Hacking [WIP] open source Kernel access on 3DS

[motezazer]

I don't know how you feel about piracy but knowing that I plan to create a rom loader don't know if I will share it or not,I don't know if I should wheater create a custom hb laucher that reconise .3ds file or if I should just create a rom loader or waist a lot of time on creating my own cfw

You MUST waste a lot of time on writing a CFW if you want to do a ROM loader.
You don't have choice. At all.

 

[Zidapi]

I don't know how you feel about piracy but knowing that I plan to create a rom loader don't know if I will share it or not,I don't know if I should wheater create a custom hb laucher that reconise .3ds file or if I should just create a rom loader or waist a lot of time on creating my own cfw

lol no you won't, not with only ARM11 kernel access anyhow.

You're going to have to "waist a lot of time" creating your own cfw I'm afraid because you're going to need ARM9 kernel access.

The fact that you think you can create a ROM loader for Ninjhax demonstrates just how little you know about what you want to do.

 

[Alkéryn]

You MUST waste a lot of time on writing a CFW if you want to do a ROM loader.
You don't have choice. At all.

Well haven't already read very much documentation about how work 3ds but I'm gonna go deeper in it this holidays so wish me good luck
anywy if I share it it will be fully oppen source so I think I will have fun time ^^

 

[Alkéryn]

lol no you won't, not with only ARM11 kernel access anyhow.

You're going to have to "waist a lot of time" creating your own cfw I'm afraid because you're going to need ARM9 kernel access.

The fact that you think you can create a ROM loader for Ninjhax demonstrates just how little you know about what you want to do. Moron.

I know that I only have arm11 kernel access and I know that I need arm9 kernel acess to and patch a lot of other things but with time everythings can be achieved so
maybe Soon™
And yep I don't know all the details about 3ds so that's why I'm gonna read a lot of doc this hollidays and do a lot of testing

 

[motezazer]

Well haven't already read very much documentation about how work 3ds but I'm gonna go deeper in it this holidays so wish me good luck
anywy if I share it it will be fully oppen source so I think I will have fun time ^^

ARM9 handles all crypto stuff, so you must have ARM9 access.
The "easy way" to make a ROM loader is to patch VerifyRSASha256, so it would allow CIA ROMs.
But :
-you must perform yourself a firmlaunch ;
-you must find a way to install your first CIA installer.

 

[Alkéryn]

ARM9 handles all crypto stuff, so you must have ARM9 access.
The "easy way" to make a ROM loader is to patch VerifyRSASha256, so it would allow CIA ROMs.
But :
-you must perform yourself a firmlaunch ;
-you must find a way to install your first CIA installer.

once i patched signaturec heck maybe I could use FBI if not then I will even have to create a CIA installer but once I will be there i don't think it would be the hardest part ^^
Btw if you know where I can read some detailed doc I would be gratefull =)

 

[VinsCool]

Alkéryn, we know you have good ideas and such, but please, be honnest with yourself. This won't happen so easily. At least, stop saying "you are going to do it", this only project a noobish image of yourself.
I'd suggested you to not speak loudly about what you are going to do. Wait for the right time to announce something. Right now you look like a script kiddie pretending to know stuff.

I'm not criticising you but stongly advicing you to keep quiet and do your stuff privately

 

[motezazer]

once i patched signaturec heck maybe I could use FBI if not then I will even have to create a CIA installer but once I will be there i don't think it would be the hardest part ^^
Btw if you know where I can read some detailed doc I would be gratefull =)

Firmlaunch isn't documented because it would lead to piracy.
You have luck that firmlaunchhax remove a lot of work.
Any other documentation on 3dbrew.org

 

[Alkéryn]

Alkéryn, we know you have good ideas and such, but please, be honnest with yourself. This won't happen so easily. At least, stop saying "you are going to do it", this only project a noobish image of yourself.
I'd suggested you to not speak loudly about what you are going to do. Wait for the right time to announce something. Right now you look like a script kiddie pretending to know stuff.

I'm not criticising you but stongly advicing you to keep quiet and do your stuff privately

You are rigth but cause I'm lazy the fact that I said that i will do it push me to do it and figth against my lazyness even if it will be a huge project and i may not succed for long it will be a good experience as a devlopers so i take it more like a training challenge than just showing off now that I said I will do it or at least try to make that for my self-estime

 

[motezazer]

You are rigth but cause I'm lazy the fact that I said that i will do it push me to do it and figth against my lazyness even if it will be a huge project and i may not succed for long it will be a good experience as a devlopers so i take it more like a training challenge than just showing off now that I said I will do it or at least try to make that for my self-estime

I don't think you will succeed but I gave you the informations you need if you want to do that.
You must of course RE Process9 or you will never succeed.

EDIT : I hope you like ARM assembly...

 

[Alkéryn]

I don't think you will succeed but I gave you the informations you need if you want to do that.
You must of course RE Process9 or you will never succeed.

EDIT : I hope you like ARM assembly...

Yeah who don't like to write on a keyboard with nails on it? ^^
but thank anyway for your advise =)

 

[Zidapi]

Yeah who don't like to write on a keyboard with nails on it? ^^
but thank anyway for your advise =)

As mentioned 3Dbrew has the best documentation of the 3DS anywhere, but there's a lot of stuff you're going to have to figure out on your own.

What experience do you have with this sort of thing? What makes you so confident that you can achieve this?

It's a little difficult to take you seriously without knowing your background.

 

[williamcesar2]

Who wouldn't be?

lol these guys were making money from piracy! Who from Wii/PSP scène has been arrested after to drop a CFW?

 

[pikatsu]

lol these guys were making money from piracy! Who from Wii/PSP scène has been arrested after to drop a CFW?

I think all this people are making money from this. Their intention is to advertise their skills to Gateway by finding exploits and ways trying to cooparate with Gateway and make profit. It would be easy and safe for them, if they want, to make a cfw and a member id and release it from an unknown internet connection.

 

[Zidapi]

I think all this people are making money from this. Their intention is to advertise their skills to Gateway by finding exploits and ways trying to cooparate with Gateway and make profit. It would be easy and safe for them, if they want, to make a cfw and a member id and release it from an unknown internet connection.

lol Maybe my tinfoil hat is on the blink, but I can't take this sort of speculation seriously. I mean, are you fucking serious?

On topic: Do Nintendo offer bounties or financial incentives to hackers who report major vulnerabilities? I know some major companies do.

 

[Hashtastrophe]

On topic: Do Nintendo offer bounties or financial incentives to hackers who report major vulnerabilities? I know some major companies do.

You do know who you're talking about, right?

But seriously, if Nintendo does it likely isn't open to the public. Instead they might be paying security firms to do this. (lol probably not considering the number of exploitable 3DS vulns that we know of. If they do... they uh, might want to hire someone else to perform future audits.)

 

[WulfyStylez]

On topic: Do Nintendo offer bounties or financial incentives to hackers who report major vulnerabilities? I know some major companies do.

I'm still in school and thus haven't ever reported/sold an exploit before, but I'm aware that many major companies completely ignore requests to talk with engineers about bugs - even without requesting an incentive. It's a really bad problem. I've heard of people going waaay out of their way to dig up people's names and get in contact with them over social media to get around that, but that was also in a really extreme situation. The dude found a bug in some pacemaker software that could actually kill people, I think it was.

 

[motezazer]

On topic: Do Nintendo offer bounties or financial incentives to hackers who report major vulnerabilities? I know some major companies do.

Game console manufacturers :
-Nintendo : Will be angry, will say "There is no flaw"... etc.
-Sony : The worst of all. Will threaten you. (Yes, they will sue you for reporting flaws!)
-Microsoft is the only one who offers money (they are also OS manufacturer, remember?)

 

[Zidapi]

You do know who you're talking about, right?

But seriously, if Nintendo does it likely isn't open to the public. Instead they might be paying security firms to do this. (lol probably not considering the number of exploitable 3DS vulns that we know of. If they do... they uh, might want to hire someone else to perform future audits.)

I assumed they didn't, considering mathieulh had to tweet them about the 9.5 encryption fuck up to bring it to their attention. But I try to make a habit not assuming anything.

I know that Apple frequently credit Jailbreak devs for bringing security flaws to their attention.

I guess the sad fact is that it's likely only companies like Gateway that would be willing to pay for exploits.

But I still scoff at the suggestion that Smealum sold the exploits that made Ninjhax possible to Gateway and similar claims.

I think most of Gateway's exploits are developed in house. I doubt those in the 3DS scene who brag about their undisclosed exploits or are particularly vocal about their anti-piracy stance are the same people who are selling exploits to Gateway.

WulfyStylez
That story sounds familiar, wasn't that guy in the Defcon documentary? Defcon is like Mecca for hackers.

 

[williamcesar2]

I assumed they didn't, considering mathieulh had to tweet them about the 9.5 encryption fuck up to bring it to their attention. But I try to make a habit not assuming anything.

I know that Apple frequently credit Jailbreak devs for bringing security flaws to their attention.

I guess the sad fact is that it's likely only companies like Gateway that would be willing to pay for exploits.

But I still scoff at the suggestion that Smealum sold the exploits that made Ninjhax possible to Gateway and similar claims.

I think most of Gateway's exploits are developed in house. I doubt those in the 3DS scene who brag about their undisclosed exploits or are particularly vocal about their anti-piracy stance are the same people who are selling exploits to Gateway.

WulfyStylez
That story sounds familiar, wasn't that guy in the Defcon documentary? Defcon is like Mecca for hackers.

My gut tells me: They are!