Need testers for a CIA file

Discussion in '3DS - Homebrew Development and Emulators' started by Rinnegatamante, Mar 14, 2015.

  1. Rinnegatamante
    OP

    Rinnegatamante GBAtemp Psycho!

    Member
    3,127
    3,270
    Nov 24, 2014
    Italy
    Bologna
    Hi all,
    i'm trying to do some research about 3DS WiFi connectivity but i need some tests.
    I need someone who can use CIA files (so CFW, GW) on both N3DS and 3DS consoles.

    This is the CIA file: http://rinnegatamante.netsons.org/NVRAM_Dumper.cia

    Assuming it works correctly, this CIA will create a flash.bin file in SD Card root which contains a dump of NVRAM flash of your WiFi Adapter.
    If you find this file, please send me it or post it here.
     
    Margen67 likes this.
  2. ChrisX930

    ChrisX930 Banned

    Banned
    788
    317
    Sep 3, 2013
    Gambia, The
    Germany
    i'll try it after I created a xorpad file :)
     
    Margen67 likes this.
  3. ChrisX930

    ChrisX930 Banned

    Banned
    788
    317
    Sep 3, 2013
    Gambia, The
    Germany
    UPDATE: flash.bin was created on the root of the SD Card. Do you need it or you just wanted if it works?
     
    Rinnegatamante likes this.
  4. Rinnegatamante
    OP

    Rinnegatamante GBAtemp Psycho!

    Member
    3,127
    3,270
    Nov 24, 2014
    Italy
    Bologna
    I also need it if possible.
     
  5. ChrisX930

    ChrisX930 Banned

    Banned
    788
    317
    Sep 3, 2013
    Gambia, The
    Germany
    Here it is
     

    Attached Files:

    Margen67 and Fuzzeh like this.
  6. Warft

    Warft Say my name!

    Member
    263
    177
    Aug 8, 2013
    United States
    Albuquerque, New Mexico
    Do you develope a MAC Spoofer? That would be great!
     
    Margen67 likes this.
  7. zoogie

    zoogie simple pimp tool

    Member
    6,353
    8,057
    Nov 30, 2014
    United States
    Seems to work great judging by ChrisX's firm dump. It does write 0x10 bytes to far though - don't know if that's an issue.
     
    ChrisX930 likes this.
  8. Rinnegatamante
    OP

    Rinnegatamante GBAtemp Psycho!

    Member
    3,127
    3,270
    Nov 24, 2014
    Italy
    Bologna
    Tried to substitute MAC Address in SPI flash but it doesn't change anything (Maybe this values are used only for TWL_FIRM? Need more tests to see what can be done working on this dump.).

    One thing that can be surely done is to recover Access Points saved password cause the dump contains saved not encyrpted passwords for every single Access Point.
     
    Margen67 and Warft like this.
  9. piratesephiroth

    piratesephiroth I wish I could read

    Member
    3,009
    1,620
    Sep 5, 2013
    Brazil
    Yeah, that network config tool from the SDK displays the saved passwords.
     
    Margen67 and ChrisX930 like this.
  10. Rinnegatamante
    OP

    Rinnegatamante GBAtemp Psycho!

    Member
    3,127
    3,270
    Nov 24, 2014
    Italy
    Bologna
    I'm making an AP password viewer with possibility to dump and restore NVRAM flash. It will be released soon.
     
    Margen67 and daxtsu like this.
  11. cracker

    cracker Nyah!

    Member
    3,155
    454
    Aug 24, 2005
    United States
    I'm pretty sure the wifi module has read only set in the block that contains the MAC.
     
  12. Rinnegatamante
    OP

    Rinnegatamante GBAtemp Psycho!

    Member
    3,127
    3,270
    Nov 24, 2014
    Italy
    Bologna
    Talking about NVRAM, i succesfully overwrited my MAC address and, after re-dumping NVRAM, i get my "spoofed" MAC address but it will not be used by 3DS to connect on the net.

    EDIT (need to fix some minor bugs, anyway):
    Warning: Spoilers inside!
     
    ChrisX930 likes this.
  13. cracker

    cracker Nyah!

    Member
    3,155
    454
    Aug 24, 2005
    United States
    Have you logged into your router to see what MAC is showing? If it is showing the real one then it probably is sending with the spoofed MAC but when it receives packets marked for the spoofed MAC it denies them because the internal MAC doesn't match.
     
  14. Rinnegatamante
    OP

    Rinnegatamante GBAtemp Psycho!

    Member
    3,127
    3,270
    Nov 24, 2014
    Italy
    Bologna
    I get always real MAC on Router connected devices.
     
  15. cracker

    cracker Nyah!

    Member
    3,155
    454
    Aug 24, 2005
    United States
    But, hey you just found a method to disable wifi from connecting and accidental updates. Does it stay persistent after rebooting or does it get updated?
     
    Margen67 likes this.
  16. Rinnegatamante
    OP

    Rinnegatamante GBAtemp Psycho!

    Member
    3,127
    3,270
    Nov 24, 2014
    Italy
    Bologna

    MMhhh no, why you say i found a method to disable wifi? O.o
     
  17. cracker

    cracker Nyah!

    Member
    3,155
    454
    Aug 24, 2005
    United States
    Not to disable it entirely but to disable it from making good packet transfers == no accidental updates via kids, etc.