• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

RUMOR: 3DS finally hacked?

Drago

Member
https://twitter.com/OzModChips

Here is a picture to get you excited - http://imgur.com/Bgucg And yes I know the picture doesn't prove anything...

xN9za.png


Who knows if it will amount to anything. If it means no more region lock, hell yeah.
 

Foshy

Member
Picture doesn't really prove anything because it could be running homebrew on a DS flashcard, but let's be optimistic.
 

Mpl90

Two copies sold? That's not a bomb guys, stop trolling!!!
Eh, but I'll believe it when I'll see it in action, I mean when I'll see a game from JP running on a Western 3DS. And probably there will be a firmware update that will block this in the future. XD
 

Keropon

Member
I quote SifJar from the GBAtemp forums:

<delroth> [06:10:31] yellows8: finally found a kernel exploit or is that still done through ram haxx / ROP?
<yellows8> [06:10:54] not the kernel :)
<delroth> [06:11:23] trust chain broken? :p
...
<yellows8> [06:11:37] no
...
<yellows8> [06:47:04] there's only *two* vulns currently known which allow code exec and is usable from arm11 userland ROP. since the two vulns are basically identical, both would surely be fixed in a single sysupdate.

Basically, the 3DS uses a security mechanism where only certain parts of memory can be executed. This means you can't load your own code and execute it. However, you can use a technique called "ROP", which as I understand it basically means executing parts of code already loaded in executable memory. So for example, say you want to run a particular instruction; you find somewhere that instruction is loaded, then do smash the stack and make execution jump to that location. Obviously, this isn't an ideal situation as you are limited to using what is loaded in memory, and it's not very straight forward. So the best option would be to use ROP to execute a kernel exploit, disable the security system and thus allow executing code from anywhere in memory (or at least from somewhere you can influence from code). Then you can load code into memory and run it freely.

However, yellows8 said it's not a kernel exploit, but then says there are two vulnerabilities that allow code execution from ROP; I guess there must be some other way of doing it other than a kernel exploit. I don't know the technical details of the vulnerability being exploited here.

It's worth noting that this is *two* exploits; one userland exploit (which allows ROP; this is probably a savegame exploit or something similar), and the other vulnerability to allow code execution (this vulnerability is exploited via ROP).

EDIT: Oh yeah, and I should have mentioned that as seen above, there are only two known vulnerabilities for code execution, and both would most likely be patched at once, so I'd guess it's unlikely there'll be a release unless another, more unique, vulnerability found for yellows8 (and those he chooses to share with) to use for further exploration once the released exploit is patched.

So, it's a step.
 

Wario64

works for Gamestop (lol)
Even if this is real, that's the dumbest thing to put on there. Wouldn't you want to take credit in the pic instead of saying "we?"
 

farnham

Banned
Good i hated the region lock

And i have a japanese 3ds

I just went to nintendo world store in nyc and i would have bought a few wiiu games and 3ds games but i coukdnt because iboth systems are region locked
 

-MB-

Member
The picture originates from the author of the dsi mode hack Sudokuhaxx, yellows8.
So it looks to be legit, if only it concerns a usermode exploit.
 

tenchir

Member
It's a retailer just posting a picture of someone else's pic.

The picture originates from the author of the dsi mode hack Sudokuhaxx, yellows8.
So it looks to be legit, if only it concerns a usermode exploit.

As far as I know, it's not a useable hack right? There's no practical(easy) way for non-hackers to be able to run homebrew in DSI mode.
 

bigkrev

Member
Probably not going to be a way to run imports legally (this is probably running off a rom cart), but i'm interested to see what comes from this. I'd love to see a Virtual Boy emulator eventually!
 

cyberheater

PS4 PS4 PS4 PS4 PS4 PS4 PS4 PS4 PS4 PS4 PS4 PS4 PS4 PS4 PS4 PS4 PS4 Xbone PS4 PS4
Great. Looking forward to see where this goes. Hopefully it will kill the region lockout.
 
I feel bad for Nintendo if this is true, but fuck it, they brought it on themselves with region lock and the fact that they suck at promoting localizations. Hope it's real.
 

DR2K

Banned
Eh, but I'll believe it when I'll see it in action, I mean when I'll see a game from JP running on a Western 3DS. And probably there will be a firmware update that will block this in the future. XD

Or it'll be something that overrides firmware updates like the DS flash carts keep doing.
 

Platy

Member
As a fan of homebrew (homebrew basicaly saved my wii from death) i'm open to all kinds of homebrew =D

Lets hope this is the begining of at least something like a pdf reader
 

Nibel

Member
And even if so: they are now capable to update their FW via the internet, I would watch out with this - even if the though of a region free 3DS is damn seductive
 

meppi

Member
I feel bad for Nintendo if this is true, but fuck it, they brought it on themselves with region lock and the fact that they suck at promoting localizations. Hope it's real.

Let's not kid ourselves into thinking these hackers are doing it for the good of 3DS owners or to bring justice to the evil Nintendo corporation for region locking the system.
 

Meesh

Member
Didn't know there's was a thread about this already. Nothing would make me happier at this point if they finally managed to hack it, I loves me sum imports.
 

Keyouta

Junior Member
I hope this is true for the region locking being removed and the thought of homebrew. Stupid that a portable would be region locked.
 

Kazerei

Banned
I quote SifJar from the GBAtemp forums:

Obviously, this isn't an ideal situation as you are limited to using what is loaded in memory, and it's not very straight forward. So the best option would be to use ROP to execute a kernel exploit, disable the security system and thus allow executing code from anywhere in memory (or at least from somewhere you can influence from code). Then you can load code into memory and run it freely.

So, it's a step.

Sounds like a small step and anything useful is still very far away.
 
Top Bottom