Toggle sidebar

Hacking Homebrew [Release] CorruptedClues NDS Savegame Exploit

  • Thread starter Thread starter ChampionLeake
  • Start date Start date
  • Views Views 1,102
  • Replies Replies 4
  • Likes Likes 9
ChampionLeake

ChampionLeake

Console Hacker(?) I guess
Member
Level 5
Joined
Jan 19, 2016
Messages
211
Reaction score
178
Trophies
0
XP
741
Country
United States
It's been a minute since I've actually did one of these. I almost forgot how to actually exploit/reverse engineer in general.

Introducing, CorruptedClues, a stack smash savegame NDS exploit for the game "Cate West: The Vanishing Files". This exploit takes advantage of the ASCII strings present within the savefile. These strings are however not checked, so a large carefully crafted string can overwrite the stack to lead into code being executed. My payload will only make your top screen flash different colors. Nothing else.

These are ARM9 exploits that takes over a NDS mode cartridge. These type of exploits are very limited since there's no SD or NAND access. They can be used to run a small payload. These exploits are almost useless, but still fun :)
Source Code: https://github.com/ChampionLeake/CorruptedClues
Video Demonstration:
 
  • Like
  • Love
Reactions: jimble_racetrack, Deleted member 702243, Janni9009 and 6 others
Only use case that I could think of is placing a small bootstrap into the save file to make it launch something like TWiLight Menu++ from a secondary device, like a slot-2 flashcard or SD card, that is if you could add the extra I/O code.

Otherwise, this is a rather interesting proof-of-concept. I don't see use cases with game-based exploits nowadays.
 
SylverReZ said:
I don't see use cases with game-based exploits nowadays.
Click to expand...
Flashcarts still need these to boot on stock DSi/3DS.
SylverReZ said:
that is if you could add the extra I/O code.
Click to expand...
Also, NoPass. The only Slot-2 cart that needs to actually be externally read is the Max Media Dock.
 
  • Like
Reactions: SylverReZ
Janni9009 said:
Flashcarts still need these to boot on stock DSi/3DS.

Also, NoPass. The only Slot-2 cart that needs to actually be externally read is the Max Media Dock.
Click to expand...
These NDS savegame exploits are rendered pretty much useless as it only has access to the NDS savedata and nothing else. They can be used to only run very small demos. These are no use to enable or allow flashcards to work.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Tutorial  Build DSi NAND from scratch

Homebrew app  A-Pix DS 0.4 – Pixel art editor for Nintendo DS/DSi!

Hardware Misc  JIS or Phillips: What to use on a DSi?

If someone is interested in something, let me know :)

Pokemon White

Hardware  After teardown nintendo dsi doesn't fit in its housing

Hacking  Save File corruptes:(

using the ds's mic as a practical one?