38
edits
User:Wariohax/History on custom firmware (view source)
Revision as of 00:09, 11 March 2025
, 5 days ago21 and 22 done, very close and then its just wording and making it look good.
(finished 2020, 3 more years.) |
(21 and 22 done, very close and then its just wording and making it look good.) |
||
| Line 1: | Line 1: | ||
{{#approvable_by: users = Wariohax}}<!-- remove this when the page is moved to 3DS namespace --> | {{#approvable_by: users = Wariohax}}<!-- remove this when the page is moved to 3DS namespace --> | ||
<references /> | <references />(Note that this is still being worked on, and this is basically a heavy adaption of zoogie's "A Pretty Brief History of the 3ds Hacking/Homebrew Scene" from the "3DS hacking scene history" section on GBAtemp) | ||
(Note that this is still being worked on, and this is basically a heavy adaption of zoogie's "A Pretty Brief History of the 3ds Hacking/Homebrew Scene" from the "3DS hacking scene history" section on GBAtemp) | |||
== 2011 == | == 2011 == | ||
| Line 113: | Line 109: | ||
=== December === | === December === | ||
Another big CCC, specifically 33c3. The announcement of Soundhax, which is a free (as opposed to ninjhax, which required Cubic Ninja, a paid game) userland primary for a system app (NIntendo 3DS Sound). This made it so almost all 3DS's were vulnerable. 33c3 also announced Fasthax, which is another k11 (arm11 kernel) exploit, also made by nedwill (creator of Soundhax). Also, at this event, scene veteran derrekr revealed sighax, which is a bootrom vulnerability that allows one to sign arbitrary firmware code, he also reveals vague detail about how he dumped the 3DS ARM9/ARM11 bootroms, no code releases. (Maybe reword this as it is close to original) | Another big CCC, specifically 33c3. The announcement of Soundhax, which is a free (as opposed to ninjhax, which required Cubic Ninja, a paid game) userland primary for a system app (NIntendo 3DS Sound). This made it so almost all 3DS's were vulnerable. 33c3 also announced Fasthax, which is another k11 (arm11 kernel) exploit, also made by nedwill (creator of Soundhax). Also, at this event, scene veteran derrekr revealed sighax, which is a bootrom vulnerability that allows one to sign arbitrary firmware code, he also reveals vague detail about how he dumped the 3DS ARM9/ARM11 bootroms, no code releases. (Maybe reword this as it is close to original) <ref>https://wololo.net/2016/12/28/33c3-3ds-bootrom-cracked-sign-firmwares/</ref> | ||
Nintendo launches a bug bounty program for the 3DS, the bounties being $100 - $20,000 per exploit, this would have an affect of exploit developers moving away from public releases (probably reword this) | Nintendo launches a bug bounty program for the 3DS, the bounties being $100 - $20,000 per exploit, this would have an affect of exploit developers moving away from public releases (probably reword this) | ||
| Line 189: | Line 185: | ||
=== December === | === December === | ||
After a month of cool of, required when submitting HackerOne bugs, MrNbaYoh and TuxSH disclose exploits such SSLoth, a vulnerability that allows an attacker to bypass an SSL encryption for the 3DS Network Communications, which sets up another exploit submitted to HackerOne called safecerthax. (can still be executed on 11.4 in safe mode, although being fixed on native firm and N3DS) This allowed for a full chain to boot9strap on the O3DS. During this time TuxSH updated his universal-otherapp to include a new full chain, (added smpwn, spipwn, khax and agbhax) that work on native firm. All of this with a new N3DS browser exploit called new-browserhax-XL from zoogie, made the N3DS have a full chain as well. | After a month of cool of, required when submitting HackerOne bugs, MrNbaYoh and TuxSH disclose exploits such SSLoth, a vulnerability that allows an attacker to bypass an SSL encryption for the 3DS Network Communications, which sets up another exploit submitted to HackerOne called safecerthax. (can still be executed on 11.4 in safe mode, although being fixed on native firm and N3DS) This allowed for a full chain to boot9strap on the O3DS. During this time TuxSH updated his universal-otherapp to include a new full chain, (added smpwn, spipwn, khax and agbhax) that work on native firm. All of this with a new N3DS browser exploit called new-browserhax-XL from zoogie, made the N3DS have a full chain as well. | ||
== 2021 == | |||
=== January === | |||
Nintendo kills off Unity3DS and many debugging/dev hardware items. | |||
=== April === | |||
Old-browserhax-XL is released | |||
PabloMK7 (creator of CTGP-7) releases a semi-primary exploit for Mario Kart 7 called [[3DS:Kartdlphax|kartdlphax]]. | |||
=== July === | |||
Nintendo releases firmware 11.15, patching two of zoogie's browserhax at the same time, bringing back Seedminer. | |||
Nintendo also finishes off SSLoth by blocking it in SAFE_MODE. | |||
== 2022 == | |||
=== August === | |||
Nintendo releases 11.16, breaking TuxSH's universal-otherapp combo, because smpwn was fixed in this update. | |||
Nintendo also lays foundation for the eShop closure, updating MINT/ESHOP to handle shutting down eShop payments, two weeks later they would update the NVER on this title due to a typo in the web data module. | |||
=== December === | |||
PabloMK7 reveals ENLBufferPwn, an exploit for Mario Kart 7. Specifically an online RCE exploit which was already patched on Mario Kart 7 version 1.2. PabloMK7 disclosed this exploit as it could've led to mass bricking on consoles and online cheating. | |||
== 2023 == | |||
<references /> | |||