Hacking DSBricker and 4.0.0-7U update

Sicklyboy

#JOYCONBOYZFOREVER
OP
Global Moderator
Joined
Jul 15, 2009
Messages
6,330
Trophies
2
Location
[̲̅$̲̅(̲̅ ͡° ͜ʖ ͡°̲̅)̲̅$̲̅]
XP
8,379
Country
United States
Videos are uploading, first two are done. Hope the audio is good.

In this video, I:
-Show DS settings, 3DS SM version
-Run DSTWO updated for 3DS 4.0-
-Run FlashMe, fails.
-Run FWNitro, fails.
-DSBricker, bricks DS/DSi
-DS games don't work
-Change 3DS controlled DS settings
-Still bricked
-Update to4.0.0-7U, still bricked.
-Format
-Not bricked.









Next time I'll take 15 minute videos. Didn't know my account had that functionality now.

Edit:

http://www.youtube.com/watch?v=sc29qG4lO7w

I forgot that ichifly had sent me a file that checks what areas of the DS's NVRAM are writable. Quoting him, "I have made something that check for the write prot of the NVRAM it make a O or a X for every 0x100 Byte block. O if writable X if not writable.

ADD: This maybe brick the 3DS/DS if it is interrupted while still testing write prot .

This show how much writable space is on the NVRAM on the 3DS --> why FlashMe etc. is not working."

I ran it, and it displayed 13 O's followed by 499 X's. Keep in mind, this IS after the update to 4.0.0-7U and the subsequent format to fix the brick I had induced before the update.

Also, sorry for that feedback (almost sounds like GSM feedback). No idea what's causing it, I hadn't been sending/receiving much of anything with my phone which is on the desk next to me, desktop is wired ethernet, only thing I can think is if it got fucked up at the rave I went to early this month, lol...


Original two videos (I mention them in the new videos above) in case anyone is interested, below:


 

AzureuzZetsunai

HAHA, 20!... i punch it!
Member
Joined
Nov 16, 2011
Messages
140
Trophies
0
Age
30
Location
Chihuahua
Website
hashtiv.com
XP
617
Country
Mexico
i was, like, omg when i saw that the first time it tried to access the ds information was on a semi-brick screen,maybe could (COULD, not saying) be an exploit, i dont know yet much about the structure and internal code of the OS in the 3DS but it looks interesting how it behave.
 

Sicklyboy

#JOYCONBOYZFOREVER
OP
Global Moderator
Joined
Jul 15, 2009
Messages
6,330
Trophies
2
Location
[̲̅$̲̅(̲̅ ͡° ͜ʖ ͡°̲̅)̲̅$̲̅]
XP
8,379
Country
United States
I highly highly doubt that anything useful will come from this. However, when the scene knows so little about a system, in order to get an exploit you have to start somewhere, and if that somewhere is documenting what happens under certain conditions, it's better than nothing. I will say, I wasn't expecting the hang when you go back into the DS settings after attempting to launch a DS title. It seems that something is corrupting in there and the 3DS SM doesn't know how to handle it.

Again, it's not likely something will come from this. But it's interesting, and it's better than nothing.
 

AzureuzZetsunai

HAHA, 20!... i punch it!
Member
Joined
Nov 16, 2011
Messages
140
Trophies
0
Age
30
Location
Chihuahua
Website
hashtiv.com
XP
617
Country
Mexico
I highly highly doubt that anything useful will come from this. However, when the scene knows so little about a system, in order to get an exploit you have to start somewhere, and if that somewhere is documenting what happens under certain conditions, it's better than nothing. I will say, I wasn't expecting the hang when you go back into the DS settings after attempting to launch a DS title. It seems that something is corrupting in there and the 3DS SM doesn't know how to handle it.

Again, it's not likely something will come from this. But it's interesting, and it's better than nothing.
i agree with you.
 

Foxi4

Endless Trash
Global Moderator
Joined
Sep 13, 2009
Messages
30,854
Trophies
3
Location
Gaming Grotto
XP
29,944
Country
Poland
The second part is the most important one in my opinion.

To me it is clear - the DS profile settings are not kept sandboxed at all like the DS bios is, they are accessible in 3DS mode, HOWEVER they are set in DS-Mode to which we have access. What this means is that you can overwrite data in DS mode and access it later-on in 3DS mode - it's a magical gateway. I sincerely hope that this crash can be utilized to "our benefit".
 
  • Like
Reactions: 4 people

Sicklyboy

#JOYCONBOYZFOREVER
OP
Global Moderator
Joined
Jul 15, 2009
Messages
6,330
Trophies
2
Location
[̲̅$̲̅(̲̅ ͡° ͜ʖ ͡°̲̅)̲̅$̲̅]
XP
8,379
Country
United States
Not experienced in any form of hacking/coding, but if a bricker can write 0 over everything, why can't it write something else?

Because to the best of everyone's understanding, the DS Bios is sandboxed. So you might -potentially- be able to do something in DS mode, but that would probably be of little use in 3DS mode.

The second part is the most important one in my opinion.

To me it is clear - the DS profile settings are not kept sandboxed at all like the DS bios is, they are accessible in 3DS mode, HOWEVER they are set in DS-Mode to which we have access. What this means is that you can overwrite data in DS mode and access it later-on in 3DS mode - it's a magical gateway. I sincerely hope that this crash can be utilized to "our benefit".

That crash really, really surprised me.

ichifly had sent me a file a week or two ago that tests what portions of the NVRAM are writable in DS mode. I told him I was gonna run it, I never did. Let me do that, and I'll report back with a video.
 

Foxi4

Endless Trash
Global Moderator
Joined
Sep 13, 2009
Messages
30,854
Trophies
3
Location
Gaming Grotto
XP
29,944
Country
Poland
That crash really, really surprised me.

ichifly had sent me a file a week or two ago that tests what portions of the NVRAM are writable in DS mode. I told him I was gonna run it, I never did. Let me do that, and I'll report back with a video.
Well, wherever it's writing, clearly it affects both modes, not just the DS one. The moment 3DS mode tries to collect data from the DS settings, it freezes due to what I assume are invalid characters or for example a too long nick. This can be potentially useful - the 3D slider still works, so the hardware is running, it's the OS that crashes.
 
  • Like
Reactions: 1 person

Sicklyboy

#JOYCONBOYZFOREVER
OP
Global Moderator
Joined
Jul 15, 2009
Messages
6,330
Trophies
2
Location
[̲̅$̲̅(̲̅ ͡° ͜ʖ ͡°̲̅)̲̅$̲̅]
XP
8,379
Country
United States
http://www.youtube.com/watch?v=sc29qG4lO7w

13 O's followed by 499 X's. In the topic I JUST mentioned. :P

I'm not the guy to know what to do with this. But I'm confident nothing will happen yet. I'm also talking louder because it's not 3 in the morning with sleeping parents and a sleeping little brother next door. So you all get to hear my annoying voice even louder. XD
 

iNFiNiTY

Well-Known Member
Member
Joined
Apr 18, 2004
Messages
709
Trophies
1
XP
472
This is interesting, if ichifly can test write memory then why not the same app to read memory/dump to a file?

edit: although honestly when you think about it, if the dsi mode wasn't vulnerable to ds-mode crashes then i don't see how it will ever be possible on 3ds.. considering the experience of some people who worked on that i think it would have been noticed if you could leverage a crash to do this. even if 3ds mode crashes and you can insert code running on the 3ds cpu, what then? i don't think enough is known to be able to write to anything with it
 
  • Like
Reactions: 1 person

Fudge

Remember that death is not the end, but only a tra
Banned
Joined
Aug 26, 2009
Messages
2,653
Trophies
0
Age
27
Location
New York
Website
Visit site
XP
697
Country
United States
In theory, wouldn't it be possible to allow old flashcarts to boot? I know I've asked this before, but it seems like Nintendo hasn't been updating the header checks as of late so the DS mode end of it surely could be overwritten couldn't it be? Additionally, I wonder if the DSi part of the NAND is writable. I seems like it may be, due to the fact that the functionality is bricked along with the DS mode, but then again, DSi mode could be dependent on DS mode functioning properly. What do you guys think??!
 

Rydian

Resident Furvert™
Member
Joined
Feb 4, 2010
Messages
27,880
Trophies
0
Age
36
Location
Cave Entrance, Watching Cyan Write Letters
Website
rydian.net
XP
9,111
Country
United States
In theory, wouldn't it be possible to allow old flashcarts to boot? I know I've asked this before, but it seems like Nintendo hasn't been updating the header checks as of late so the DS mode end of it surely could be overwritten couldn't it be? Additionally, I wonder if the DSi part of the NAND is writable. I seems like it may be, due to the fact that the functionality is bricked along with the DS mode, but then again, DSi mode could be dependent on DS mode functioning properly. What do you guys think??!
Non-DSi flash carts don't present any valid game header.

EDIT: Talking retail game headers.
 

Fudge

Remember that death is not the end, but only a tra
Banned
Joined
Aug 26, 2009
Messages
2,653
Trophies
0
Age
27
Location
New York
Website
Visit site
XP
697
Country
United States
In theory, wouldn't it be possible to allow old flashcarts to boot? I know I've asked this before, but it seems like Nintendo hasn't been updating the header checks as of late so the DS mode end of it surely could be overwritten couldn't it be? Additionally, I wonder if the DSi part of the NAND is writable. I seems like it may be, due to the fact that the functionality is bricked along with the DS mode, but then again, DSi mode could be dependent on DS mode functioning properly. What do you guys think??!
Non-DSi flash carts don't present any valid game header.

EDIT: Talking retail game headers.
I assumed that, but still. What about older flashcarts that no longer receive support. It wouldn't be much, but still interesting imho. Especially if the Cyclo iEvo could be ran again on DSi 1.4.4 and 3DS 4.0.0.7!
 

Janthran

Solarian
Member
Joined
Sep 17, 2011
Messages
3,777
Trophies
2
Location
The Pacific Northwet
XP
1,167
Country
United States
Not experienced in any form of hacking/coding, but if a bricker can write 0 over everything, why can't it write something else?

Because to the best of everyone's understanding, the DS Bios is sandboxed. So you might -potentially- be able to do something in DS mode, but that would probably be of little use in 3DS mode.
No, but that seems like it would help us dump DSiWare or something. DS st00f without the need for a flashcart..
After the first time, anyway.
 

rayword45

Well-Known Member
Newcomer
Joined
Mar 10, 2011
Messages
96
Trophies
0
XP
126
Country
United States
Not experienced in any form of hacking/coding, but if a bricker can write 0 over everything, why can't it write something else?

Because to the best of everyone's understanding, the DS Bios is sandboxed. So you might -potentially- be able to do something in DS mode, but that would probably be of little use in 3DS mode.
No, but that seems like it would help us dump DSiWare or something. DS st00f without the need for a flashcart..
After the first time, anyway.

But IIRC, DS mode and DSi mode are sandboxed seperately, unless I'm missing something.

Still, with something like an iEvo (LOLOLOL) or a DSi-only/enhanced game... Who knows?
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
    Psionic Roshambo @ Psionic Roshambo: https://youtu.be/51foBSsRpJk?si=psHe5eGWTOT5TrIE