Homebrew VC Crash useful?

[froggestspirit]

For a while, I've known a glitch in a gameboy game, that when it was released on the VC, It could cause a crash that would exit the emulator, and force a system reboot. Would this be helpful in any way to possibly provide an entrypoint for 9.5.23? It's not always a consistant crash, but luckly you can create a restore point before it, and it will not let you access the VC menu if it crashes correctly. I'm also interested in finding out what makes this crash and exit the emulator as opposed to a crash that only locks up the game (where you can still load a restore point).

 

[sparky28000]

No

 

[WeedZ]

Here we go again

 

[puss2puss]

..again?... ah well this time i wont make a poor rap about this one..i'll just say: hello world!

 

[vahnx]

Possibly. I'd contact a dev rather than post here or people will just troll you.

 

[froggestspirit]

I'm not saying it'd be kernal access, honestly I wouldn't really expect anything more than ARM 11 access if even that, or maybe another solution to inject GB roms

 

[hippy dave]

Pretty sure it can be used to get free pokemans.

 

[Arras]

If it kicks you back to the home menu with some "the application has crashed" error, it's guaranteed to be useless. If it blackscreens or something, it MIGHT be useful (but still unlikely as you'd need a way to inject whatever data you want as well). I managed to break my Metroid NES VC to the point where it literally crashed as soon as I started the game and even resetting the VC wouldn't fix it at some point by entering random, technically valid codes using a generator program. The only thing that worked was deleting and redownloading the game.

 

[WeedZ]

Not trolling, crash does not indicate a possible exploit. Ever. I don't know why this idea is popular. Yes years ago, you could do a buffer overflow. But that was a particular crash that was known to run unsigned code. That shit doesn't work anymore. These threads are getting old.

 

[dubbz82]

Possibly. I'd contact a dev rather than post here or people will just troll you.

Dev will tell you that in 99.9998 percent of cases out there, crash isn't exploitable. The only reason people keep trolling on posts like this is because it really isn't a viable conclusion that crashes are exploitable...this isn't 1995, there's hardware based protections from this sort of exploit these days..

 

[vahnx]

The only reason people keep trolling on posts like this is because it really isn't a viable conclusion that crashes are exploitable...

That's not a good reason to troll.

 

[Le Citron Vert]

Crash does not indicate a possible exploit. Ever.

Maybe we should put this in every page, so people would understand.

 

[dubbz82]

That's not a good reason to troll.

No, however I can certainly understand people getting irritated with what's basically the same post popping up here what seems to be every week or so.

 

[DrunkenMonk]

It sounds very unlikely that this could lead to an exploit, and right now, I think people would be interested in another entry point that already exists.

(For instance, Cubic Ninja as an entry point is very unlikely to get patched out magically, since the devs behind the game are no longer in circulation.)

 

[Vulpes Abnocto]

Maybe we should put this in every page, so people would understand.

If there were a sticky thread that said this, do you think anybody would read it before posting?

 

[zoogie]

Not trolling, crash does not indicate a possible exploit. Ever. I don't know why this idea is popular. Yes years ago, you could do a buffer overflow. But that was a particular crash that was known to run unsigned code. That shit doesn't work anymore. These threads are getting old.

Buffer overflows are still very popular and some are used on the 3ds.

I know this type of thread is annoying but sometimes found bugs can lead to exploits.

They should at least be reported so security researchers can:
1. recreate the crash
2. investigate it for a possible (1-5%) chance of an exploitable vector.

It would be nice if there was a designated thread in the 3ds hacking section to collect these bug reports and any errant threads can be merged there.

 

[Vulpes Abnocto]

Buffer overflows are still very popular and some are used on the 3ds.

I know this type of thread is annoying but sometimes found bugs can lead to exploits.

They should at least be reported so security researchers can:
1. recreate the crash
2. investigate it for a possible (1-10%) change of an exploitable vector.

It would be nice if there was a designated thread in the 3ds hacking section to collect these bug reports and any errant threads can be merged there.

I see a lot of people asking us to merge this post here, merge that post there, merge these threads together et cetera.
Know that we do not have the functionality to do any of these things at this time. (I've tried)
However a "So you made your WiiU or 3DS crash: Post how you did it, here" thread might not be a horrible idea

 

[Le Citron Vert]

If there were a sticky thread that said this, do you think anybody would read it before posting?

Not everybody, but yes, some people would read it. (At least I hope so.)

 

[WeedZ]

Buffer overflows are still very popular and some are used on the 3ds.

No they're not. the data size of the buffer is checked and validated by process9 and trigger a svcBreak if oversized.

They should at least be reported so security researchers can:
1. recreate the crash
2. investigate it for a possible (1-5%) chance of an exploitable vector.

It's a waste of time. there is less then a percent of a percent of a chance. if you crashed and the system forced a reboot, thats a pretty clear indicator that there is no way to exploit it. whatever caused the validation fail would cause it again before any injected cmds could be triggered. When was the last time some random dude found a crash in a game and dev's made an exploit out of it? Never.

People seem to think that when something crashes it just goes 'oh lerd! i don't know what ta do. feed some code, any code. i will run that shit cause i r confused.'. when really it goes. 'um, nope. we're gunna restart to run through validation checks again. press (a). also all your unsaved data is lost, sorry bro.'

It would be nice if there was a designated thread in the 3ds hacking section to collect these bug reports and any errant threads can be merged there.

i agree with this, then i would have a nice clean list of members to systematically add to my ignore list.

 

[zoogie]

No they're not. the data size of the buffer is checked and validated by process9 and trigger a svcBreak if oversized.
.

ctrl-F "buffer overflow" on this page
http://3dbrew.org/wiki/3DS_System_Flaws

It's a waste of time. there is less then a percent of a percent of a chance. if you crashed and the system forced a reboot, thats a pretty clear indicator that there is no way to exploit it. whatever caused the validation fail would cause it again before any injected cmds could be triggered. When was the last time some random dude found a crash in a game and dev's made an exploit out of it? Never.

People seem to think that when something crashes it just goes 'oh lerd! i don't know what ta do. feed some code, any code. i will run that shit cause i r confused.'. when really it goes. 'um, nope. we're gunna restart to run through validation checks again. press (a). also all your unsaved data is lost, sorry bro.'

i agree with this, then i would have a nice clean list of members to systematically add to my ignore list.

https://gbatemp.net/threads/restricted-webkit-bug-finder.378725/page-3#post-5293018

This guy is one of the lead dev's on the WiiU kernel exploit team and is primarily what I'm basing my opinion on.