Toggle sidebar

Homebrew Clarification Thread - What is going on?

  • Thread starter Thread starter JustPingo
  • Start date Start date
  • Views Views 647,779
  • Replies Replies 5,356
  • Likes Likes 103
Status
Not open for further replies.
ombus said:
when all is released and working and people downgrade, we can have emunand 10.3 ? and we will have to see if we can have 10.4 ?
Click to expand...
yup with the 9.6 keys we can easily do so, I believe my friend Andres got an OTP dump for N3DS and has these keys already
 
  • Like
Reactions: AHP_person and peteruk
ChaosRipple said:
Im reading Steveice10’s code and it seems almost complete. If i understood what was said in the conference, then all thats left to complete the code is to create a couple memchunks which mimmicks the ones supposedly created by the Arm11 kernel, store it on the slab heap, and redirect the next pointer to that location in the memory. And also, he would need to know what to store in those blocks of memory to allow his own code execution.
Click to expand...
He has to make a memchunkhdr that gives RWX on the arm11 kernel location.
 
Psi-hate said:
Man, Rei with the Keyscrambler, "Andres" with the 9.6+ keys, @Steveice10 with memchunkhax2 and @JustPingo with SNSHax... Damn.
Click to expand...
you can refer to Andres as TiniVi, that's what he goes by, he goes by a different name on Temp, he probably doesn't want me to link it or say it so I won't
 
  • Like
Reactions: AHP_person and peteruk
Mrrraou said:
No. I highly doubt it. It requires additional hardware, and I guess it will be used only for development purposes.
Click to expand...
How would it be patched, btw? If it's hard to be patched, then I suppose emunand/encryption keys are available to get using ntrcardhax if they patch other exploits.
 
dankzegriefer said:
I don't see a way TO patch it...
Click to expand...
I'm sure you can if they reprogram Arm9 to get rid of the vulns as derrek said it was just a stupid thing they had that they didn't know why it was even there. I'm sure it can be patched out.
 
Psi-hate said:
I'm sure you can if they reprogram Arm9 to get rid of the vulns as derrek said it was just a stupid thing they had that they didn't know why it was even there. I'm sure it can be patched out.
Click to expand...
But that was the exploit with only IO shared. What about exploting non-shared but ARM9 directly with a PassMe?
 
Is there any reason to actually develop snshax instead of focusing on memchunkhax2?
 
Psi-hate said:
How would it be patched, btw? If it's hard to be patched, then I suppose emunand/encryption keys are available to get using ntrcardhax if they patch other exploits.
Click to expand...
It can be patched by checking the size of requested data by kernel11, which has to be hacked too.
dankzegriefer said:
But that was the exploit with only IO shared. What about exploting non-shared but ARM9 directly with a PassMe?
Click to expand...
The vuln was in the requested data quantity. If you ask more than 0x200 bytes, then the data will overwrite ARM9 code. So, the Process9/Kernel9 will run a part of the data.
 
Last edited by Mrrraou,
Status
Not open for further replies.

Site & Scene News

Go to forum More news

Popular threads in this forum

Why did the price of 3ds shoot up ?

Hacking Homebrew Project  BlazerTube - a YouTube 3DS revival using the REAL app!

Problems getting Homebrew to appear outside of the Homebrew Launcher (homebrew won't appear on the HOME menu)

Homebrew app Emulator  [Release] 3DS-CLI - Run a real RISC-V Linux environment on the Nintendo 3DS

Website for finding alternative games for 3DS

Hardware  2 Broken 3DSes, need help

Gaming  any good rpgs on 3ds?

Hacking  Modding Reassurance