Homebrew via Serial I/O?

Discussion in '3DS - Flashcards & Custom Firmwares' started by Cancel, Aug 23, 2011.

  1. Cancel
    OP

    Cancel Member

    Newcomer
    13
    0
    Jun 21, 2011
    United States
    I've been searching around for a confirmation on this potential hack. According to http://coburndomain.org/index.php/2011/08/...-io-apparently/ a guy by the name of MSaki conceived a brilliant plan for injecting unauthorized code through the 3ds.

    This process was vaguely described as the following :

    btw open pilot wings card, solder wires to the chip pinouts on back, then attach to sniffer. Once you have the four points, mark them, then desolder other wires and disconnect from the sniffer. Build a converter, then attach said converter to your serial I/O on pc (i think you can figure the rest so ill simpilify it for you – inject a corrupt save file and leave it decrypted). The 3DS will give you a message that the card save data is corrupt do you wish to continue, tap yes, if all done correctly it should go to a black screen on top and red on touch now you may execute a binary from the serial i/o via a comunication terminal.
    Enjoy

    My question is, has this been tested out or is this bogus?
     
  2. elsparko

    elsparko Member

    Newcomer
    25
    0
    Apr 3, 2011
    Cork
    hmmmm... seems like a lot of bother for the moment.. IF it works. Hopefully it does, and and easier way is thought up
     
  3. raulpica

    raulpica With your drill, thrust to the sky!

    Supervisor
    10,976
    7,154
    Oct 23, 2007
    Italy
    PowerLevel: 9001
    Errrr... MSaki is a member on this site, but I fear that this is just some speculation on his part.
     
  4. Quincy

    Quincy Your own personal guitarist :3

    Member
    1,436
    66
    Nov 13, 2008
    Netherlands
    Your house, robbing your stuff
    This could work theoraticly.. But I doubt that the hardware would allow it..
     
  5. koji2009

    koji2009 GBAtemp Maniac

    Member
    1,193
    31
    Mar 13, 2009
    United States
    It doesn't really sound theoretical... it sounds like BS. If he has truly gotten this method to work (or anyone has) it wouldn't be hard to show a "hello world"... and if he was ready to release information to do so, he would have actually released information instead of making a few bold and very vague statements.
     
  6. Fat D

    Fat D GBAtemp Maniac

    Member
    1,124
    53
    Nov 18, 2006
    Gambia, The
    You would still need to get through the encryption of the card interface.
     
  7. Immortal_no1

    Immortal_no1 GBAtemp Regular

    Member
    266
    12
    Jul 17, 2003
    There is some potential to this. I have a pilotwings 3ds demo cart, the demo cart boots directly into the game bypassing the homescreen, when I run up the game I get ablackscreen followed by a flash of white followed by the blackscreen with loading message, then finally the game screen.

    There may be a case where when it gets to the loading screen you could interrupt the load, but unless we know what the pinouts are for the back of the pcb are and which protocol, i'm assuming it's simple ttl, you may be able to inject code in directly via the serial.

    I want more info on this. Pictures and pinouts and I'll give it a go, otherwise I'll do it my way 'hack and slash':P