Homebrew Is Possible To Make a Serial MAC Spoofer/ Serial Number spoofer on 3DS [Like WII]

zannalabianca

Well-Known Member
OP
Member
Joined
Aug 13, 2013
Messages
172
Trophies
0
Age
41
XP
223
Country
Good evening everyone, I wanted to ask a simple question: is it possible to access the current 3ds , create a homebrew for spoofing MAC address spoofing or Serial Number 3DS ? this is because Nintendo started the march towards the destruction , and as you have seen , I have proof . It will be possible a homebrew that? perhaps through codes Gecko in games ?

 

Ericthegreat

Not New Member
Member
Joined
Nov 8, 2008
Messages
3,434
Trophies
2
Location
Vana'diel
XP
3,842
Country
United States
Good evening everyone, I wanted to ask a simple question: is it possible to access the current 3ds , create a homebrew for spoofing MAC address spoofing or Serial Number 3DS ? this is because Nintendo started the march towards the destruction , and as you have seen , I have proof . It will be possible a homebrew that? perhaps through codes Gecko in games ?
I think it should be possible to spoof mac, if not through your 3ds through your router.
 
  • Like
Reactions: zannalabianca

JustPingo

Well-Known Member
Member
Joined
Jan 11, 2015
Messages
497
Trophies
0
Age
23
XP
1,071
Country
France
Nintendo can't see your MAC adress because of internet limitations. That means that there are 2 possibilities: 1) The ban isn't MAC-related. That's an answer I really like because using MAC filtering is very known at being super bad, and Nintendo aren't highschool computer scientists, they know what they are doing. 2) The MAC adress is sent alongside the message. In this case, a RAM patch would be enough, please check 3dbrew.
I would be really surprised if Nintendo kept a list of every 3DSes MAC adresses since that would be a pain for the servers to handle. But possible though. You might only be able to swap your MAC with another console then. I don't know how that was managed by the Wii though, so I may be completely wrong ^^
 
  • Like
Reactions: Nightwish

Apache Thunder

I have cameras in your head!
Member
Joined
Oct 7, 2007
Messages
4,294
Trophies
3
Age
35
Location
Levelland, Texas
Website
www.mariopc.co.nr
XP
6,214
Country
United States
how are 'innocent' peoples serial numbers going to get taken?

There's quite a few eBay listings where sellers are careless enough to so show the serial number on the back of their console/on box. Not to mention you can simply drop by your local Wal-Mart and write down the exposed serial numbers on the 3DS/3DS XL boxes. (not sure about the n3DS. I seen the n3DS boxes in my Wal-Mart and they aren't visible or is on the back of the box so opening the display case would be required to see them)

If serial number spoofing becomes widespread, Nintendo will be forced to start rolling back their bans as it will start causing significant collateral damage to their legitimate customers and they will start getting a lot of complaint's, lawsuits, negative press, etc. :P

You can file serial number spoofing on the long list of things you can't do on a Sky3DS. So maybe it won't be big enough of a problem for Nintendo to notice/care... :P

Unless there's a different number stored in the console's firmware/SOC that is related to but not the same as the one we see on the back of the console/box? Otherwise, showing your console's serial number to the internet would be a bad idea. :P

And if it's the other case where the serial stored inside the SoC/firmware that needs to be spoofed isn't what you see on the back of the console/box, then many could start buying 3DSs from Wal-Mart, dumping the serial numbers stored inside them and "returning" the console back to Wal-Mart when their done. They could do multiple consoles over a span of a few weeks and in the end if they all get banned, then the legit customers who bought them will be SOL because at this stage it's unlikely Nintendo will budge on the bans.

There's also pawn shops and other stores. Unlike games, I think you can still return opened electronics to Wal-Mart. They just have a much smaller return window then other things. It's 14 days I believe and a receipt is required. It's a large upfront cost, but your getting your money back in the end, so I can see quite a few doing this if serial spoofing becomes a thing. :P

yes it is possible to change your serial, it should unban someone, but i cannot test because i am not banned

Perhaps you can ask someone who has been banned to dump their serial and give it to you to test. It will work in the reverse. If you spoof to a banned console ID, you can't play online and will get the error. Then when you return to your real console ID, you can go online again. That would be one way of testing it without actually owning a banned console. ;)
 

Apache Thunder

I have cameras in your head!
Member
Joined
Oct 7, 2007
Messages
4,294
Trophies
3
Age
35
Location
Levelland, Texas
Website
www.mariopc.co.nr
XP
6,214
Country
United States
it is not that simple, the file where the console serial is, it is signed. so it cannot simply be edited.

Obviously Sky3DS users will be SOL. But I'm sure you can patch out the signing check on 9.2 and below systems if you want to modify the console ID. Gateway might at some point try this if it becomes an issue for them as well. Sky3DS can't really do anything given how their product works. But Gateway might... ;)

Indeed the average user won't be able to do this on their own. A dev here would have to release a tool or something that can do this for them provided they have access to emunand.
 

zannalabianca

Well-Known Member
OP
Member
Joined
Aug 13, 2013
Messages
172
Trophies
0
Age
41
XP
223
Country
yes it is possible to change your serial, it should unban someone, but i cannot test because i am not banned
Obviously Sky3DS users will be SOL. But I'm sure you can patch out the signing check on 9.2 and below systems if you want to modify the console ID. Gateway might at some point try this if it becomes an issue for them as well. Sky3DS can't really do anything given how their product works. But Gateway might... ;)
Indeed the average user won't be able to do this on their own. A dev here would have to release a tool or something that can do this for them provided they have access to emunand.
I got banned yesterday morning , in the topic in the section of flashcards 002-0102 we talked about it , I used it a few days publica header , and then I used header only private pokemon ruby on all my bakup , and nintendo , banned me ..

I also made a video , are the first in Italy to get this , and I can not buy a new 3ds for this, so I offer to test your spoof and tell you if I work

I will be of help to you and you shall be to me ..
I wait for you , I'm here ..
a video demonstration of my damn ban:
 

Immortal_no1

Well-Known Member
Member
Joined
Jul 17, 2003
Messages
266
Trophies
0
XP
292
Country
You have source to share for that spoofer? i haven't seen elsewhere that much information about the MAC address, i only find a few instances of my MAC in my extracted EMMC NAND
 

Rinnegatamante

Well-Known Member
Member
Joined
Nov 24, 2014
Messages
3,162
Trophies
2
Age
27
Location
Bologna
Website
rinnegatamante.it
XP
4,733
Country
Italy
You have source to share for that spoofer? i haven't seen elsewhere that much information about the MAC address, i only find a few instances of my MAC in my extracted EMMC NAND

It seems MAC spoofing is not working very well cause 3DS rewrites shared-mem MAC address every time you connect to the net (and not only at console startup) so WiFi is initialized always with network adapter parameters :/
Maybe reprotecting shared-mem addresses or RE NWM service can help to fix this.
Anyway i just modified MAC address stored in shared-mem with a CIA build with shared-mem r/w privileges.
 

Immortal_no1

Well-Known Member
Member
Joined
Jul 17, 2003
Messages
266
Trophies
0
XP
292
Country
It seems MAC spoofing is not working very well cause 3DS rewrites shared-mem MAC address every time you connect to the net (and not only at console startup) so WiFi is initialized always with network adapter parameters :/
Maybe reprotecting shared-mem addresses or RE NWM service can help to fix this.
Anyway i just modified MAC address stored in shared-mem with a CIA build with shared-mem r/w privileges.

Is it possible to modify your source to output the contents of memory to The top screen screen for a given memory region? and possibly a search function to search the memory returning the offset in memory if the search string is found? i assume that it shouldn't be a major task? or even dump the memory region to the SDMC? Whatever you share will be very useful, or drop it on the Wiki for whatever you have.
http://wiki.gbatemp.net/wiki/List_of_3DS_homebrew
 

Rinnegatamante

Well-Known Member
Member
Joined
Nov 24, 2014
Messages
3,162
Trophies
2
Age
27
Location
Bologna
Website
rinnegatamante.it
XP
4,733
Country
Italy
We know shared-mem offset of WiFi Mac Address. NWM module just take Mac Address from Network Adapater and store this value to shared-mem.
Anyway, i'm doing soming like this:
Code:
    *(u8*)0x1FF81060 = 0xF2;
    *(u8*)0x1FF81061 = 0xEE;
    *(u8*)0x1FF81062 = 0xEE;
    *(u8*)0x1FF81063 = 0xEE;
    *(u8*)0x1FF81064 = 0xEE;
    *(u8*)0x1FF81065 = 0xEE;
 
  • Like
Reactions: cearp

Immortal_no1

Well-Known Member
Member
Joined
Jul 17, 2003
Messages
266
Trophies
0
XP
292
Country
have you had any confirmation from zannalabianca as to whether this had any impact on the banning? i would assume that it would be based on the console ID / NNID rather than MAC. Nintendo no doubt track the MAC addresses. There's a file in NAND, can't remember which one that holds a list of addresses that have been visited online, wonder if it's possible to scan memory for the MAC/NNID/Console ID in the memory after accessing the online service and exiting back to the home screen then run the CIA? to in effect generate a report of the process used to authenticate the device online?

Otherwise the Console ID in NAND contains the 2048byte signature over the region code and the Console ID, but once it's been read i wonder if it can be modified in memory?? unless the signature is checked during the online authentication process?
 

Immortal_no1

Well-Known Member
Member
Joined
Jul 17, 2003
Messages
266
Trophies
0
XP
292
Country
I've made an app and can read it out perfectly fine, but i appear to be unable to write it back, is there some form of protection on that area of memory, it should be rw shared shouldn't it?
 

You may also like...

General chit-chat
Help Users
  • No one is chatting at the moment.
    M4x1mumReZ @ M4x1mumReZ: "Skittles" Angel Knight +1