23
edits
Changes
Jump to navigation
Jump to search
Line 12:
Line 12: − + − + − + − + − + − + − + + + + + + − Line 53:
Line 57: − + Line 59:
Line 63: − + Line 65:
Line 69: − + Line 71:
Line 75: − + Line 124:
Line 128: − + − + Line 131:
Line 135: + + + + + Line 141:
Line 150: − + − + − + Line 158:
Line 167: − + + + + + +
Removing direct links to the pirate forum
! Source
! Source
|-
|-
| FIFA NDS
| [[FIFA NDS]]
| Every single FIFA game on the Nintendo DS has been exploited.
| Every single FIFA game on the Nintendo DS has been exploited.
| Everyone
| Everyone
| [https://github.com/CTurt/Dara CTurt's Source Code]
| [https://github.com/CTurt/Dara CTurt's Source Code]
|-
|-
| Bangai-O-Sploit
| [[Bangai-O-Sploit]]
| A ''primary'' entrypoint for the game, ''Bangai-O Spirit'', on the Nintendo DS. This game was successfully exploit through sound.
| A ''primary'' entrypoint for the game, ''Bangai-O Spirit'', on the Nintendo DS. This game was successfully exploit through sound.
| smealum
| smealum
| [https://github.com/smealum/bangai-o-sploit Install]
| [https://github.com/smealum/bangai-o-sploit Install]
|-
|-
| NDS-ILH-Save-Exploit
| [[NDS-ILH-Save-Exploit]]
| "I Love Horses" Nintendo DS save exploit
| "I Love Horses" Nintendo DS save exploit
| [https://github.com/mojobojo/ mojobojo]
| [https://github.com/mojobojo/ mojobojo]
| [https://github.com/mojobojo/NDS-ILH-Save-Exploit Install]
| [https://github.com/mojobojo/NDS-ILH-Save-Exploit Install]
|-
|-
| ABR-NDS-SaveExploit
| [[ABR-NDS-SaveExploit]]
| A stack smash savegame exploit for the game "Asterix Brain Trainer"
| A stack smash savegame exploit for the game "Asterix Brain Trainer"
| [https://github.com/WemI0/ Weml0]
| [https://github.com/WemI0/ Weml0]
| [https://github.com/WemI0/ABR-NDS-SaveExploit Install]
| [https://github.com/WemI0/ABR-NDS-SaveExploit Install]
|-
|-
| HaxxStation
| [[HaxxStation]]
| DS Download Station exploit, allowing one to run any commercial homebrew over from the DS download play application.
| DS Download Station exploit, allowing one to run any commercial homebrew over from the DS download play application.
| shutterbug2000, Gericom, and Apache Thunder
| shutterbug2000, Gericom, and Apache Thunder
| [https://gbatemp.net/threads/haxxstation-ds-download-station-exploit.473648/ See Here]
| [https://github.com/Gericom/dspatch See Here]
|-
|-
| BreakingNews
| [[BreakingNews]]
| A stack smash savegame exploit for the game "The New York Times: Crossword" resulting from stack buffer overflow (profile slot names).
| A stack smash savegame exploit for the game "The New York Times: Crossword" resulting from stack buffer overflow (profile slot names).
| [[User:ChampionLeake|ChampionLeake]]
| [[User:ChampionLeake|ChampionLeake]]
| [https://github.com/ChampionLeake/BreakingNews/ Install]
| [https://github.com/ChampionLeake/BreakingNews/ Install]
|-
| [[NDS-FC2008-Save-Exploit]]
| A savegame exploit for the game "Führerschein Coach 2008".
| [https://github.com/toombaumarkt/ toombaumarkt]
| [https://github.com/toombaumarkt/NDS-FC2008-Save-Exploit Install]
|}
|}
== TWL/DSi-Enhanced Cart Exploits ==
== TWL/DSi-Enhanced Cart Exploits ==
! Source
! Source
|-
|-
| The Biggest Losers
| [[The Biggest Losers]]
| Exploit for The Biggest Loser which runs in DSi mode if you use a real cartridge on a DSi or 3DS system, otherwise, it runs in DS mode.
| Exploit for The Biggest Loser which runs in DSi mode if you use a real cartridge on a DSi or 3DS system, otherwise, it runs in DS mode.
| st4rk
| st4rk
[https://davejmurphy.com/dslink/ WinterMute's dslink]
[https://davejmurphy.com/dslink/ WinterMute's dslink]
|-
|-
| Cookhack
| [[Cookhack]]
| DSi Cooking Coach exploit
| DSi Cooking Coach exploit
| WinterMute
| WinterMute
[https://davejmurphy.com/dslink/ dslink]
[https://davejmurphy.com/dslink/ dslink]
|-
|-
| Classichack
| [[Classichack]]
| DSi Classic Word Games exploit
| DSi Classic Word Games exploit
| WinterMute
| WinterMute
[https://davejmurphy.com/dslink/ dslink]
[https://davejmurphy.com/dslink/ dslink]
|-
|-
| SystemFlaaw
| [[SystemFlaaw]]
| The first DSi exclusive cartridge title to be exploited for the game, SystemFlaw
| The first DSi exclusive cartridge title to be exploited for the game, SystemFlaw
| zoogie
| zoogie
| [[Memory Pit]]
| [[Memory Pit]]
| A primary exploit for the DSi that involves the system application "Camera"! All you need is an SD Card to use this exploit.
| A primary exploit for the DSi that involves the system application "Camera"! All you need is an SD Card to use this exploit.
| shutterbug2000
| shutterbug2000, [[User:ChampionLeake|ChampionLeake]]
| [https://gbatemp.net/threads/memory-pit-a-new-dsi-exploit-for-dsi-camera.539432/ See Here]
| [https://github.com/ChampionLeake/BrokenPit See Here]
|-
|-
| [[petit-compwner]]
| [[petit-compwner]]
| zoogie
| zoogie
| [https://github.com/zoogie/petit-compwner/releases Release]
| [https://github.com/zoogie/petit-compwner/releases Release]
|-
| [[stylehax]]
| A primary entrypoint, using a use-after-free in Opera 9.50 (which uses WebKit under the hood).
| @0x1337cafe
| [https://github.com/nathanfarlow/stylehax Release], [https://farlow.dev/2023/03/02/hacking-the-nintendo-dsi-browser Writeup]
|}
|}
! Source
! Source
|-
|-
| RocketLauncher
| [[RocketLauncher]]
| One of the first ever unlocked ARM7 DSi exploit involving the DS Cart White list in secton 3. This exploit only works on firmwares v1.4!
| One of the first ever unlocked ARM7 DSi exploit involving the DS Cart White list in secton 3. This exploit only works on firmwares v1.4!
| ApacheThunder, stuckpixel, NoCash, Gericom, and Normmatt
| ApacheThunder, stuckpixel, NoCash, Gericom, and Normmatt
| [https://gbatemp.net/threads/announcing-rocketlauncher-the-first-exploit-with-unlocked-arm7.476288/ Writeup]
| [https://github.com/ApacheThunder/RocketLauncher source]
|}
|}
== Bootcode Exploits: ==
== Bootcode Exploits ==
These exploits gain full SCFG_EXT access rights immediately after powering on the system (right before starting the launcher). These exploits are significantly rare and concrete targets can be the launcher's ''title.tmd''. At the moment, nocash's exploit, ''Unlaunch'' is the only known usable exploit.
These exploits gain full SCFG_EXT access rights immediately after powering on the system (right before starting the launcher). These exploits are significantly rare and concrete targets can be the launcher's ''title.tmd''. At the moment, nocash's exploit, ''Unlaunch'' is the only known usable exploit.
! Source
! Source
|-
|-
| Unlaunch
| [[Unlaunch]]
| Possibly one of the first bootcode exploit for the Nintendo DSi! This exploit deals with taking advantage of the launcher's "title.tmd" size as it's not checked, allowing esculated permissions!
| Possibly one of the first bootcode exploit for the Nintendo DSi! This exploit deals with taking advantage of the launcher's "title.tmd" size as it's not checked, allowing esculated permissions!
| NoCash
| NoCash
| [https://problemkaputt.de/unlaunch.htm Install & Writeup]
| [https://problemkaputt.de/unlaunch.htm Install & Writeup]
|-
| Unnamed modchip
| A modchip that exlploits the bootROMs of the Nintendo DSi. It enables code execution on both cores before boot ROM lockout.
| PoroCYon
| [https://media.ccc.de/v/37c3-11736-nintendo_hacking_2023_2008 37c3 talk], [https://icosahedron.website/@pcy/111676158956228552 video], [https://github.com/dsi-modchip/guide DIY guide]
|}
|}