Changes

Jump to navigation Jump to search
101 bytes added ,  02:04, 1 July 2010
m
Re-added missing text for beacons capture.
Line 19: Line 19:  
This exploit would be meant more for reverse engineers.
 
This exploit would be meant more for reverse engineers.
   −
A DS Station exploit has been written by Yellows8. The exploit is only available on Google Code wmb-asm SVN. SVN web interface is available [http://code.google.com/p/wmb-asm/source/browse/#svn/trunk/nzoneurlstacksmash here], SVN URL available [http://wmb-asm.googlecode.com/svn/trunk/nzoneurlstacksmash here.] If you want to use the exploit at home, you also need a HTTPS forwarder/proxy, like httpsforwarder available in SVN. This exploit hasn't been tested with Nintendo Zone, and this exploit hasn't been adapted to NZone yet. This exploit can only be used with html that is transferred over http. The html for the index main and sub screens is transferred over https. However, the html for the main screen for the pages after the index,(main server and third-party companies websites) is transferred with http. The sub screen html is transferred with https, with the main server. Sub screen html with third-party companies is transferred with http.
+
A DS Station exploit has been written by [[User:Yellows8|Yellows8]]. The exploit is only available on Google Code wmb-asm SVN. SVN web interface is available [http://code.google.com/p/wmb-asm/source/browse/#svn/trunk/nzoneurlstacksmash here], SVN URL available [http://wmb-asm.googlecode.com/svn/trunk/nzoneurlstacksmash here.] If you want to use the exploit at home, you also need a HTTPS forwarder/proxy, like httpsforwarder available in SVN. This exploit hasn't been tested with Nintendo Zone, and this exploit hasn't been adapted to NZone yet. This exploit can't be tested until a Nintendo Zone AP beacons capture is obtained. This exploit can only be used with html that is transferred over http. The html for the index main and sub screens is transferred over https. However, the html for the main screen for the pages after the index,(main server and third-party companies websites) is transferred with http. The sub screen html is transferred with https, with the main server. Sub screen html with third-party companies is transferred with http.
    
Bootstrapping a .nds embedded in the exploit has been done somewhat successfully, but Arm7 code doesn't work 100%. Bootstrapping the Arm7 works fine when done with the embedded .nds. There seems to be zero issues with homebrew bootstrapped from a loader embedded in the exploit. When attempting to use touch screen in the embedded .nds, the Arm7 code doesn't work at all for touch screen. Most of the time, Arm7 Wifi doesn't work, it only worked once. Arm7 bootstrapping is buggy: adding only one instruction to either the arm9 or arm7 bootstubs cause a hang when the embedded .nds loader attempts to bootstrap the Arm7. When bootstrapping the Arm7 breaks with the embedded .nds loader, the Arm7 doesn't seem to be executing main() at all. Calling systemShutDown in Arm7 main doesn't shutdown the DS. NetFront limits the size of html files that can be downloaded. The max size of a LZSS compressed .nds embedded in the exploit is between 121.7KB - 129.9KB.
 
Bootstrapping a .nds embedded in the exploit has been done somewhat successfully, but Arm7 code doesn't work 100%. Bootstrapping the Arm7 works fine when done with the embedded .nds. There seems to be zero issues with homebrew bootstrapped from a loader embedded in the exploit. When attempting to use touch screen in the embedded .nds, the Arm7 code doesn't work at all for touch screen. Most of the time, Arm7 Wifi doesn't work, it only worked once. Arm7 bootstrapping is buggy: adding only one instruction to either the arm9 or arm7 bootstubs cause a hang when the embedded .nds loader attempts to bootstrap the Arm7. When bootstrapping the Arm7 breaks with the embedded .nds loader, the Arm7 doesn't seem to be executing main() at all. Calling systemShutDown in Arm7 main doesn't shutdown the DS. NetFront limits the size of html files that can be downloaded. The max size of a LZSS compressed .nds embedded in the exploit is between 121.7KB - 129.9KB.

Navigation menu