Hacking Post your ideas regarding how to hack the 3DS, here
- Thread starter Vulpes Abnocto
- Start date
- Views 430,628
- Replies 1,786
- Likes 1
Even if that had been true (in the sense you think it is), no, it would not mean that.
So, how about a programmer write an app we can all download, which connects us to a server and downloads a piece of the RSA encrypted nintendata for decryption/attack? A server farm, not unlike SETI at home. Raw, unadulterated computing power.
At least something will be "in progress" while other methods are being tried.
Aside from hardware hacks, I cannot think of much else at this time. Is anyone attempting to directly interface with the memory or alter it at all? Perhaps if the local keys can be altered in realtime to a known key, the signatures can be forged to match.
Just realised I necroposted, sorry.
At least something will be "in progress" while other methods are being tried.
Aside from hardware hacks, I cannot think of much else at this time. Is anyone attempting to directly interface with the memory or alter it at all? Perhaps if the local keys can be altered in realtime to a known key, the signatures can be forged to match.
Just realised I necroposted, sorry.
You know the post before yours was the day before, right? That's not necroposting...Just realised I necroposted, sorry.
Anyway, the sort of distributed bruteforce you suggest has been suggested at least a few times already, and I do not know of any instance where RSA encryption has been broken in this way. Due to the huge amount of possibly keys, even with the whole community running some program 24 hours a day, 7 days a week, it would still take hundreds of thousands of years (that's being optimistic) even with vast improvements in processing power between now and then. Of course, there is a chance it could be the first key tried. (there is a very close to zero chance of that, but it's possible. Equal probability to it being the last possible key, or the 20339203957th key [until some keys have been tried, then the probability of it being the last key or the 20339203957th key will increase very slightly].
Oh I glanced, 3am, Im tired, I looked at the joined date, derp
A 64 bit key has been broken, I would have to dig to find the method, however there are several attack methods which can be used.
A 64 bit key has been broken, I would have to dig to find the method, however there are several attack methods which can be used.
Question. Did Neimod confirm that the 3ds cannot be hacked?
[18:43:35] i don't think homebrew on 3ds is going to be possible at all
[18:43:46]
[18:43:50] elaborate
[18:43:58] and i'm 99.9% certain when i say that
[18:44:33] atleast, not with a pure software solution
[18:56:30] a tiny ram interposer for example, would do the trick
[18:56:44] but that's something not everybody can do at their home
[18:57:22] not to mention the signal integrity when running at full clockspeed
[18:57:43] (even though, it could dynamically be lowered for when it's time to patch memory)
Does this mean we need a J-tag?
[18:43:35] i don't think homebrew on 3ds is going to be possible at all
[18:43:46]
[18:43:50] elaborate
[18:43:58] and i'm 99.9% certain when i say that
[18:44:33] atleast, not with a pure software solution
[18:56:30] a tiny ram interposer for example, would do the trick
[18:56:44] but that's something not everybody can do at their home
[18:57:22] not to mention the signal integrity when running at full clockspeed
[18:57:43] (even though, it could dynamically be lowered for when it's time to patch memory)
Does this mean we need a J-tag?
A j-tag programs the nand. Im guessing maybe a mod chip that goes over the ram.
new theory: if the eshop is set up like NUSD would it be possible to create a qr code for the firmware download.
new theory: if the eshop is set up like NUSD would it be possible to create a qr code for the firmware download.
Question. Did Neimod confirm that the 3ds cannot be hacked?
[18:43:35] i don't think homebrew on 3ds is going to be possible at all
[18:43:46]
[18:43:50] elaborate
[18:43:58] and i'm 99.9% certain when i say that
[18:44:33] atleast, not with a pure software solution
[18:56:30] a tiny ram interposer for example, would do the trick
[18:56:44] but that's something not everybody can do at their home
[18:57:22] not to mention the signal integrity when running at full clockspeed
[18:57:43] (even though, it could dynamically be lowered for when it's time to patch memory)
Does this mean we need a J-tag?
Kinda sucks how they work alone trying to prove something instead of gathering people and making it possible, been 1 and a half year already.
I have one interesting theory for play 3DS backups.
I think somebody can create a program that emulates the Transfer Data program of Nintendo 3DS, but for connexion between PC and 3DS.
I think somebody can create a program that emulates the Transfer Data program of Nintendo 3DS, but for connexion between PC and 3DS.
I read somewhere around here, about a theory of creating a 1-1 flashcart that would essentially act as a retail cart, containing only 1 rom at a time. Now they were saying the problem with creating such a cart was memory size, as different roms require different size memory. So wouldn't the solution, then, be to make it have enough memory for the biggest rom's requirements and then bundle(or provide a download for ) a program that would write the appropriate sized partition for whatever rom your installing and then write the rom to that partition?
Now try reading my question. I know what it was called and specifically didnt mention crown3ds because I'm well aware it was fake. If you cant be bothered to read the post dont reply to it. Let the big kids talk.
I agree about the hacking method not being a software solution, it looks like some enterprising people are gonna have to start looking at dumping RAM/ROM chips and analysing the actual data buses to get any knowledge about the firmware and where the point of attack would be.
I'd guess that the firmware/OS would contain the private keys needed to decrypt games, but I doubt it'll be as easy as a simple firmware dump either. Much like the PS3/360 you'll have to find a way to get the decrypted data in RAM instead while the unit is running probably.
Of course this is all generalised, speculative and based on how other hacking methods have come about, what is specifically needed for the 3DS will only be known to those who are willing to try and do the hardware research.
Anyone around here have an oscillator and data probes?
I'm also curious as to how the decryption works, does the system authenticate with the cart and is allowed access to the decrypted memory? Or does the system decrypt the cart into it's own memory? Or decrypt it on the fly while accessing it? The last option would probably be the worst case scenario.
I'd guess that the firmware/OS would contain the private keys needed to decrypt games, but I doubt it'll be as easy as a simple firmware dump either. Much like the PS3/360 you'll have to find a way to get the decrypted data in RAM instead while the unit is running probably.
Of course this is all generalised, speculative and based on how other hacking methods have come about, what is specifically needed for the 3DS will only be known to those who are willing to try and do the hardware research.
Anyone around here have an oscillator and data probes?
I'm also curious as to how the decryption works, does the system authenticate with the cart and is allowed access to the decrypted memory? Or does the system decrypt the cart into it's own memory? Or decrypt it on the fly while accessing it? The last option would probably be the worst case scenario.
A 64 bit rsa key can probably be brocken in reasonable time using pen and paper.
On my dated PC even 80 bit took only ~55ms.
The largest known broken key is 768 bits.
Problem is the most used key size is 1024-2048 bits, 4096 if it is important.
And each aditional bit at least doubles the required effort.
Does anyone know if there is any new information about 3DeSmuME that we posted about a while back. I've been off this subject for a little while so I'm just curious.
Schools taking over my life!
Schools taking over my life!
Can someone tell me if any awesome ideas have come up besides neimods work? Ive been trying to think of a viable way to bypass/ find a way to get through ninty's security. The more i think about it, the more im worried that long term hacking of the 3ds will be hardware dependent.
Also, has anyone thought of creating a custom firmware after we learn more about 3ds hardware and its own firmware. If we could find a way to dump an entire os/firmware onto the nand replacing the original firmware, couldn't you do whatever the heck you wanted with the hardware? I would like somebody who knows what he's talking about to explain the viability of this.
Also, has anyone thought of creating a custom firmware after we learn more about 3ds hardware and its own firmware. If we could find a way to dump an entire os/firmware onto the nand replacing the original firmware, couldn't you do whatever the heck you wanted with the hardware? I would like somebody who knows what he's talking about to explain the viability of this.
Similar threads
