Hacking 3DS Hacking Ideas: Post Your Ideas Here!

[UltraMew]

Pokemon is probably not a suitable candidate because it checks corrupt pokemon every time you save and will turn them into bad eggs.

All ya gotta do is run it's code before you save, then it'll activate, then 3DS 7.1 haXor'd?!?!?!?!?!?!?!?! #IMayHaveFiguredItOutButProbablyNotOhAndThisIsJustALongHashtagForTheLOLs

 

[BobDoleOwndU]

All ya gotta do is run it's code before you save, then it'll activate, then 3DS 7.1 haXor'd?!?!?!?!?!?!?!?! #IMayHaveFiguredItOutButProbablyNotOhAndThisIsJustALongHashtagForTheLOLs

I believe every way you can receive Pokemon through wi-fi requires you to save immediately after you receive the Pokemon (i.e. trading, GTS, etc...), so the Pokemon games are most like not exploitable in this way.

Off-topic: Mew is my favourite pokemon.

 

[Tybus]

What about somehow corrupting the WI-FI SSID so maybe it crashes ?

 

[Metoroid0]

Now i hawe 3DSXL on 4.5 FW where's that 3DS Hack?? ...come on guys.... :3

 

[Sliter]

well I was looking some pokemon stuffs and I get on a custom GTS thing, instead of accessing the nintendo GTS you enter on a custom one by changing the mac on the connection settings, and then you can make pokemon to appear there and stuffs...
soo I got this idea:
If we do the same we can foll the 3DS?it's possible to make it think that have a "new" update by a custom mac ? the idea is giving the 3DS a custom firmeware (like with region free) or at least making it update to 4.5, as example? with this even 2DS user can be able to use flashcard and stuffs :v but My only intention here is having region free XD

 

[BobDoleOwndU]

well I was looking some pokemon stuffs and I get on a custom GTS thing, instead of accessing the nintendo GTS you enter on a custom one by changing the mac on the connection settings, and then you can make pokemon to appear there and stuffs...
soo I got this idea:
If we do the same we can foll the 3DS?it's possible to make it think that have a "new" update by a custom mac ? the idea is giving the 3DS a custom firmeware (like with region free) or at least making it update to 4.5, as example? with this even 2DS user can be able to use flashcard and stuffs :v but My only intention here is having region free XD

So far, nobody has been able to successfully do that on Pokemon X and Y, due to the encryption. However PokeCheck has recently discovered some sort of exploit using battle videos, doubt it'll lead to a full system exploit, but we'll see where it goes.

 

[gamesquest1]

i could be way off the mark here but i think pokecheck only have a way to decrypt and possibly re-encrypt user created content....i.e battle video, saves etc......forcing the 3ds to run an older update would either require a exploit to make the 3ds "think" its on an older FW....thus running the 4.5 update, or resign content signed with nintendo's private encryption key so 4.5 update could be edited so the system would think its say 9.0, so unless an exploit is found in the system or the private encryption key is found (which would mean anything could be run without needing external hacks) whatever pokegen have is nothing more that a way to mess with saves or stuff that is made for use on games, might be good for save hacking etc but that's it really

 

[Sliter]

So far, nobody has been able to successfully do that on Pokemon X and Y, due to the encryption. However PokeCheck has recently discovered some sort of exploit using battle videos, doubt it'll lead to a full system exploit, but we'll see where it goes.

hehe Sorry but I think you don't got my ideia
my idea is using how they do to make a "custom GTS", to make a "custom update"for the 3ds, I mean, instead of connecting from nintendo(like the in the GTs ), it connect to the server with a custom/hacked system or making it able to "updating"to a lower system? :v

 

[Duo8]

hehe Sorry but I think you don't got my ideia
my idea is using how they do to make a "custom GTS", to make a "custom update"for the 3ds, I mean, instead of connecting from nintendo(like the in the GTs ), it connect to the server with a custom/hacked system or making it able to "updating"to a lower system? :v

i could be way off the mark here but i think pokecheck only have a way to decrypt and possibly re-encrypt user created content....i.e battle video, saves etc......forcing the 3ds to run an older update would either require a exploit to make the 3ds "think" its on an older FW....thus running the 4.5 update, or resign content signed with nintendo's private encryption key so 4.5 update could be edited so the system would think its say 9.0, so unless an exploit is found in the system or the private encryption key is found (which would mean anything could be run without needing external hacks) whatever pokegen have is nothing more that a way to mess with saves or stuff that is made for use on games, might be good for save hacking etc but that's it really

Also connection is encrypted.

 

[Sliter]

well that of making it think is a new update is good but could be problematic:v
hmm what if they do just update do a hacked system? for now I think in something Like just being region free, maybe adding support for entering other regions of Eshop and don't make korean and mandarin being missignos on miis names you get from homepass haha XD and other customs, idk :B

 

[Reisyukaku]

When I was capturing traffic from my 3DS, It looked like the trade data and such in Pokemon was encrypted via SSL (or TSL). I know how to decrypt it on PC, but not too sure about handheld. At least if we decrypted that, we'd have instacheck back, lol.

 

[bkifft]

When I was capturing traffic from my 3DS, It looked like the trade data and such in Pokemon was encrypted via SSL (or TSL). I know how to decrypt it on PC, but not too sure about handheld. At least if we decrypted that, we'd have instacheck back, lol.

Exactly like on a PC: you'd either need to get the servers secret key in order to get the session key or forge and replace the certificates on the 3DS to do a man in the middle.

 

[Sliter]

so this mean it's possible :v but we need some hard work there XD

btw another idea is using a flashcard to make the 3DS think it need update and, instead of giving a new one, making it get the 4.5/hacked system

 

[Duo8]

so this mean it's possible :v but we need some hard work there XD

btw another idea is using a flashcard to make the 3DS think it need update and, instead of giving a new one, making it get the 4.5/hacked system

Then it's just like your last idea. Still need to sign that FW somehow.

 

[BobDoleOwndU]

hehe Sorry but I think you don't got my ideia
my idea is using how they do to make a "custom GTS", to make a "custom update"for the 3ds, I mean, instead of connecting from nintendo(like the in the GTs ), it connect to the server with a custom/hacked system or making it able to "updating"to a lower system? :v

Ah, I see what you mean now. Not a custom server for Pokemon, but rather a custom server for the 3DS itself for Nintendo updates.

 

[Reisyukaku]

Exactly like on a PC: you'd either need to get the servers secret key in order to get the session key or forge and replace the certificates on the 3DS to do a man in the middle.

Things dont want to work properly, lol. I usually use the program called Charles to do stuff with SSL, but since this doesnt run through a browser, i decided to try fiddler instead, and see if i can get it to read whats on the wire, but i cant even get fidder to work on anything ._.

 

[bkifft]

Things dont want to work properly, lol. I usually use the program called Charles to do stuff with SSL, but since this doesnt run through a browser, i decided to try fiddler instead, and see if i can get it to read whats on the wire, but i cant even get fidder to work on anything ._.

Charles as well as fiddler act as a man in the middle and thus require custom certificates on the client. That's kinda hard to pull of on the 3DS.

 

[mr. fancypants]

so the only thing standing between total control and us is the code from nintendo... sadly nintendo isnt as stupid as sony was ...or i think so.

 

[Crisp Cookie]

I know the article say:
"I found a crash, let's use that to make a hack for it." Unlike older systems, the 3DS has things like the NX bit and potentially ASLR.
These features mean that you cannot simply inject a blob of custom code through a crash and have it run anymore.

But It may help. When I start a downloaded demo from the store and I do some specific actions the 3ds screen freeze.
I try this more than once and it always freeze. so, can this freeze help ous?

 

[mr. fancypants]

maybe but if the 3ds does has ASLR i wouldn't execute the overflow code (right?)