Hacking Post your ideas regarding how to hack the 3DS, here

[rondoh70]

the problem is that arm processors have buffer overflow protection.

 

[alphamule]

Actually, so does the x86 but it isn't used very well in Windows (well, not sure about 7). If you tried some of those stunts in some OSes (guess which, and no not Linux-based!), it will bug check. In fact, most CPUs in existence have some kind of bounds checking. We're not all using 6502's, heh.

 

[rondoh70]

From what I've read when the processor detects a buffer overflow it loads into supervisor mode and displays an error. This would mean that a buffer overflow exploit would not be possible.

 

[The Milkman]

Ok, may be stupid but... what if they used some sort of system bricker (like on the DS) that would take down the entire FW right? Then, all you have to do is reload a new CFW to the NAND. Unless Nintendo put in some sort of hardware encryption then it should work. Only problem would be loading the new CFW and making the bricker run.

 

[Janthran]

Ok, may be stupid but... what if they used some sort of system bricker (like on the DS) that would take down the entire FW right? Then, all you have to do is reload a new CFW to the NAND. Unless Nintendo put in some sort of hardware encryption then it should work. Only problem would be loading the new CFW and making the bricker run.

The problem being that we can't do anything with 3DS software.
We can't brick the Home Menu, we can't write CFW.

 

[Thorhian]

Ok, may be stupid but... what if they used some sort of system bricker (like on the DS) that would take down the entire FW right? Then, all you have to do is reload a new CFW to the NAND. Unless Nintendo put in some sort of hardware encryption then it should work. Only problem would be loading the new CFW and making the bricker run.

The problem being that we can't do anything with 3DS software.
We can't brick the Home Menu, we can't write CFW.

Exactly, the only real way we can get a true hack to the 3Ds in reality is to get the keys. So far, Nintendo really hasn't given us a way to load ANYTHING (besides a little bit of text in the RAM) that is unencrypted. Honestly though, if we are already monitoring the RAM (Neimod is anyways), then why haven't we found the key or a decent exploit?

 

[jrk190]

Let me put this simply... A man locks the door to his house, and puts the key on a hook. nobody can get it unless he opens the door, or someone buys an extremely expensive battering ram. Okay, the "keys" we need are owned, and well-hidden by Nintendo. Unless Nintendo 'gives' (which will NEVER happen) us the keys, we aren't getting them. Instead we buy the 3DS, which is expensive, and Neimod takes his time trying to get the door down. The underlying statement is that we don't have the key, only Nintendo does. We might not get the keys for another year. Until then, pitching ideas and crashing your games won't do a thing. We can't run unsigned code, so no gamesave hacks or corrupted videos, or the like. We can't do much, except for wait for some lucky guy to show up with the keys.

 

[Rat.2]

We can't do much, except for wait for some lucky guy to show up with the keys.

I guess we could also continue to look for plain text in game's extra content and stuff and see what happens when you edit that

 

[Deltaechoe]

Let me put this simply... A man locks the door to his house, and puts the key on a hook. nobody can get it unless he opens the door, or someone buys an extremely expensive battering ram. Okay, the "keys" we need are owned, and well-hidden by Nintendo. Unless Nintendo 'gives' (which will NEVER happen) us the keys, we aren't getting them. Instead we buy the 3DS, which is expensive, and Neimod takes his time trying to get the door down. The underlying statement is that we don't have the key, only Nintendo does. We might not get the keys for another year. Until then, pitching ideas and crashing your games won't do a thing. We can't run unsigned code, so no gamesave hacks or corrupted videos, or the like. We can't do much, except for wait for some lucky guy to show up with the keys.

Nice little picture you painted there, but crashes can help in various cases. A proper buffer overrun execution (which will result in a crash) will redirect the program stack pointer to the attack code that the 3rd party dev has created which could potentially give the end user kernel mode access which would allow any for manner of things on the 3ds. So crashing games could potentially allow for a kernel mode exploit which is what everyone is waiting for. I would recommend not discouraging people from tinkering around with their devices considering that's how exploits are generally found anyway

 

[Coltonamore]

Let me put this simply... A man locks the door to his house, and puts the key on a hook. nobody can get it unless he opens the door, or someone buys an extremely expensive battering ram. Okay, the "keys" we need are owned, and well-hidden by Nintendo. Unless Nintendo 'gives' (which will NEVER happen) us the keys, we aren't getting them. Instead we buy the 3DS, which is expensive, and Neimod takes his time trying to get the door down. The underlying statement is that we don't have the key, only Nintendo does. We might not get the keys for another year. Until then, pitching ideas and crashing your games won't do a thing. We can't run unsigned code, so no gamesave hacks or corrupted videos, or the like. We can't do much, except for wait for some lucky guy to show up with the keys.

Nice little picture you painted there, but crashes can help in various cases. A proper buffer overrun execution (which will result in a crash) will redirect the program stack pointer to the attack code that the 3rd party dev has created which could potentially give the end user kernel mode access which would allow any for manner of things on the 3ds. So crashing games could potentially allow for a kernel mode exploit which is what everyone is waiting for. I would recommend not discouraging people from tinkering around with their devices considering that's how exploits are generally found anyway

I agree with that I want to hack it to show rom dumps and home brew on the system menu with a program that would config stuff like changeing the skins and that cool stuff but I would have to make a custom os for it I think that I'm right when I say this is right that also I think a crash is an explot by the way because isnt a expolt a mess up in programing

 

[Deltaechoe]

Let me put this simply... A man locks the door to his house, and puts the key on a hook. nobody can get it unless he opens the door, or someone buys an extremely expensive battering ram. Okay, the "keys" we need are owned, and well-hidden by Nintendo. Unless Nintendo 'gives' (which will NEVER happen) us the keys, we aren't getting them. Instead we buy the 3DS, which is expensive, and Neimod takes his time trying to get the door down. The underlying statement is that we don't have the key, only Nintendo does. We might not get the keys for another year. Until then, pitching ideas and crashing your games won't do a thing. We can't run unsigned code, so no gamesave hacks or corrupted videos, or the like. We can't do much, except for wait for some lucky guy to show up with the keys.

Nice little picture you painted there, but crashes can help in various cases. A proper buffer overrun execution (which will result in a crash) will redirect the program stack pointer to the attack code that the 3rd party dev has created which could potentially give the end user kernel mode access which would allow any for manner of things on the 3ds. So crashing games could potentially allow for a kernel mode exploit which is what everyone is waiting for. I would recommend not discouraging people from tinkering around with their devices considering that's how exploits are generally found anyway

I agree with that I want to hack it to show rom dumps and home brew on the system menu with a program that would config stuff like changeing the skins and that cool stuff but I would have to make a custom os for it I think that I'm right when I say this is right that also I think a crash is an explot by the way because isnt a expolt a mess up in programing

An exploit is a bug that in the software that allows for the attacker to cause the system to perform in ways that were not originally intended.

 

[Luigi2012SM64DS]

Almost definitely pointless, but they fixed the crash on the 3DS browser when you go to 3DSexploit.webs.com.
It just seemed a bit obscure to matter that much..

IIRC, some people were claiming the browser was a little faster at browsing large sites after the last update, it could have been fixed as a by-product of improving memory management within the browser. Other browsers handle the site by just temporarily disabling the script engine if the page uses too much memory, I'd guess the 3DS has been made to do the same.

It still crashes, just doesn't freeze the whole system.

To clarify: It freezes for about 4 seconds, then closes the browser and displays a message:
"An Error has occured.
Please save your data in any software currently in use, then restart the system."

for me it crashes no error

 

[Xslayer]

I'm new to hacking, but I have an idea to get 3ds software to work on another 3ds. First get 2 3ds' to download the same software from eshop, then put the sd card into the computer and find the software, open them both with notepad and look through the code. Find the difference and there is the encryption key. Now delete the encryption code and replace with yours. It should work on your 3ds now. Just an idea though, I'm going to try it

---

 

[nukeboy95]

I'm new to hacking, but I have an idea to get 3ds software to work on another 3ds. First get 2 3ds' to download the same software from eshop, then put the sd card into the computer and find the software, open them both with notepad and look through the code. Find the difference and there is the encryption key. Now delete the encryption code and replace with yours. It should work on your 3ds now. Just an idea though, I'm going to try it

---

 

[SifJar]

I'm new to hacking, but I have an idea to get 3ds software to work on another 3ds. First get 2 3ds' to download the same software from eshop, then put the sd card into the computer and find the software, open them both with notepad and look through the code. Find the difference and there is the encryption key. Now delete the encryption code and replace with yours. It should work on your 3ds now. Just an idea though, I'm going to try it

Um no. You clearly have no idea how encryption works. It's not a case of one line in a file being different. It is a case of the entire file being changed; think of the file as a really large number essentially, and the key as another number, and encryption being a complicated sum involving both of those numbers and some other random numbers, with the encrypted file being the answer to the sum - without knowing the random numbers, it is impossible to find the key from just having the files. That is the whole point of encryption. If were as simple as you said, people would have cracked the encryption the day the thing came out.

Also, notepad? These are binary files, you should at the very least use a hex editor to look at them (not that it will do any good; I just always think "what a stupid idea" any time I see people suggesting opening any file other than perhaps .txt files in notepad. Even then there are better editors out there to open them)

 

[lismati]

Almost definitely pointless, but they fixed the crash on the 3DS browser when you go to 3DSexploit.webs.com.
It just seemed a bit obscure to matter that much..

IIRC, some people were claiming the browser was a little faster at browsing large sites after the last update, it could have been fixed as a by-product of improving memory management within the browser. Other browsers handle the site by just temporarily disabling the script engine if the page uses too much memory, I'd guess the 3DS has been made to do the same.

It still crashes, just doesn't freeze the whole system.

To clarify: It freezes for about 4 seconds, then closes the browser and displays a message:
"An Error has occured.
Please save your data in any software currently in use, then restart the system."

for me it crashes no error

Maybe you don't have the newest Firmware

 

[Luigi2012SM64DS]

Almost definitely pointless, but they fixed the crash on the 3DS browser when you go to 3DSexploit.webs.com.
It just seemed a bit obscure to matter that much..

IIRC, some people were claiming the browser was a little faster at browsing large sites after the last update, it could have been fixed as a by-product of improving memory management within the browser. Other browsers handle the site by just temporarily disabling the script engine if the page uses too much memory, I'd guess the 3DS has been made to do the same.

It still crashes, just doesn't freeze the whole system.

To clarify: It freezes for about 4 seconds, then closes the browser and displays a message:
"An Error has occured.
Please save your data in any software currently in use, then restart the system."

for me it crashes no error

Maybe you don't have the newest Firmware

4.1.0-8U
and thats not the latest?

 

[Coltonamore]

Almost definitely pointless, but they fixed the crash on the 3DS browser when you go to 3DSexploit.webs.com.
It just seemed a bit obscure to matter that much..

IIRC, some people were claiming the browser was a little faster at browsing large sites after the last update, it could have been fixed as a by-product of improving memory management within the browser. Other browsers handle the site by just temporarily disabling the script engine if the page uses too much memory, I'd guess the 3DS has been made to do the same.

It still crashes, just doesn't freeze the whole system.

To clarify: It freezes for about 4 seconds, then closes the browser and displays a message:
"An Error has occured.
Please save your data in any software currently in use, then restart the system."

for me it crashes no error

Maybe you don't have the newest Firmware

4.1.0-8U
and thats not the latest?

it is because I just updated two days ago and it has that versin

 

[McHaggis]

C-c-combo breaker! Seriously, though, you don't need to quote that far back for simple one-liner replies. Delete all the quotes up to the last person and you're not hassling other members with pointless conversation that is barely relevant to the thread.

 

[MasonBlackheart]

Stupid theory but what of you could put a game into the cartridge to trick the ds that its a game while playing the games from the sd card..?