Homebrew Spoof browser update check with wireshark?

[darknezz19]

This guy found that the 3dbrew wiki was updated with how the browser update check work. See my comment for how we 'should' be able to get it working again even on o3ds too. Any Wireshark vets in here that can help us set this up?

https://www.reddit.com/r/3dshacks/comments/3qidon/o3ds_99_browserhax_can_it_be_revived/

 

[liljon042]

I'm not sure if this is what you need, but I doubt any people in the 3ds scene is familiar with a program like wireshark. So instead here's a link to a tutorial: http://www.howtogeek.com/104278/how-to-use-wireshark-to-capture-filter-and-inspect-packets/ Not trying to sound rude or anything btw. Hopefully you or someone who knows what they're doing can do this

 

[GamerB]

Weeeell i doesn´t stand this xDD

 

[robot56]

Sure you could spoof it, but the point that's being missed here is that the connection is being made over TLS and not normal HTTP. The handshake would be invalidated if the request was redirected elsewhere and you can't anyway as the actual endpoint is cryptography signed - that means that you can't do simple redirects from /test to /test2 (you never know where the traffic is going) without the server returning an encrypted HTTP header with the "Location" field.

This issue much broader than the 3DS and unless there's a flaw discovered with the implementation, you're SOL with an MITM attack.