Homebrew Is it possible to make a Download Play exploit?

[Stalls]

Is there a way to send a signal to the 3DS from a PC to run boot.3dsx in Download Play?

 

[TecXero]

Sure, if you find a vulnerability or decrypt their keys and encryption and whatever else they use, and then develop the software and payload for it.

 

[Monado_III]

Sure, if you find a vulnerability or decrypt their keys and encryption and whatever else they use, and then develop the software and payload for it.

This. Do this and you could theoretically exploit spreetpass, spotpass and any other wireless communication the 3ds uses. But the chance of someone doing that is extremely slim.

 

[Deleted User]

This. Do this and you could theoretically exploit spreetpass, spotpass and any other wireless communication the 3ds uses. But the chance of someone doing that is extremely slim.

Not unless you're aided by the power of ＢＬＡＣＫ ＭＡＧＩＣ

 

[TecXero]

This. Do this and you could theoretically exploit spreetpass, spotpass and any other wireless communication the 3ds uses. But the chance of someone doing that is extremely slim.

Yep, I don't think someone wants to dedicate a significant portion of their lives to decrypting that crap. Unless they're really lucky and talented, they could spend years working on it.

 

[Mrrraou]

Search on Google for nwm_beaconkey and yellows8's beacon data tool. Use monitor mode and capture packets sent. Have fun (that's how smashbroshax was made)

 

[Acryt]

Yep, I don't think someone wants to dedicate a significant portion of their lives to decrypting that crap. Unless they're really lucky and talented, they could spend years working on it.

and if you do this you should consider selling that information for millions of dollars as you invalidate millions of dollars of crypto tech

 

[Jack_Sparrow]

Is there a way to send a signal to the 3DS from a PC to run boot.3dsx in Download Play?

Why are you asking? It seems to me like you heard something not yet to be heard by the public...

--------------------- MERGED ---------------------------

When Download Play is running the Vendor Tag overflow holds potential exploiting. If you've been hearing about a 9.3+ Kexploit this is what people are looking into. Once this happens theoretically we could inject a payload into the app.

Sure, if you find a vulnerability or decrypt their keys and encryption and whatever else they use, and then develop the software and payload for it.

No need to decrypt the keys. Thats the vulnerability and thats all that's known at this point.

 

[TecXero]

No need to decrypt the keys. Thats the vulnerability and thats all that's known at this point.

Well, I mean without a vulnerability, but that was more meant to just convey how ridiculous of an undertaking it would be without stumbling across another vulnerability.

 

[jamieyello]

All you need is a quantum computer and all of cryptography is a joke to you.

 

[orly3]

All you need is a quantum computer and all of cryptography is a joke to you.

Google have one don't they?
If we break into googles headquarters, we can hack everything
Wait... does that mean google could already have a 9.3+ kexploit?
Goohax confirmed!

 

[GalladeGuy]

Google have one don't they?
If we break into googles headquarters, we can hack everything
Wait... does that mean google could already have a 9.3+ kexploit?
Goohax confirmed!

Unfortunately, Goohax was just blocked by the new 10.4 update. Here are the patch notes:

Patched the Goohax exploit STABILITY!!!!!!

 

[NodePoint]

If boot.3dsx were to be pushed over to an other 3DS then the payload may need to be downloaded and execute after. Can be the other way around if the payload waits for the boot.3dsx file to be fully downloaded.

 

[Jack_Sparrow]

Well, I mean without a vulnerability, but that was more meant to just convey how ridiculous of an undertaking it would be without stumbling across another vulnerability.

Which i showed you the vulnerability stumbled upon.

 

[TecXero]

Which i showed you the vulnerability stumbled upon.

Okay. I don't know what all has been found relating to that. I haven't messed with it at all, just spouting out the general rhetoric for what's needed for a usable exploit. Even with a vulnerability, assuming the vulnerability will give you access to everything you need to make it usable, there's still a lot of work that has to be done before it's usable.

I'd assume the 3DS's Download Play (and local play in general) uses something slightly different from the 802.11g standard, so you'd have to also write custom software just for a PC to broadcast something the 3DS will recognize at all.

 

[Bubsy Bobcat]

Sure, if you find a vulnerability or decrypt their keys and encryption and whatever else they use, and then develop the software and payload for it.

This. You can't just "make an exploit" Squiddo.

 

[Pikasack]

This. You can't just "make an exploit" Squiddo.

Kiddo =/= Squiddo, nice try

 

[MsMidnight]

Because he/she has no heart.

Yep. I don't give any regard to stuff or people

Anyways back on topic, can't we send a buffer overflow of packets ?

 

[doctorgoat]

Yep. I don't give any regard to stuff or people

Anyways back on topic, can't we send a buffer overflow of packets ?

I don't know. Can we?

Go give it a shot.

 

[GalladeGuy]

I don't know. Can we?

Go give it a shot.

He used can't the exact way its supposed to in that sentence. You don't say "may we not send a buffer overflow of packets?".