Hacking Cute metroid NES freeze

[KingVamp]

It's probably just going to be a freeze, I very much doubt it'll lead to hacking opportunities.
After all this isn't like the twilight hack, where instructions can be injected through a buffer overflow, there's no save data manipulation involved in freezing metroid.

If it turns out freezing the 3DS through an emulator does lead to something, better it be Link's Awakening DX since anybody can access that right now, and it's too high-profile to take down. It's not some Sudoku game.

Take it down and then fix it or even use the updates to do so?

 

[Sonicandtails]

I just thought I would point out that, despite what you guys see in Youtube videos of this password, those are what happens with tiny emulator inaccuracies. On a real NES, or in a far more accurate emulator like Nestopia, the CPU jams and the console/emulator immediately freeze up. It's obvious that the emulator Nintendo has set up here doesn't have a handler for the crash and it just locks up the 3DS due to an unknown opcode.

And I don't understand why there is even conversation about this. There's nothing exploitable here. Crash =/= exploit.

 

[9thSage]

I just thought I would point out that, despite what you guys see in Youtube videos of this password, those are what happens with tiny emulator inaccuracies. On a real NES, or in a far more accurate emulator like Nestopia, the CPU jams and the console/emulator immediately freeze up. It's obvious that the emulator Nintendo has set up here doesn't have a handler for the crash and it just locks up the 3DS due to an unknown opcode.

And I don't understand why there is even conversation about this. There's nothing exploitable here. Crash =/= exploit.

You are definitely correct. The same exact thing happens in Nestopia with this password (I'm glad you said this, I myself hadn't thought to check it in other emulators). I suppose that means the Nintendo 3DS NES emulator is reasonably accurate. I have to say I'm curious to know why that password stuffs up the game (obviously it's causing something it shouldn't be). Probably not worth the time it'd take to find out though.

 

[koji2009]

The entire password system for Metroid seems a little... off. I once read a really well done article on how the save system worked and how codes like Justin Baily and NARPAS SWORD work... It proved that they were incidental and not intentional...

Going to try and find it again.

 

[BrightNeko]

d'aww this was moved to hacking look what you guys did to a little cute freeze =p

 

[synce]

Kinda happy this isn't *the* trick, since almost no one would benefit from it lol But hey, thinking about it, someone has probably sploited the 3ds already and is waiting for a good time to make the announcement. Like say this here did something, why tip off nintendo so early?

 

[GeekyGuy]

d'aww this was moved to hacking look what you guys did to a little cute freeze =p

Sorry, man. Just wanted to let folks hash out whether or not this would be of any benefit for those poking around inside the 3DS. It's probably nothing, but I want to give more knowledgeable folks than myself a chance to toss the idea around.

 

[ichichfly]

this result in the same 000000 0000X8 000000 003G1T and this also 000000 000008 000000 000008

 

[nano351]

pretty cool but also unlikely we'd be able to inject any code to be executed

 

[notmeanymore]

Apparently GamePro writers read the temp. http://www.gamepro.com/article/news/222549...nks-to-metroid/

 

[ieatpixels]

Oh, so it doesn't actually freeze the 3DS completely, just as long as you don't remove the SD card?
So, what happens if you reinsert the SD card again? Still the same message then, or does the game go back (and if it does, does it go back to it's freezed state?)

Basicly, removing the SD card creates another "crash", locking down the system, but this time almost completely exept for the home command. And this kind of crash also locks the SD card.

 

[Antoids]

it's too bad this won't lead to anything

ambassadors-only homebrew would be lolarious

 

[koji2009]

Put simply... all 3DS software runs in user mode, so any crash/buffer overflow/etc while running any software will only lead to user level exploits... That is, it may be possible to run homebrew through a complicated web, but not pirate and not be able to alter any system files.

If Nintendo was smart, not even the system menu would run in kernel mode, rather just an elevated user account... so even if there is a hack that allows you to install software, it would still deny you access to alter the system files (this is actually pretty extremely likely). In such a case, running pirated software would be very difficult and running homebrew straight from the system menu unlikely...

If nintendo had properly applied this to the wii it may never have gotten to the state it was... Think back to when the Wii was first hacked, you had to load Twilight Princess any time you wanted to play any homebrew... That's likely (when the 3DS is actually hacked) how it will be for a long time... again, presuming Nintendo has learned anything from the past.

 

[logear]

The entire password system for Metroid seems a little... off. I once read a really well done article on how the save system worked and how codes like Justin Baily and NARPAS SWORD work... It proved that they were incidental and not intentional...

Going to try and find it again.

This explains the metroid password logic http://games.technoplaza.net/mpg/password.txt

also those two passwords are actually hard coded :V

 

[Langin]

*Has been mentioned already*

 

[Arras]

It's not just limited to this password. Most password that have the reset bit set and a valid checksum will do the same thing as far as I can tell. For example,
----- -----
----- ----l
makes it lock up as well.
But
MAKING MAH3DS
-CRASH ISCOOj
, which has the reset bit set and a valid checksum makes the game crash, but the emulator and 3DS functions still work, so there must be some other reason... Maybe some of the Unknown Function bits.
EDIT: Okay, what the hell. I'm not sure what happened, but the Restart Game button stopped working and now Metroid is permanently broken. One of my codes must've broken the emulator or something... I'll try fixing it by redownloading >_>
Yup, redownloading fixed it. I wonder what caused that.

 

[Cancel]

It's not just limited to this password. Most password that have the reset bit set and a valid checksum will do the same thing as far as I can tell. For example,
----- -----
----- ----l
makes it lock up as well.
But
MAKING MAH3DS
-CRASH ISCOOj
, which has the reset bit set and a valid checksum makes the game crash, but the emulator and 3DS functions still work, so there must be some other reason... Maybe some of the Unknown Function bits.
EDIT: Okay, what the hell. I'm not sure what happened, but the Restart Game button stopped working and now Metroid is permanently broken. One of my codes must've broken the emulator or something... I'll try fixing it by redownloading >_>
Yup, redownloading fixed it. I wonder what caused that.

----- -----
----- ----l

Does some funky things depending on when you press start.

 

[lismati]

It's not just limited to this password. Most password that have the reset bit set and a valid checksum will do the same thing as far as I can tell. For example,
----- -----
----- ----l
makes it lock up as well.
But
MAKING MAH3DS
-CRASH ISCOOj
, which has the reset bit set and a valid checksum makes the game crash, but the emulator and 3DS functions still work, so there must be some other reason... Maybe some of the Unknown Function bits.
EDIT: Okay, what the hell. I'm not sure what happened, but the Restart Game button stopped working and now Metroid is permanently broken. One of my codes must've broken the emulator or something... I'll try fixing it by redownloading >_>
Yup, redownloading fixed it. I wonder what caused that.

----- -----
----- ----l

Does some funky things depending on when you press start.

Hmm, I found emulator freezing, game freezing (emu options work), emu freezing with looping sound, and sometimes game just resets but between the password screen and logo screen there's a blue/gray flash and weird sound.

 

[Cuber]

I know this isn't in the topic of the crashing password.. but the "JUSTIN BAILEY" code is meant to work still .. right? Because on mine it just says error try again... and I'm pretty certain I'm getting it right.. the "NARPAS SWORD" code works fine...

Starting to wonder if anyone knows if Justin Bailey code is in the pal copys..

 

[ByteMunch]

I know this isn't in the topic of the crashing password.. but the "JUSTIN BAILEY" code is meant to work still .. right? Because on mine it just says error try again... and I'm pretty certain I'm getting it right.. the "NARPAS SWORD" code works fine...

Starting to wonder if anyone knows if Justin Bailey code is in the pal copys..

Fill the bottom lines with spaces maybe? It worked for me