Hacking 3DS with DS mode wap connection?Can it happen?

[Technicmaster0]

Do you mean WPA? The DS games themselves are only compatible with WEP routers, so whether you play it on a DS, DSi, or 3DS it doesn't matter, you must use WEP. DSi-exclusive games can use WPA, 3DS games can use WPA2.

What I'm saying is that you shouldn't compromise your network security just to play ds games online and if you have a smartphone you are better off unlocking it and just making a wireless hotspot with wep or no security since it's going to be very temporary just don't do open if you are in a public place.

Sometimes, I activate the guest mode at my fritz.box so that I can play DS games online but normaly, I use only WPA2.

 

[Deltaechoe]

Do you mean WPA? The DS games themselves are only compatible with WEP routers, so whether you play it on a DS, DSi, or 3DS it doesn't matter, you must use WEP. DSi-exclusive games can use WPA, 3DS games can use WPA2.

What I'm saying is that you shouldn't compromise your network security just to play ds games online and if you have a smartphone you are better off unlocking it and just making a wireless hotspot with wep or no security since it's going to be very temporary just don't do open if you are in a public place.

Sometimes, I activate the guest mode at my fritz.box so that I can play DS games online but normaly, I use only WPA2.

That's much better than changing your wifi encryption to something that is easily crackable in minutes using a tool that you can find on the first page of a google search

 

[Thorhian]

Do you mean WPA? The DS games themselves are only compatible with WEP routers, so whether you play it on a DS, DSi, or 3DS it doesn't matter, you must use WEP. DSi-exclusive games can use WPA, 3DS games can use WPA2.

What I'm saying is that you shouldn't compromise your network security just to play ds games online and if you have a smartphone you are better off unlocking it and just making a wireless hotspot with wep or no security since it's going to be very temporary just don't do open if you are in a public place.

Sometimes, I activate the guest mode at my fritz.box so that I can play DS games online but normaly, I use only WPA2.

That's much better than changing your wifi encryption to something that is easily crackable in minutes using a tool that you can find on the first page of a google search

I Highly agree, sticking to WPA 2 is the best way to go for consumer grade stuff. Just find a way to get your DS tethered to a smartphone or something. I have a system for dumping DS games in which I just open up a secondary router with a mac address white listing and a WEP encryption to slow down anyone trying to get on my network. I can also monitor any connections going through this router, which is always good I simply turn off its wifi broadcasting systems when im done. Hopefully I won't have to go through all this crap dumping 3DS games.... Maybe I should make a dumper like in that one pic, almost all the parts were discovered already....

But seriously, anyone who uses WEP really is being stupid. Don't do it. A few years ago you could crack a WEP network within a half hour, 35 minutes if MAC addressing is enabled. Who knows how much more efficient it is to crack a WEP network now. A Jail-broken iPhone can break WEP networks now (seen it with my own eyes). Its pathetic.

 

[ferofax]

Jeez, why worry with all this when you can just switch back to WPA after playing? So somebody gets lucky for a few hours while you're playing, their playtime's over the minute you switch back to WPA.

That's what I do.

 

[Deltaechoe]

Jeez, why worry with all this when you can just switch back to WPA after playing? So somebody gets lucky for a few hours while you're playing, their playtime's over the minute you switch back to WPA.

That's what I do.

You misunderstand how serious the breach can be if someone who actually knows what they're doing gets access to your wireless network. I give you my word as an IT security professional that it is one of the last things you want to have happen to your network

 

[Rydian]

But switching to a security method that can be cracked in seconds by googling a youtube tutorial is okay because it's a second AP?

 

[Janthran]

Use WEP and MAC filtering. Problem solved.

 

[Rydian]

MAC addresses are in ethernet headers, finding a time when the device that owns an allowed MAC isn't on (or actively in use) and then spoofing your device to that MAC and kicking it off by appearing to reconnect with it isn't hard.

 

[Thorhian]

MAC addresses are in ethernet headers, finding a time when the device that owns an allowed MAC isn't on (or actively in use) and then spoofing your device to that MAC and kicking it off by appearing to reconnect with it isn't hard.

Exactly, MAC addressing only delays the inevitable. You can't rely on WEP and MAC addressing.

 

[Foxi4]

Well then use a USB Access Point to share internet and the internet only without real access to the network and use it only for one device, only when you're actively using it.

There are two ways you can go about this issue - a convinient but non-secure option and an inconvinient, costly and secure option, and that'd be that.

 

[Thorhian]

When the 3Ds gets hacked, do you think we could ever get a "wrapper" onto the "visualization" program for the ds mode on the 3DS when it gets hacked? Like wifi emulation? Im pretty sure dsemu did it, not sure how well though. Just throwing out some ideas.

 

[Foxi4]

When the 3Ds gets hacked, do you think we could ever get a "wrapper" onto the "visualization" program for the ds mode on the 3DS when it gets hacked? Like wifi emulation? Im pretty sure dsemu did it, not sure how well though. Just throwing out some ideas.

I'm pretty sure that the 3DS mostly deals with DS/DSi software via hardware emulation with one downclocked core while the other core is busy keeping the system alive, so not via the built-in emulator, but practically you could just compile a complete DS emulator once the console is hacked - the hardware is more than sufficient to facilitate that.

 

[Coto]

When the 3Ds gets hacked, do you think we could ever get a "wrapper" onto the "visualization" program for the ds mode on the 3DS when it gets hacked? Like wifi emulation? Im pretty sure dsemu did it, not sure how well though. Just throwing out some ideas.

You'd have to know how the infrastructure works in ASM in the NDS(i),3DS wifi chip, have the game source code to recompile both 3DS/DSi compatible target DS game, and finally a way to run that game in DSi mode so you can access items "disabled" in DS mode. iEVO lacks proper wifi because of Wintermute's exploit nature (an exploit in the wifi chip), so... yeah.

MAC filter / WEP mode or Nintendo USB Connector FTW

 

[Foxi4]

When the 3Ds gets hacked, do you think we could ever get a "wrapper" onto the "visualization" program for the ds mode on the 3DS when it gets hacked? Like wifi emulation? Im pretty sure dsemu did it, not sure how well though. Just throwing out some ideas.

You'd have to know how the infrastructure works in ASM in the NDS(i),3DS wifi chip, have the game source code to recompile both 3DS/DSi compatible target DS game, and finally a way to run that game in DSi mode so you can access items "disabled" in DS mode. iEVO lacks proper wifi because of Wintermute's exploit nature (an exploit in the wifi chip), so... yeah.

MAC filter / WEP mode or Nintendo USB Connector FTW

That was not his question though - he asked if it was theoretically possible to re-route the connection information somehow in an emulated environment, and it is in fact possible. How do you think PSP's X-Link Kai works on the PSP? Let's call it a loop-back driver that sends the information to a pointed location rather than the actual chip, and in that location it does whatever the hell it pleases to do with the data.

 

[Coto]

That was not his question though - he asked if it was theoretically possible to re-route the connection information somehow in an emulated environment, and it is in fact possible. How do you think PSP's X-Link Kai works on the PSP? Let's call it a loop-back driver that sends the information to a pointed location rather than the actual chip, and in that location it does whatever the hell it pleases to do with the data.

You know pretty well PSP is wide open in terms of hardware discovery. Sony uses adhoc which you'd even connect to a laptop. As various modules are even in games as "libraries" so you'd pick up the code you need, then experiment.

Sadly, this isn't the GBA/DS/DSi/3DS reality, because DS games usually work at a lower hardware level, requiring reverse enginering techniques used in old computers. Also, you should know how the wifi chip behaves in adhoc/infrastructure and how it talks with the game code (because we need to access servers, services, using tcp/ip protocol) and check if tiny chunks of data are encrypted, check an algorithm to decrypt/encrypt them back.

Add this, a way to access 3DS's DS mode, (once you know well how DS mode behaves), write a wrapper to dump nifi activity, then all that.

 

[Foxi4]

That was not his question though - he asked if it was theoretically possible to re-route the connection information somehow in an emulated environment, and it is in fact possible. How do you think PSP's X-Link Kai works on the PSP? Let's call it a loop-back driver that sends the information to a pointed location rather than the actual chip, and in that location it does whatever the hell it pleases to do with the data.

You know pretty well PSP is wide open in terms of hardware discovery. Sony uses adhoc which you'd even connect to a laptop. As various modules are even in games as "libraries" so you'd pick up the code you need, then experiment.

Sadly, this isn't the GBA/DS/DSi/3DS reality, because DS games usually work at a lower hardware level, requiring reverse enginering techniques used in old computers. Also, you should know how the wifi chip behaves in adhoc/infrastructure and how it talks with the game code (because we need to access servers, services, using tcp/ip protocol) and check if tiny chunks of data are encrypted, check an algorithm to decrypt/encrypt them back.

Add this, a way to access 3DS's DS mode, (once you know well how DS mode behaves), write a wrapper to dump nifi activity, then all that.

If the DS/DSi Mode is in fact ran via hardware emulation in a sandboxed environment then you can pick up the streams leaving the sandbox, and they have to leave the sandbox to access the WiFi hardware. Just sayin'.

The encryption into a WEP signal does not occour before the data reaches the chip - I believe it is taken care of IN the chip, so if you modify the pointer to it, you can intercept the data, whatever it may be. You don't even need to know what the data actually contains - how else do you think DeSmuMe's WiFi plugin worked? It was a simple loop-back that took the data and simply sent it over TCP/IP to another client which treated it as native signal.

 

[Coto]

That was not his question though - he asked if it was theoretically possible to re-route the connection information somehow in an emulated environment, and it is in fact possible. How do you think PSP's X-Link Kai works on the PSP? Let's call it a loop-back driver that sends the information to a pointed location rather than the actual chip, and in that location it does whatever the hell it pleases to do with the data.

You know pretty well PSP is wide open in terms of hardware discovery. Sony uses adhoc which you'd even connect to a laptop. As various modules are even in games as "libraries" so you'd pick up the code you need, then experiment.

Sadly, this isn't the GBA/DS/DSi/3DS reality, because DS games usually work at a lower hardware level, requiring reverse enginering techniques used in old computers. Also, you should know how the wifi chip behaves in adhoc/infrastructure and how it talks with the game code (because we need to access servers, services, using tcp/ip protocol) and check if tiny chunks of data are encrypted, check an algorithm to decrypt/encrypt them back.

Add this, a way to access 3DS's DS mode, (once you know well how DS mode behaves), write a wrapper to dump nifi activity, then all that.

If the DS/DSi Mode is in fact ran via hardware emulation in a sandboxed environment then you can pick up the streams leaving the sandbox, and they have to leave the sandbox to access the WiFi hardware. Just sayin'.

But to do that, you'd have to know how the real DS mode works. Right? I mean dump sandboxed cpu behavior , real cpu behavior (because after all sandboxed code will still require the host hardware if it is indeed "virtualization"), find both real DS mode "pointers" you say, then 3DS ones.

The encryption into a WEP signal does not occour before the data reaches the chip - I believe it is taken care of IN the chip, so if you modify the pointer to it, you can intercept the data, whatever it may be. You don't even need to know what the data actually contains - how else do you think DeSmuMe's WiFi plugin worked? It was a simple loop-back that took the data and simply sent it over TCP/IP to another client which treated it as native signal.

And what exactly would you dump? chip activity, right? We still need to know how the custom wireless chip works in ASM. DS emu devs could answer this much better, tough

 

[Foxi4]

And what exactly would you dump? chip activity, right? We still need to know how the custom wireless chip works in ASM. DS emu devs could answer this much better, tough

Not when you take the input to the chip, not its output.

Of course this requires hacking and reverse-engineering, I'm just saying that it's feasable.

 

[Coto]

And what exactly would you dump? chip activity, right? We still need to know how the custom wireless chip works in ASM. DS emu devs could answer this much better, tough

Not when you take the input to the chip, not its output.

Of course this requires hacking and reverse-engineering, I'm just saying that it's feasable.

Sadly, due to the nature of how DS games running (assembly), either the data sent to chip and chip activity would be little different (from outside, sniffing..). Anyway, good posts, I kinda missed 'em Foxi haha

 

[Foxi4]

And what exactly would you dump? chip activity, right? We still need to know how the custom wireless chip works in ASM. DS emu devs could answer this much better, tough

Not when you take the input to the chip, not its output.

Of course this requires hacking and reverse-engineering, I'm just saying that it's feasable.

Sadly, due to the nature of how DS games running (assembly), either the data sent to chip and chip activity would be little different (from outside, sniffing..). Anyway, good posts, I kinda missed 'em Foxi haha

*sighs* Why would you want to re-compile ASM data when all this guy wants to do is communicate between two 3DS systems which will interpret data in the same waaaaay?

But yeah, it's all theoretical banter, and yeah, sorry for not appearing in the more technical threads lately, I've got deadlines that I need to meet... but soon I should be back to my former self, and of course, back to the DS guide as well.