Kodewerx https://www.kodewerx.org/forum/ |
|
71 C9 3F E9 BB 0A 3B 18 https://www.kodewerx.org/forum/viewtopic.php?f=11&t=7517 |
Page 1 of 1 |
Author: | Parasyte [ Sat Apr 02, 2011 11:50 pm ] |
Post subject: | 71 C9 3F E9 BB 0A 3B 18 |
I don't know why, but 3DS issues a new card command during startup. It's the second command sent, and never changes. It also reads back no data. ![]() Also, unrelated, but interesting: Bit-28 in the ROM ID signifies the game uses the 3DS protocol. Pictures! http://parasyte.kodewerx.org/projects/3ds/la_1.jpg |
Author: | James0x57 [ Sun Apr 03, 2011 10:52 am ] |
Post subject: | Re: 71 C9 3F E9 BB 0A 3B 18 |
I would love to learn what you're doing to get this info. So fascinating to me. And I know it's early (and Kodewerx never really got into Wii hacking), but if you want to host it, I would love to replicate GeckoCodes for 3DS codes sexified with Kodewerx header. I suspect Kodewerx could do very well with 3DS hacking - even if it's just for fun, it'll boost traffic. =D (and I can send paypal to pay for hosting) |
Author: | Parasyte [ Sun Apr 03, 2011 12:55 pm ] |
Post subject: | Re: 71 C9 3F E9 BB 0A 3B 18 |
Yes. KW needs a little pickmeup. As for the photo, it's just a logic analyzer on the card bus. It's pretty easy to read the wave forms. Just getting the equipment is expensive, and there is soldering involved. |
Author: | James0x57 [ Mon Apr 04, 2011 6:07 pm ] |
Post subject: | Re: 71 C9 3F E9 BB 0A 3B 18 |
We've got access to the Wii's Mii channel and the 3DS can receive Miis from Wii. Could a hacked Mii on the Wii + some alterations on the sending be the key for a chain loader on 3DS? |
Author: | Parasyte [ Tue Apr 05, 2011 12:05 am ] |
Post subject: | Re: 71 C9 3F E9 BB 0A 3B 18 |
Depends if there are any buffers to overflow, and if they are exploitable. The most common buffer overflows are caused by bad memory management around string manipulations. For example, using a really long name that should not be possible. Other attack vectors include exploiting decompression code, and plain old pointer manipulations. I thought the same thing about GameCube being hacked through the GBA link (not GBA Player) and look how that turned out! The original hack was through Phantasy Star Online. lol. |
Author: | Hextator [ Tue Apr 05, 2011 5:57 pm ] |
Post subject: | Re: 71 C9 3F E9 BB 0A 3B 18 |
Which pins did you have to choose from aside from the card's bus and is it safe to assume what you're analyzing isn't encrypted? Edit: What about stepping through things so they make sense, etc? Is there a clock you can manipulate? |
Author: | Parasyte [ Wed Apr 06, 2011 8:56 pm ] |
Post subject: | Re: 71 C9 3F E9 BB 0A 3B 18 |
It is the second command sent and does not change between eject/insert cycles, or even different game cards. There is no pre-initialization for any kind of encryption. If it's encrypted at all, decrypting it would be unnecessary. See also: http://3dbrew.org/wiki/Gamecards |
Page 1 of 1 | All times are UTC - 8 hours [ DST ] |
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |