Toggle sidebar

Hacking 3DS Hacking Ideas: Post Your Ideas Here!

  • Thread starter Thread starter Rydian
  • Start date Start date
  • Views Views 106,013
  • Replies Replies 420
  • Likes Likes 18
well you wont be able to execute code in regions that are protected by NX, but if I remember correctly, the current working exploit used a buffer overflow with something else.. it was a 2 part process.
 
Isn't possible to load a corrupted picture in 3ds camera or one with a HUUUGGE resolution to make system freeze and crash? Just a idea.
 
boomario said:
Isn't possible to load a corrupted picture in 3ds camera or one with a HUUUGGE resolution to make system freeze and crash? Just a idea.
Click to expand...

That's what they did with a few of the earlier PSP versions, so I'm sure Nintendo's thought of it already.
 
Does the Datel Powersave have any implications? It has the ability to rewrite saves even on games with NAND saving.
 
yeah but the older games saves had already been hacked so any save game entry points could be looked into on older games using the older encryption methods, this is all also closed, i doubt datel will be dropping by to release a save game hack any time soon, so untill its public the method its not going to lead to anything except modded saves, and even if the method is released it would probs only lead to being able to use 6.x saves in emunand, so you can play newer games between retail and emunand
 
gamesquest1 said:
yeah but the older games saves had already been hacked so any save game entry points could be looked into on older games using the older encryption methods, this is all also closed, i doubt datel will be dropping by to release a save game hack any time soon, so untill its public the method its not going to lead to anything except modded saves, and even if the method is released it would probs only lead to being able to use 6.x saves in emunand, so you can play newer games between retail and emunand
Click to expand...

i only see two possible scenarios on how they do it:

a) they achieved unsigned code execution on 6.x+ and have a 3DS farm running to de-/encrypt the saves

or b) they managed to extract the 6.x key (either prescrambled or the init and the scrambler logic).

both scenarios would have a great impact: exploit for >4.5 or the ability to extract all AES keys (unless the 6.x save key is stored/generated less secure).
 
Yeah but they are both dependant on the method being released, right now it's for datel's eyes only, for all we know they could of just made a very lucky guess on the 6.x key, or knew someone who has access to some sensitive info inside nintendo, until something is made public (or atleast in the hands of developers) this doesn't really count for anything, and doesn't help in any way
 
gamesquest1 said:
Yeah but they are both dependant on the method being released, right now it's for datel's eyes only, for all we know they could of just made a very lucky guess on the 6.x key, or knew someone who has access to some sensitive info inside nintendo, until something is made public (or atleast in the hands of developers) this doesn't really count for anything, and doesn't help in any way
Click to expand...

Right, for now its datel only.

And my best guess is they went with alternative b) and simply threw a huge amount of money at the problem (decap/microprobing).

It at least shows that more/deeper exploitation is still possible.
 
  • Like
Reactions: gamesquest1
Reisyukaku said:
well you wont be able to execute code in regions that are protected by NX, but if I remember correctly, the current working exploit used a buffer overflow with something else.. it was a 2 part process.
Click to expand...

wasn't the point of the ropchain exploit??? to bypass NX?
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Help on 3DS prices...

Homebrew app Emulator  [Release] 3DS-CLI - Run a real RISC-V Linux environment on the Nintendo 3DS

Hardware  2 Broken 3DSes, need help

Website for finding alternative games for 3DS

Homebrew  My Secret World DS: is there a way to bypass the password lock?

Homebrew Homebrew app  [Release] GridLauncher Rosalina

please help, wont boot

Hardware  I Have 2 THQ Dev Kit 3DSes (Panda), Need Help On Preserving What’s Inside