Hacking Hacking The 3DS Via The Download Play Option?

[biothundernxt]

I admit that i don't really know that much about hacking consoles, but in theory, couldn't you write a custom driver for your WiFi adapter in your pc that allowed it to act like a 3DS offering a download play game, but was really an injected version that ran unsigned code or something like that?

This way wouldn't require any extra hardware.

I know this was tried at one point on the DS but what you could do with it was very limited because of the size of the amount data the DS could store.

But with the larger amounts of data being able to be stored on the 3DS, wouldn't it be alot easier, and possibly we could run a piece of unsigned code and have a softmod from there allowing code to be run from the SD card slot?

I know its probably alot more complicated than that and it is probably encrypted or something along those lines for protection, but its just an idea.

 

[Nollog]

Slim chance, but unlikely.

Look at history:
Didn't happen on DS, or DSi.
No, it won't happen on 3DS.

Furthermore, why would the system allow access to the SD card slot for a downloaded title in this way?
There's only a need for games to have SD access if you own it, otherwise it's not useful and therefore only introduces a security risk, nothing more.

 

[Rydian]

Even if you get something to send the code, the 3DS won't run it unsigned unless there's some big security flaw.

 

[coolness]

it maybe only possible to change Language on the download play option
like in my video:
http://www.youtube.com/watch?v=YTvZ_aknMCg

 

[Nollog]

it maybe only possible to change Language on the download play option
like in my video:
http://www.youtube.com/watch?v=YTvZ_aknMCg

That's not really download play, that's you changing the language of the DS' firmware in your DSi.

 

[d235j]

It did happen on the DS due to lousy signature checking.

The 3DS uses WPA2-AES for Download Play and StreetPass, so this isn't an option.

 

[L_o_N_e_R]

Slim chance, but unlikely.

Look at history:
Didn't happen on DS, or DSi.
No, it won't happen on 3DS.

Furthermore, why would the system allow access to the SD card slot for a downloaded title in this way?
There's only a need for games to have SD access if you own it, otherwise it's not useful and therefore only introduces a security risk, nothing more.

Ever heard of wifime?

it ran homebrew from the gba slot using the download play option

it was very limiting, but it ran code that wasnt suppose to run


@bio there will be checksums implemented probably, so it wont be as easy as you think it is

 

[Nollog]

It did happen on the DS due to lousy signature checking.

The 3DS uses WPA2-AES for Download Play and StreetPass, so this isn't an option.
Though they might be using wpa2, I don't know. It's unlikely though.

wpa2 would only serve to make the adhoc networking in streetpass and download play slower and yuck.
I think you're confusing game security and signature/crc/sha etc. checks with network security protocols.

QUOTE(L_o_N_e_R @ Apr 11 2011, 09:17 PM) Ever heard of wifime?

it ran homebrew from the gba slot using the download play option

it was very limiting, but it ran code that wasnt suppose to run

OIC, I never heard of it before.
Still I said it was possible.

 

[L_o_N_e_R]

yeah only reason why you probably never heard of it was because it was patched in system revisions

my old ds can do it until i flashed flashme on it

 

[Jaden.]

Just a question.

Have you explored what does the extra data on the SD? Maybe... Creating something that uses them, edit them to do a buffer overflow and that?

Or

Can't directly look how they work, when they're called and then edit them, make the Cart reads/edit it and then try to do a buffer overflow?

Sorry, i just have those ideas.

 

[CherrySkitty]

Just a question.

Have you explored what does the extra data on the SD? Maybe... Creating something that uses them, edit them to do a buffer overflow and that?

Or

Can't directly look how they work, when they're called and then edit them, make the Cart reads/edit it and then try to do a buffer overflow?

Sorry, i just have those ideas.

That could have its own topic >.>
You'd need to unencrypt that Extra Data, and AFAIK no one can yet u.u... But once some way of unencrypting it is found, there might be a chance of doing something of value .-.

On Topic: the 3DS would need to be hacked to be able to run unsigned code... which would kinda defeat the purpose of hacking it via Download Play. Maybe it would work as an alternative? Just saying..

 

[Pippin666]

Slim chance, but unlikely.

Look at history:
Didn't happen on DS, or DSi.
No, it won't happen on 3DS.

Furthermore, why would the system allow access to the SD card slot for a downloaded title in this way?
There's only a need for games to have SD access if you own it, otherwise it's not useful and therefore only introduces a security risk, nothing more.

Ever heard of wifime?

it ran homebrew from the gba slot using the download play option

it was very limiting, but it ran code that wasnt suppose to run


@bio there will be checksums implemented probably, so it wont be as easy as you think it is

No no no and and no. WiFiMe was possible BECAUSE the security key was broken FIRST.

Pip'

 

[Rydian]

http://gbatemp.net/t287721-some-hacking-concepts-and-links

Read before post.

 

[biothundernxt]

http://gbatemp.net/t287721-some-hacking-concepts-and-links

Read before post.

I did read that before i posted, and found it quite interesting