478
edits
Changes
Jump to navigation
Jump to search
mLine 1:
Line 1: − This lists DSiWare that might have vulnerabilities, like strcpy or sprintf from savedata. − − Since system update 1.4.2 blocks copying *all* dsiwarehax, do not contact us about your dsiware anymore at all. − If you know of DSiWare that has English-only string(high-scores, player name, high-scores that use username from system settings, etc) input, mention it on IRC EFNet #dsidev. Or contact yellowstar 6 at gmail dot com. − Before you contact anyone about your dsiware, please make sure your dsiware is _not_ listed on this page anywhere. − Don't bother if all you care about is warez and don't care at all about homebrew: DSiWareHax SD card loader will never load warez directly, only homebrew. − − It would be nice to target DSiWare that are listed under the DSi Shop most popular search: Nintendo would have a lot of difficultly removing DSiWare from that list without ticking off a lot of non-homebrewer customers. Targets not on that list will suffer the same fate as Sudoku,(removed quickly and patched eventually) if exploits for those were released. − − DSiWare savedata is extracted and modified with these tools: https://github.com/neimod/dsi save_extract and save_adjust both require sd_key, but we will not redistribute this key. − − For these lists status "None" means code reversing engineering for the DSiWare wasn't started. Status "Started" means code reversing engineering for that DSiWare was started. Status "Done" means code reverse engineering was finished. − Line 186:
Line 173: − + Line 244:
Line 231: − + Line 356:
Line 343: − + Line 460:
Line 447: − + Line 490:
Line 477: − +
no edit summary
== Total listed DSiWare ==
== Total listed DSiWare ==
| Digger Dan & Kaboom
| Digger Dan & Kaboom
| Player name
| Player name
| Save has ASCII playername, but there's <10KB free in the savimage anyway.
| The ASCII player names aren't exploitable, but the save is <10KB anyway.
|-
|-
| Dracula
| Dracula
| Absolute Reversi
| Absolute Reversi
| None
| None
| No strings in savedata.
| No strings in savedata, not enough space for payload anyways.(payload exceeds the free space by ~6KB)
|-
|-
| A Little Bit of... All-Time Classics: Card Classics
| A Little Bit of... All-Time Classics: Card Classics
| FIZZ
| FIZZ
| High-scores
| High-scores
| Savedata contains ASCII high-scores, but all the high-scores are contained in the same string without a null terminator. A vuln is unlikely.
| Savedata contains ASCII high-scores, but all the high-scores are contained in the same string without a null terminator. Can't be crashed at all, no payload space anyways.
|-
|-
| Flipper
| Flipper
| Tetris Party Live
| Tetris Party Live
| None
| None
| Zero text input.
| Zero text input, not enough payload space anyway.
|-
|-
| WarioWare: Snapped
| WarioWare: Snapped
|-
|-
| Opera
| Opera
| Nothing interesting in savedata.
| The savedata is private NAND-only, no savedata is copied to SD card.
|}
|}