In the part of his post I didn't quote.When was he talking about iCrap 3S?
But you're right otherwise.
He has no influence over the code what-so-ever.
In the part of his post I didn't quote.When was he talking about iCrap 3S?
But you're right otherwise.
He has no influence over the code what-so-ever.
You clearly have no idea what you're talking about, but good luck with that.You guys arn't being creative enough with this. (Ignore the fact that it probably wouldn't work due to being unsigned code) What if someone was to place code to run in the same position in memory that is accesses when displaying the manual? You click manual it executes the code... etc. No, I'm not saying this will be an exploit that the 3DS gets hacked with, but you gotta get creative when dealing with these things =P
How exactly do you intend to loading code INTO memory in that specific location? If you had some way of influencing memory to that extent, you'd probably already be running unsigned code, making it pointless.
You clearly have no idea what you're talking about, but good luck with that.You guys arn't being creative enough with this. (Ignore the fact that it probably wouldn't work due to being unsigned code) What if someone was to place code to run in the same position in memory that is accesses when displaying the manual? You click manual it executes the code... etc. No, I'm not saying this will be an exploit that the 3DS gets hacked with, but you gotta get creative when dealing with these things =P
How exactly do you intend to loading code INTO memory in that specific location? If you had some way of influencing memory to that extent, you'd probably already be running unsigned code, making it pointless.
Late response, but you misunderstood. If you insert a modified cartridge, or simply create a connection between the I/O device and some custom hardware, when the 3DS sends out a request for the manual, a modified request can be returned. If it is simply text that is executed, there may be a sort of buffer overflow exploit that can be used in order to execute external code.
You clearly have no idea what you're talking about, but good luck with that.You guys arn't being creative enough with this. (Ignore the fact that it probably wouldn't work due to being unsigned code) What if someone was to place code to run in the same position in memory that is accesses when displaying the manual? You click manual it executes the code... etc. No, I'm not saying this will be an exploit that the 3DS gets hacked with, but you gotta get creative when dealing with these things =P
How exactly do you intend to loading code INTO memory in that specific location? If you had some way of influencing memory to that extent, you'd probably already be running unsigned code, making it pointless.
Late response, but you misunderstood. If you insert a modified cartridge, or simply create a connection between the I/O device and some custom hardware, when the 3DS sends out a request for the manual, a modified request can be returned. If it is simply text that is executed, there may be a sort of buffer overflow exploit that can be used in order to execute external code.
Every on cartridges is encrypted and signed. You'll need to get 3DS public and private keys first. Good luck with that.
We never doubted whether it's real or not. He called it a "possible exploit/vulnerability", something we all know now that it isn't.Actually guys, this is real.
I did this with Mario Kart 7. Just put it in there (don't push it in all the way) and wait for it to load. Keep pushing and pulling it back up really fast. Then put it back in then take it out as soon as the picture comes up. Then you can't open any app without it crashing. Also for some reason the music and animations are still going on the system menu.
It also takes a few more seconds to turn off.
This could lead to something.Okay, so I just tried this again and I found something odd. If you remove the sd card, the apps that are on your sd cards are still on the 3ds.
Can you still launch them though? I'm gonna take a guess that if the system has crashed and they're not launchable it's useless. Don't listen to me though, I'm no expert.Okay, so I just tried this again and I found something odd. If you remove the sd card, the apps that are on your sd cards are still on the 3ds.
This could lead to something.Okay, so I just tried this again and I found something odd. If you remove the sd card, the apps that are on your sd cards are still on the 3ds.
I'll test them right now. They probably won't load.Can you still launch them though? I'm gonna take a guess that if the system has crashed and they're not launchable it's useless. Don't listen to me though, I'm no expert.Okay, so I just tried this again and I found something odd. If you remove the sd card, the apps that are on your sd cards are still on the 3ds.
No, but the fact that it knows there's a valid header there, but you could remove the SD, edit data (if you can find a key, doubt that'd happen) and place it back in. Then you'd go to the app you modified and launch the proper banner.This could lead to something.Okay, so I just tried this again and I found something odd. If you remove the sd card, the apps that are on your sd cards are still on the 3ds.
Not really. Some apps install a shortcut on the 3DS but create the data onto the SD card. Like Android's "App 2 SD" function.
Even if you manage to encrypt the content, this in no way guarantees code execution - what matters is how the buffer is declared within the system - you can't overflow any buffer you want, most have a fixed size or assign the size for themselves on the fly using a'la malloc(sizeof(filepath)); methods in areas of the memory that you cannot execute binary code from.Late response, but you misunderstood. If you insert a modified cartridge, or simply create a connection between the I/O device and some custom hardware, when the 3DS sends out a request for the manual, a modified request can be returned. If it is simply text that is executed, there may be a sort of buffer overflow exploit that can be used in order to execute external code.