Homebrew What is the NDS vulnerability finding and exploit development setup?

[kNNplus]

Google is your friend. bios and nands are on there somewhere.

As I said, I am not going to waste more time searching on Google. My goal is doing security research and exploit development; not dealing with the setup problems. I have much better things to do that searching for the way to setup the debugger and the games/apps (flipnote) I am going to try.

the bios is already included if you downloaded the "no$gba with dsi emulation" that's floating around. just replace the no$gba.exe with debug version one. (I'll see what i can do on the nand part)

I have a working debugger with files I found on Reddit (the DSi user is Nethan). But it does not have flipnote installed, so I cannot directly work with it. I do not want to waste time on trying to install the game/app, I want something ready to use. Maybe it is not the way I should do it, but my goal is clear, I do not want to deal with anything else. Preparing the setup seems to be very time consuming, and I have better things to do. Thank you very much for your help.


It is simple, preparing the setup seems to require too much time, and it requires too much time searching on Google for nand dumps, the way of installing apps/games, etc. The time needed to start with my main goal is very elevated for me. It is not worth it. I do not want a hack for my DSi, I just want to practise security research on this console and develop some exploits (if possible).

 

[Technicmaster0]

As I said, I am not going to waste more time searching on Google. My goal is doing security research and exploit development; not dealing with the setup problems. I have much better things to do that searching for the way to setup the debugger and the games/apps (flipnote) I am going to try.

You delivered nothing but are asking others to find stuff for you because your time is too precious? Don't be so rude.
Security researching might not be the right thing for you if you don't even have the patience to set everyting up.

 

[thom_tl]

As I said, I am not going to waste more time searching on Google. My goal is doing security research and exploit development; not dealing with the setup problems. I have much better things to do that searching for the way to setup the debugger and the games/apps (flipnote) I am going to try.



I have a working debugger with files I found on Reddit (the DSi user is Nethan). But it does not have flipnote installed, so I cannot directly work with it. I do not want to waste time on trying to install the game/app, I want something ready to use. Maybe it is not the way I should do it, but my goal is clear, I do not want to deal with anything else. Preparing the setup seems to be very time consuming, and I have better things to do. Thank you very much for your help.


It is simple, preparing the setup seems to require too much time, and it requires too much time searching on Google for nand dumps, the way of installing apps/games, etc. The time needed to start with my main goal is very elevated for me. It is not worth it. I do not want a hack for my DSi, I just want to practise security research on this console and develop some exploits (if possible).

With that attitude you're not going to get anywhere. The bios and firmware was within the first google page, if you don't have enough time to deal with this you're not going to find vulns.

 

[Deleted-369620]

Do you have a link to this??

Anyway, I have given up. I wanted to do security research (find vulnerabilities and develop exploits), but preparing the setup is time consuming, and it is not my goal. Also, the debugger (no$gba) only works on Windows and I am not a windows user. The community I see in the DSi scene is not good.. No one of the exploit's developers has replied to this thread, no one shares info about the vulnerabilities/exploits. With this kind of community no one wants to start, there is no info to start the research, if you want to start you have to start from the beginning. It is frustrating and it is not my goal. Also, it makes people to work alone and not sharing their work.

Maybe if someone provide the bios/nand files to use the debugger with flipnote installed (EUR or USA version, it does not matter, I prefer EUR, but for the research any of them is ok) I will use it to start with the research.

http://problemkaputt.de/gbatek.htm#dsisdmmcflipnotefiles this mentions the flipnote files and http://problemkaputt.de/gbatek.htm#biosrsafunctionsdsionly mentions the public and private keys.

 

[thom_tl]

If you are still wanting to start researching vulns here is a good start. https://cturt.github.io/DS-exploit-finding.html

 

[kNNplus]

You delivered nothing but are asking others to find stuff for you because your time is too precious? Don't be so rude.
Security researching might not be the right thing for you if you don't even have the patience to set everyting up.

With that attitude you're not going to get anywhere. The bios and firmware was within the first google page, if you don't have enough time to deal with this you're not going to find vulns.

The problem is I do not have too much time, and I just want to have a fun time doing some security research and overall I want to do exploit development. For my it is enough to use ".nds" games (no DSiWare games/apps) to look for vulnerabilities and to do exploit development. It is all I want, it is my goal. Just practicing ARM exploitation in the DSi. I thought it could be easier to start with DSiWare games, and it could be more interesting because at the same time I practice I could try to find useful vulnerabilities for the community. But preparing all the setup requires too much time, so I am not achieving my goal of practicing exploiting on ARM in the DSi.

Sorry I have sounded rude or something..

http://problemkaputt.de/gbatek.htm#dsisdmmcflipnotefiles this mentions the flipnote files and http://problemkaputt.de/gbatek.htm#biosrsafunctionsdsionly mentions the public and private keys.

Thank you for the link, I will take a look asap

If you are still wanting to start researching vulns here is a good start. https://cturt.github.io/DS-exploit-finding.html

I already read it, it was the reason why I thought about starting to do some exploit development in DSi. As I said before, I thought that starting with DSiWare apps/games could be better for all and does not require so much time to prepare the setup.

 

[smf]

I have a working debugger with files I found on Reddit (the DSi user is Nethan). But it does not have flipnote installed, so I cannot directly work with it. I do not want to waste time on trying to install the game/app, I want something ready to use. Maybe it is not the way I should do it, but my goal is clear, I do not want to deal with anything else. Preparing the setup seems to be very time consuming, and I have better things to do. Thank you very much for your help.

Telling you where to find the files ready to download is very time consuming. I have better things to do.

 

[thom_tl]

The problem is I do not have too much time, and I just want to have a fun time doing some security research and overall I want to do exploit development. For my it is enough to use ".nds" games (no DSiWare games/apps) to look for vulnerabilities and to do exploit development. It is all I want, it is my goal. Just practicing ARM exploitation in the DSi. I thought it could be easier to start with DSiWare games, and it could be more interesting because at the same time I practice I could try to find useful vulnerabilities for the community. But preparing all the setup requires too much time, so I am not achieving my goal of practicing exploiting on ARM in the DSi.

Sorry I have sounded rude or something..



Thank you for the link, I will take a look asap



I already read it, it was the reason why I thought about starting to do some exploit development in DSi. As I said before, I thought that starting with DSiWare apps/games could be better for all and does not require so much time to prepare the setup.

No, ds/dsi cardridges are way easyer since if you have a flashcard save hacks are easely tested. To test a save on dsiware you need to flash your entier nand. with fwtool/flipnote it's kind of unstable to do it multiple times, thats why a hardmod is recommended in this case.
edit: if your dsi is on a low version (under 1.4.2 i think) you can import them via settings/datamanagement

 

[Deleted member 424658]

No, ds/dsi cardridges are way easyer since if you have a flashcard save hacks are easely tested. To test a save on dsiware you need to flash your entier nand. with fwtool/flipnote it's kind of unstable to do it multiple times, thats why a hardmod is recommended in this case.
edit: if your dsi is on a low version (under 1.4.2 i think) you can import them via settings/datamanagement

You don't need to flash the entire nand, you can write a script for twlnf to copy the save.

 

[thom_tl]

You don't need to flash the entire nand, you can write a script for twlnf to copy the save.

That's still worse than copying a file onto a sd card.

 

[Deleted member 424658]

That's still worse than copying a file onto a sd card.

And how do you propose getting the save onto the NAND without either using TWLNF or flashing an entire NAND backup?

 

[thom_tl]

And how do you propose getting the save onto the NAND without either using TWLNF or flashing an entire NAND backup?

I meant that he said it was easier to start with Dsiware exploiting than NTR exploiting. with dsiware it is way harder to get saves on there.