Homebrew ALL 3 Methods to get unbanned from recent ban wave

[xXPaulMCXx]

Nice to see that UnbanMii is used now

== Update ==
ok, 2.0 *might* be released by today, the Team doesn't know yet. We are still working on the Networking. If that's done, we'll polish 2.0 up and Release it :3

 

[Alex S]

Soon UnBanMii 2.0 will be released for all 3DS CFW users, and unbanning will be as easy as a click! No More Paranoia!!

 

[gamemasteru03]

The guide has been updated! Here's the changelog!

1) Unban Mii 2.0 support added! (Method 3 has been disabled intill the 2.0 updates hits tonight or tommrow)

2)Spelling fixes!

 

[CybaltM]

OP, why are you saying that Method 3 is dead? It works completely fine. You are giving people the wrong information bro.

 

[gamemasteru03]

OP, why are you saying that Method 3 is dead? It works completely fine. You are giving people the wrong information bro.

The poll was made when method 3 was killed by the 1st public seed doner. But was then brought back to life by a reuploader and has been alive ever since. If a mod could fix that it would be wonderful!

 

[gamemasteru03]

Added a upload guide for uploading seeds to help method 3!

 

[astronautlevel]

So, I got a bit bored at work and decided to try to figure out why UnbanMii 2.0 was closed source.

It used some rather interesting xorpad encryption (for anyone interested, this was the xorpad key:

)

Seems like it did a bit more than a xorpad that I didn't bother figuring out, but I didn't need to.

After putting a breakpoint on the first HTTP request (one sent to the server in order to get the LFSC_B), a stackdump at that point revealed some... rather interesting things, namely:

There's an option in UnbanMii to upload your LFSC_B, however, the interesting thing is that even if you don't select this option it uploads your LFSC_B, as well as some other information (namely moveable.sed).

I would highly recommend not using this software. Even if this is a bug or the creators change this behavior, effectively stealing every uses LFSC_B is such a breach and violation of trust that I would never recommend this software to anyone ever again.

Not only is this unethical, it is illegal in many places around the world, including potentially the United States, where the server seems to be hosted.

Also, additional proof: captured the packet sent when requesting to download a LFSC_B with wireshark:

Once again, the seed is being transferred (just in case you didnt trust my stackdump).

EDIT: Also it uploads your serial and secureinfo_A, which shouldn't even be necessary for unbanning. This is seriously shady as fuck.

DOUBLE EDIT: See my updated assessment here: http://gbatemp.net/threads/all-3-me...m-recent-ban-wave.450679/page-85#post-7474721

 

[Majickhat55]

<SNIP>.

This is both extremely telling, and worrying to boot. Although I don't see what he can do with console info that's already been banned. Your LFCS_B is banned if you're using unbanmii so what's the point in having it upload in tandem?

Regardless, that's some bullshit thank you so much for figuring this out and letting everyone know. I'll disseminate this information through all of my hacking corners. I was wondering why there wasn't a direct mirror link to the seed, and he forced the program. What an asshole.

 

[ihaveahax]

This is both extremely telling, and worrying to boot. Although I don't see what he can do with console info that's already been banned. Your LFCS_B is banned if you're using unbanmii so what's the point in having it upload in tandem?

Regardless, that's some bullshit thank you so much for figuring this out and letting everyone know. I'll disseminate this information through all of my hacking corners. I was wondering why there wasn't a direct mirror link to the seed, and he forced the program. What an asshole.

it's not just uploading LocalFriendCodeSeed_B, it does movable.sed and SecureInfo_A (which astronautlevel forgot to show). uploading console-unique data like this, banned or not, is a huge breach of trust. SecureInfo_A isn't even needed for unbanning.

 

[Majickhat55]

it's not just uploading LocalFriendCodeSeed_B, it does movable.sed and SecureInfo_A (which astronautlevel forgot to show). uploading console-unique data like this, banned or not, is a huge breach of trust. SecureInfo_A isn't even needed for unbanning.

Agreed, I was just curious as to what he can do with it (in a malicious context). Anyhow @astronautlevel I quoted your post in the official UnbanMii thread on THAT site. The more people that know, the better. Plus, I'm a dick like that so I wanted the dev to know, that we know.

 

[zoogie]

Agreed, I was just curious as to what he can do with it (in a malicious context). Anyhow @astronautlevel I quoted your post in the official UnbanMii thread on THAT site. The more people that know, the better. Plus, I'm a dick like that so I wanted the dev to know, that we know.

Steal your console's unique online identity to unban themselves, then get you banned and move on to someone else's console identity. Rinse, repeat.

 

[SciresM]

Wow, is this the first 3DS malware? Never thought I'd see the day.

 

[ihaveahax]

Wow, is this the first 3DS malware? Never thought I'd see the day.

it's surprising to me that it took this long for 3DS malware to appear. Vita got malware early on when HENkaku was released (memory card formatters and deleting files in os0: ). that's why they have have "safe homebrew" now, which disables access to things most homebrew don't need.

 

[linuxares]

Well damn, I hope the older version didn't since I just used it.

 

[astronautlevel]

Well damn, I hope the older version didn't since I just used it.

Version 1.0 is open source.

 

[linuxares]

Version 1.0 is open source.

Ah okey, it was like version 1.3 or something I just used. So I guess I'm in the clear.

This tool shouldn't need any uploading function at all, just download. So it's really shady.


Btw, can you delete the movable.sed? Since I have no use for it.

 

[Apache Thunder]

Btw, can you delete the movable.sed? Since I have no use for it.

lol, no not really. The console uses that to seed authentication stuff for SD encryption/System save data among other things. So no not a good idea to just go and delete that.

With CFW you could switch to a movable.sed that uses zero'd keys and what not so that it's not uniquely identifiable, but if you want to preserve your game saves, etc, it would take some level of pre-preperation/backup of that data before you would do it.

 

[linuxares]

lol, no not really. The console uses that to seed autentication stuff for SD encryption/System save data among other things. So no not a good idea to just go and delete that.

Son of a....! Well I'm not going to download 2.0 of that app then. I wish not to get my O3DS banned... if someone is going to get it banned, it's me!

 

[WeedZ]

So, I got a bit bored at work and decided to try to figure out why UnbanMii 2.0 was closed source.

It used some rather interesting xorpad encryption (for anyone interested, this was the xorpad key:
View attachment 93856)

Seems like it did a bit more than a xorpad that I didn't bother figuring out, but I didn't need to.

After putting a breakpoint on the first HTTP request (one sent to the server in order to get the LFSC_B), a stackdump at that point revealed some... rather interesting things, namely:

View attachment 93857

There's an option in UnbanMii to upload your LFSC_B, however, the interesting thing is that even if you don't select this option it uploads your LFSC_B, as well as some other information (namely moveable.sed).

I would highly recommend not using this software. Even if this is a bug or the creators change this behavior, effectively stealing every uses LFSC_B is such a breach and violation of trust that I would never recommend this software to anyone ever again.

Not only is this unethical, it is illegal in many places around the world, including potentially the United States, where the server seems to be hosted.

Also, additional proof: captured the packet sent when requesting to download a LFSC_B with wireshark:
View attachment 93863

Once again, the seed is being transferred (just in case you didnt trust my stackdump).

EDIT: Also it uploads your serial and secureinfo_A, which shouldn't even be necessary for unbanning. This is seriously shady as fuck.

What do you think this is for. Selling to ninty?

 

[linuxares]

What do you think this is for. Selling to ninty?

My bet is to get more keys.