478
edits
Changes
Jump to navigation
Jump to search
mLine 81:
Line 81: − + + +
→Exploits
Nintendo Zone v3.0 has the URL buffer overflow bug from NetFront 3.3 and DS Station, but htmlhaxx is [[#Security|impossible]] to use with NZone due to SSL. The NetFront version user agent was removed from the NZone bin, so it's unknown what NetFront version NZone uses.
Nintendo Zone v3.0 has the URL buffer overflow bug from NetFront 3.3 and DS Station, but htmlhaxx is [[#Security|impossible]] to use with NZone due to SSL. The NetFront version user agent was removed from the NZone bin, so it's unknown what NetFront version NZone uses.
A DS Station exploit has been written by [[User:Yellows8|Yellows8]]. The exploit is only available on Google Code wmb-asm SVN. SVN web interface is available [http://code.google.com/p/wmb-asm/source/browse/#svn/trunk/ds/nzonehtmlhaxx here], SVN URL available [http://wmb-asm.googlecode.com/svn/trunk/ds/nzonehtmlhaxx here.] To use the exploit at home with DS Station, you need a Linux/hostapd compatible box and a NIC supported by hostapd. You also need a HTTPS forwarder/proxy, like httpsforwarder available in SVN. This exploit can only be used with html that is transferred over http.
A DS Station exploit was written by [[User:Yellows8|Yellows8]]. The exploit is only available on Google Code wmb-asm SVN. SVN web interface is available [http://code.google.com/p/wmb-asm/source/browse/#svn/trunk/ds/nzonehtmlhaxx here], SVN URL available [http://wmb-asm.googlecode.com/svn/trunk/ds/nzonehtmlhaxx here.] To use the exploit at home with DS Station, you need a Linux/hostapd compatible box and a NIC supported by hostapd. You also need a HTTPS forwarder/proxy, like httpsforwarder available in SVN. This exploit can only be used with html that is transferred over http.
This DS Station exploit works perfectly with WMB ds-mode. The default embedded .nds in the exploit loads hbmenu from flash card, loading from flash card works perfectly in WMB ds-mode from DS Station nzonehtmlhaxx.
You need the DS Station bin to use this exploit, but the bin will not be publicly redistributed due to copyright etc.
[[File:2010-08-22-161844.jpg|200px|thumb|right|Test NZone haxx, crashed NZone. The EUR server bug exploited here was fixed a couple hours after beginning html injection attacks.]]
[[File:2010-08-22-161844.jpg|200px|thumb|right|Test NZone haxx, crashed NZone. The EUR server bug exploited here was fixed a couple hours after beginning html injection attacks.]]