Exactly what step are we missing for an exploit on 9.4?

Discussion in '3DS - Flashcards & Custom Firmwares' started by furrysalamander, Feb 17, 2015.

  1. furrysalamander
    OP

    furrysalamander Member

    Newcomer
    19
    2
    Mar 31, 2014
    United States
    We have still have ROP through the web browser, so are we just missing the jump to code execution? I was a noob and installed the update to 9.4 over the holidays since I wanted eShop access and didn't have a gateway.
     
  2. AugustoKazt

    AugustoKazt Advanced Member

    Newcomer
    93
    7
    Feb 5, 2015
    Venezuela
    the same to me, i update by mistake (the message for the update comes 2 times when i have the emuNAND already update, but with my ignorance can with me and i update the second time, and i lost everyting i have before :sad:.

    well i have nand backups i have created with the CFW i have created before, but almost i cant get acces to my 3DS for 3 screws that not let me can acces to the inside for the Hardmod :( now my only hope if the GW o somebody bring to us a update or something for the 9.4.
     
  3. Kohmei

    Kohmei GBAtemp Advanced Fan

    Member
    758
    457
    Feb 17, 2013
    United States
    I wouldn't be surprised if GW is holding back 9.4 support that coincides with N3DS support, in the form of a new exploit chain that only they know about. The longer they keep it unreleased, the longer Nintendo keeps producing more vulnerable units, the more money they can potentially make. It's one of few reasons I can think of that they haven't released the N3DS exploit yet.

    Think it really F'ing sucks for those of us who bought cards in anticipation of a timely release, but that's really our fault more than anything. Maybe I'm just being hopeful
     
    Random Joe likes this.
  4. furrysalamander
    OP

    furrysalamander Member

    Newcomer
    19
    2
    Mar 31, 2014
    United States
    See, I'm really kicking myself now, because if I hadn't updated, I didn't even need a gateway to roll my firmware back to 4.5, which is what I really want at this point.
     
  5. illicit

    illicit GBAtemp Regular

    Member
    140
    43
    Sep 28, 2010
    United States
    no one knows yet. its a waiting game :(
     
  6. furrysalamander
    OP

    furrysalamander Member

    Newcomer
    19
    2
    Mar 31, 2014
    United States
    What do you mean nobody knows? XD
     
  7. gamesquest1

    gamesquest1 Nabnut

    Member
    14,082
    9,417
    Sep 23, 2013
    he means nobody knows....pretty self explanatory, but i suppose you could say nobody knows publicly just in-case gateway do have another trick up their sleeve, but even if they did i doubt they would use it now, 90% of people who want gateway stayed on the correct FW, anyone who didnt ....well its their own fault they where warned with plenty of time
     
  8. furrysalamander
    OP

    furrysalamander Member

    Newcomer
    19
    2
    Mar 31, 2014
    United States
    Well, someone publicly knows which step in the exploit chain we're missing to get ARM 9 access through the browser exploit in 9.4
     
  9. AugustoKazt

    AugustoKazt Advanced Member

    Newcomer
    93
    7
    Feb 5, 2015
    Venezuela
    really if somebody knows something for an exploit for 9.4/9.5 is already done but as they says only as private exploit

    well, for us is a waiting game
     
  10. furrysalamander
    OP

    furrysalamander Member

    Newcomer
    19
    2
    Mar 31, 2014
    United States
    But my question still stands, which step in the exploit chain was taken out in 9.3?
     
  11. gamesquest1

    gamesquest1 Nabnut

    Member
    14,082
    9,417
    Sep 23, 2013
  12. furrysalamander
    OP

    furrysalamander Member

    Newcomer
    19
    2
    Mar 31, 2014
    United States
    Thank you!
     
  13. The Real Jdbye

    The Real Jdbye Always Remember 30/07/08

    Member
    GBAtemp Patron
    The Real Jdbye is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    11,436
    4,751
    Mar 17, 2010
    Norway
    Alola
    Simplified, there are 4 steps to a proper exploit.
    An entry point, arm11 userland code execution, arm11 kernel access, and arm9 kernel access.
    The Spider ROP Loader only gives us userland code execution. Arm11 kernel access I believe is needed first in order to get arm9 code execution, so all 4 are required for say a CFW.

    From a .bin file loaded with spider ROP loader it would be possible to exploit the system further and gain the access needed, but this is the hard part and no one skilled is willing to release.
     
  14. furrysalamander
    OP

    furrysalamander Member

    Newcomer
    19
    2
    Mar 31, 2014
    United States
    It feels so counter-intuitive that we can inject ROMs through the web browser, but running our own code is a no go. >.<
     
  15. furrysalamander
    OP

    furrysalamander Member

    Newcomer
    19
    2
    Mar 31, 2014
    United States
    Will updating to 9.5 make me any worse off than I am now?