Homebrew How Is A Payload Injected Into A Game Without Homebrew?

[Jack_Sparrow]

I'd like to know, i know that @smealum didn't have homebrew before he injected the Ninjhax payload into Cubic Ninja, so how was the payload injected without the use of homebrew?

 

[mikey420]

Save game dongle from the makers of the action replay

Or the use of the mset exploit... Or perhaps the at the time undisclosed 9.2 exploit chain... I doubt he'd of been out of that loop.

 

[Jack_Sparrow]

Save game dongle from the makers of the action replay

Ahhh ok,

 

[mikey420]

Actually come to think of it I'm guessing he used a flaw in the qr code scan to do just that. Which is why the 3ds needs an internet connection the first time you run the exploit.

 

[Jack_Sparrow]

Actually come to think of it I'm guessing he used a flaw in the qr code scan to do just that. Which is why the 3ds needs an internet connection the first time you run the exploit.

Well unless someone was directly involved in making Ninjhax i might just have to ask the big man himself

 

[mikey420]

That'd be the best way to find out but I do know that he had a range of options to inject save data for testing purposes. Though As I said it's not unlikely he did so through the QR code scan which is where his entry point was based. That QR scan is what writes the payload to the cart for us.

 

[UraKn0x]

So, several things.
1. Cubic ninja was not actually the first way to get homebrew. Before that, we had the MSET exploit on 4.x, and I know that Smea used that to have a CFW before it was cool. I can remember him showing off Yeti3D "working as its own channel" as Smea himself said. His CFW also made possible RAM dumps and injection as his Pokéhax proved (he had Mew, Hoopa, Volcanion and Diancie as wild encounters).
2. He then showed off a never released hax that used the same MSET entry point which he called sssPwn. It is believed that it was used, as a part or entirely, in what will later become Ninjhax.
3. Several months later, he announced he had a hack which could allow people to access homebrew in an easy way. We didn't know it at that time but that was Ninjhax 1.0. What's actually possible is that he used the RAM dump/injection capabilities of his CFW to find the flaw. But in the end, the only thing we need is the QR code and an Internet connexion as the QR code is not large enough to fit the entire payload.

 

[Uziskull]

I'm pretty sure he documented that in his devblog, you should check it out.

 

[Pikasack]

Sorry, this is sort of (severely?) offtopic...

Hey, this got me thinking.
BattleMiner has similar file names to that of Ironfall in svdt. (Time to do some plotting...)

Update: Annnnnnd... Nothing.
All it did was provide some weird save file that crashed whenever you held an item. (All of which were blank and had -600 something and one that said 0, all null items.) and it did nothing even with the payload.bin attached.

If someone can get something out of this, be my guest.
(If this is possible, it would mean two dummy games, one for 2.5 and one for 2.1 if you are weird like that...)

 

[UraKn0x]

Sorry, this is sort of (severely?) offtopic...

Hey, this got me thinking.
BattleMiner has similar file names to that of Ironfall in svdt. (Time to do some plotting...)

Update: Annnnnnd... Nothing.
All it did was provide some weird save file that crashed whenever you held an item. (All of which were blank and had -600 something and one that said 0, all null items.) and it did nothing even with the payload.bin attached.

If someone can get something out of this, be my guest.
(If this is possible, it would mean two dummy games, one for 2.5 and one for 2.1 if you are weird like that...)

Please don't tell me you just tried to inject Ironjax save files into Battle Miner. That's definitely not the right way to find an exploitable flaw.

 

[Stecker8]

Is there a form to install homemenuhax if for example you press colour yellow theme and it install install homemenuhax?
With this we will have always a entry point also i think if it needs a kernel exploit and you need before this another exploit to install it like you install homemenuhax or ironhax