Hacking Information regarding 3DS Homebrew and the May 15 update

ALeCTor · May 16, 2012

Hi. First off, I'd like to say that I will never be involved in any business involving 3DS hacking. I do this for fun. I enjoy reversing and finding exploits on consoles, although, this is the first exploit I have found that proves useful.

To those who have extracted the data from the patch (decrypting is the hard part, but some people already know how to do this) - you may notice a function that will override signature checks by calling it with a key stored in the decrypted package. I guess Nintendo has a whitelist for certain keys? I haven't yet looked into the signature checking function yet but could not find the decrypted key anywhere in the 3DS RAM, so it's obviously somewhat encrypted. The decrypted key is 8 bytes long.

This allows us to sign our own packages using the same key and override function. I already have a 3D "Hello world" application running! There is no good reason I can think of for Nintendo doing this, I believe that they used it for eShop debugging and forgot to remove it. A simple mistake. But be quick to look because I am sure they will remove it in a new firmware sooner or later.

Sorry for any bad English

indask8 · May 16, 2012

Wut?

If it's real does it still works with the yesterday update (it's maybe why they released such a small update that fast, they discovered their mistake) ?

Video?

dicamarques · May 16, 2012

i think ths wont gives us anything (at least for the common user)

Snailface · May 16, 2012

You're full of 3bs.

BTW-Your English is just fine.

nintendoom · May 16, 2012

really??!

PICS NOW!

deathking · May 16, 2012

3ds hacking

FireGrey · May 16, 2012

Sorry but we get people claiming they hacked the 3ds every week.
If you want people to take you seriously can you please upload some evidence?

lostdwarf · May 16, 2012

I think he thinks he knows what he is doing...
The "hello world" app you have running.... is running in DSi mode. This is not 3DS hack.

You also say the keys are encrypted and/or you still do not have them. So you still can't hack anything.
"could not find the decrypted key anywhere in the 3DS RAM, so it's obviously somewhat encrypted. The decrypted key is 8 bytes long"

"This allows us to sign our own packages using the same key and override function. I already have a 3D "Hello world" application running! There is no good reason I can think of for Nintendo doing this, I believe that they used it for eShop debugging and forgot to remove it."

How does this allow you to do anything?

First post too.

McHaggis · May 16, 2012

Cool story, bro.

NathanDuma · May 16, 2012

Can you post proof?

Also I added an "a" in hex editor in the app file, and the nintendo 3ds screen just kept going on and on, so I went to the home menu and it said error and told me to turn off the 3ds.

chavosaur · May 17, 2012

ALeCTor said:
Hi. First off, I'd like to say that I will never be involved in any business involving 3DS hacking. I do this for fun. I enjoy reversing and finding exploits on consoles, although, this is the first exploit I have found that proves useful.

To those who have extracted the data from the patch (decrypting is the hard part, but some people already know how to do this) - you may notice a function that will override signature checks by calling it with a key stored in the decrypted package. I guess Nintendo has a whitelist for certain keys? I haven't yet looked into the signature checking function yet but could not find the decrypted key anywhere in the 3DS RAM, so it's obviously somewhat encrypted. The decrypted key is 8 bytes long.

This allows us to sign our own packages using the same key and override function. I already have a 3D "Hello world" application running! There is no good reason I can think of for Nintendo doing this, I believe that they used it for eShop debugging and forgot to remove it. A simple mistake. But be quick to look because I am sure they will remove it in a new firmware sooner or later.

Sorry for any bad English

Tell me when your 3DS says "Im ready to play 3ds roms"

mysticwaterfall · May 17, 2012

Besides the obvious BS here, I would like to point out that is no possible way the key size is only 8 bytes (64 bits). That would make the 3DS ridiculously insecure and open to simple bruteforcing.

Kikirini · May 17, 2012

Aw. At least try to fool us with a fake video. Make it interesting, you know?

Vampire Lied · May 17, 2012

How cute and original.
I love the "I have no intent to hack the 3ds, but here's how I did it."

Fudge · May 17, 2012

I hacked the 3DS. eShop games of the cartridge slot for the win

frogboy · May 17, 2012

ALeCTor said:
I already have a 3D "Hello world" application running!

If you don't post proof (i.e. videos or pictures), this thread will burn to the ground.

Janthran · May 17, 2012

@[member='Fudge']
Stupid question, how actually did you do that?

Fudge · May 17, 2012

Janthran said:
@[member='Fudge']
Stupid question, how actually did you do that?

I'll never tell

TheZander · May 17, 2012

I thought they already hacked the 3DS weeks ago.

Deltaechoe · May 17, 2012

North Korea needs this thread, it's pure weapon's grade BALOGNIUM

Hacking Information regarding 3DS Homebrew and the May 15 update

New Member

New Member Forever

Definitely not Bruce Wayne.

My frothing demand for 3ds homebrew is increasing

Nintendoom

Well-Known Member

Undercover Admin

Well-Known Member

Fackin' Troller

Well-Known Member

Chavo

Streamforce Supreme Commander

Zelda Fangirl

Resident sociopath

Remember that death is not the end, but only a tra

lacking both style and grace

Solarian

Remember that death is not the end, but only a tra

1337

The Dopefish

Similar threads

Popular threads in this forum