Hacking Information regarding 3DS Homebrew and the May 15 update

Status
Not open for further replies.

ALeCTor

New Member
OP
Newbie
Joined
May 16, 2012
Messages
1
Trophies
0
XP
1
Country
Serbia, Republic of
Hi. First off, I'd like to say that I will never be involved in any business involving 3DS hacking. I do this for fun. I enjoy reversing and finding exploits on consoles, although, this is the first exploit I have found that proves useful.

To those who have extracted the data from the patch (decrypting is the hard part, but some people already know how to do this) - you may notice a function that will override signature checks by calling it with a key stored in the decrypted package. I guess Nintendo has a whitelist for certain keys? I haven't yet looked into the signature checking function yet but could not find the decrypted key anywhere in the 3DS RAM, so it's obviously somewhat encrypted. The decrypted key is 8 bytes long.

This allows us to sign our own packages using the same key and override function. I already have a 3D "Hello world" application running! There is no good reason I can think of for Nintendo doing this, I believe that they used it for eShop debugging and forgot to remove it. A simple mistake. But be quick to look because I am sure they will remove it in a new firmware sooner or later.

Sorry for any bad English :)
 

indask8

New Member Forever
Member
Joined
Apr 19, 2007
Messages
987
Trophies
0
Age
37
Location
Look at the Flag...
XP
352
Country
France
Wut?

If it's real does it still works with the yesterday update (it's maybe why they released such a small update that fast, they discovered their mistake) ?

Video?
 

deathking

Well-Known Member
Member
Joined
Mar 15, 2009
Messages
647
Trophies
0
Website
toxsic.com
XP
235
Country
United States
3ds hacking
ohitson.jpg
 

lostdwarf

Well-Known Member
Member
Joined
Nov 2, 2008
Messages
1,071
Trophies
0
Location
ENGLAND
Website
www.rockstarleeds.com
XP
261
Country
I think he thinks he knows what he is doing...
The "hello world" app you have running.... is running in DSi mode. This is not 3DS hack.

You also say the keys are encrypted and/or you still do not have them. So you still can't hack anything.
"could not find the decrypted key anywhere in the 3DS RAM, so it's obviously somewhat encrypted. The decrypted key is 8 bytes long"



"This allows us to sign our own packages using the same key and override function. I already have a 3D "Hello world" application running! There is no good reason I can think of for Nintendo doing this, I believe that they used it for eShop debugging and forgot to remove it."

How does this allow you to do anything?

First post too.
 

NathanDuma

Well-Known Member
Member
Joined
Mar 15, 2012
Messages
114
Trophies
0
XP
57
Can you post proof?

Also I added an "a" in hex editor in the app file, and the nintendo 3ds screen just kept going on and on, so I went to the home menu and it said error and told me to turn off the 3ds.
 

chavosaur

Chavo
Member
Joined
Mar 11, 2012
Messages
4,796
Trophies
1
Age
29
Location
Huntersville, NC
XP
8,177
Country
United States
Hi. First off, I'd like to say that I will never be involved in any business involving 3DS hacking. I do this for fun. I enjoy reversing and finding exploits on consoles, although, this is the first exploit I have found that proves useful.

To those who have extracted the data from the patch (decrypting is the hard part, but some people already know how to do this) - you may notice a function that will override signature checks by calling it with a key stored in the decrypted package. I guess Nintendo has a whitelist for certain keys? I haven't yet looked into the signature checking function yet but could not find the decrypted key anywhere in the 3DS RAM, so it's obviously somewhat encrypted. The decrypted key is 8 bytes long.

This allows us to sign our own packages using the same key and override function. I already have a 3D "Hello world" application running! There is no good reason I can think of for Nintendo doing this, I believe that they used it for eShop debugging and forgot to remove it. A simple mistake. But be quick to look because I am sure they will remove it in a new firmware sooner or later.

Sorry for any bad English :)

Tell me when your 3DS says "Im ready to play 3ds roms"
 

mysticwaterfall

Streamforce Supreme Commander
Member
Joined
Aug 11, 2008
Messages
1,874
Trophies
0
Location
Right behind you
XP
668
Country
United States
Besides the obvious BS here, I would like to point out that is no possible way the key size is only 8 bytes (64 bits). That would make the 3DS ridiculously insecure and open to simple bruteforcing.
 
  • Like
Reactions: 3 people
Status
Not open for further replies.

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
    Xdqwerty @ Xdqwerty: @LeoTCK, mods are probably hating you