DSBricker and 4.0.0-7U update

Discussion in '3DS - Flashcards & Custom Firmwares' started by Sicklyboy, Apr 27, 2012.

  1. Sicklyboy
    OP

    Sicklyboy Resident Mechanical Keyboard Addict

    Global Moderator
    5,713
    4,674
    Jul 15, 2009
    United States
    [̲̅$̲̅(̲̅ ͡° ͜ʖ ͡°̲̅)̲̅$̲̅]
    Videos are uploading, first two are done. Hope the audio is good.

    In this video, I:
    -Show DS settings, 3DS SM version
    -Run DSTWO updated for 3DS 4.0-
    -Run FlashMe, fails.
    -Run FWNitro, fails.
    -DSBricker, bricks DS/DSi
    -DS games don't work
    -Change 3DS controlled DS settings
    -Still bricked
    -Update to4.0.0-7U, still bricked.
    -Format
    -Not bricked.









    Next time I'll take 15 minute videos. Didn't know my account had that functionality now.

    Edit:

    http://www.youtube.com/watch?v=sc29qG4lO7w

    I forgot that ichifly had sent me a file that checks what areas of the DS's NVRAM are writable. Quoting him, "I have made something that check for the write prot of the NVRAM it make a O or a X for every 0x100 Byte block. O if writable X if not writable.

    ADD: This maybe brick the 3DS/DS if it is interrupted while still testing write prot .

    This show how much writable space is on the NVRAM on the 3DS --> why FlashMe etc. is not working."

    I ran it, and it displayed 13 O's followed by 499 X's. Keep in mind, this IS after the update to 4.0.0-7U and the subsequent format to fix the brick I had induced before the update.

    Also, sorry for that feedback (almost sounds like GSM feedback). No idea what's causing it, I hadn't been sending/receiving much of anything with my phone which is on the desk next to me, desktop is wired ethernet, only thing I can think is if it got fucked up at the rave I went to early this month, lol...


    Original two videos (I mention them in the new videos above) in case anyone is interested, below:
    Warning: Spoilers inside!
     


  2. AzureuzZetsunai

    AzureuzZetsunai HAHA, 20!... i punch it!

    Member
    135
    13
    Nov 16, 2011
    Mexico
    Chihuahua
    i was, like, omg when i saw that the first time it tried to access the ds information was on a semi-brick screen,maybe could (COULD, not saying) be an exploit, i dont know yet much about the structure and internal code of the OS in the 3DS but it looks interesting how it behave.
     
  3. Sicklyboy
    OP

    Sicklyboy Resident Mechanical Keyboard Addict

    Global Moderator
    5,713
    4,674
    Jul 15, 2009
    United States
    [̲̅$̲̅(̲̅ ͡° ͜ʖ ͡°̲̅)̲̅$̲̅]
    I highly highly doubt that anything useful will come from this. However, when the scene knows so little about a system, in order to get an exploit you have to start somewhere, and if that somewhere is documenting what happens under certain conditions, it's better than nothing. I will say, I wasn't expecting the hang when you go back into the DS settings after attempting to launch a DS title. It seems that something is corrupting in there and the 3DS SM doesn't know how to handle it.

    Again, it's not likely something will come from this. But it's interesting, and it's better than nothing.
     
  4. AzureuzZetsunai

    AzureuzZetsunai HAHA, 20!... i punch it!

    Member
    135
    13
    Nov 16, 2011
    Mexico
    Chihuahua
    i agree with you.
     
  5. Janthran

    Janthran Solarian

    Member
    3,777
    1,044
    Sep 17, 2011
    United States
    The Pacific Northwet
    Not experienced in any form of hacking/coding, but if a bricker can write 0 over everything, why can't it write something else?
     
    1 person likes this.
  6. DinohScene

    DinohScene Capture the Dino

    Member
    GBAtemp Patron
    DinohScene is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    15,833
    12,285
    Oct 11, 2011
    Antarctica
    В небо
    That's pretty neat!
     
    1 person likes this.
  7. Foxi4

    Foxi4 On the hunt...

    pip Reporter
    23,537
    21,496
    Sep 13, 2009
    Poland
    Gaming Grotto
    The second part is the most important one in my opinion.

    To me it is clear - the DS profile settings are not kept sandboxed at all like the DS bios is, they are accessible in 3DS mode, HOWEVER they are set in DS-Mode to which we have access. What this means is that you can overwrite data in DS mode and access it later-on in 3DS mode - it's a magical gateway. I sincerely hope that this crash can be utilized to "our benefit".
     
    4 people like this.
  8. Sicklyboy
    OP

    Sicklyboy Resident Mechanical Keyboard Addict

    Global Moderator
    5,713
    4,674
    Jul 15, 2009
    United States
    [̲̅$̲̅(̲̅ ͡° ͜ʖ ͡°̲̅)̲̅$̲̅]
    Because to the best of everyone's understanding, the DS Bios is sandboxed. So you might -potentially- be able to do something in DS mode, but that would probably be of little use in 3DS mode.

    That crash really, really surprised me.

    ichifly had sent me a file a week or two ago that tests what portions of the NVRAM are writable in DS mode. I told him I was gonna run it, I never did. Let me do that, and I'll report back with a video.
     
  9. Foxi4

    Foxi4 On the hunt...

    pip Reporter
    23,537
    21,496
    Sep 13, 2009
    Poland
    Gaming Grotto
    Well, wherever it's writing, clearly it affects both modes, not just the DS one. The moment 3DS mode tries to collect data from the DS settings, it freezes due to what I assume are invalid characters or for example a too long nick. This can be potentially useful - the 3D slider still works, so the hardware is running, it's the OS that crashes.
     
    1 person likes this.
  10. Sicklyboy
    OP

    Sicklyboy Resident Mechanical Keyboard Addict

    Global Moderator
    5,713
    4,674
    Jul 15, 2009
    United States
    [̲̅$̲̅(̲̅ ͡° ͜ʖ ͡°̲̅)̲̅$̲̅]
    http://www.youtube.com/watch?v=sc29qG4lO7w

    13 O's followed by 499 X's. In the topic I JUST mentioned. :P

    I'm not the guy to know what to do with this. But I'm confident nothing will happen yet. I'm also talking louder because it's not 3 in the morning with sleeping parents and a sleeping little brother next door. So you all get to hear my annoying voice even louder. XD
     
  11. Codename

    Codename GREEN BRO IS BEST BRO

    Member
    365
    85
    Feb 21, 2012
    Canada
    Why would anyone want to brick their DS?!?!
     
  12. Foxi4

    Foxi4 On the hunt...

    pip Reporter
    23,537
    21,496
    Sep 13, 2009
    Poland
    Gaming Grotto
    Plasma, wherever, not whatever. ;)

    And it's not about bricking but about overwriting 3DS NAND through DS Mode, shau.
     
  13. iNFiNiTY

    iNFiNiTY GBAtemp Advanced Fan

    Member
    709
    158
    Apr 18, 2004
    This is interesting, if ichifly can test write memory then why not the same app to read memory/dump to a file?

    edit: although honestly when you think about it, if the dsi mode wasn't vulnerable to ds-mode crashes then i don't see how it will ever be possible on 3ds.. considering the experience of some people who worked on that i think it would have been noticed if you could leverage a crash to do this. even if 3ds mode crashes and you can insert code running on the 3ds cpu, what then? i don't think enough is known to be able to write to anything with it
     
    1 person likes this.
  14. Fudge

    Fudge Remember that death is not the end, but only a tra

    Banned
    2,655
    134
    Aug 26, 2009
    United States
    New York
    In theory, wouldn't it be possible to allow old flashcarts to boot? I know I've asked this before, but it seems like Nintendo hasn't been updating the header checks as of late so the DS mode end of it surely could be overwritten couldn't it be? Additionally, I wonder if the DSi part of the NAND is writable. I seems like it may be, due to the fact that the functionality is bricked along with the DS mode, but then again, DSi mode could be dependent on DS mode functioning properly. What do you guys think??!
     
  15. Rydian

    Rydian Resident Furvert™

    Member
    27,883
    8,108
    Feb 4, 2010
    United States
    Cave Entrance, Watching Cyan Write Letters
    Non-DSi flash carts don't present any valid game header.

    EDIT: Talking retail game headers.
     
  16. Fudge

    Fudge Remember that death is not the end, but only a tra

    Banned
    2,655
    134
    Aug 26, 2009
    United States
    New York
    I assumed that, but still. What about older flashcarts that no longer receive support. It wouldn't be much, but still interesting imho. Especially if the Cyclo iEvo could be ran again on DSi 1.4.4 and 3DS 4.0.0.7!
     
  17. Janthran

    Janthran Solarian

    Member
    3,777
    1,044
    Sep 17, 2011
    United States
    The Pacific Northwet
    No, but that seems like it would help us dump DSiWare or something. DS st00f without the need for a flashcart..
    After the first time, anyway.
     
  18. rayword45

    rayword45 Advanced Member

    Newcomer
    96
    36
    Mar 10, 2011
    United States
    But IIRC, DS mode and DSi mode are sandboxed seperately, unless I'm missing something.

    Still, with something like an iEvo (LOLOLOL) or a DSi-only/enhanced game... Who knows?
     
  19. Foxi4

    Foxi4 On the hunt...

    pip Reporter
    23,537
    21,496
    Sep 13, 2009
    Poland
    Gaming Grotto
    Only flashcart to ever support DSi Mode, even if limited, LOLOLOLOL.
     
  20. rayword45

    rayword45 Advanced Member

    Newcomer
    96
    36
    Mar 10, 2011
    United States
    If only it weren't so dead...

    So, you know, it would WORK on any recent updates.
     
    1 person likes this.