We found an "Exploitable Exploit"

Discussion in 'The Edge of the Forum' started by NeoSlyde, Jun 28, 2015.

  1. NeoSlyde
    OP

    NeoSlyde GBAtemp Advanced Fan

    Member
    588
    187
    Mar 6, 2015
    Macau
    Morocco
    So today a guys named "migles" brought an idea! a good idea, there is his message:

    "I FOUND A SECURITY BUG

    YOU CAN SEND MIIS FROM THE WII TO 3DS,
    DID ANYONE TRIED MIIFLOW? (mii+overflow, send overflow via mii to launch data)
    OMG EXPLOIT!
    "

    ----->That mean that if we put exploit code with mii+overflow in a wii and then send the mii to the 3ds that will launch it!

    then another guys named "weatMod" said:

    "thanks best korea
    so i assume it works on latest FW right?
    i never use MM so can you do it from another 3ds also?

    i wonder if this was GW's original N3ds solution with mii maker perhaps they found a way to trigger the sameor similar bug without using a wii?
    maybe they had setup spoofed sever?is that possible for someone to make a site that 3ds mii maker connects to and thinks it's a wii using miimaker and send it the overflow?
    "

    ----->So if we found a trick to make a spoofed server that the 3ds Mii Maker that thinks that is using wii Mii Editor and send the Mii with the overflow without a Wii


    So i think that is possible but we need some Devloppers and Hackers that can do it!
     
  2. migles

    migles Mei the sexiest bae

    Member
    GBAtemp Patron
    migles is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    6,640
    4,359
    Sep 19, 2013
    Saint Kitts and Nevis
    my dad works for nintendo.
    i posted that on EOF, "edge of forum", where we play and just say random shit,
    think of EOF like the kids sandbox where they can build castles and talk about the uncle who works at fbi... nothing is serious on there... i was just kidding.

    TL;DR it was a joke, nothing on that area of the forum is serious, please don't startle the gateway hypetrain based on a joke
     
    Last edited by migles, Jun 28, 2015
  3. NeoSlyde
    OP

    NeoSlyde GBAtemp Advanced Fan

    Member
    588
    187
    Mar 6, 2015
    Macau
    Morocco
    but your idea is possible
     
  4. DrCrygor07

    DrCrygor07 Italian Wario Ware bootleg©

    Member
    1,682
    621
    Sep 4, 2014
    Italy
    But we already have two entrypoints on 9.8: CN and OOT
    The only problem is that we need another exploit to execute code, like rohax, gspwn...
     
  5. NeoSlyde
    OP

    NeoSlyde GBAtemp Advanced Fan

    Member
    588
    187
    Mar 6, 2015
    Macau
    Morocco
    the Mii Maker Exploit ?
     
  6. DrCrygor07

    DrCrygor07 Italian Wario Ware bootleg©

    Member
    1,682
    621
    Sep 4, 2014
    Italy
    Same thing, we need another exploit in the system to execute code, for now it's only an entrypoint
     
  7. GhostLatte

    GhostLatte Yet Another Shitposter

    Member
    2,594
    12,397
    Mar 26, 2015
    United States
    The University of Shitpostology
    Omg [​IMG]
     
  8. Retr0Capez

    Retr0Capez GBATemp's Official Evil Genius

    Member
    426
    304
    Feb 4, 2015
    United States
    In my vision of the perfect world ruled by me
  9. Gadorach

    Gadorach Electronics Engineering Technologist

    Member
    952
    684
    Jan 22, 2014
    Canada
    Canada
    Even the real Mii Maker Exploit wouldn't work that way, in reference to Gateway's version. That's actually a working QR-Code based exploit, though it isn't public. The issue being that you need two exploits to take over a 3DS, or really any modern system. First, you need to take control of code execution at a low level. Think of it like stealing a car key. This is known as an "entry point", and is needed to set up and perform the next exploit. You can drive the car with just that, but you still don't own the car in the eyes of the law. The second exploit, the one that really matters, is a privilege escalation exploit to increase that process's rights in the system, and ultimately take over the console. You can think of it like forging the ownership documents for the car, and getting a government worker to sign off on it. You then "own" the car, and can sell it and keep it legally. Same idea, as we can then make the 3DS do whatever we want, within the console's abilities. The issue, is every time we reveal the best way to forge those ownership documents, the government changes them up and adds more security features, making it progressively harder to get your car signed off on. Same deal with the 3DS. That's why getting more entry points isn't either particularly useful right now, or required. We need more privilege escalation exploits before anything else. The top hackers have all given the current update a good hard look over though, and they say it's pretty solid. Don't expect a new one of those exploits to come out any time soon as a direct result. 9.2.0 will likely stay the definitive firmware for a good year minimum.
     
    DarkFlare69 and Obi123 like this.
  10. DrCrygor07

    DrCrygor07 Italian Wario Ware bootleg©

    Member
    1,682
    621
    Sep 4, 2014
    Italy
    This is just what I was trying to explain :P
     
  11. DarkFlare69

    DarkFlare69 GBAtemp Psycho!

    Member
    4,629
    2,465
    Dec 8, 2014
    United States
    Ohio
    Why are we taking something in the EoF seriously?
     
  12. Gadorach

    Gadorach Electronics Engineering Technologist

    Member
    952
    684
    Jan 22, 2014
    Canada
    Canada
    Because this was originally in the main 3DS Flashcarts and Custom Firmwares section, and was moved here for being trash-tier.