Homebrew New Super Mario Bros 2 crash. Could an exploit would be possible

Ordim3n

Ordim3n

Well-Known Member
OP
Member
Level 3
Joined
Dec 14, 2015
Messages
413
Trophies
0
Location
Planet earth
XP
257
Country
Canada
So i was messing with NSMB2's save and i encountered a crash.
Things that i know:
There is no checksums in the save
I changed the streetpass tags to get the crash
The game will still accept the save even if the Streetpass section of the save is filled with FF and will look like this
IMG_20160706_243023181.jpg

Video of the crash happening on both a N3ds and a O3ds

I know that a crash doesn't always lead to an exploit
 
Swiftloke

Swiftloke

Hwaaaa!
Member
Level 8
Joined
Jan 26, 2015
Messages
1,772
Trophies
1
Location
Nowhere
XP
1,506
Country
United States
DarkFlare69 said:
I don't see a way to get any code execution through this
Click to expand...
Well, clearly there are no checks whatsoever in the actual Streetpass data. First we need to find out what we can potentially overflow into, and if the game checks for overflows.

--------------------- MERGED ---------------------------

Ordim3n said:
Well, the game has access to the shell
Click to expand...
What shell? NS? Isn't that an extremely interesting target, enough to be in the 32c3 conference?
Either way, it doesn't help with code execution. It just gives us access to a very nice service if we do get code execution.
 
  • Like
Reactions: DarkFlare69
Ordim3n

Ordim3n

Well-Known Member
OP
Member
Level 3
Joined
Dec 14, 2015
Messages
413
Trophies
0
Location
Planet earth
XP
257
Country
Canada
Swiftloke said:
What shell? NS? Isn't that an extremely interesting target, enough to be in the 32c3 conference?
Either way, it doesn't help with code execution. It just gives us access to a very nice service if we do get code execution.
Click to expand...
Yeah, i think the NS. Because when i did the rsf gen, it had - shell iirc
 
Swiftloke

Swiftloke

Hwaaaa!
Member
Level 8
Joined
Jan 26, 2015
Messages
1,772
Trophies
1
Location
Nowhere
XP
1,506
Country
United States
Nba_Yoh said:
Yep a cool crash, but hey people are not going to create a thread everytime a crash occurs.
Please investigate that before posting anything, a bunch of games are crashing when fuzzing the save file.
Click to expand...
He did, actually. He found out the Streetpass data content isn't checked.
Your fears are well founded, however. Things like Fateshax understandably erode trust in potentially legitimate hacks. Checking the early pages of BasicSploit are full of skeptical users crying out 'Fateshaxx 2.0'.
 
Last edited by Swiftloke,
DarkFlare69

DarkFlare69

Well-Known Member
Member
Level 15
Joined
Dec 8, 2014
Messages
5,147
Trophies
2
Location
Chicago
XP
4,750
Country
United States
Swiftloke said:
He did, actually. He found out the Streetpass data content isn't checked.
Your fears are well founded, however. Things like Fateshax understandably erode trust in potentially legitimate hacks. Checking the early pages of BasicSploit are full of skeptical users crying out 'Fateshaxx 2.0'.
Click to expand...
But this one's actually real.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew  A new way to experience StreetPass

Is it possible...?

Hacking Hardware  New Nintendo 3DS XL Louvre

Emulation  i have citra, i have my aes keys installed, how do i get the home menu

Hardware  Why does my 3DS take so long to turn off?

Hacking Misc  VCRUNTIME140.dll UCRTBASED.dll Master Thread

Translation Project  DQM2SP translation

What's the best 3DS emulator (especially after Citra's shutdown)?

General chit-chat
Help Users
  • No one is chatting at the moment.
  • BakerMan @ BakerMan:
    i said i was sleeping...
  • BakerMan @ BakerMan:
    sleeping with uremum
  • K3Nv2 @ K3Nv2:
    Even my mum slept on that uremum
  • TwoSpikedHands @ TwoSpikedHands:
    yall im torn... ive been hacking away at tales of phantasia GBA (the USA version) and have so many documents of reverse engineering i've done
  • TwoSpikedHands @ TwoSpikedHands:
    I just found out that the EU version is better in literally every way, better sound quality, better lighting, and there's even a patch someone made to make the text look nicer
  • TwoSpikedHands @ TwoSpikedHands:
    Do I restart now using what i've learned on the EU version since it's a better overall experience? or do I continue with the US version since that is what ive been using, and if someone decides to play my hack, it would most likely be that version?
  • Sicklyboy @ Sicklyboy:
    @TwoSpikedHands, I'll preface this with the fact that I know nothing about the game, but, I think it depends on what your goals are. Are you trying to make a definitive version of the game? You may want to refocus your efforts on the EU version then. Or, are you trying to make a better US version? In which case, the only way to make a better US version is to keep on plugging away at that one ;)
  • Sicklyboy @ Sicklyboy:
    I'm not familiar with the technicalities of the differences between the two versions, but I'm wondering if at least some of those differences are things that you could port over to the US version in your patch without having to include copyrighted assets from the EU version
  • TwoSpikedHands @ TwoSpikedHands:
    @Sicklyboy I am wanting to fully change the game and bend it to my will lol. I would like to eventually have the ability to add more characters, enemies, even have a completely different story if i wanted. I already have the ability to change the tilemaps in the US version, so I can basically make my own map and warp to it in game - so I'm pretty far into it!
  • TwoSpikedHands @ TwoSpikedHands:
    I really would like to make a hack that I would enjoy playing, and maybe other people would too. swapping to the EU version would also mean my US friends could not legally play it
  • TwoSpikedHands @ TwoSpikedHands:
    I am definitely considering porting over some of the EU features without using the actual ROM itself, tbh that would probably be the best way to go about it... but i'm sad that the voice acting is so.... not good on the US version. May not be a way around that though
  • TwoSpikedHands @ TwoSpikedHands:
    I appreciate the insight!
  • The Real Jdbye @ The Real Jdbye:
    @TwoSpikedHands just switch, all the knowledge you learned still applies and most of the code and assets should be the same anyway
  • The Real Jdbye @ The Real Jdbye:
    and realistically they wouldn't

    be able to play it legally anyway since they need a ROM and they probably don't have the means to dump it themselves
  • The Real Jdbye @ The Real Jdbye:
    why the shit does the shitbox randomly insert newlines in my messages
  • Veho @ Veho:
    It does that when I edit a post.
  • Veho @ Veho:
    It inserts a newline in a random spot.
  • The Real Jdbye @ The Real Jdbye:
    never had that i don't think
  • Karma177 @ Karma177:
    do y'all think having an sd card that has a write speed of 700kb/s is a bad idea?
    trying to restore emunand rn but it's taking ages... (also when I finished the first time hekate decided to delete all my fucking files :wacko:)
  • The Real Jdbye @ The Real Jdbye:
    @Karma177 that sd card is 100% faulty so yes, its a bad idea
  • The Real Jdbye @ The Real Jdbye:
    even the slowest non-sdhc sd cards are a few MB/s
  • Psionic Roshambo @ Psionic Roshambo:
    https://www.youtube.com/watch?v=SjCivnt5t50
  • Karma177 @ Karma177:
    @The Real Jdbye it hasn't given me any error trying to write things on it so I don't really think it's faulty (pasted 40/50gb+ folders and no write errors)
  • DinohScene @ DinohScene:
    run h2testw on it
  • DinohScene @ DinohScene:
    when SD cards/microSD write speeds drop below a meg a sec, they're usually on the verge of dying
    DinohScene @ DinohScene: when SD cards/microSD write speeds drop below a meg a sec, they're usually on the verge of dying