Line 4: |
Line 4: |
| | | |
| == Kasu's Hack == | | == Kasu's Hack == |
| + | |
| Fake ? Everyone can do that using a DSi flashcard and remove it after ! <br> | | Fake ? Everyone can do that using a DSi flashcard and remove it after ! <br> |
| If it isn't a fake show us how you load the code ! --[[User:Ludo6431|Ludo6431]] 16:39, 20 April 2009 (UTC) | | If it isn't a fake show us how you load the code ! --[[User:Ludo6431|Ludo6431]] 16:39, 20 April 2009 (UTC) |
Line 26: |
Line 27: |
| | | |
| It has to be found out how to use such a security issue | | It has to be found out how to use such a security issue |
− |
| |
| | | |
| I have no idea if this is possible and because I don't have the skills to do that, I thought I tell your about and you say if this idea is realistic. | | I have no idea if this is possible and because I don't have the skills to do that, I thought I tell your about and you say if this idea is realistic. |
Line 33: |
Line 33: |
| | | |
| This exploit use a buffer overflow by accesing to an URI (file://) with a very long adress but it's need that the file has to be in the disk. | | This exploit use a buffer overflow by accesing to an URI (file://) with a very long adress but it's need that the file has to be in the disk. |
| + | |
| URI link with Nintendo DSi Browser doesnt't work. | | URI link with Nintendo DSi Browser doesnt't work. |
| + | |
| [http://www.zataz.com/news/18368/faille--vulnerabilite--exploit--opera.html] (link in French) | | [http://www.zataz.com/news/18368/faille--vulnerabilite--exploit--opera.html] (link in French) |
| | | |
Line 48: |
Line 50: |
| | | |
| --[[User:Geniusdj|Geniusdj]] 13:22, 9 May 2009 (CET) | | --[[User:Geniusdj|Geniusdj]] 13:22, 9 May 2009 (CET) |
| + | |
| + | :If one of these is found, it could work, but it seems attempts have been fruitless so far. An OOM error is not the same as a crash, and the DSi's browser will not access its own filesystem or the SD card - they're not that stupid! Of course, searching for another exploit can do no harm, especially if it involves something in a web page, since then it's more likely to be able to load executable code from that same page. [[User:Muzer|Muzer]] 18:41, 17 June 2009 (UTC) |
| | | |
| == Bannerbomb for DSi? == | | == Bannerbomb for DSi? == |
Line 58: |
Line 62: |
| | | |
| :What if you were to attempt to load a corrupted file? Does the DSi have safeguards in place to prevent a malformed bitmap from being loaded? [[User:ploogle|Ploogle]] 17:24, 24 May 2009 (GMT -8:00) | | :What if you were to attempt to load a corrupted file? Does the DSi have safeguards in place to prevent a malformed bitmap from being loaded? [[User:ploogle|Ploogle]] 17:24, 24 May 2009 (GMT -8:00) |
| + | |
| + | ::Well, there isn't much in a bitmap you can bork up. Also, I believe all this is encrypted and we still don't know any of the DSi's keys. You see, with the Wii, once one hardware exploit was found that is really hard to do, all the easier exploits followed. Absolutely none of the Wii exploits we have today would NEVER have existed if it weren't for the initial Twiizers attack. Trucha signing involves having some key so the disc's signature can be checked against, Twilight Hack requires the SD key, and Banner Bomb requires the key for encrypting channels (I can't remember which one is used, I think it might be the SD again). Of course, there's no harm in fiddling with the header of encrypted data to see if you can bork anything, but it's highly unlikely. [[User:Muzer|Muzer]] 18:41, 17 June 2009 (UTC) |
| | | |
| == Camera or Sound Channel Exploit? == | | == Camera or Sound Channel Exploit? == |
| + | |
| Has anyone looked into an exploit involving loading a corrupted sound or image file into the Sound or Camera channel via the SD card? How about a purposefully corrupted filesystem on the SD card? [[User:ploogle|Ploogle]] 17:29, 24 May 2009 (GMT -8:00) | | Has anyone looked into an exploit involving loading a corrupted sound or image file into the Sound or Camera channel via the SD card? How about a purposefully corrupted filesystem on the SD card? [[User:ploogle|Ploogle]] 17:29, 24 May 2009 (GMT -8:00) |
| + | |
| + | :The DSi refuses to open JPEGs from a foreign source that aren't signed by the DSi. Audio files are another matter, but again, there isn't much in that format to bork up. If you get an audio file the DSi can play and fiddle with the first few bytes in a hex editor, see if you can get the DSi to crash. You could also try with a stupidly massive audio file/JPEG. It's unlikely there will be an exploit here, but possible. [[User:Muzer|Muzer]] 18:41, 17 June 2009 (UTC) |
| | | |
| == Dsi Homebrew via DS Download play? == | | == Dsi Homebrew via DS Download play? == |
| | | |
− | Wouldn't it be possible to develope an app for Wii, which sends a kind of Installer via WiFi to the dsi and then dowload and run it with DS download play? The Wii can send things to the DS(i) so the connectivity is given, isn't it? <small>—Preceding unsigned comment added by [[User:Shadowchao|Shadowchao]] ([[User talk:Shadowchao|talk]] • [[Special:Contributions/Shadowchao|contribs]]) 03:29, 12 June 2009 (UTC)</small> | + | Wouldn't it be possible to develope an app for Wii, which sends a kind of Installer via WiFi to the dsi and then dowload and run it with DS download play? The Wii can send things to the DS(i) so the connectivity is given, isn't it? <small>âPreceding unsigned comment added by [[User:Shadowchao|Shadowchao]] ([[User talk:Shadowchao|talk]] ⢠[[Special:Contributions/Shadowchao|contribs]]) 03:29, 12 June 2009 (UTC)</small> |
| | | |
| Sounds umm... interesting, but it would be inconvenient for users who don't own a wii [[User:TwoBladedKnight|TwoBladedKnight]] 09:49, 12 June 2009 (UTC) | | Sounds umm... interesting, but it would be inconvenient for users who don't own a wii [[User:TwoBladedKnight|TwoBladedKnight]] 09:49, 12 June 2009 (UTC) |
Line 71: |
Line 80: |
| | | |
| Well, might be, but i talk about the connectivity between Wii and DSi,which is surely not fixed. So Why don`t modify a .nds to make it work like an installer? Or did you mean to load modifyed apps is fixed? | | Well, might be, but i talk about the connectivity between Wii and DSi,which is surely not fixed. So Why don`t modify a .nds to make it work like an installer? Or did you mean to load modifyed apps is fixed? |
| + | |
| + | :I'm talking about loading modified apps has been fixed. The DS's executables in download play are signed by Nintendo or something along those lines (can't remember what), and although there was some kind of exploit with the older DSs, that was fixed long ago. There may be other exploits of that type, or hell, they might have been idiots and reintroduced the same bugs. However, when we don't know much about the DSi's executable format, it's all very shot-in-the-dark. [[User:Muzer|Muzer]] 18:41, 17 June 2009 (UTC) |
| | | |
| == Image Exploit == | | == Image Exploit == |
Line 76: |
Line 87: |
| well the above topic about opera got me thinking. And while the opera exploit is a possibility (i think), couldnt we just use a ChickHEN like exploit, except for DSi. (ChickHEN is an exploit using images for PSP). I dont know the details on the workings of ChickHEN, but someone might want to check it out. --[[User:ChuckBartowski|ChuckBartowski]] 05:07, 16 June 2009 (UTC) | | well the above topic about opera got me thinking. And while the opera exploit is a possibility (i think), couldnt we just use a ChickHEN like exploit, except for DSi. (ChickHEN is an exploit using images for PSP). I dont know the details on the workings of ChickHEN, but someone might want to check it out. --[[User:ChuckBartowski|ChuckBartowski]] 05:07, 16 June 2009 (UTC) |
| | | |
− | Go to DSiDev IRC and asks them yourself if it's possible ! GeniusDJ <small>—Preceding unsigned comment added by [[User:Geniusdj|Geniusdj]] ([[User talk:Geniusdj|talk]] • [[Special:Contributions/Geniusdj|contribs]]) 12:49, 16 June 2009 (UTC)</small> | + | Go to DSiDev IRC and asks them yourself if it's possible ! GeniusDJ <small>âPreceding unsigned comment added by [[User:Geniusdj|Geniusdj]] ([[User talk:Geniusdj|talk]] ⢠[[Special:Contributions/Geniusdj|contribs]]) 12:49, 16 June 2009 (UTC)</small> |
| + | |
| + | :ChickHEN uses TIFFs, which have many many exploitable fields. The DSi will only read JPEGs, and only JPEGs signed by that DSi at that. If you fiddle about with one in a text editor and find something that makes the DSi freeze, report it, but other than that, I doubt it would work. [[User:Muzer|Muzer]] 18:41, 17 June 2009 (UTC) |
| | | |
| == Mario Kart DS? == | | == Mario Kart DS? == |
| | | |
| In mario kart if you select time trials and goto the luigis mansion stage and goto the stairs before entering the mansion and press a+b while pressing up down left or right. the game freezes and the music loops. maybe an exploit can be found to let us run homebrew from the sd card. | | In mario kart if you select time trials and goto the luigis mansion stage and goto the stairs before entering the mansion and press a+b while pressing up down left or right. the game freezes and the music loops. maybe an exploit can be found to let us run homebrew from the sd card. |
| + | |
| :I believe that this exploit would only be useful for DS mode and not DSi mode. Could be wrong though. --[[User:Funkamatic|<font face="Copperplate Gothic Light"><font color="red">FUNK<font color="black">A</font>MATIC</font></font>]][[User talk:Funkamatic|<font face="Impact"><font color="black"> ~talk</font></font>]] 02:43, 17 June 2009 (UTC) | | :I believe that this exploit would only be useful for DS mode and not DSi mode. Could be wrong though. --[[User:Funkamatic|<font face="Copperplate Gothic Light"><font color="red">FUNK<font color="black">A</font>MATIC</font></font>]][[User talk:Funkamatic|<font face="Impact"><font color="black"> ~talk</font></font>]] 02:43, 17 June 2009 (UTC) |
| + | |
| + | ::Funkamatic is right. [[User:Muzer|Muzer]] 18:41, 17 June 2009 (UTC) |