ALL 3 Methods to get unbanned from recent ban wave

Discussion in '3DS - Homebrew Development and Emulators' started by gamemasteru03, Nov 25, 2016.

?
  1. Method 1 unbanned me!!!

    16.9%
  2. Method 2 unbanned me!!!

    12.1%
  3. The now dead method 3 unbanned me!!!

    36.7%
  4. I bricked :(

    14.4%
  5. I did not get unbanned but I didn't brick

    20.0%
  1. xXPaulMCXx

    xXPaulMCXx Advanced Member

    Newcomer
    2
    May 16, 2016
    Germany
    Somewhere on Earth
    Nice to see that UnbanMii is used now :D

    == Update ==
    ok, 2.0 *might* be released by today, the Team doesn't know yet. We are still working on the Networking. If that's done, we'll polish 2.0 up and Release it :3
     
    Last edited by xXPaulMCXx, Jul 24, 2017
    gamemasteru03 likes this.
  2. Alex S

    Alex S Creator Of WWHDM, And Metroid Fusion XER0X!

    Member
    6
    May 2, 2016
    United States
    Hell
    Soon UnBanMii 2.0 will be released for all 3DS CFW users, and unbanning will be as easy as a click! No More Paranoia!!

     
    gamemasteru03 likes this.
  3. gamemasteru03
    OP

    gamemasteru03 Nintendo nerd

    Member
    8
    Sep 18, 2016
    United States
    The guide has been updated! Here's the changelog!

    1) Unban Mii 2.0 support added! (Method 3 has been disabled intill the 2.0 updates hits tonight or tommrow)

    2)Spelling fixes!
     
  4. CybaltM

    CybaltM Advanced Member

    Newcomer
    1
    Nov 4, 2016
    United States
    OP, why are you saying that Method 3 is dead? It works completely fine. You are giving people the wrong information bro.
     
  5. gamemasteru03
    OP

    gamemasteru03 Nintendo nerd

    Member
    8
    Sep 18, 2016
    United States
    The poll was made when method 3 was killed by the 1st public seed doner. But was then brought back to life by a reuploader and has been alive ever since. If a mod could fix that it would be wonderful!
     
    CybaltM likes this.
  6. gamemasteru03
    OP

    gamemasteru03 Nintendo nerd

    Member
    8
    Sep 18, 2016
    United States
    Added a upload guide for uploading seeds to help method 3!
     
    GilgameshArcher likes this.
  7. astronautlevel

    astronautlevel GBAtemp Psycho!

    Member
    15
    Jan 26, 2016
    United States
    Maryland
    So, I got a bit bored at work and decided to try to figure out why UnbanMii 2.0 was closed source.

    It used some rather interesting xorpad encryption (for anyone interested, this was the xorpad key:
    upload_2017-7-27_15-56-6. )

    Seems like it did a bit more than a xorpad that I didn't bother figuring out, but I didn't need to.

    After putting a breakpoint on the first HTTP request (one sent to the server in order to get the LFSC_B), a stackdump at that point revealed some... rather interesting things, namely:

    upload_2017-7-27_15-59-41.

    There's an option in UnbanMii to upload your LFSC_B, however, the interesting thing is that even if you don't select this option it uploads your LFSC_B, as well as some other information (namely moveable.sed).

    I would highly recommend not using this software. Even if this is a bug or the creators change this behavior, effectively stealing every uses LFSC_B is such a breach and violation of trust that I would never recommend this software to anyone ever again.

    Not only is this unethical, it is illegal in many places around the world, including potentially the United States, where the server seems to be hosted.

    Also, additional proof: captured the packet sent when requesting to download a LFSC_B with wireshark:
    upload_2017-7-27_16-14-6.

    Once again, the seed is being transferred (just in case you didnt trust my stackdump).

    EDIT: Also it uploads your serial and secureinfo_A, which shouldn't even be necessary for unbanning. This is seriously shady as fuck.

    DOUBLE EDIT: See my updated assessment here: http://gbatemp.net/threads/all-3-me...m-recent-ban-wave.450679/page-85#post-7474721
     
    Last edited by astronautlevel, Jul 29, 2017
  8. Majickhat55

    Majickhat55 The Red Woman

    Member
    11
    Mar 28, 2016
    United States
    Asshai
    This is both extremely telling, and worrying to boot. Although I don't see what he can do with console info that's already been banned. Your LFCS_B is banned if you're using unbanmii so what's the point in having it upload in tandem?

    Regardless, that's some bullshit thank you so much for figuring this out and letting everyone know. I'll disseminate this information through all of my hacking corners. I was wondering why there wasn't a direct mirror link to the seed, and he forced the program. What an asshole.
     
    Laroon likes this.
  9. ihaveamac

    ihaveamac GBAtemp Guru

    Member
    15
    Apr 20, 2015
    United States
    it's not just uploading LocalFriendCodeSeed_B, it does movable.sed and SecureInfo_A (which astronautlevel forgot to show). uploading console-unique data like this, banned or not, is a huge breach of trust. SecureInfo_A isn't even needed for unbanning.
     
  10. Majickhat55

    Majickhat55 The Red Woman

    Member
    11
    Mar 28, 2016
    United States
    Asshai
    Agreed, I was just curious as to what he can do with it (in a malicious context). Anyhow @astronautlevel I quoted your post in the official UnbanMii thread on THAT site. The more people that know, the better. Plus, I'm a dick like that so I wanted the dev to know, that we know.
     
    Last edited by Majickhat55, Jul 27, 2017
    hurrz and Laroon like this.
  11. zoogie

    zoogie playing around in the dsiware

    Member
    21
    Nov 30, 2014
    Micronesia, Federated States of
    Steal your console's unique online identity to unban themselves, then get you banned and move on to someone else's console identity. Rinse, repeat.
     
  12. SciresM

    SciresM Developer

    pip Developer
    16
    Mar 21, 2014
    United States
    Wow, is this the first 3DS malware? Never thought I'd see the day.
     
  13. ihaveamac

    ihaveamac GBAtemp Guru

    Member
    15
    Apr 20, 2015
    United States
    it's surprising to me that it took this long for 3DS malware to appear. Vita got malware early on when HENkaku was released (memory card formatters and deleting files in os0: ). that's why they have have "safe homebrew" now, which disables access to things most homebrew don't need.
     
    Last edited by ihaveamac, Jul 27, 2017
  14. linuxares

    linuxares I'm not a generous god!

    Moderator
    17
    Aug 5, 2007
    Sweden
    Well damn, I hope the older version didn't since I just used it.
     
  15. astronautlevel

    astronautlevel GBAtemp Psycho!

    Member
    15
    Jan 26, 2016
    United States
    Maryland
    Version 1.0 is open source.
     
  16. linuxares

    linuxares I'm not a generous god!

    Moderator
    17
    Aug 5, 2007
    Sweden
    Ah okey, it was like version 1.3 or something I just used. So I guess I'm in the clear.

    This tool shouldn't need any uploading function at all, just download. So it's really shady.


    Btw, can you delete the movable.sed? Since I have no use for it.
     
  17. Apache Thunder

    Apache Thunder I have cameras in your head!

    Member
    15
    Oct 7, 2007
    United States
    Levelland, Texas
    lol, no not really. The console uses that to seed authentication stuff for SD encryption/System save data among other things. So no not a good idea to just go and delete that. :P

    With CFW you could switch to a movable.sed that uses zero'd keys and what not so that it's not uniquely identifiable, but if you want to preserve your game saves, etc, it would take some level of pre-preperation/backup of that data before you would do it.
     
    Last edited by Apache Thunder, Jul 27, 2017
    Zidapi likes this.
  18. linuxares

    linuxares I'm not a generous god!

    Moderator
    17
    Aug 5, 2007
    Sweden
    Son of a....! Well I'm not going to download 2.0 of that app then. I wish not to get my O3DS banned... if someone is going to get it banned, it's me!
     
  19. WeedZ

    WeedZ Possibly an Enlightened Being

    Moderator
    14
    Jan 13, 2015
    United States
    The State of Denial
    What do you think this is for. Selling to ninty?
     
  20. linuxares

    linuxares I'm not a generous god!

    Moderator
    17
    Aug 5, 2007
    Sweden
    My bet is to get more keys.
     
Quick Reply
Draft saved Draft deleted
Loading...