Possible Nintendo 3DS exploit/vulnerability (Found by me!)

Discussion in '3DS - Homebrew Development and Emulators' started by NipponRyan97, Apr 3, 2012.

Thread Status:
Not open for further replies.
  1. NipponRyan97
    OP

    NipponRyan97 Member

    Newcomer
    20
    2
    Feb 29, 2012
    United States
    New York
    http://www.youtube.com/watch?v=K5xir386QsI&feature=youtube_gdata_player

    Watch that, read the description, and read my comment. I think I might of actually found something. If what everyone on 3DBrew, Gbatemp, and other 3DS hacking sites say, then I might of just found the first actual vulnerability in the 3DS that isn't a crash or buffer overflow, but an exploit in the HOME Menu and its headers/filesystem that loads game data from the RAM and NAND. If this is actually exploitable, then that means I can finally complete the puzzle for Neimod and break region locking if unsigned code is made. If you read my YouTube description and comment you will see why this could be it.

    - Ryan (all credit goes to me!)

    What do you think? Pretty different, huh?


     
    1 person likes this.
  2. Ericthegreat

    Ericthegreat Not New Member

    Member
    1,815
    324
    Nov 8, 2008
    United States
    Vana'diel
    Cool but still how would we load code? Wouldn't we need somthing more like a save file glitch?
     
  3. DarkShinigami

    DarkShinigami #1 strongest Shinigami BANKAI

    Member
    1,874
    86
    Sep 12, 2009
    United States
    Soul Society
    yeah hate to burst your parade but that aint an exploit
     
  4. Tom Bombadildo

    Tom Bombadildo Honk!

    pip Contributor
    GBAtemp Patron
    Tom Bombadildo is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    10,793
    10,893
    Jul 11, 2009
    United States
    I forgot
    We'd still need a way to actually run the code, that is, if it's even possible. I don't think this would lead to anything.


    EDIT: In response to your post below, just because it doesn't load anything doesn't mean it's exploitable. There could still be security checks, we just don't have enough information. I wouldn't go throwing this out as an "exploit" or "vulnerability". Just a neat trick that may lead to something
     
  5. NipponRyan97
    OP

    NipponRyan97 Member

    Newcomer
    20
    2
    Feb 29, 2012
    United States
    New York
    We would need a hacker or a team to make unsigned code. This is exploitable because it hangs when you try to open anything. This means it was loading something and it had an error, which is a hole right there waiting to be dug. Notice how the top screen never freezes, this definitely could be of use. Notice the no headers and how we've had a thing on headers before. A lot can be done, we just need someone who can take advantage of this.

    Yes, I'm on 3.0.0-6 if anyone's asking!


     
  6. Ericthegreat

    Ericthegreat Not New Member

    Member
    1,815
    324
    Nov 8, 2008
    United States
    Vana'diel
    I think he is trying to say if you do this when trying to dump the nand we might get somthing different then when you normaly try and do this, using neimods nand dumper...?
     
    1 person likes this.
  7. CollosalPokemon

    CollosalPokemon ばん。。。かい

    Member
    682
    342
    Oct 18, 2009
    United States
    Bullshit.
    Not that it wasn't obvious.

    If wrote code to do this, maybe.
    If it's simply a system glitch, I doubt it.

    And just because it doesn't show the top screen logos it means jack shit.
     
  8. NipponRyan97
    OP

    NipponRyan97 Member

    Newcomer
    20
    2
    Feb 29, 2012
    United States
    New York
    So tricking the hypervisor does nothing at all?
     
  9. Janthran

    Janthran Solarian

    Member
    3,777
    1,044
    Sep 17, 2011
    United States
    The Pacific Northwet
    lol'd
    Make unsigned code
     
  10. DarkShinigami

    DarkShinigami #1 strongest Shinigami BANKAI

    Member
    1,874
    86
    Sep 12, 2009
    United States
    Soul Society
     
  11. NipponRyan97
    OP

    NipponRyan97 Member

    Newcomer
    20
    2
    Feb 29, 2012
    United States
    New York
    I DIDN'T FAKE THIS VIDEO! WHY CALL IT BS!? I just said it might lead to an exploit and its a vulnerability. I didn't modify this video in anyway!
    If there was a cartridge, why is there no header and no cartridge inserted and a cartridge on my bed?
     
  12. Janthran

    Janthran Solarian

    Member
    3,777
    1,044
    Sep 17, 2011
    United States
    The Pacific Northwet
    If you put the cartridge back in, can you boot it?
     
  13. Snailface

    Snailface My frothing demand for 3ds homebrew is increasing

    Member
    4,324
    1,983
    Sep 20, 2010
    Engine Room with Cyan, watching him learn.
    You can remove the game while the little dreamcast thing is swirling and it just keeps looping forever.
    Totally exploitable stuff I'm sure. :toot:

    Doubt any of these glitches are exploitable, but it's worth noting 'FTR'.
     
    4 people like this.
  14. CollosalPokemon

    CollosalPokemon ばん。。。かい

    Member
    682
    342
    Oct 18, 2009
    United States
    I'm saying the 'vulnerability' is jack shit.

    For all you know, yes, maybe there was an error, but this shows Nintendo caught that error. By not showing the banners and continuing to work (without problems) it must read something as invalid and catches/refuses to load it.
     
  15. Ericthegreat

    Ericthegreat Not New Member

    Member
    1,815
    324
    Nov 8, 2008
    United States
    Vana'diel
    He means, if there was code executed to make this happen, and then you were somehow able to continue to send code from there, then this could lead to an exploit.

    Also does this happen with only kid icarus or all games?
     
  16. CollosalPokemon

    CollosalPokemon ばん。。。かい

    Member
    682
    342
    Oct 18, 2009
    United States
    Which would only work if Nintendo didn't catch the error. This video shows the error was caught, and therefore the banners were not shown. If the system did NOT catch the error it would lead to a BSOD or error code...

    It's like saying you can safely break into a bank while making a ton of noise and stepping loudly. (if you do that you get caught and cannot rob the bank)
    Exploits only work when there is an error which is not caught.
     
    1 person likes this.
  17. Ammako

    Ammako GBAtemp Guru

    Member
    6,424
    3,547
    Dec 22, 2009
    Canada
    You're just like Ian Hecox, you suck at holding the camera.
    But that's fine. It actually isn't.
     
    1 person likes this.
  18. CollosalPokemon

    CollosalPokemon ばん。。。かい

    Member
    682
    342
    Oct 18, 2009
    United States
    If you want to see a Black screen Error on the 3DS I've taken one of mine:

    [​IMG]

    When you get one of those, maybe you can talk. (it would depend on how it was generated though)
     
    3 people like this.
  19. Ericthegreat

    Ericthegreat Not New Member

    Member
    1,815
    324
    Nov 8, 2008
    United States
    Vana'diel
    You have a nand dumper?
     
  20. ichidansan

    ichidansan GBAtemp Regular

    Member
    221
    40
    Feb 10, 2010
    United States
    I know of a way to get an error while accessing the camera. my little bros friend tried to clean his 3ds with Windex of all things, and it still plays games, just no camera access. then it give the black screen while attempting to start the camera :yaysp:.
     
Thread Status:
Not open for further replies.