Does the new wiiu browser exploit have any possible implications for the 3ds?

Might not go anywhere. I'll set it up later and see what happens.

 

I try it, the 3DS Browser can't load the web page.

And, i think if it really work, will work in user-mode.

 

If it does this, it probably means it's a handled error on the 3DS. It would be cool to see if it can be tweaked to actually get loading, though.

 

Should be user mode and sandboxed.
People tried crashing it before, it just exits to HOME Menu.

 

Vita would be so cool, hacked. I love my eCFW, but I'd gladly change that for a native exploit.

 

I've read the same, friend. I dislike linking sites, but if you look on Wololo's /Talk forum, you'll see a guy is trying to work with it. I really don't know much about hacking. Only what I've learned through reading up on 3DS/PSP hacking, but I don't really see it going anywhere on the Vita. Kind of bummed though because you know... Sony... and their whole, "We're treating it as an accessory now" thing.

 

Ya never know, then, eh? Hah. I personally love my Vita. I was a day-1 buyer. I've got one for homebrew, and one for... Vita... stuff. I'd like to see if someone could possibly put this "browser" thing to use. That'd be Christmas, haha!

And pfft. Oh yeah, no, I'm sure Sony will still bring games to the Vita. I'm anxiously awaiting my InFAMOUS: Vita B)

And good to know! I'm confident it'll be hacked eventually. In the meantime, however, looks like I'll keep playing my Mario (pronounced, "mair-ee-oh") Kart 7 on my 3DS, and Oracle of Ages on my Veeter. It's a fine day to be a gamer, eh?

 

Code:

<Relys> Would it be possible to use the Web Browser as a new entry point to replace the mset DS user settings exploit?
<sm> yes
<Relys> I wonder if the webkit bug that was in the recent Wii U browser is also present in the 3DS browser....
<Relys> I have a complete writeup of the vuln with complete changelogs. I'm compairing the Wii U and 3DS webkit sources.
<shuffle2> the vuln was published before it was used on wiiu
<yifanlu> it's a pretty known vuln afaik. used at pwn2own right?
<shuffle2> https://twitter.com/MrMarionumber1/status/478270117227151360
<Relys> Does anyone know if it exsists in the 3DS webkit version?
<@yellows8> Relys: already tried that on 3ds >=v7.1, no crash.
<Relys> Hmmmm, any other potential canidates? I know comex's original webkit based exploit for the wii u used a different vuln which allowed him to dump memory but was patched after 3.x. I started researching the wii u last week but I just got a 3DS with firmware 4.4 so I'm going to start working on that too.
<Relys> Took me freaking forever to find one with a low serial number XD LOL
<Namidairo> yeah they're starting to get rarer
<Namidairo> iirc the 3ds uses some browser from a japanese comany
<Namidairo> but it's still webkit underneath
<Namidairo> hmm ninty nuked the old link to the 3ds webkit source
<profi200> I guess the 3DS web browser is way more secure than the Wii U web browser. We very rarely find something vulnerable.
<Namidairo> the features lists is weird
<Namidairo> lists compliance with some noname japanese law about parental controls
<Namidairo> "Equipped with a function to notify applications of connected URLs, making it possible for the application to accept or reject the connection"
<Namidairo> I call it a stop button but ok
<profi200> I can say that we have a vuln which is in use currently, but it's a vuln which is of no use for the public because it works like 1 of 10 times. And as always. It only allows ROP.
<nakami> what does ROP stand for?
<profi200> Return oriented programming.
<profi200> Using code already in memory, because we can't load our own.
<Relys> Does that vuln work with 7.2?
<profi200> Every browser version to date.
<nakami> Relys: i think that's not too important right now
<nakami> yeah the browser is one of the most obvious nintendo vulnerability over all
<Relys> Isn't that what ssspwn is for? privledge escilation.
<sm> I don't have ssspwn so I could be wrong but I'm pretty sure it's just a way to bypass DEP
<nakami> i think wiiu's browser supports flash and javascript while the 3ds's does not
<nakami> correct me if im wrong
<nakami> in the wiiu browser?
<profi200> 3DS.
<Namidairo> depends how much you want your 3ds to crash and burn

 

Hey guy. Care to "TL;DR" this for us?

 

If you don't read all the details you'll never learn anything.

The Wii U free after use vuln isn't in the 3DS Webkit. However, there's another vuln that works.

Also, the source for the 3DS webkit is completely available since it is under open source licensing:

http://www.nintendo.co.jp/support/oss/

To find exploits you can search http://www.webkit.org/ changelog for pull requests for patched vulnerabilities in the date range of the 3DS/Wii U Webkit versions.. You can then compare the 3DS/Wii U webkit source to see if they still exist.

 

I'm not in it for the lesson. It's just 2am, and I'd like my posts summarized. But thanks for the explanation. I appreciate it.

 

I tried the Wii U exploit in my DSi(it's just say: can't load complete page), and 3DS don't load complete page.

I think, really exist a Browser exploit, but this is not the correct way to do it