too, but I was not able to run the files it produced on my wii.
 
  • Like
Reactions: Deleted User
Clément

Clément

Well-Known Member
Member
Level 2
Joined
Aug 2, 2016
Messages
126
Trophies
0
Age
21
Location
Paris
XP
144
Country
France
GerbilSoft said:
The error message says "file not found". You're trying to load a file named "downoad_station.nds". Did you mean "download_station.nds"?
Click to expand...
Yes thank you, I was wrong, I got a file "result.nds". I go test this on TWLoader with Bootstrap 0.2.0, someone said it worked on this version so I will test and I tell you if it works
 
  • Like
Reactions: Deleted User
D

Deleted User

Guest
Gericom said:
I have patched out the digest check in Big Beach Games which allows to send arbitrary signed roms. I have the wii sdk too, but I was not able to run the files it produced on my wii.
Click to expand...
Did you retail sign them? They'll be dev-signed rn. Use RVT2RVL.
 
D

Deleted User

Guest
Gericom said:
I've no idea. I tried to use elf files with the Homebrew channel, but they didn't work. But the demos are meant to work with a disk normally anyway
Click to expand...
Try them in Dolphin, and you have to use a tool to convert the ELF into one that works with HBC iirc. Pinging @Larsenv since he has the tool
 
some1ne

some1ne

Well-Known Member
Member
Level 6
Joined
Sep 12, 2009
Messages
578
Trophies
1
Website
www.youtube.com
XP
903
Country
United States
upload_2017-6-9_18-56-11.png


Has anyone else gotten this error?
 
Clément

Clément

Well-Known Member
Member
Level 2
Joined
Aug 2, 2016
Messages
126
Trophies
0
Age
21
Location
Paris
XP
144
Country
France
First I have a white, then a black screen, I tried to see if my DS detected DS Download Station in download mode, and nothing works, so it does not work with bootstrap 0.2.0. (Sorry for my bad English)
 
D

Deleted User

Guest
Good job on the exploit! But I really hope the bootstrap gets updated for it to be compatible, as that is the only way for me to use this.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Testing the new EZ-Flash Parallel

ROM Hack  Mario Kart DS - Custom Tracks Grand Prix NITRO (CTGP NITRO) v1.1.0 Release

Emulation  Tomodachi Collection Cheat Codes (For Delta)

Misc  DSiWare in 2024

Hardware Misc Others Project  3D Printing DS cart shells?

So what IS the best DS Flashcart?

Emulation  What are the emulation capability of a DSi? (2024)

EZ-Flash Parallel doesn't works on DSi XL

General chit-chat
Help Users
  • No one is chatting at the moment.
    Psionic Roshambo @ Psionic Roshambo: Not a big fan of NES kid Icarus either... I know it was popular but I didn't care for it.