Homebrew New Super Mario Bros 2 crash. Could an exploit would be possible

Ordim3n

Well-Known Member
OP
Member
Joined
Dec 14, 2015
Messages
413
Trophies
0
Location
Planet earth
XP
257
Country
Canada
So i was messing with NSMB2's save and i encountered a crash.
Things that i know:
There is no checksums in the save
I changed the streetpass tags to get the crash
The game will still accept the save even if the Streetpass section of the save is filled with FF and will look like this
IMG_20160706_243023181.jpg

Video of the crash happening on both a N3ds and a O3ds

I know that a crash doesn't always lead to an exploit
 

Swiftloke

Hwaaaa!
Member
Joined
Jan 26, 2015
Messages
1,770
Trophies
1
Location
Nowhere
XP
1,478
Country
United States
I don't see a way to get any code execution through this
Well, clearly there are no checks whatsoever in the actual Streetpass data. First we need to find out what we can potentially overflow into, and if the game checks for overflows.

--------------------- MERGED ---------------------------

Well, the game has access to the shell
What shell? NS? Isn't that an extremely interesting target, enough to be in the 32c3 conference?
Either way, it doesn't help with code execution. It just gives us access to a very nice service if we do get code execution.
 
  • Like
Reactions: DarkFlare69

Ordim3n

Well-Known Member
OP
Member
Joined
Dec 14, 2015
Messages
413
Trophies
0
Location
Planet earth
XP
257
Country
Canada
What shell? NS? Isn't that an extremely interesting target, enough to be in the 32c3 conference?
Either way, it doesn't help with code execution. It just gives us access to a very nice service if we do get code execution.
Yeah, i think the NS. Because when i did the rsf gen, it had - shell iirc
 

Swiftloke

Hwaaaa!
Member
Joined
Jan 26, 2015
Messages
1,770
Trophies
1
Location
Nowhere
XP
1,478
Country
United States
Yep a cool crash, but hey people are not going to create a thread everytime a crash occurs.
Please investigate that before posting anything, a bunch of games are crashing when fuzzing the save file.
He did, actually. He found out the Streetpass data content isn't checked.
Your fears are well founded, however. Things like Fateshax understandably erode trust in potentially legitimate hacks. Checking the early pages of BasicSploit are full of skeptical users crying out 'Fateshaxx 2.0'.
 
Last edited by Swiftloke,

DarkFlare69

Well-Known Member
Member
Joined
Dec 8, 2014
Messages
5,147
Trophies
2
Location
Chicago
XP
4,749
Country
United States
He did, actually. He found out the Streetpass data content isn't checked.
Your fears are well founded, however. Things like Fateshax understandably erode trust in potentially legitimate hacks. Checking the early pages of BasicSploit are full of skeptical users crying out 'Fateshaxx 2.0'.
But this one's actually real.
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
    Psionic Roshambo @ Psionic Roshambo: Whip it, whip it good!