Hacking 3DS Hacking Ideas: Post Your Ideas Here!

[ichichfly]

looks like someone has dumped the 16 Byte at 0x00100100 with the stack exploit. By brute forcing a return address that somehow read data.

 

[Boy12]

looks like someone has dumped the 16 Byte at 0x00100100 with the stack exploit. By brute forcing a return address that somehow read data.

Was it you when you mean "somebody"?

 

[Rydian]

Just an idea here, but would it be possible to use the Streetpass relay feature to hack the system? Like this:

- Create a fake Streetpass (using an existing game)
- Put it on a Nintendo hotspot (or a created hotspot)
- Get it with a 3DS using the streetpass relay feature
- When you check the streetpass in the right game (depends on which game is/can be used for it), it'll open a piece of homebrew software.
- Install homebrew

I do suspect that probably can't be done until someone can manage to make the correct encryption keys though... and that would probably require people to figure out how to get through the encryption in the first place. Anyway, just an idea. I'm not too tech savvy, just smelling a tiny 'maybe opportunity' here.

... come on, you didn't even read the first example of the first post? D:

 

[RedHero]

I did, but the system has a new featre and I'm trying to highlight it. I'm hoping to inspire some of the more tech-savvy people look into the new feature and what possibilities it may bring.

 

[Chary]

Can you play games online with the Gateway?

 

[Boy12]

Can you play games online with the Gateway?

Currently not.
It gives an error that you're card is faulty and boots you right back to the home screen of your 3DS.

 

[Poketard]

Currently not.
It gives an error that you're card is faulty and boots you right back to the home screen of your 3DS.

Yes!! No illegimate AC:NL players or X/Y players!

On topic: how about we wait till gateway supports homebrew, then we should have total control over the 3DS, making finding an exploit much easier.

 

[Gabelvampir]

Yes!! No illegimate AC:NL players or X/Y players!

On topic: how about we wait till gateway supports homebrew, then we should have total control over the 3DS, making finding an exploit much easier.

Well if we have total control over the 3DS we don't need to find an exploit any more. Only if we need a new exploit (which we currently do),

 

[Van_Xan]

This isn't really "hacking" the 3ds, but has anyone tried recording and saving the actual files the 3ds uses to update? That way we could make it so people can install updates but not go too far so their flashcarts wont work.

Example to make with easier to understand:

* 3DS says to NinServer "Update Me"
* NinServer says "Okay" and sends update 1.0 to 3DS
* 3DS says "Thank You" and proceeds to update
 
While all this is going on the access point is not only logging all the data being sent, but saving all of it(the files) to a hard drive.

I hope this makes sense :/

 

[Rydian]

This isn't really "hacking" the 3ds, but has anyone tried recording and saving the actual files the 3ds uses to update? That way we could make it so people can install updates but not go too far so their flashcarts wont work.

Example to make with easier to understand:

* 3DS says to NinServer "Update Me"
* NinServer says "Okay" and sends update 1.0 to 3DS
* 3DS says "Thank You" and proceeds to update
 
While all this is going on the access point is not only logging all the data being sent, but saving all of it(the files) to a hard drive.

I hope this makes sense :/

There's a possibility that the update is either encrypted per-3DS (less likely with something like a firmware update), or linked to a ticket verified and stored in the 3DS's encrypted NAND itself (and won't run without that matching ticket), like the Wii/DSi do.

But people can use retail game carts to update them to a specific 4.x anyways.

 

[Gabelvampir]

There's a possibility that the update is either encrypted per-3DS (less likely with something like a firmware update), or linked to a ticket verified and stored in the 3DS's encrypted NAND itself (and won't run without that matching ticket), like the Wii/DSi do.

But people can use retail game carts to update them to a specific 4.x anyways.

Dude, you got it all wrong. The idea behind buying a Gateway is to never pay for a cartridge again, not even for updating to the right version.
And then wonder why publishers shun my plattform of choice and only shovelware is released any more.
But to be serious, updating to a specific firmware without any games would be nice to have, although for the short term cartridges are really good enough for that.

 

[mr. fancypants]

is it coincidence but gateway and dstwo are using the same game on 4.1-5 (deep labyrint) is ther an exploit or somthing in that game? and if that is so, dstwo is now using the game 'alex rider stormbreaker' maybe can gateway also use that game to make an update for 5.x.x and 6.x.x

(with the use game i mean the game that the 3ds displays)

 

[Rydian]

is it coincidence but gateway and dstwo are using the same game on 4.1-5 (deep labyrint) is ther an exploit or somthing in that game? and if that is so, dstwo is now using the game 'alex rider stormbreaker' maybe can gateway also use that game to make an update for 5.x.x and 6.x.x

(with the use game i mean the game that the 3ds displays)

I doubt it, that's not the actual game, just the header and some additional data from it used to pass the checks and get it to boot.

 

[Coto]

Can you play games online with the Gateway?

From what I've seen on gateway videos, wireless behaves strange (reacts 1 second) before 3DS logo goes away. If people are saying wireless is not working, then they prolly messed up something lol

 

[Skeet1983]

I thought about this, but have not tried: Would it be possible to use an AR DS with the Micro SD slot to extract 3ds saves? Is the save structure same as in DS games? Just shot in dark here...

 

[Rydian]

I thought about this, but have not tried: Would it be possible to use an AR DS with the Micro SD slot to extract 3ds saves? Is the save structure same as in DS games? Just shot in dark here...

The AR DS doesn't interact with 3DS carts, and while there are tools that do, the saves are encrypted and only saves for older games and on older firmwares (2.0.x and below I think) can be extracted.

 

[mr. fancypants]

maybe make a backup for nintendo video or something like that and if u open nintendo video and open a movie (this the exploit then ) the 3ds freeze and goes into another mode

 

[ichichfly]

maybe make a backup for nintendo video or something like that and if u open nintendo video and open a movie (this the exploit then ) the 3ds freeze and goes into another mode

AES encrypted with a key that is not shared --> not working

 

[mr. fancypants]

is everything encrypted ? (except the working exploits)

 

[MAXLEMPIRA]

you guys, once that GateWay enable HomeBrew, we'll have more access and knowledge with 3DS, right? so... maybe, with the Nand Dump (http://gbatemp.net/threads/nand-flash-dump-3ds-xl.350668/page-9#post-4747563) and the correct knowledge, we can rewrite the Nand with a CFW or something like that??