Hacking Introduction to how 3DS hacks work

Status
Not open for further replies.
fire-pls

fire-pls

New Member
Newbie
Level 1
Joined
May 28, 2019
Messages
2
Trophies
0
Age
29
Location
Tokyo
XP
59
Country
Japan
Fascinating write-up! I originally hacked my o3ds with OoT & rxTools a few years back, had no idea what I was doing then. Re-installed cfw a few months back with 3ds.guide & it was much simpler -- but still had no idea what I was doing lol.

As far as a "general" understanding goes, I think this post explains it pretty well. But I do have one question regarding sighax:

As it was described in the post, I don't exactly understand how the "brute force" comes into play as described here --
MrJason005 said:
Think about this: You can move the pointer wherever you want thanks to the 0d value, and you also brute force a signature (given enough computational power) which when decrypted with the public key will give you your desired layout of all the bytes. What can we do with these two facts?
Click to expand...

Sorry if my noob understanding is flawed, but this is how it's parsed in my mind:
  1. Set the inner block size
  2. Hackers set this to the beginning of the actual calculated hash (instead of the correct hash)
  3. The parser then jumps to the area immediately outside the signature
  4. It treats these bytes as input for generating a new calculated hash
  5. That region outside the signature is overwritten with this new calculated hash
  6. Then it jumps back? (is it GOTO assembly style?) to the actual calculated hash designated at the start
  7. It compares the designated region with the region outside the actual signature
  8. This will pass, because this region
    MrJason005 said:
    ...will contain the hash of the current state of the NAND header
    Click to expand...
    (calculated from the previous signature check?)
I guess another question is how much control do hackers have over the area beyond the calculated hash?

Forgive my lack of understanding... I'd really like to understand the mechanics as it's fascinating
 
Dasher_The_Viral

Dasher_The_Viral

Member
Newcomer
Level 1
Joined
Jun 5, 2019
Messages
9
Trophies
0
Age
29
Location
N/A
Website
audiomack.com
XP
62
Country
Canada
I am very glad that you wrote this description, it really helps me understand how people managed to completely take over the 3DS, and it's like a freaking breadcrumb trail story, where the person who wanted to be free, found a way out! :D

This really helps me further understand why this works and how people managed to make it work, and for that, I thank you very much! ^~^
 
Status
Not open for further replies.

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew  A new way to experience StreetPass

Is it possible...?

Hacking Hardware  New Nintendo 3DS XL Louvre

Emulation  i have citra, i have my aes keys installed, how do i get the home menu

Hardware  Why does my 3DS take so long to turn off?

Hacking Misc  VCRUNTIME140.dll UCRTBASED.dll Master Thread

Translation Project  DQM2SP translation

What's the best 3DS emulator (especially after Citra's shutdown)?

General chit-chat
Help Users
  • Sicklyboy @ Sicklyboy:
    I'm not familiar with the technicalities of the differences between the two versions, but I'm wondering if at least some of those differences are things that you could port over to the US version in your patch without having to include copyrighted assets from the EU version
  • TwoSpikedHands @ TwoSpikedHands:
    @Sicklyboy I am wanting to fully change the game and bend it to my will lol. I would like to eventually have the ability to add more characters, enemies, even have a completely different story if i wanted. I already have the ability to change the tilemaps in the US version, so I can basically make my own map and warp to it in game - so I'm pretty far into it!
  • TwoSpikedHands @ TwoSpikedHands:
    I really would like to make a hack that I would enjoy playing, and maybe other people would too. swapping to the EU version would also mean my US friends could not legally play it
  • TwoSpikedHands @ TwoSpikedHands:
    I am definitely considering porting over some of the EU features without using the actual ROM itself, tbh that would probably be the best way to go about it... but i'm sad that the voice acting is so.... not good on the US version. May not be a way around that though
  • TwoSpikedHands @ TwoSpikedHands:
    I appreciate the insight!
  • The Real Jdbye @ The Real Jdbye:
    @TwoSpikedHands just switch, all the knowledge you learned still applies and most of the code and assets should be the same anyway
  • The Real Jdbye @ The Real Jdbye:
    and realistically they wouldn't

    be able to play it legally anyway since they need a ROM and they probably don't have the means to dump it themselves
  • The Real Jdbye @ The Real Jdbye:
    why the shit does the shitbox randomly insert newlines in my messages
  • Veho @ Veho:
    It does that when I edit a post.
  • Veho @ Veho:
    It inserts a newline in a random spot.
  • The Real Jdbye @ The Real Jdbye:
    never had that i don't think
  • Karma177 @ Karma177:
    do y'all think having an sd card that has a write speed of 700kb/s is a bad idea?
    trying to restore emunand rn but it's taking ages... (also when I finished the first time hekate decided to delete all my fucking files :wacko:)
  • The Real Jdbye @ The Real Jdbye:
    @Karma177 that sd card is 100% faulty so yes, its a bad idea
  • The Real Jdbye @ The Real Jdbye:
    even the slowest non-sdhc sd cards are a few MB/s
  • Psionic Roshambo @ Psionic Roshambo:
    https://www.youtube.com/watch?v=SjCivnt5t50
  • Karma177 @ Karma177:
    @The Real Jdbye it hasn't given me any error trying to write things on it so I don't really think it's faulty (pasted 40/50gb+ folders and no write errors)
  • DinohScene @ DinohScene:
    run h2testw on it
     +1
  • DinohScene @ DinohScene:
    when SD cards/microSD write speeds drop below a meg a sec, they're usually on the verge of dying
     +1
  • Psionic Roshambo @ Psionic Roshambo:
    Samsung SD format can sometimes fix them too
  • Purple_Heart @ Purple_Heart:
    yes looks like an faulty sd
  • Purple_Heart @ Purple_Heart:
    @Psionic Roshambo i may try that with my dead sd cards
     +1
  • Psionic Roshambo @ Psionic Roshambo:
    It's always worth a shot
  • TwoSpikedHands @ TwoSpikedHands:
    @The Real Jdbye, I considered that, but i'll have to wait until i can get the eu version in the mail lol
  • I @ I-need-help-with-wup-wiiu:
    i need help with nusspli failed downloads, can someone respond to my thread? pretty please:wub:
  • I @ I-need-help-with-wup-wiiu:
    :yayu::yayu::yayu: