Hacking [Fake/Wrong] 3DS Firmware has been dumped!

[pokefan92]

-removed links-

Nothing more to say

 

[stinkoman]

Top link doesn't work, bottom is from webs.

 

[Yu-Gi-Oh 100]

what else is new

 

[pistone]

let the exploit and then homebrew begin !

 

[Deleted User]

Learn to link URLS please.

 

[hunter291]

First link
Second link

 

[pokefan92]

First link
Second link

thanks, I didn't realize.

For the rest of the folks... what about reading the topics and not complaining? yes, it was a mistake but it is too easy to solve... some of you guys just enjoy crying in forums. Read the webs and stop acting like a 5-year-old boy.

 

[Slyakin]

Just because we have the firmware doesn't mean we have the ability to play ROMs... Yet.

It's just one step closer.

 

[pistone]

well the truth is a step forward to homebrew, but deep i hope that someone (the one that would find the exploit ) will make it a homebrew only exploit :S

 

[ManFranceGermany]

as the guy in the supercard forum said, its useless, as everyting is still encrypted and just the titel and parts of the updates are decrypted. beside, we had dumps of the fw before with same results. And if u wanna brute-force an 4000x AES key, than good luck!

 

[evandixon]

You do realise that the firmware for the DSi has been mapped like that for years and we just recently got a hack that is now no longer an exploit, and the Cyclo DSi. (I don't think the Cyclops one had anything to do with the firmware, but if it did, then it took a long time for it to be released).
So, the 3DS firmware being dumped isn't really impressive news.

 

[Jaden.]

You're linking to a site that contains illegal content, a firmware download.

 

[WiiUBricker]

Not again this guy >.>

This is nothing new and complete useless as all files of the "dump"can be downloaded straight from Nintendos servers.

 

[tranfeer]

good

 

[RNorthex]

and so the title is misleading too
the actual firmware itself is not dumped

it's like if sy releases a game and a patch, you get the patch and call it a dumped game....there are differences bro
i don't know how many of these topics were already made, but i think it's time to include it in the sticky "when" topic

 

[mybluered]

Where can we download it and have a look?

 

[Alex Salto]

Where can we download it and have a look?

Who knows ?

 

[Keva]

Nice to know but let me know when you run unsigned code..

 

[TheDreamLord]

Top link doesn't work, bottom is from webs.

Spoiler

QUOTEThe 3ds firmware 2.10-3 has been dumped

Post Last Edit by Plop23 at 26-6-2011 22:26


Post Last Edit by Plop23 at 26-6-2011 22:25


for developers I think it's good news, it's a french apparently having pseudo Upsilon, which dumped the firmware 3ds, he also apparently decrypt, thanks to this can we hope to have a bet a day of DSTWO for the launch of 3ds backups?
the structure of the firmware:
Structure des metadata

_Header
DEBUT | |LONGUEUR |DESCRITPION
RSA 2048|RSA 4096 | |
0x000 | 0x000 |4 |Signature type
0x004 | 0x004 |256 / 512 |Signature
0x104 | 0x204 |60 |Padding modulo 64
0x140 | 0x240 |64 |Issuer
0x180 | 0x280 |1 |Version
0x181 | 0x281 |1 |ca_crl_version
0x182 | 0x282 |1 |signer_crl_version
0x183 | 0x283 |1 |Padding modulo 64
0x184 | 0x284 |8 |System Version
0x18C | 0x28C |8 |Title ID
0x194 | 0x294 |4 |Title type
0x198 | 0x298 |2 |Group ID
0x19A | 0x29A |62 |reserved
0x1D8 | 0x2D8 |4 |Access rights
0x1DC | 0x2DC |2 |Title version
0x1DE | 0x2DE |2 |Number of Contents
0x1E0 | 0x2E0 |64 |Content Records
0x220 | 0x320 |40 |Padding modulo 64
0x248 | 0x348 |4 |Boot content
0x252 | 0x352 |4 |Banner content
0x256 | 0x356 |4 |Banner size
0x260 | 0x360 |32 |Hash

_Content Records
DEBUT |LONGUEUR |DESCRIPTION
0x00 |4 |Content ID
0x04 |32 |SHA-256 Hash

_Certificates
DEBUT |LONGUEUR |DESCRIPTION
0x000 |4 |Signature type
0x004 |* |Signature
0x104 |64 |Issuer
0x124 |4 |Tag
0x128 |64 |Name
0x168 | |Key


Exemple de Code Source pour Programme.
================================================================================
============================
typedef struct {
u32 cid; // Content ID
u8 hash[0x20]; // SHA-256 hash
} content_record; // Taille: 0x24 bytes

enum sig_type {
RSA_2048_SHA256 = 0x00010004,
RSA_4096_SHA256 = 0x00010003,
RSA_2048_SHA1 = 0x00010001,
RSA_4096_SHA1 = 0x00010000
};

typedef struct {
u32 sig_type;
u8 sig
; // * = Taille de la Signature
u8 fill1[60];
u8 issuer[64]; // Root-CA%08x-CP%08x
u8 version;
u8 ca_crl_version;
u8 signer_crl_version;
u8 fill2;
u64 sys_version;
u64 title_id;
u32 title_type;
u16 group_id; // Editeur
u8 reserved[62];
u32 access_rights;
u16 title_version;
u16 num_contents;
content_record contents[0x40];
u8 padding[0x28];
u32 boot_content;
u32 banner_content;
u32 banner_size;
u8 hash[0x20]; /* Inconnu */
} tmd;

//Le tmd est alors suivi par une chaîne de certificats.
typedef struct {
u32 sig_type;
u8 sig
; // * = Taille de la Signature
u8 issuer[64];
u32 tag; // Identifie ce qui est signé.
u8 name[64]; // Nom de chose étant signée.
u8 key[...];
} certificate;
================================================================================
============================
Source: 3DBrew
(sorry for mistakes, i'm french and I use the google translation)

Thats whats on top one

 

[Zerosuit connor]

For gods sake. It's not like its going to be exploited tomorrow guys. Yeah, They ""Dumped" the "firmware"". It's not even that big an achievement, as stated before the dsi firmware was mapped out ages ago how long did it take to hack? Answer: Years.