1. shutterbug2000

    OP shutterbug2000 Cubic NINJHAX!
    Member

    Joined:
    Oct 11, 2014
    Messages:
    1,088
    Country:
    United States
    Introducing nds-constraint!
    After many years of trying to find a solution for hackless custom Nintendo Wi-Fi Connection servers, a solution has finally been found for the Nintendo DS and the Nintendo DSi system families!
    Details on how it works, instructions on how to set it up for yourself, and Kaeru Team's official Kaeru WFC server that utilizes this new method can be found below:

    https://github.com/KaeruTeam/nds-constraint

    For those who just want to play online, here's the DNS server info:
    Primary: 178.62.43.212
    Secondary: 1.1.1.1 or 8.8.8.8
     
    rommy667, PRAGMA, Hoppy and 69 others like this.
  2. ry755

    ry755 GBAtemp Advanced Fan
    Member

    Joined:
    Nov 29, 2017
    Messages:
    532
    Country:
    United States
    Awesome!
     
    Last edited by ry755, Oct 29, 2018
    THEGUY3ds likes this.
  3. slaphappygamer

    slaphappygamer GBAPerm
    Member

    Joined:
    Nov 30, 2008
    Messages:
    2,741
    Country:
    United States
    So now we can play Mario kart online?
     
  4. THEGUY3ds

    THEGUY3ds GBAtemp Regular
    Member

    Joined:
    Apr 13, 2018
    Messages:
    111
    Country:
    Australia
    Hopefully these servers will have many people using them.
     
    ry755, Deleted User and PICTOCHAT like this.
  5. Josephvb10

    Josephvb10 I like Pokémon
    Member

    Joined:
    Aug 26, 2009
    Messages:
    649
    Country:
    Costa Rica
    So does this work for every game?
     
  6. Tarmfot

    Tarmfot GBAtemp Regular
    Member

    Joined:
    Dec 12, 2015
    Messages:
    167
    Country:
    Montserrat
    I just don't understandt it well but it seems a very good news. :)
    No need to patch and no wiimfi for ds then!
     
    Itzumi likes this.
  7. Coto

    Coto -
    Member

    Joined:
    Jun 4, 2010
    Messages:
    2,663
    Country:
    Chile
    the SSL is just a layer on top the HTTP layer that adds a safe client - server handshake without being MITM´d.

    Since the Nintendo WFC has been reverse engineered and implemented in the server side that still required some sort of manipulation on the client side so the client implementation would just discard the SSL context.
    The way the Nintendo WFC games were written, these still required the SSL (SSLv3) layer implemented. Thus a simple server redirection wouldn't work if the games weren't tampered with.

    SSL certs are built on the key-pair principle.

    Certificate Signing Request:
    - A public key and a certificate is forged from a private key (that only the owner has). The CA (Certificate Authority) issuer builds a certificate to be later used by the client and the server in the SSL certificate chain. The idea is that the CA is the owner of the secured connection. And it seems there is a flag to toggle the CA validity to off. So you can sign your own server certs and send them to the DS. So the chain of trust (being part of the SSL implementation, bundled with the game ROM as ARM assembly) goes as intended.

    SSL handshake:
    - once the client asks for the server SSL certificate, the public key bundled with is used to decrypt the digital signature of the cert earlier forged by the private key. If the decryption is successful then the connection takes place.
     
    GilgameshArcher, SS4 and Tarmfot like this.
  8. TipsPROmayB

    TipsPROmayB Just a music producer roaming GBATemp
    Member

    Joined:
    Jan 9, 2016
    Messages:
    210
    Country:
    Croatia
    Nice, if only mkds was compatible with wpa :/
     
    ry755, Deleted User and weatMod like this.
  9. banjo2

    banjo2 little man
    Member

    Joined:
    May 31, 2016
    Messages:
    1,322
    Country:
    United States
    Yay, now I can finally use that extra copy of Metroid Prime Hunters to mess around with online. Now to decrypt this madness into noob speak so I can do it without downloading unnecessary stuff.
     
  10. Funky_3000

    Funky_3000 Member
    Newcomer

    Joined:
    Jul 15, 2017
    Messages:
    26
    Country:
    France
    Hi, does this work if i use NDSi++ ( DS/DSi emulator for 3DS ) please ?
     
  11. Robz8

    Robz8 Coolest of TWL
    Developer

    Joined:
    Oct 1, 2010
    Messages:
    12,871
    Country:
    United States
    Yes.
    Also, DSiMenu++ isn't an emulator. It runs DS games natively.
     
  12. TipsPROmayB

    TipsPROmayB Just a music producer roaming GBATemp
    Member

    Joined:
    Jan 9, 2016
    Messages:
    210
    Country:
    Croatia
    Found a way to play online (for people that can't make a WEP hotspot):
    If you have a newer phone, you can probably only make a WPA2 hotspot, but I found a way how to make it work.
    You need to make your network open and you need to add your DS mac address and put "Allowed devices only". You can then connect your DS without a problem to your hotspot and play any game you want online. Tried it with MKDS and played a game with someone online and it worked great!

    Hope this helps :)
     
    Tarmfot and SCOTT0852 like this.
  13. tech3475

    tech3475 GBAtemp Advanced Maniac
    Member

    Joined:
    Jun 12, 2009
    Messages:
    1,768
    Country:
    For the record, Mac address filtering isn't really recommended as a security option, although better than nothing in this case.

    You may be better off long term looking for something like an old router and isolating it on the LAN (more complicated but more secure).
     
  14. Lenoor

    Lenoor Member
    Newcomer

    Joined:
    Dec 3, 2010
    Messages:
    23
    Country:
    Netherlands
    Is there hope for Wii's multi ? I'd like to play Meownster Hunter Tri again.
     
    codezer0, Zense and Tarmfot like this.
  15. nl255

    nl255 GBAtemp Addict
    Member

    Joined:
    Apr 9, 2004
    Messages:
    2,911
    Country:
    Though to be fair Mac address filtering is only slightly worse than WEP (as at least cracking WEP can't easily be done with most smartphones due to a lack of support for the required features*).


    *Yes, I know you can use certain external usb wifi cards to work around it but that is a pain in the ass due to compatibility issues.
     
  16. Searinox

    Searinox Dances with Dragons
    Member

    Joined:
    Dec 16, 2007
    Messages:
    2,020
    Country:
    Romania
    Now waiting for a new class of DSi and 3DS jailbreak exploits involving running legit DS titles on the console with a custom DNS, connecting to a hax server for online play, and feeding the console corrupt data overflowing one thing or another in order to run arbitrary code.
     
    Tarmfot, Fishaman P and TheNerdWIzard like this.
  17. tech3475

    tech3475 GBAtemp Advanced Maniac
    Member

    Joined:
    Jun 12, 2009
    Messages:
    1,768
    Country:
    I was speaking in general and then compared to open wifi.

    I think if you plan to do anything like this, it would be better to use a method which isolates the DS as much as possible from a known good device/network.
     
  18. TipsPROmayB

    TipsPROmayB Just a music producer roaming GBATemp
    Member

    Joined:
    Jan 9, 2016
    Messages:
    210
    Country:
    Croatia
    I was just saying if you don't have any other options, you could do my method. Since I don't have any other routers in my house and I'm unable to make a WEP hotspot and everyone in my country is dumb af so an open wifi hotspot is just okay for what I need
     
    xs4all likes this.
  19. FAST6191

    FAST6191 Techromancer
    Reporter

    Joined:
    Nov 21, 2005
    Messages:
    30,527
    Country:
    United Kingdom
    Nice writeup/work those responsible. I am not sure how much practical use it will be in the end but the option is very much appreciated. Looks like I also have some reading to do on the full SSL implementation.

    Were you not around for the times we needed custom mac addresses for various hacks (the streetpass thing being the most notable)? I have quite literally had an easier time teaching people to figure out WEP keys.

    I agree though getting an older router, doing a decent setup there and powering it on whenever you fancy is probably the better route if security is a concern.
     
  20. tech3475

    tech3475 GBAtemp Advanced Maniac
    Member

    Joined:
    Jun 12, 2009
    Messages:
    1,768
    Country:
    I'm not familiar with those hacks, never cared for spotpass.

    The reason why MAC address filtering is not recommended as a security measure is because they can be sniffed and spoofed.

    I wasn't talking WEP vs MAC but, again, in general and in the context of open wifi.
     
Draft saved Draft deleted
Loading...

Hide similar threads Similar threads with keywords - constraint, advantage, Nintendo