Homebrew What is the NDS vulnerability finding and exploit development setup?

kNNplus

Member
OP
Newcomer
Joined
Jan 2, 2018
Messages
9
Trophies
0
Age
30
XP
52
Country
Spain
Google is your friend. bios and nands are on there somewhere.

As I said, I am not going to waste more time searching on Google. My goal is doing security research and exploit development; not dealing with the setup problems. I have much better things to do that searching for the way to setup the debugger and the games/apps (flipnote) I am going to try.

the bios is already included if you downloaded the "no$gba with dsi emulation" that's floating around. just replace the no$gba.exe with debug version one. (I'll see what i can do on the nand part)

I have a working debugger with files I found on Reddit (the DSi user is Nethan). But it does not have flipnote installed, so I cannot directly work with it. I do not want to waste time on trying to install the game/app, I want something ready to use. Maybe it is not the way I should do it, but my goal is clear, I do not want to deal with anything else. Preparing the setup seems to be very time consuming, and I have better things to do. Thank you very much for your help.


It is simple, preparing the setup seems to require too much time, and it requires too much time searching on Google for nand dumps, the way of installing apps/games, etc. The time needed to start with my main goal is very elevated for me. It is not worth it. I do not want a hack for my DSi, I just want to practise security research on this console and develop some exploits (if possible).
 

Technicmaster0

Well-Known Member
Member
Joined
Oct 22, 2011
Messages
4,404
Trophies
2
Website
www.flashkarten.tk
XP
3,479
Country
Gambia, The
As I said, I am not going to waste more time searching on Google. My goal is doing security research and exploit development; not dealing with the setup problems. I have much better things to do that searching for the way to setup the debugger and the games/apps (flipnote) I am going to try.
You delivered nothing but are asking others to find stuff for you because your time is too precious? Don't be so rude.
Security researching might not be the right thing for you if you don't even have the patience to set everyting up.
 

thom_tl

Well-Known Member
Member
Joined
Aug 18, 2017
Messages
180
Trophies
0
Location
Behind my desk.
XP
210
Country
Netherlands
As I said, I am not going to waste more time searching on Google. My goal is doing security research and exploit development; not dealing with the setup problems. I have much better things to do that searching for the way to setup the debugger and the games/apps (flipnote) I am going to try.



I have a working debugger with files I found on Reddit (the DSi user is Nethan). But it does not have flipnote installed, so I cannot directly work with it. I do not want to waste time on trying to install the game/app, I want something ready to use. Maybe it is not the way I should do it, but my goal is clear, I do not want to deal with anything else. Preparing the setup seems to be very time consuming, and I have better things to do. Thank you very much for your help.


It is simple, preparing the setup seems to require too much time, and it requires too much time searching on Google for nand dumps, the way of installing apps/games, etc. The time needed to start with my main goal is very elevated for me. It is not worth it. I do not want a hack for my DSi, I just want to practise security research on this console and develop some exploits (if possible).
With that attitude you're not going to get anywhere. The bios and firmware was within the first google page, if you don't have enough time to deal with this you're not going to find vulns.
 
  • Like
Reactions: Technicmaster0
D

Deleted-369620

Guest
Do you have a link to this??

Anyway, I have given up. I wanted to do security research (find vulnerabilities and develop exploits), but preparing the setup is time consuming, and it is not my goal. Also, the debugger (no$gba) only works on Windows and I am not a windows user. The community I see in the DSi scene is not good.. No one of the exploit's developers has replied to this thread, no one shares info about the vulnerabilities/exploits. With this kind of community no one wants to start, there is no info to start the research, if you want to start you have to start from the beginning. It is frustrating and it is not my goal. Also, it makes people to work alone and not sharing their work.

Maybe if someone provide the bios/nand files to use the debugger with flipnote installed (EUR or USA version, it does not matter, I prefer EUR, but for the research any of them is ok) I will use it to start with the research.

http://problemkaputt.de/gbatek.htm#dsisdmmcflipnotefiles this mentions the flipnote files and http://problemkaputt.de/gbatek.htm#biosrsafunctionsdsionly mentions the public and private keys.
 

kNNplus

Member
OP
Newcomer
Joined
Jan 2, 2018
Messages
9
Trophies
0
Age
30
XP
52
Country
Spain
You delivered nothing but are asking others to find stuff for you because your time is too precious? Don't be so rude.
Security researching might not be the right thing for you if you don't even have the patience to set everyting up.

With that attitude you're not going to get anywhere. The bios and firmware was within the first google page, if you don't have enough time to deal with this you're not going to find vulns.

The problem is I do not have too much time, and I just want to have a fun time doing some security research and overall I want to do exploit development. For my it is enough to use ".nds" games (no DSiWare games/apps) to look for vulnerabilities and to do exploit development. It is all I want, it is my goal. Just practicing ARM exploitation in the DSi. I thought it could be easier to start with DSiWare games, and it could be more interesting because at the same time I practice I could try to find useful vulnerabilities for the community. But preparing all the setup requires too much time, so I am not achieving my goal of practicing exploiting on ARM in the DSi.

Sorry I have sounded rude or something..


Thank you for the link, I will take a look asap :)

If you are still wanting to start researching vulns here is a good start. https://cturt.github.io/DS-exploit-finding.html

I already read it, it was the reason why I thought about starting to do some exploit development in DSi. As I said before, I thought that starting with DSiWare apps/games could be better for all and does not require so much time to prepare the setup.
 
  • Like
Reactions: thom_tl

smf

Well-Known Member
Member
Joined
Feb 23, 2009
Messages
6,638
Trophies
2
XP
5,835
Country
United Kingdom
I have a working debugger with files I found on Reddit (the DSi user is Nethan). But it does not have flipnote installed, so I cannot directly work with it. I do not want to waste time on trying to install the game/app, I want something ready to use. Maybe it is not the way I should do it, but my goal is clear, I do not want to deal with anything else. Preparing the setup seems to be very time consuming, and I have better things to do. Thank you very much for your help.

Telling you where to find the files ready to download is very time consuming. I have better things to do.
 

thom_tl

Well-Known Member
Member
Joined
Aug 18, 2017
Messages
180
Trophies
0
Location
Behind my desk.
XP
210
Country
Netherlands
The problem is I do not have too much time, and I just want to have a fun time doing some security research and overall I want to do exploit development. For my it is enough to use ".nds" games (no DSiWare games/apps) to look for vulnerabilities and to do exploit development. It is all I want, it is my goal. Just practicing ARM exploitation in the DSi. I thought it could be easier to start with DSiWare games, and it could be more interesting because at the same time I practice I could try to find useful vulnerabilities for the community. But preparing all the setup requires too much time, so I am not achieving my goal of practicing exploiting on ARM in the DSi.

Sorry I have sounded rude or something..



Thank you for the link, I will take a look asap :)



I already read it, it was the reason why I thought about starting to do some exploit development in DSi. As I said before, I thought that starting with DSiWare apps/games could be better for all and does not require so much time to prepare the setup.
No, ds/dsi cardridges are way easyer since if you have a flashcard save hacks are easely tested. To test a save on dsiware you need to flash your entier nand. with fwtool/flipnote it's kind of unstable to do it multiple times, thats why a hardmod is recommended in this case.
edit: if your dsi is on a low version (under 1.4.2 i think) you can import them via settings/datamanagement
 
Last edited by thom_tl,

Deleted member 424658

Annoying Weaboo Girl
Member
Joined
Jun 4, 2017
Messages
499
Trophies
0
Age
24
Website
www.reddit.com
XP
677
Country
United States
No, ds/dsi cardridges are way easyer since if you have a flashcard save hacks are easely tested. To test a save on dsiware you need to flash your entier nand. with fwtool/flipnote it's kind of unstable to do it multiple times, thats why a hardmod is recommended in this case.
edit: if your dsi is on a low version (under 1.4.2 i think) you can import them via settings/datamanagement
You don't need to flash the entire nand, you can write a script for twlnf to copy the save.
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
    SylverReZ @ SylverReZ: @salazarcosplay, Morning