To find more holes in the system. If Nintendo finds a way to stop one, we'll have more.Why exploit it when you can just use the kernel exploit and web browser :/ Always overcomplicating things
To find more holes in the system. If Nintendo finds a way to stop one, we'll have more.Why exploit it when you can just use the kernel exploit and web browser :/ Always overcomplicating things
emmc is still a nand! so im sure it doesnt really matter tbh
Well hopefully there is an exploit for Smash 4 but we can only hope.
If there was a way to manipulate the security to not check the pictures..... WHO KNOWS HOW STAGE BUILDER WAS EXPLOITED?!?!!?Smash 4 is not exploitable in anyway accept the picures menu. But the game will check to see if the pictures are actual pictures. Plus, Nintendo learned from there mistakes and the Smash 4 stage builder can no longer access the SD card so we are fucked if we try to exploit that game. (sad violen plays)
If there was a way to manipulate the security to not check the pictures..... WHO KNOWS HOW STAGE BUILDER WAS EXPLOITED?!?!!?
There's a BIG difference between eMMC http://en.wikipedia.org/wiki/eMMC and NAND http://en.wikipedia.org/wiki/NAND_flash
I can attempt to find an exploit in the picturesThey has to match a checksum (or something like that) of their following .bin files.
I can attempt to find an exploit in the pictures
Maybe if Smash bros gets disassembled and we find out what creates the hash, it might be possible to find another entrypoint later on
Tried and failed to reverse engineer the TexConv2 algos. If anyone else wants to try, I'll gladly contribute what I know. The important things are the pitch, swizzle, and tile mode. Tile mode (at least for BFLIM files) is always 4, which is 8x8x1 tiles. If you want to convert ^l files (what I was using to test) which are just RGBA32 blocks. So each block is 8*8*4 bytes, which is 256 or 0x100. Nice big chunk to work with. I'm unsure of if it needs pipe and bank swizzles or just the individual swizzle (which depending on where in the program is either multiplied by 0x100 or just a plain number (IE 0x700 or 7, which is also the highest a swizzle can be)). The important function is GX2CopySurfaceSW which comes from TC2ConvertTiling which is from TexConvert.cpp from the SDK (line 856). I got to AddrComputeSurfaceAddrFromCoord from there with the x and y loops for each pixel/tile. You'll also need http://lists.freedesktop.org/archives/mesa-dev/2015-April/082255.html which is the whole of AddrLib. the Z index needs to be 0 for the first chunk at 0x0 to be hit (otherwise it's 1). Sorry if this is arranged terribly, it's just everything I've spent the last 6 freaking hours staring at. Not gonna try to mess with this anymore.
Tried and failed to reverse engineer the TexConv2 algos. If anyone else wants to try, I'll gladly contribute what I know. The important things are the pitch, swizzle, and tile mode. Tile mode (at least for BFLIM files) is always 4, which is 8x8x1 tiles. If you want to convert ^l files (what I was using to test) which are just RGBA32 blocks. So each block is 8*8*4 bytes, which is 256 or 0x100. Nice big chunk to work with. I'm unsure of if it needs pipe and bank swizzles or just the individual swizzle (which depending on where in the program is either multiplied by 0x100 or just a plain number (IE 0x700 or 7, which is also the highest a swizzle can be)). The important function is GX2CopySurfaceSW which comes from TC2ConvertTiling which is from TexConvert.cpp from the SDK (line 856). I got to AddrComputeSurfaceAddrFromCoord from there with the x and y loops for each pixel/tile. You'll also need http://lists.freedesktop.org/archives/mesa-dev/2015-April/082255.html which is the whole of AddrLib. the Z index needs to be 0 for the first chunk at 0x0 to be hit (otherwise it's 1). Sorry if this is arranged terribly, it's just everything I've spent the last 6 freaking hours staring at. Not gonna try to mess with this anymore.
Where can I find TexConv2?
Doesn't that mean it's copyrighted or illegal to use?it's in all of the leaked SDKs
Doesn't that mean it's copyrighted or illegal to use?
You mean like this?Just had an interesting Idea. Has anyone reverse engineered the Game pad protocol to stream TO a laptop? E.g. use your laptop to control the Wii U.
You mean like this?