Hacking I have a crazy theory. only a crazy theory though

[someonewhodied]

Suppose we...ok stay with me here. Suppose we first use the NUS downloader...hey, you staying with me here? We use the NUS downloader to first download an update. We then mod it somehow...but thats not the point, this is just a theory on how to install the mod.

Ok. then we update while filtering and editing packets sent from the router to your ds with some random router tools. Swap out the files downloded from the nintendo servers with the modded ones on your computer.

That is my theory.

Of course, I haven't tried it yet, but a friend tried installing a normal update that way and it worked. I don't know if modded firmware installed the same way will work or not, because I thought the 3ds had good security.

 

[Marlonguppy]

Suppose we...ok stay with me here. Suppose we first use the NUS downloader...hey, you staying with me here? We use the NUS downloader to first download an update. We then mod it somehow...but thats not the point, this is just a theory on how to install the mod.

Ok. then we update while filtering and editing packets sent from the router to your ds with some random router tools. Swap out the files downloded from the nintendo servers with the modded ones on your computer.

That is my theory.

Of course, I haven't tried it yet, but a friend tried installing a normal update that way and it worked. I don't know if modded firmware installed the same way will work or not, because I thought the 3ds had good security.

No, the update must be signed. That's the only problem; if we had the key... we could hack the DSi/3DS
, but a friend tried installing a normal update that way and it worked
Yeah... and my Mac OSX downloaded some Windows 7 updates.

 

[someonewhodied]

He didn't use NUS downloader though. He just tried Filtering the packets to his computer.
And then used those files in the update after starting a second one. I think anyways. Its what he told me. Ofcourse I didn't see him doing it so I have no way to confirm it.

 

[purplesludge]

The 3ds does not run unsigned code. It doesn't matter how the files are obtained as long as they are signed.
http://en.wikipedia.org/wiki/Code_signing

 

[Arisotura]

Also, Nintendo's firmware files aren't just signed. They're fully encrypted. As long as we don't have the key, you can forget about messing with those.

 

[Marlonguppy]

He didn't use NUS downloader though. He just tried Filtering the packets to his computer.
And then used those files in the update after starting a second one. I think anyways. Its what he told me. Ofcourse I didn't see him doing it so I have no way to confirm it.

That's just stupid because you're just retransmitting it (and duh, of course it is signed then).
Nice try.

 

[marcosxd]

Suppose we...ok stay with me here. Suppose we already have a thread for these random theories...hey, you staying with me here? We use that thread to post all our random bs. We then keep the discussion over there somehow...but thats not the point, this is just a theory on how to post in a thread for these things

 

[MADKATZ99]

Suppose we...ok stay with me here. Suppose we already have a thread for these random theories...hey, you staying with me here? We use that thread to post all our random bs. We then keep the discussion over there somehow...but thats not the point, this is just a theory on how to post in a thread for these things

Yeah, a friend of mine tried posting in there and it worked.

 

[marcosxd]

He didn't use common sense though. He just tried opening a new thread to his own needs.
And then used those random theories after starting a second one. I think anyways. Its what he told me. Ofcourse I didn't see him doing it so I have no way to confirm it.

 

[Gagarin]

That was so easy. Thousands of hackers could not figure it out and you did. Perfect shot man.

 

[linuxares]

Havent this idea been posted before and the thread became a "stupid idiots you have no clue how the 3ds works" thread?

 

[Tom Bombadildo]

Havent this idea been posted before and the thread became a "stupid idiots you have no clue how the 3ds works" thread?

You mean every other 'Hacking Theory' thread?

 

[RoyalCardMan]

It is because those people believe "If the hackers can't do it, neither can we"

Let me remind you though, this is my favorite quote:

Amateurs built the Ark, Professionals built the Titanic

 

[SifJar]

It is because those people believe "If the hackers can't do it, neither can we"

Let me remind you though, this is my favorite quote:

Amateurs built the Ark, Professionals built the Titanic

Yes, but in this case it won't work. The updates must be encrypted with the common key, and signed with the private key. AFAIK, no one has either at the moment, and the most anyone is ever likely to get is the common key unless Nintendo made a Sony-esque failure with the security. The only chance of a modified update is via an exploit in the security system, akin to the Trucha Bug on the Wii (which negated the need for the private key). And obviously they won't have put the trucha bug back in. They're not that stupid.

 

[RoyalCardMan]

It is because those people believe "If the hackers can't do it, neither can we"

Let me remind you though, this is my favorite quote:

Amateurs built the Ark, Professionals built the Titanic

Yes, but in this case it won't work. The updates must be encrypted with the common key, and signed with the private key. AFAIK, no one has either at the moment, and the most anyone is ever likely to get is the common key unless Nintendo made a Sony-esque failure with the security. The only chance of a modified update is via an exploit in the security system, akin to the Trucha Bug on the Wii (which negated the need for the private key). And obviously they won't have put the trucha bug back in. They're not that stupid.

It seems people like to sophisticate the problem so they sound pretty professional.

Look, if you don't know the whole truth, than just say "Well, it is encrypted, but I don't know if it will be that hard or easy to exploit"

Why can't people just admit that it might or might not work. It sounds like you know it won't work. But, that is just my opinion.

Also, it is called trial and error.

 

[chauffler]

Someone could try to do a brute force attempt on the encryption key it would only take around 100,000 millennia or something but if we found someone who had a bot net of like 4million computers it wouldn't take as long only like a 25 years

 

[WiiUBricker]

Someone could try to do a brute force attempt on the encryption key it would only take around 100,000 millennia or something but if we found someone who had a bot net of like 4million computers it wouldn't take as long

yea, it would then only take 1 billion years.

 

[chauffler]

All we could really do is hope that nintendos encryption key is 123456 other than that we are out of luck

 

[chauffler]

Well I doubt anyone could do this but I you had gnarly RAM analyzing skills you might be able to find the decryption code on the 3ds hardware but that would be really hard core and I'm not a computer expert but I know the decryption code has to be stored on the RAM(during the time of decrypting) so if you could get something to monitor the RAM You could dump all the values from it (during the time of decryption) and run the values through cracking software I don't know how you would be able to do this or if it's even possible but I wanted to add my stupid idea to the mix

 

[FireGrey]

Well I doubt anyone could do this but I you had gnarly RAM analyzing skills you might be able to find the decryption code on the 3ds hardware but that would be really hard core and I'm not a computer expert but I know the decryption code has to be stored on the RAM(during the time of decrypting) so if you could get something to monitor the RAM You could dump all the values from it (during the time of decryption) and run the values through cracking software I don't know how you would be able to do this or if it's even possible but I wanted to add my stupid idea to the mix

You would have to rip apart the 3DS, but still have it running.
Plus there is A LOT of code to analyze, and i mean a ridiculous amount.
@OP Ok sounds good, just go get the keys and come back to us.
>.> This is like talking about breaking into a house, but when you get the key to the front door.