Homebrew Possible Nintendo 3DS exploit/vulnerability (Found by me!)

[NipponRyan97]

http://www.youtube.com/watch?v=K5xir386QsI&feature=youtube_gdata_player

Watch that, read the description, and read my comment. I think I might of actually found something. If what everyone on 3DBrew, Gbatemp, and other 3DS hacking sites say, then I might of just found the first actual vulnerability in the 3DS that isn't a crash or buffer overflow, but an exploit in the HOME Menu and its headers/filesystem that loads game data from the RAM and NAND. If this is actually exploitable, then that means I can finally complete the puzzle for Neimod and break region locking if unsigned code is made. If you read my YouTube description and comment you will see why this could be it.

- Ryan (all credit goes to me!)

What do you think? Pretty different, huh?

---

 

[Ericthegreat]

Cool but still how would we load code? Wouldn't we need somthing more like a save file glitch?

 

[DarkShinigami]

yeah hate to burst your parade but that aint an exploit

 

[Tom Bombadildo]

We'd still need a way to actually run the code, that is, if it's even possible. I don't think this would lead to anything.


EDIT: In response to your post below, just because it doesn't load anything doesn't mean it's exploitable. There could still be security checks, we just don't have enough information. I wouldn't go throwing this out as an "exploit" or "vulnerability". Just a neat trick that may lead to something

 

[NipponRyan97]

Cool but still how would we load code?

We would need a hacker or a team to make unsigned code. This is exploitable because it hangs when you try to open anything. This means it was loading something and it had an error, which is a hole right there waiting to be dug. Notice how the top screen never freezes, this definitely could be of use. Notice the no headers and how we've had a thing on headers before. A lot can be done, we just need someone who can take advantage of this.

Yes, I'm on 3.0.0-6 if anyone's asking!

---

 

[Ericthegreat]

I think he is trying to say if you do this when trying to dump the nand we might get somthing different then when you normaly try and do this, using neimods nand dumper...?

 

[CollosalPokemon]

Bullshit.
Not that it wasn't obvious.

If wrote code to do this, maybe.
If it's simply a system glitch, I doubt it.

And just because it doesn't show the top screen logos it means jack shit.

 

[NipponRyan97]

So tricking the hypervisor does nothing at all?

 

[Janthran]

We would need a hacker or a team to make unsigned code.

lol'd
Make unsigned code

 

[DarkShinigami]

Cool but still how would we load code?

We would need a hacker or a team to make unsigned code. This is exploitable because it hangs when you try to open anything. This means it was loading something and it had an error, which is a hole right there waiting to be dug. Notice how the top screen never freezes, this definitely could be of use. Notice the no headers and how we've had a thing on headers before. A lot can be done, we just need someone who can take advantage of this.

Yes, I'm on 3.0.0-6 if anyone's asking!

---

 

[NipponRyan97]

Bullshit.
Not that it wasn't obvious.

If wrote code to do this, maybe.

I DIDN'T FAKE THIS VIDEO! WHY CALL IT BS!? I just said it might lead to an exploit and its a vulnerability. I didn't modify this video in anyway!
If there was a cartridge, why is there no header and no cartridge inserted and a cartridge on my bed?

 

[Janthran]

If you put the cartridge back in, can you boot it?

 

[Snailface]

You can remove the game while the little dreamcast thing is swirling and it just keeps looping forever.
Totally exploitable stuff I'm sure.

Doubt any of these glitches are exploitable, but it's worth noting 'FTR'.

 

[CollosalPokemon]

Bullshit.
Not that it wasn't obvious.

If wrote code to do this, maybe.

I DIDN'T FAKE THIS VIDEO! WHY CALL IT BS!? I just said it might lead to an exploit and its a vulnerability. I didn't modify this video in anyway!
If there was a cartridge, why is there no header and no cartridge inserted and a cartridge on my bed?

I'm saying the 'vulnerability' is jack shit.

For all you know, yes, maybe there was an error, but this shows Nintendo caught that error. By not showing the banners and continuing to work (without problems) it must read something as invalid and catches/refuses to load it.

 

[Ericthegreat]

He means, if there was code executed to make this happen, and then you were somehow able to continue to send code from there, then this could lead to an exploit.

Also does this happen with only kid icarus or all games?

 

[CollosalPokemon]

He means, if there was code executed to make this happen, and then you were somehow able to continue to send code from there, then this could lead to an exploit.

Which would only work if Nintendo didn't catch the error. This video shows the error was caught, and therefore the banners were not shown. If the system did NOT catch the error it would lead to a BSOD or error code...

It's like saying you can safely break into a bank while making a ton of noise and stepping loudly. (if you do that you get caught and cannot rob the bank)
Exploits only work when there is an error which is not caught.

 

[Deleted-236924]

You're just like Ian Hecox, you suck at holding the camera.
But that's fine. It actually isn't.

 

[CollosalPokemon]

If you want to see a Black screen Error on the 3DS I've taken one of mine:

When you get one of those, maybe you can talk. (it would depend on how it was generated though)

 

[Ericthegreat]

You have a nand dumper?

 

[ichidansan]

I know of a way to get an error while accessing the camera. my little bros friend tried to clean his 3ds with Windex of all things, and it still plays games, just no camera access. then it give the black screen while attempting to start the camera .