1. Jack_Sparrow

    OP Jack_Sparrow Ruthless Pirate
    Banned

    Joined:
    Nov 17, 2015
    Messages:
    855
    Country:
    United States
    I'd like to know, i know that @smealum didn't have homebrew before he injected the Ninjhax payload into Cubic Ninja, so how was the payload injected without the use of homebrew?
     
  2. mikey420

    mikey420 GBAtemp Advanced Fan
    Member

    Joined:
    Dec 11, 2015
    Messages:
    911
    Country:
    United States
    Save game dongle from the makers of the action replay

    Or the use of the mset exploit... Or perhaps the at the time undisclosed 9.2 exploit chain... I doubt he'd of been out of that loop.
     
    Last edited by mikey420, Dec 12, 2015
  3. Jack_Sparrow

    OP Jack_Sparrow Ruthless Pirate
    Banned

    Joined:
    Nov 17, 2015
    Messages:
    855
    Country:
    United States
    Ahhh ok,
     
  4. mikey420

    mikey420 GBAtemp Advanced Fan
    Member

    Joined:
    Dec 11, 2015
    Messages:
    911
    Country:
    United States
    Actually come to think of it I'm guessing he used a flaw in the qr code scan to do just that. Which is why the 3ds needs an internet connection the first time you run the exploit.
     
    Deleted-236924 likes this.
  5. Jack_Sparrow

    OP Jack_Sparrow Ruthless Pirate
    Banned

    Joined:
    Nov 17, 2015
    Messages:
    855
    Country:
    United States
    Well unless someone was directly involved in making Ninjhax i might just have to ask the big man himself
     
  6. mikey420

    mikey420 GBAtemp Advanced Fan
    Member

    Joined:
    Dec 11, 2015
    Messages:
    911
    Country:
    United States
    That'd be the best way to find out but I do know that he had a range of options to inject save data for testing purposes. Though As I said it's not unlikely he did so through the QR code scan which is where his entry point was based. That QR scan is what writes the payload to the cart for us.
     
    Deleted-236924 likes this.
  7. UraKn0x

    UraKn0x Official senpai
    Member

    Joined:
    Mar 20, 2014
    Messages:
    370
    Country:
    France
    So, several things.
    1. Cubic ninja was not actually the first way to get homebrew. Before that, we had the MSET exploit on 4.x, and I know that Smea used that to have a CFW before it was cool. I can remember him showing off Yeti3D "working as its own channel" as Smea himself said. His CFW also made possible RAM dumps and injection as his Pokéhax proved (he had Mew, Hoopa, Volcanion and Diancie as wild encounters).
    2. He then showed off a never released hax that used the same MSET entry point which he called sssPwn. It is believed that it was used, as a part or entirely, in what will later become Ninjhax.
    3. Several months later, he announced he had a hack which could allow people to access homebrew in an easy way. We didn't know it at that time but that was Ninjhax 1.0. What's actually possible is that he used the RAM dump/injection capabilities of his CFW to find the flaw. But in the end, the only thing we need is the QR code and an Internet connexion as the QR code is not large enough to fit the entire payload.
     
    Last edited by UraKn0x, Dec 12, 2015
    Stecker8 likes this.
  8. Uziskull

    Uziskull Picture may not be real
    Member

    Joined:
    Nov 15, 2015
    Messages:
    269
    Country:
    Portugal
    I'm pretty sure he documented that in his devblog, you should check it out.
     
  9. Pikasack

    Pikasack What is a title
    Member

    Joined:
    Apr 27, 2015
    Messages:
    633
    Country:
    Canada
    Sorry, this is sort of (severely?) offtopic...

    Hey, this got me thinking.
    BattleMiner has similar file names to that of Ironfall in svdt. (Time to do some plotting...)

    Update: Annnnnnd... Nothing.
    All it did was provide some weird save file that crashed whenever you held an item. (All of which were blank and had -600 something and one that said 0, all null items.) and it did nothing even with the payload.bin attached.

    If someone can get something out of this, be my guest.
    (If this is possible, it would mean two dummy games, one for 2.5 and one for 2.1 if you are weird like that...)
     

    Attached Files:

    Last edited by Pikasack, Dec 13, 2015
  10. UraKn0x

    UraKn0x Official senpai
    Member

    Joined:
    Mar 20, 2014
    Messages:
    370
    Country:
    France
    Please don't tell me you just tried to inject Ironjax save files into Battle Miner. That's definitely not the right way to find an exploitable flaw.
     
    Deleted User, Pikasack and VegaRoXas like this.
  11. Stecker8

    Stecker8 Plug
    Member

    Joined:
    Oct 9, 2015
    Messages:
    526
    Country:
    Is there a form to install homemenuhax if for example you press colour yellow theme and it install install homemenuhax?
    With this we will have always a entry point also i think if it needs a kernel exploit and you need before this another exploit to install it like you install homemenuhax or ironhax
     
Draft saved Draft deleted
Loading...

Hide similar threads Similar threads with keywords - Injected, Homebrew, Payload