Any luck on fake eshop/update server?

Discussion in '3DS - Flashcards & Custom Firmwares' started by Yil, Oct 7, 2015.

  1. Yil
    OP

    Yil GBAtemp Addict

    Member
    2,052
    616
    Feb 19, 2014
    Canada
    If you can trick the 3ds, you probably could install your own os/ application without hacking the hardware. Say boot with home-brew that has eshop and other features. Too bad this is too technical.
     
    Margen67 likes this.
  2. Dramamine!

    Dramamine! Member

    Newcomer
    18
    11
    Dec 23, 2014
    United States
    You can't. The 3DS verifies the server it's talking to is authentic, or at least the file it receives is legitimate.
     
    Margen67 likes this.
  3. Typhin

    Typhin GBAtemp Fan

    Member
    305
    101
    Jan 30, 2008
    United States
    It should be possible to spoof the eShop server, especially if someone had captured the responses/data from the official server. But since anything downloaded and installed would need a valid signature, it wouldn't be useful. Only Nintendo has the private key to generate a valid signature for your system, so you wouldn't even be able to use it to grab old versions of apps (like the vulnerable YouTube app, for instance).
     
  4. Apache Thunder

    Apache Thunder I have cameras in your head!

    Member
    4,102
    4,034
    Oct 7, 2007
    United States
    Levelland, Texas
    I believe it's theoretically possible to spoof a eShop update server. But I don't think you can use it to downgrade the console without first having a Arm11 kernel hack or access to the needed services as Arm11 normally verifies what it's installing is newer then what's being replaced. It doesn't normally allow you to downgrade and even a server spoof will not get around that if you don't have Arm11 at the least.
     
  5. Yil
    OP

    Yil GBAtemp Addict

    Member
    2,052
    616
    Feb 19, 2014
    Canada
    Of course not downgrade, but custom OS with higher system signature.
     
  6. Apache Thunder

    Apache Thunder I have cameras in your head!

    Member
    4,102
    4,034
    Oct 7, 2007
    United States
    Levelland, Texas
    You need Arm9 access to fool sig checks. That or find a way to create valid signatures which requires gaining access to highly secret company data like the private keys. That is highly unlikely. It's a pipe dream to ever think you will be able to run a modified CFW natively on sysnand without using exploits.
     
    Margen67 likes this.
  7. Yil
    OP

    Yil GBAtemp Addict

    Member
    2,052
    616
    Feb 19, 2014
    Canada
    Okay, I thought some guy already have the private keys cracked. but what I mean is to replace sysnand.
     
  8. Apache Thunder

    Apache Thunder I have cameras in your head!

    Member
    4,102
    4,034
    Oct 7, 2007
    United States
    Levelland, Texas
    I don't think so. Unless you were thinking of the homemenu hax that recently came out. That also depends on a exploit. (specifically an exploit involving the theme system and if your above 9.2 firmware, it won't get you Arm11 nor Arm9 access) A full custom CFW that doesn't rely on exploits would either have to exploit a flaw in bootrom or having the private keys. Which as far as I know, no one has gotten even close to doing.
     
  9. Psi-hate

    Psi-hate GBATemp's Official Psi-Hater

    Member
    1,649
    1,047
    Dec 14, 2014
    United States
    Houston
    Nope. Nintendo is the only people who can sign stuff. All we can do is run unsigned stuff via arm9hax. Other than that, there's really no point unless you are able to use homemenuhax to autoload kernel exploits to boot into a modified emunand. (I don't even think modifying emunand is even possible in a lot of ways. Merely minor stuff like tools and software, not anything near OS stuff.)
     
  10. Ericjwg

    Ericjwg Good

    Member
    2,866
    693
    Jul 2, 2015
    Canada
    crazy stuff.
    I believe 3ds verify some ticket or whatever with the server.
     
  11. shinyquagsire23

    shinyquagsire23 SALT/Sm4sh Leak Guy

    Member
    1,964
    3,238
    Nov 18, 2012
    United States
    Las Vegas
    This happens as well, all tickets (even common ones) must be retrieved from the Nintendo servers, and non-common ones need proper signing from Nintendo as well. So even before issues with the app you're downloading's signature, you'd sooner have ticket issues.
     
    Margen67 likes this.