How does one go about making an exploit?

Discussion in '3DS - Homebrew Development and Emulators' started by skullkeeper94, May 16, 2017.

  1. skullkeeper94
    OP

    skullkeeper94 Professional USB Corrupter

    Member
    246
    39
    Jun 21, 2016
    United States
    Just curious. I read that the game needs to crash, but Doodlebomb didn't, and that's an exploit. Also, what exactly would I need to do? I randomized a backup of my Pokemon Moon save and it gave a "save data corrupted" message.

    Thanks in advance :ha:
     
  2. sks316

    sks316 Retro Enthusiast

    Member
    1,424
    634
    Nov 28, 2013
    United States
    Hyrule
    Well, first you need to spot a part of a game/app that is so poorly coded that it can be exploited to load custom code. Then, hope to god that the developer doesn't patch it. The game/app rarely doesn't need to crash, but in most cases, it does.
     
    CaptainSwag101 likes this.
  3. Lariatoooooooooooooooo

    Lariatoooooooooooooooo Member

    Newcomer
    10
    10
    Apr 28, 2017
    United States
    Short answer: No

    Long answer: You can't so don't worry about it
     
    Pacheko17 likes this.
  4. sks316

    sks316 Retro Enthusiast

    Member
    1,424
    634
    Nov 28, 2013
    United States
    Hyrule
    To be honest, I would rather look on Smealum's website than code my own exploit. If you're going to make one, good luck.
     
  5. blujay

    blujay GBATemp's Official Warthog

    Member
    2,003
    1,747
    Nov 2, 2015
    United States
    Gilbert, Arizona
    Step 1: Know what you're doing. Personally, I don't know a whole lot about exploit creation, but you should research first.
    Step 2: For the love of God, please make sure you have looked deep into the process before posting "My save crashes! I found an exploit"

    I know this isn't very helpful, but just make sure you know what you are doing before you even do it.
     
  6. Dionicio3

    Dionicio3 GBATemp's Official Skiddo™ | Founder of Skiddoism

    Member
    2,868
    3,832
    Feb 26, 2017
    United States
    Hollister, CA
    To find an exploit, you need to know how each bit of the 3DS's software and hardware works, so you better get to 3dbrew and get researching
     
    Quantumcat, Zidapi and blujay like this.
  7. Zidapi

    Zidapi GBAtemp Addict

    Member
    2,980
    1,781
    Dec 1, 2002
    Code:
    Learn a basic programming language
    + learn a more advanced one (or two)
    + learn how to reverse engineer
    + study 3dsbrew
    + study write ups of previous exploits
    + a few years of real world experience
    ---------------
    = Exploit Wizard
    When you've completed every one of these steps come back and help us with Switch exploits.
     
  8. elhobbs

    elhobbs GBAtemp Advanced Fan

    Member
    767
    284
    Jul 28, 2008
    United States
    I think this is one of those cases where:
    If you asked the question then you already failed.

    Primarily you are trying to use something in an undocumented/unintended way. There is no documentation for something like this. You need to be extremely knowledgeable about how processors/hardware/software function.
     
    Quantumcat and Zidapi like this.
  9. skullkeeper94
    OP

    skullkeeper94 Professional USB Corrupter

    Member
    246
    39
    Jun 21, 2016
    United States
    I haven't tried, I was just curious as to how everyone does it.
     
  10. Coto

    Coto GBAtemp Addict

    Member
    2,346
    397
    Jun 4, 2010
    Chile
    search around the term "return oriented programming". Depending on your desire to learn, it will give you a bottom up (reverse order) of learning from machine to high level development.

    edit: and that's because exploits attack compiled code that only a machine (or gifted minds) understand. Games have compiled code embedded (so called rom images when mapped directly), or iso format (through a filesystem layer, or whatever)
     
    Last edited by Coto, May 16, 2017
    Quantumcat, Zidapi and CaptainSwag101 like this.
  11. MRJPGames

    MRJPGames Pretty great guy

    Member
    1,090
    708
    Aug 17, 2013
    Netherlands
    The Netherlands
    You won't be able to just do it easily. You will have to invest a huge amount of time before you can write you're first exploit.

    If you're just interested in how 3DS exploits work you can watch the CCC talks on 3DS hacking.

    As for crashes and exploits, no that's not how it works. A crash only very rarely means that it can be exploited. However basically a things that can be exploited if done incorrectly in any way will crash. Doodlebomb would crash if certain parts were even a bit off.
    This is because what an exploit in this case essentially means is getting your code to run on the device. This is done by abusing a fault in the code that allows you to redirect the execution of code to your code instead of the game's/apps code. Now if you redirect it to anything else, this is most likely "garbage" and if read as code does some nonsense which will end up crashing the system. This is also where the myth that a crash=exploit comes from I think.
     
  12. jockep

    jockep GBAtemp Regular

    Member
    141
    51
    Apr 12, 2017
    Zidapi likes this.
  13. dubbz82

    dubbz82 GBAtemp Maniac

    Member
    1,494
    806
    Feb 2, 2014
    United States
    If you're willing to sink a few years into learning, it might be possible, that being said being that you've had to ask about this, you're already behind the curve so to speak. As was mentioned by others, there's a crazy learning curve, which is why only a handful of people out there release exploits. Quite bluntly, it's not something most people will ever be capable of figuring out.
     
    Quantumcat and Zidapi like this.
  14. Zidapi

    Zidapi GBAtemp Addict

    Member
    2,980
    1,781
    Dec 1, 2002
    This is definitely one of those "if you have to ask, you probably don't have the capability to do it" situations, I fall into this category myself.
     
    Last edited by Zidapi, May 17, 2017