I want to do some exploit testing, but I have no idea how to tell an exploitable crash or a non-exploitable crash. I do have the developer ErrDisp (thanks to aureinand)
1) Enable NTRDebugger
2) Use the "list kernel exploits" command
3) ?????
4) Profit
2) Use the "list kernel exploits" command
3) ?????
4) Profit
To know whether a crash is exploitable you would have to first look at what the crash is actually causing the system to do, for example jumping to a random section of memory and executing whatever is there. Then you would have to look at whether the crash is controllable, so in this example that would mean whether you can control where it jumps or control what's in memory at that location.
There are many different causes for crashes and not all of them can be exploitable, even the ones that have potential to be exploitable can only be exploited if the crash is controllable. Most crashes won't be useful, so it takes a lot of searching and trial and error to find one that is.
However, if you want to get into 3DS hacking you should probably start by learning ARM assembly. You really do need to know assembly to figure out what the crash is doing and how to exploit it.
I'm no expert and there's a lot more to it than that, but those are the basics.
Last edited by The Real Jdbye,
Similar threads
- No one is chatting at the moment.
-
-
-
-
-
-
@
Vetusomaru:
psychic academy. lol. it was meh even back then when i bought volume 1. also same author also made one of the manga adaptions of Escaflowne. -
-
-
-
-
-
-
-
-
@
Vetusomaru:
crynchyrolls is cancer, especially with the censorship they do like they did with Oshimai
-
-
-
-
-
-
-
-
-
-
