[Release] 3DS-SSL-Patch: Disable Root CA verification for SSL requests.

Discussion in '3DS - Homebrew Development and Emulators' started by SciresM, May 1, 2017.

  1. SciresM
    OP

    SciresM GBAtemp Advanced Fan

    Member
    597
    1,867
    Mar 21, 2014
    United States
    Github repository is here.

    Anyway, this is a patch to disable root CA verification for SSL requests...in other words, it makes it so that you can trivially man-in-the-middle any network request sent from your console.

    This'll be really useful for devs, I imagine, since it means you can just fire up fiddler or whatever and start inspecting network traffic if you want to reverse engineer how a game's network protocols work.

    As a test, I used it and successfully dumped every request in a complete login to eshop -> navigate to title -> buy title sequence, and got the plaintext requests where my console downloaded the ticket for the title I bought etc etc.

    I'd caution that it's really only for devs, though...your 3DS's network requests are necessarily completely insecure when this is installed, so you'll want to turn it off or uninstall it except when doing reverse engineering work.

    Still, I'm hoping this'll lead to a lot more documentation/reverse engineering of 3DS games's networking protocols.
     
  2. Dionicio3

    Dionicio3 Some Cool Skiddo

    Member
    3,209
    5,640
    Feb 26, 2017
    United States
    Hollister, CA
    This is cool, good job!
     
  3. thisisallowed

    thisisallowed 中国御宅族

    Member
    595
    136
    Oct 8, 2015
    China
    Jinan, Shandong
    Nice. Hopefully this will lead to a 3rd party server before the shutdown of the official one in the early-mid 20s.
     
  4. proflayton123

    proflayton123 Undeclared Shitposter 2.1

    Member
    5,905
    2,235
    Jan 11, 2016
    Japan
    日本
    Very nice, good works for future server.
     
  5. Dionicio3

    Dionicio3 Some Cool Skiddo

    Member
    3,209
    5,640
    Feb 26, 2017
    United States
    Hollister, CA
    I think the 3DS would last long since Nintendo is basically miking it at this point
     
  6. thisisallowed

    thisisallowed 中国御宅族

    Member
    595
    136
    Oct 8, 2015
    China
    Jinan, Shandong
    That's why I said early-mid 20s. 2026 is too short for you?
     
  7. Dionicio3

    Dionicio3 Some Cool Skiddo

    Member
    3,209
    5,640
    Feb 26, 2017
    United States
    Hollister, CA
    Ah, nvm
     
  8. blujay

    blujay GBATemp's Official Warthog

    Member
    GBAtemp Patron
    blujay is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    2,258
    2,136
    Nov 2, 2015
    United States
    Gilbert, Arizona
    i can't believe this.

    This morning I woke up and wanted to experiment with this stuff, but had no where to start. Thank you!
     
  9. NexoCube

    NexoCube stop using piracy :(

    Member
    1,184
    588
    Nov 3, 2015
    France
    Stack Pointer
    omg omg omg, thanks you, a lot <3 That's what i was searching for, for years :D
     
  10. blujay

    blujay GBATemp's Official Warthog

    Member
    GBAtemp Patron
    blujay is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    2,258
    2,136
    Nov 2, 2015
    United States
    Gilbert, Arizona
    could somebody upload the modified Luma? my devKitPro is acting up
     
  11. SciresM
    OP

    SciresM GBAtemp Advanced Fan

    Member
    597
    1,867
    Mar 21, 2014
    United States
    I would prefer if people didn't upload the modified luma...this is really, really unsafe for end users/non-devs to be using, so minimizing the risk by forcing the user to compile is good.
     
    Quantumcat and BL4Z3D247 like this.
  12. blujay

    blujay GBATemp's Official Warthog

    Member
    GBAtemp Patron
    blujay is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    2,258
    2,136
    Nov 2, 2015
    United States
    Gilbert, Arizona
    Fair enough.

    I'll figure out my problems then. I was just being lazy like usual
     
  13. NexoCube

    NexoCube stop using piracy :(

    Member
    1,184
    588
    Nov 3, 2015
    France
    Stack Pointer
    Mhhmm, it's not working, when connecting to the Nintendo Network in MK7, the request sent and received are "TLS_RSA_AES_256_SHA" encrypted :/
    I'm using Fiddler 4 (and a proxy to intercept network traffic)
     
  14. The Real Jdbye

    The Real Jdbye Always Remember 30/07/08

    Member
    GBAtemp Patron
    The Real Jdbye is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    12,516
    5,474
    Mar 17, 2010
    Norway
    Alola
    Looks like the official Luma repo has already been modified to have the required patch.
     
  15. SciresM
    OP

    SciresM GBAtemp Advanced Fan

    Member
    597
    1,867
    Mar 21, 2014
    United States
    I got the SSL module titleid wrong when I originally posted the repo...may wanna make sure you've got that right.

    Also, you may need to be sending ClCertA as a client cert. Not 100% sure on that.
     
    Last edited by SciresM, May 1, 2017
  16. blujay

    blujay GBATemp's Official Warthog

    Member
    GBAtemp Patron
    blujay is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    2,258
    2,136
    Nov 2, 2015
    United States
    Gilbert, Arizona
    @SciresM I am trying to compile it but i keeps saying

    Code:
    make: armips: Command not found
    make: *** [all] Error 127
    
     
  17. Ryccardo

    Ryccardo WiiUaboo

    Member
    3,562
    1,699
    Feb 13, 2015
    Italy
    Imola
    Well, do you have armips in the path?
    (on windows, c:\devkitpro\msys\usr\local\bin\)
     
  18. blujay

    blujay GBATemp's Official Warthog

    Member
    GBAtemp Patron
    blujay is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    2,258
    2,136
    Nov 2, 2015
    United States
    Gilbert, Arizona
    yes

    Edit: After deleting/copying it there again it works.
     
    Last edited by blujay, May 1, 2017
  19. blujay

    blujay GBATemp's Official Warthog

    Member
    GBAtemp Patron
    blujay is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    2,258
    2,136
    Nov 2, 2015
    United States
    Gilbert, Arizona
    holy shit sciresm this is exactly what i was looking for. you are a god
     
  20. Ryccardo

    Ryccardo WiiUaboo

    Member
    3,562
    1,699
    Feb 13, 2015
    Italy
    Imola
    Thank you SciresM and PoryHack!

    The instructions need a little interpretation (ie, the code.bin must be decompressed before patching), but I really appreciate this tool that gives you great power and great responsibility!
    IMG_20170501_223958.jpg