Nintendo 3DS Hack Compilation

[sweetstyle]

So, since the 3DS was "apparently" hacked, there's been a lot of stuff going on and I'm going to try to keep it all-including stuff released in the future-in this one thread. I'll try to add everything into one place. If it says "Unknown Date" anywhere and someone knows the date of those releases, please PM me so that I can list them.


Please Note: Although I have nothing to do with this project, I've learned a lot in the last 20 hours since I've been compiling this information. It costs developers a lot of time, money, and devotion on top of all of the pressure they face from the public. The team at 3Dbrew.org is having a fundraiser to have SEM images done for the 3DS. Although it has already been hacked, they still need to do many other things in order to get the update out to the people. It will cost them $2000 and to my understanding, they have already raised about $685 as of January 1, 2013. Please consider donating even a dollar to help with the imaging so that we can get access to 3DS homebrew even more quickly and open up more areas of exploit. You can read about and donate at http://3dbrew.org/wiki/Fundraiser. If everyone who's viewed this thread since it opened up 20 hours ago to now (January 1, 10:32 pm) donated $1, we'd have raised over $7505!!!

(i) The Nintendo 3DS Hack is officially announced. December 16, 2012-This hack was performed by yellow8 (who confirms it was a save game exploit)

Spoiler: show

[

Spoiler: show

According to yellow8, the following Xcution images are of the CTRSDK app and were done on a dev unit, so they have nothing to do with homebrew, so although everyone is posting them-they don't have anything to do with the Neimod hack.

(ii) Xcution manages to make his application detectable in the Friends Applet. December 30/2012

(iii) Xcution manages to send images (JPEG/MPO) and text via Notifications. December 31/2012

Kudos to heartgold's thread for the next one:

(iv) Neimod acquires full kernel control on an unmodified Nintendo 3DS. UNKNOWN DATE

Spoiler: show

[07:51:56] <@neimod> full control of the 3ds in kernel mode (arm9 & arm11) from an unmodified 3ds :]
[07:53:03] <EdTheNerd> HHNNNNGGGGG
[07:53:05] <@neimod> the sky is the limit!
[07:53:17] <EdTheNerd> Gib romz plox
[07:53:50] <@neimod> in theory it's possible
[07:53:52] <EdTheNerd> Now then, make it do somethig cool, while displaying GBA TEMP BLOWS somewhere on the screen
[07:54:04] <EdTheNerd> Then enjoy the show
[07:54:36] <EdTheNerd> "neimod: in theory it's possible"
[07:55:02] <EdTheNerd> T-10 seconds before gbatemp quotes that and pisses itself like an excited dog
[07:55:59] <jse> nice work neimod
[07:56:02] <jse> congrats
[07:57:34] <@neimod> unfortunately, we are elitist bastards who never share anything, so kiss that warez loader goodbye
[07:58:01] <EdTheNerd> So not to try to pry to much info here, but is this something you need a specific game/app for?
[07:58:31] <EdTheNerd> Should i by buying all of the eshop now?
[07:58:35] <@neimod> it's based on a specific card-based game
[07:58:39] <EdTheNerd> Nice
[07:58:58] <EdTheNerd> How patchable would you say this is?
[07:59:06] <@neimod> very easily
[07:59:12] <EdTheNerd>
[07:59:41] <EdTheNerd> Still, amazeing work as always
[07:59:46] <EdTheNerd> Congrats!
[08:00:10] <@yellows8> SD version can be used too but ofc one has to run code first for that.
[08:00:19] <EdTheNerd> Now take careof that pesky region lock!
[08:00:33] <EdTheNerd> Could such a thing be posible with this now?
[08:01:55] <@neimod> yes, with full kernel control anything is possible

The kernel entry was removed from 3dbrew.org by Neimod thus making everyone believe that it's not true that he hacked the kernel, however a member member on this form (shub13) contacted yellows8 and here's their chat:

Spoiler: show

[18:18] <shubshub> hi
[18:26] <yellows8> sup?
[18:26] <shubshub> So how come the news about the kernel access was removed from the main page?
[18:27] <yellows8> uh, fwiw neimod reverted that edit not me.
[18:27] <shubshub> fwiw?
[18:28] <yellows8> for what it's worth.
[18:28] <shubshub> ah
[18:28] <shubshub> But do you know why it was removed?
[18:31] <yellows8> tbh I wouldn't really want anyone to edit the news page with info I mentioned on IRC either - which is why neimod reverted it I assume.
[18:31] <shubshub> ok
[18:31] <shubshub> -snip-
[18:32] <yellows8> -snip-

Well, there's that and neimod himself saying that he's hacked the kernel, so I'm pretty sure that he's done it.

NEIMOD HAS CONFIRMED THE FOLLOWING:

Spoiler: show

[02:01] <Roguezz> hey, one question
[02:01] <Roguezz> you said it was based one a retail game
[02:02] <Roguezz> so that means a game cartridge rather than an eshop game right?

[02:02] <neimod> yes
[02:04] <Roguezz> Sweet, thanks man. Keep up the good work!

What this means is that unlike the DSi exploit which gave people only about an hour to download the dsi shop game, people will be able to buy the game before Nintendo can take it off of the eshop since it'll be in retail stores. An update patch can be used to disable the hack, but you can always withholding from updating.

I contacted yellow8 and it is now confirmed that the exploit is done by using a retail game card. So it can be any game card (e.g. The Legend of Zelda, Starfox, etc). When Neimod said that it was a specific card-based game, he meant that it could be any retail game and not a game based on cards such as "solitaire".

Confirmation that it's a save game exploit

Spoiler: show

<yellows8>the code which patched errdisp was loaded from SD card btw.
<shlee>Save game? random binary? FS glitch?
<yellows8>savegame for the arm11 userland ROP.
...
<yellows8>it's a gamecard savegame yes.​

​

​

Why the 3D LED is disabled in the very first image

Spoiler: show

<yellows8> and the 3D LED is disabled, because that text was displayed by patching text in errdisp, then triggering an error. could try to figure out where in errdisp the LED is disabled however.
<yellows8> it's still unknown how to use the gfx service to display anything.
​

Region and Exploit Compatibility

Spoiler: show

[10:43] <shubshub> Is the game of a Specific region? or would the exploit work on all copies of the game worldwide?

[10:44] <yellows8> worldwide, atm it only supports USA/EUR.
[10:45] <shubshub> Damnit I'm in New Zealand​

Exploit Release Date Info (people need to settle down)

Spoiler: show

[15:34] <Roguezz> Hey, is there even a remote chance of this being released anytime soon? Like, let's say, by the end this month?
[15:34] <yellows8> no way
[15:34] <Roguezz> Oh wow
[15:34] <Roguezz> How long do you think it'll take?
[15:35] <Roguezz> And are you guys still going to try to fund raise for the SEM images?
[15:35] <yellows8> would have to attack other -sniped info-
[15:36] <yellows8> "And are you guys still..." ofcourse

[15:36] <Roguezz> Oh, so it could still take months huh...well, at least it's something

It'll most likely be released this year-just not in january.

Spoiler: show

[11:03] <shubshub> Will the exploit be released any time this year perhaps?
[11:04] <yellows8> no idea.​

Spoiler: show

[11:05] <yellows8> we would basically run out of -sniped- vulns for code exec very quickly. :-/
[11:05] <shubshub> What does that mean?
[11:05] <yellows8> one has to attack -snipe- to get any code running at all.
[11:06] <shubshub> And why would you run out of vulnerabillities?
[11:06] <yellows8> ...
[11:06] <yellows8> because there is barely any vulns ofc.
[11:07] <shubshub> Yeah and once the exploit is released Nintendo will release patches to fix it right?
[11:07] <yellows8> ofcourse?
[11:07] <shubshub> But Nobody would download the Update Patches though unless they Actually released a Patched Physical Cartridge
[11:08] <yellows8> they could have an updated home menu refuse to launch the game without the patch installed.
[11:09] <shubshub> Through a Forced System Update... Can Nintendo Force a System Update?
[11:09] <yellows8> nope
[11:09] <shubshub> Thats Good Then​

What this means is that they are not releasing it yet because Nintendo will simple patch it and that'll be the end of 3DS homebrew. SO, they're trying to tinker with the services so that you have have both the latest update AND the exploit. However, they can launch custom code right now, but they won't release it until there's a way to preserve the vulnerabilities with upcoming system updates and patches. I'd suggest donating to their SEM imaging project so that it can be done quicker and possibly open new kinds of vulnerabilities.

Spoiler: show

[15:04] <Roguezz> So there are 67 games that -snipped-, that means that you can exploit the 3DS with ANY of those games right?
[15:04] <yellows8> exactly
[15:04] <Roguezz> NICE
[15:05] <Roguezz> So there's pretty much no way that Nintendo can completely stop it now. They can't recall them and they've already sold millions.
[15:06] <Roguezz> You're a genius,
[15:06] <yellows8> if you refuse to install sysupdates, sure.
[15:07] <Roguezz> I'm on the latest update, will it still be exploitable, or is that for future updates only after the exploit is released?
[15:07] <yellows8> I mean a future sysupdate where the -snipped- is fixed, etc.​

I know that I said that 67 games can be exploited-but yellow8 has corrected me. Currently, only 1 game can be exploited, but this one game makes 66 other more vulnerable and may possibly enable the other 66 games to be exploited as well. From there, depending on where the exploit leads us (or even from this one exploited game), depending on how it works out, any and all retail 3DS games could become vulnerable. If I posted the convo here, I'd have to edit out almost everything so there's no point. Either way, this game should open a portal to 3DS home brew that's been missing for the last 2 years! I do bring some good news though, the hacked game shouldn't be too hard to find.

Spoiler: show

[20:20] <Roguezz> one question, is the exploited game easily available let's say at eb games or is it one of those rare stupid games?
[20:21] <yellows8> that would be another hint for what the game is.
[20:22] <Roguezz> true
[20:22] <Roguezz> But it's possible to purchase it in stores right?

[20:22] <yellows8> afair yeah.
[20:23] <Roguezz> Okay lol
​

(v) FAQ

Why there's no CFW, what is the ARM9 core, and can it be overclocked?

From past experiences with Android, it is my understanding that you cannot overclock a cpu/gpu without a custom kernel. And since we've only just gained access to it-no.The rest of the answers can be found below.

Spoiler: show

[22:10] <Roguezz> i knwo you can't overclock it without modding the kernel
[22:10] <Roguezz> but what's with the arm9?
[22:11] <yellows8> the arm9 is the security core, handles AES/RSA engine, etc.
[22:11] <Roguezz> And you need to access that to make a CFW as well...?

[22:12] <yellows8> uhh you need the FIRM RSA private key for that...
[22:13] <Roguezz> And the arm9 controls the RSA right?
[22:13] <yellows8> yes​

all of this info have been taken from GBAtemp.com created by

Roguezz original thread Nintendo 3DS Hack Compilation | GBAtemp.net -> The Free Independent Video Game Community: 3DS, NDS, Wii, GBA, PSP, Hacking, Dingoo, PS3, Xbox 360...

@manigamer @Magma

 

[Spiderman3000]

I wish you could make the text more readable.. I cant see anything.. selecting the text makes it look ugly:mushy:

 

[HYD3R]

edit your thread dude

 

[manigamer]

@sweetstyle nice time to hack this baby up

ps: fix the font colour, its unreadable especially in the spoilers !

and what 4th post of urs ? mine is the 4th post in this thread !

 

[sweetstyle]

sorry about that guys i was really sleepy i thought i should edit when i wake up thread edited enjoy :wink2:

 

[Gizmo]

Good work.Hopefully this puppy will get fully hacked soon.

 

[manigamer]

Yup looks good keep it updated

 

[amaga]

that a big news for 3DS fans,even its Haters (like me)

i didnt played any game on my 3ds yet.even never started/check its Zelda yet :$

so y not too excited,but still releaf to save money on 3ds non wrothy games for me ^_^

 

[HYD3R]

any new update about 3ds hack ?

 

[NOneed2speedd]

^^same Question?

 

[sweetstyle]

the hacker have full use of 3ds but he is trying to remove region locks and he want only homebrew to be playable. once he will release the data with enabled homebrew we can expect some sort of apps which will be able to play 3ds roms

 

[DesiNinja]

Finally!!!!

 

[HYD3R]

Finally!!!!

what finally ??

 

[DesiNinja]

what finally ??

That someone is trying to hack it!