40
edits
Changes
ββTotal listed DSiWare
Line 9:
Line 9:
|-
β| Guitar Rock Tour
β| High-Scores
β| Started
β| Has ASCII high-scores.
β|-
β| Legends of Exidia
β| Player name
β| Started
β| Has ASCII player name.
|-
β| UNO
β| Player name and high-scores
β| Started
β| Has ASCII text. It's unlikely this can be exploited, seems to crash /w out-of-bounds array-index.
|-
|-
| Incomplete
| Incomplete
β| 20
+| 16
|-
|-
| Done
| Done
β| 22
+| 27
|-
|-
| DSiWare which probably aren't exploitable
| DSiWare which probably aren't exploitable
Line 88:
Line 88:
| Has ASCII string but the checksum is unknown.
| Has ASCII string but the checksum is unknown.
|-
|-
β| Field Runners
+| Jelly Car 2
β| High-Scores
+| High Score name
β| Started
+| None
β| The xml .plist the game uses for storing savedata contains high-scores strings.
+| Uses ASCII player name for time scores; It's unlikely this can be exploited, seems to crash /w out-of-bounds array-index.
β|-
|-
| Lets golf
| Lets golf
Line 122:
Line 112:
| None
| None
| Has ASCII strings.
| Has ASCII strings.
β|}
|}
Line 185:
Line 170:
| None
| None
| Has high-scores without names, scores are ASCII null-terminated strings. Managed to semi-crash this, but system reset still worked so this probably isn't exploitable.
| Has high-scores without names, scores are ASCII null-terminated strings. Managed to semi-crash this, but system reset still worked so this probably isn't exploitable.
+|-
+| Fieldrunners
+| High-Scores
+| The xml, ".plist", in the game is used for storing savadata which contains high-score strings. Using a very large string crashes the game leading it to stack buffer overflow. The game has already been exploited through [https://github.com/yellows8/dsi/tree/master/exploits/fieldrunhax fieldrunnerhax].
|-
|-
| Frogger Returns
| Frogger Returns
| High-Scores
| High-Scores
| Has ASCII high-scores. strcpys to a static buffer from savedata, unknown if this is exploitable but there's only <10KB free space available(way too low for a payload) so meh.
| Has ASCII high-scores. strcpys to a static buffer from savedata, unknown if this is exploitable but there's only <10KB free space available(way too low for a payload) so meh.
+|-
+| Guitar Rock Tour
+| High-Scores
+| Has ASCII high-score strings stored in the savedata. Using a very long excessive string can crash the game to lead into a stack smash. This game was successfully exploited through [https://github.com/yellows8/dsi/tree/master/exploits/grtpwn grtpwn].
+|-
+| Legends of Exidia
+| Player name
+| Has ASCII player name stored in the savadata. Using an extensive long string will cause a stack smash to saved registers and can eventually be exploited through [https://github.com/yellows8/dsi/tree/master/exploits/exidiahax exidiahax].
|-
|-
| Mario Calculator
| Mario Calculator
Line 221:
Line 218:
| Profile name
| Profile name
| No overflow, the game slot acts as if things are normal, only gives you a lot of completion stars
| No overflow, the game slot acts as if things are normal, only gives you a lot of completion stars
+|-
+| The Legend of Zelda: Four Swords Anniversary
+| Savedata filesize
+| The game has 2 savefiles. When one savefile fails to load (larger than a usual savefile), the game loads the backup save and will continue load without any errors. That being said, one can crash the game with a larger game filesize to attack the heap and successfully overwrite the stack registers including the pointer counter. The game has already been exploited through [https://github.com/yellows8/dsi/tree/master/exploits/4swordshax 4swordshax].
+|-
+| UNO
+| Profile names
+| Has ASCII Player name each for of the 5 save slots. The game was crashed with a very large player name which overwritten the stack registers including the pointer counter. The game was successfully exploited which is known as [https://github.com/ChampionLeake/UNO-pwn UNO*pwn].
|-
|-
| WordSearcher
| WordSearcher