Hacking DSi

Discussion in 'NDS - Flashcarts and Accessories' started by XxRoxaSoraxX, Nov 21, 2008.

Nov 21, 2008

Hacking DSi by XxRoxaSoraxX at 5:42 AM (12,058 Views / 0 Likes) 60 replies

  1. XxRoxaSoraxX
    OP

    Member XxRoxaSoraxX GBAtemp Regular

    Joined:
    Nov 19, 2008
    Messages:
    109
    Country:
    United States
    I haz an idea on how to hack the DSi.

    Okay so Sony says their PSP-3000 was hack-proof, but it was hacked by switching the PSP-2000's CPU, I was wondering if you could do the same thing to the DSi.

    Cheers
     


  2. Holaitsme

    Member Holaitsme 10/10 would be loyal again

    Joined:
    May 14, 2008
    Messages:
    846
    Country:
    United States
    Ds is not psp.

    If I am correct it should be the same processor.
     
  3. XxRoxaSoraxX
    OP

    Member XxRoxaSoraxX GBAtemp Regular

    Joined:
    Nov 19, 2008
    Messages:
    109
    Country:
    United States
    No no no use the Ds-Lite's CPU to enable flashcarts on DSi
     
  4. Holaitsme

    Member Holaitsme 10/10 would be loyal again

    Joined:
    May 14, 2008
    Messages:
    846
    Country:
    United States
    They are pretty much identical in hardware terms, excluding the ram,camera,and sd slot.
    I am too lazy to look it up so I might be wrong.
     
  5. XxRoxaSoraxX
    OP

    Member XxRoxaSoraxX GBAtemp Regular

    Joined:
    Nov 19, 2008
    Messages:
    109
    Country:
    United States
    yea but there is SOMETHING that prevents the flashcarts.
     
  6. gosp

    Member gosp GBAtemp Regular

    Joined:
    Jun 29, 2008
    Messages:
    216
    Country:
    Italy
    They changed the security system. It doesn't have to do with reading from a certain area on the card any more.
     
  7. DarkRey

    Member DarkRey still transfoooorming.... with sum lags!

    Joined:
    Mar 9, 2007
    Messages:
    983
    Location:
    Rotating around Toni
    Country:
    Croatia
    hack the firmware and put a custom one which will enable flashcards *runs far away from ninty*
     
  8. shansoft

    Member shansoft GBAtemp Regular

    Joined:
    Dec 8, 2006
    Messages:
    142
    Country:
    United States
    there is a trick that I was thinking, but I never got a chance to test it since I dont have any toolkit a allow me to do it :S

    here is my thought.

    As a lot people know, the new NDS game have a special header, and that header seem to be the counter part for DSi to check if its a retail cart..

    remember how R4 doesnt work with new game? that is the one I am talking about.....

    also, remember last few weeks someone post the thread about the single-ROM cart ( not the retail one ) successfully boot on DSi?

    That is because the cart's internal memory is a official ROM..

    To do this, we simply put the Flashcart internal memory with a modify official ROM, which it has been inject the code to boot the flashcart OS...

    The problem is that all the known flashcart out there cant do it..

    in order to do this, we need a new type of flashcart that allow to rewrite flash cart BIOS....
     
  9. DarkDragonLord

    Newcomer DarkDragonLord Advanced Member

    Joined:
    Jul 28, 2008
    Messages:
    83
    Country:
    Brazil

    The idea isnt crazy at all.
    I liked it [​IMG]

    now we need toolz to do that [​IMG]
     
  10. Normmatt

    Member Normmatt Former AKAIO Programmer

    Joined:
    Dec 14, 2004
    Messages:
    2,135
    Country:
    New Zealand
    Your all stuck in the dark.

    None of your ideas will work.

    Reading the firmware while possible will only result in an encrypted dump (meaning it's useless until the encryption is cracked).

    The new security checks do alot more than check the cart header, they check the rsa of the game which still hasn't and probably won't be cracked anytime soon.

    There are atleast 3 flashcarts with rewritable flash roms, none of which are big enough for even the smallest commercial game.

    While technically possible to replace files in the commercial games filesystem without the dsi saying it's corrupt, you'd need a new flashcart large enough to load this game and load some arbitrary code to boot your flashcart menu, not many if any ds games have any means of running code directly from their filesystem, you could cause buffer overflows but even then it'd be annoying to track down.
     
  11. MegamanDSi

    Newcomer MegamanDSi Member

    Joined:
    Jan 26, 2009
    Messages:
    41
    Country:
    Canada
    Hey Dudes Did You If you go to support.nintendo.com it says you can copy DSiWare Games to the SD Card So that means we can put them back on the
    system so instead of CFW We Should Use Homebrew apps Like A NES Emulator or A Snes Emulator Or A NDS Backup Launcher But The Games are on the SD Card
    So It Says Searching for the SD Card.
     
  12. anaxs

    Member anaxs got milk, got candy

    Joined:
    Mar 23, 2009
    Messages:
    2,208
    Location:
    your moms jeans pocket
    Country:
    Canada
    so your saying that u can get dsi ware on the computer and put it in a dsi and it will work....first of all where do u get dsi ware on the computer
     
  13. Sychophantom

    Member Sychophantom I'm a plant.

    Joined:
    Mar 7, 2008
    Messages:
    1,190
    Location:
    Born on the Bayou
    Country:
    United States
    That would be easy enough. Put the DSiWare on the SD card, and pop the card into your computer.


    However, unless someone can crack the encryption on it, it'd likely be gibberish.
     
  14. Narin

    Former Staff Narin The Cheat Master, kupo!

    Joined:
    Feb 19, 2008
    Messages:
    2,624
    Country:
    United States
    DSiWare is digitally signed and encrypted so it will only work on the DSi that downloaded it. SO you can't take DSiWare from someone else and play them, you have to download them yourself.
     
  15. nerboking

    Newcomer nerboking Newbie

    Joined:
    Feb 8, 2009
    Messages:
    4
    Country:
    United States
    hmm, the DS Lite actually has two processors, Arm7 and Arm9. The DSi has just one ARM processor that's faster than the last two combined...

    So switching out the hardware already sounds hard...
     
  16. fgghjjkll

    Member fgghjjkll GBATemp MegaMan

    Joined:
    Jul 7, 2008
    Messages:
    2,038
    Country:
    Australia
    why dont we hex edit the rom and change the signiture and encrypted code to what matches the dsi you own....
    of course..ummm.....we dont know how our dsi signs and encrypts it.....
     
  17. Kingfield

    Member Kingfield GBAtemp Advanced Fan

    Joined:
    Nov 8, 2007
    Messages:
    544
    Country:
    Australia
    That's how WiiWare was before, It'll get cracked, just give it some time. Might take ages though.
     
  18. FAST6191

    Reporter FAST6191 Techromancer

    pip
    Joined:
    Nov 21, 2005
    Messages:
    21,707
    Country:
    United Kingdom
    OK basic cryptography, most asymmetric cryptography (including semiprime based which I believe the DSi uses and elliptical encryption) works on the principle that you can not easily factor a large number. Have a read
    http://mathcircle.berkeley.edu/BMC3/rsa/node4.html

    This is what people try to factor when they try to break RSA encryption.

    The only reason the wii was done was because Nintendo borked the check incredibly badly to the point where we can reasonably forge a signature so that the wii accepts it, the wii signatures we make will not stand up against a proper check (which was implemented in later versions). If they have done it correctly (which is not that hard to do) then we can not break it.
    More on the wii stuff:
    http://hackmii.com/2008/04/keys-keys-keys/
    Ignore the wikipedia links and do real search though, wikipedia is not very good for encryption.
     
  19. MF_DarkMike

    Newcomer MF_DarkMike Newbie

    Joined:
    Apr 6, 2009
    Messages:
    2
    Location:
    Underground or Whatever
    Country:
    United States
    Yes, all of that stuff seems true enough, and that the guys in Nintendork really know how to put the security they need in order to rip people off of their money. Well, here's my idea, why not create a custom NDS ROM-based Homebrew that patches the firmware to C1.0.0U/E/J or something like that?

    The "C" could be labeled as "Custom", and I think what you can do to the RSA encryption is write some code that will actually log information in the SD Card, but I'm tossing out suggestions. Apparently, this security nonsense simply makes us not want to buy the console; not because it's got new flashy gizmos on it, but because RSA is impossible to circumvent in this case. Though, we are not as protected as FlashMe is with the DS Lite and past consoles, and when it comes to System Bricks, which will come in the future, it will soon render the DSi to be "unusable".

    So in order to keep up the intergity of Homebrew, stay away from the DSi if it becomes too impossible to hack into. In other words, don't buy it, which is what I did. Though this is a random rant, I am pleading you to not buy such trash as this! I apologize, but this must be heard across the boards. -.-
     
  20. wchill

    Member wchill Resident chillxpert

    Joined:
    Jun 12, 2008
    Messages:
    1,407
    Country:
    United States
    What we could try doing is do a DSiCrack@Home project where we all muster together the power of our computers to crack the encryption.
    Then again, when it comes to encryption, I don't know much about RSA, so maybe that won't work.
     

Share This Page