D
Deleted User
Guest
OP
Hello:
In my search of new exploits, I have found something interesting:
Flipnote Studio 3D has a vulnerability on the browser: The flipnotes (.kwz) are stored on an uncrypted amazonaws hosting. This can be easly modified or redirected, cause there are on plain text.
Servers:
If you want to help please create an issue on the github repository. NOTE: The code is currently private.
NOTE 3:
COULD A MOD DELETE THIS THREAD?
In my search of new exploits, I have found something interesting:
Flipnote Studio 3D has a vulnerability on the browser: The flipnotes (.kwz) are stored on an uncrypted amazonaws hosting. This can be easly modified or redirected, cause there are on plain text.
Servers:
Main server: https://web.jkz.ctr.app.nintendo.net (protected)
Server for UI images, .kwpcfs and certificates: *
Server for Flipnotes (.kwz): *
Server for Comments (.kwc): *
Server for Flipnote thumbnail images: *
Server for User's icons: #
NOTE: The servers with an (*) are the important servers for the exploit, so I can't release them preventing a Nintendo patch.
NOTE(2): Due to requests, I have decided to hide the servers (at least for now) preventing patch. You can still request them, or help me developing this. All the servers with (#) are hidden servers. There are also deleted servers that can be shown if neccesary. Thanks for your help!
Server for UI images, .kwpcfs and certificates: *
Server for Flipnotes (.kwz): *
Server for Comments (.kwc): *
Server for Flipnote thumbnail images: *
Server for User's icons: #
NOTE: The servers with an (*) are the important servers for the exploit, so I can't release them preventing a Nintendo patch.
NOTE(2): Due to requests, I have decided to hide the servers (at least for now) preventing patch. You can still request them, or help me developing this. All the servers with (#) are hidden servers. There are also deleted servers that can be shown if neccesary. Thanks for your help!
NOTE 3:
I think you guys are not going to belive me so I'm gonna close this and create another with a release (when I have it).
Thanks to the guys that belived this!
Thanks to the guys that belived this!
Last edited by ,