36
edits
Changes
Jump to navigation
Jump to search
Line 9:
Line 9: − + − + Line 72:
Line 72: − |- − | Crazy Sudoku − | Player name − | None − | Has ASCII strings for player name. Line 93:
Line 88: − + − + − + − + − |- − | Guitar Rock Tour − | High-Scores − | Started − | Has ASCII high-scores. − |- − | Legends of Exidia − | Player name − | Started − | Has ASCII player name. Line 127:
Line 112: − |- − | UNO − | Player name and high-scores − | Started − | Has ASCII text. It's unlikely this can be exploited, seems to crash /w out-of-bounds array-index. Line 150:
Line 130: + + + + Line 166:
Line 150: + + + + Line 182:
Line 170: + + + + + + + + + + + + Line 202:
Line 202: + + + + Line 211:
Line 215: − + − + − + + + + + + + + + + + + +
→Total listed DSiWare
|-
|-
| Incomplete
| Incomplete
| 20
| 16
|-
|-
| Done
| Done
| 18
| 27
|-
|-
| DSiWare which probably aren't exploitable
| DSiWare which probably aren't exploitable
| None
| None
| Has ASCII strings. It's unlikely this can be exploited, seems to crash /w out-of-bounds array-index.
| Has ASCII strings. It's unlikely this can be exploited, seems to crash /w out-of-bounds array-index.
|-
|-
| Crystal Monsters
| Crystal Monsters
| Has ASCII string but the checksum is unknown.
| Has ASCII string but the checksum is unknown.
|-
|-
| Field Runners
| Jelly Car 2
| High-Scores
| High Score name
| Started
| None
| The xml .plist the game uses for storing savedata contains high-scores strings.
| Uses ASCII player name for time scores; It's unlikely this can be exploited, seems to crash /w out-of-bounds array-index.
|-
|-
| Lets golf
| Lets golf
| None
| None
| Has ASCII strings.
| Has ASCII strings.
|}
|}
| High-Scores
| High-Scores
| Has ASCII high-scores with null terminated strings. string bugs only corrupted the display, making the game unplayable.
| Has ASCII high-scores with null terminated strings. string bugs only corrupted the display, making the game unplayable.
|-
| Academy: Checkers
| Profile names
| Game didn't crash with a long profile string.
|-
|-
| Arcade Hoops Basketball
| Arcade Hoops Basketball
| High-scores and word list
| High-scores and word list
| Has ASCII null-terminated high-score list names and null-terminated word list strings. ( No crash, just nice very high scores, and very long words displayed. )
| Has ASCII null-terminated high-score list names and null-terminated word list strings. ( No crash, just nice very high scores, and very long words displayed. )
|-
| Crazy Sudoku
| Profile names/Data File
| The ASCII player name or the game data aren't exploitable. This game can still be crashed.
|-
|-
| Dark Void Zero
| Dark Void Zero
| None
| None
| Has high-scores without names, scores are ASCII null-terminated strings. Managed to semi-crash this, but system reset still worked so this probably isn't exploitable.
| Has high-scores without names, scores are ASCII null-terminated strings. Managed to semi-crash this, but system reset still worked so this probably isn't exploitable.
|-
| Fieldrunners
| High-Scores
| The xml, ".plist", in the game is used for storing savadata which contains high-score strings. Using a very large string crashes the game leading it to stack buffer overflow. The game has already been exploited through [https://github.com/yellows8/dsi/tree/master/exploits/fieldrunhax fieldrunnerhax].
|-
|-
| Frogger Returns
| Frogger Returns
| High-Scores
| High-Scores
| Has ASCII high-scores. strcpys to a static buffer from savedata, unknown if this is exploitable but there's only <10KB free space available(way too low for a payload) so meh.
| Has ASCII high-scores. strcpys to a static buffer from savedata, unknown if this is exploitable but there's only <10KB free space available(way too low for a payload) so meh.
|-
| Guitar Rock Tour
| High-Scores
| Has ASCII high-score strings stored in the savedata. Using a very long excessive string can crash the game to lead into a stack smash. This game was successfully exploited through [https://github.com/yellows8/dsi/tree/master/exploits/grtpwn grtpwn].
|-
| Legends of Exidia
| Player name
| Has ASCII player name stored in the savadata. Using an extensive long string will cause a stack smash to saved registers and can eventually be exploited through [https://github.com/yellows8/dsi/tree/master/exploits/exidiahax exidiahax].
|-
|-
| Mario Calculator
| Mario Calculator
| High-scores
| High-scores
| Has English-only high-scores and a trivial checksum, not exploitable.
| Has English-only high-scores and a trivial checksum, not exploitable.
|-
| Rayman
| Player name
| No overflow, with a long string the game only displays one extra character.
|-
|-
| Soul of Darkness
| Soul of Darkness
| Has ASCII player name for each of the 3 save slots. Game was crashed with an excessively long player name. The game has already been exploited through [[Sudokuhax]].
| Has ASCII player name for each of the 3 save slots. Game was crashed with an excessively long player name. The game has already been exploited through [[Sudokuhax]].
|-
|-
| Rayman
| Telegraph Sudoku & Kakuro
| Player name
| Profile name
| No overflow, with a long string the game only displays one extra character.
| No overflow, the game slot acts as if things are normal, only gives you a lot of completion stars
|-
| The Legend of Zelda: Four Swords Anniversary
| Savedata filesize
| The game has 2 savefiles. When one savefile fails to load (larger than a usual savefile), the game loads the backup save and will continue load without any errors. That being said, one can crash the game with a larger game filesize to attack the heap and successfully overwrite the stack registers including the pointer counter. The game has already been exploited through [https://github.com/yellows8/dsi/tree/master/exploits/4swordshax 4swordshax].
|-
| UNO
| Profile names
| Has ASCII Player name each for of the 5 save slots. The game was crashed with a very large player name which overwritten the stack registers including the pointer counter. The game was successfully exploited which is known as [https://github.com/ChampionLeake/UNO-pwn UNO*pwn].
|-
| WordSearcher
| Player name & WordSearch Board
| Has ASCII strings (profile or slot names) and has plaintext crossword levels. No overflows with a large string nor a bigger crossword board resulting thus, not exploitable
|}
|}