Difference between revisions of "Homebrew Exploits"

From 3dbrew
Jump to navigation Jump to search
Line 50: Line 50:
 
==Secondary Exploits==
 
==Secondary Exploits==
 
Installation of these exploits requires a previously exploited system to install. After installation, they can be used on their own.
 
Installation of these exploits requires a previously exploited system to install. After installation, they can be used on their own.
""Again, these exploits are only at best proven to work on 10.7.0-32!!! These may no longer function in 11.0.0-33!!!""
+
'''Again, these exploits are only at best proven to work on 10.7.0-32!!! These may no longer function in 11.0.0-33!!!'''
  
 
{| class="wikitable" border="1"
 
{| class="wikitable" border="1"

Revision as of 01:58, 10 May 2016

Standalone Homebrew Launcher Exploits

The following homebrew exploits can be executed on a previously un-exploited system. WARNING!!! These exploits are only proven to work on 10.7.0-32!!! These may no longer function in 11.0.0-33!!!


Works on latest fw Name Supported firmwares Requirements Author Install
No Ninjhax 1.1b From 4.0.0-7 up to and including 9.2.0-20. A cartridge or eShop version (JPN-only) of "Cubic Ninja". smea Install
Yes Ninjhax 2.5 From 9.0.0-7 up to and including 10.7.0-32. A cartridge or eShop version (JPN-only) of "Cubic Ninja". smea Install
Yes smashbroshax (beaconhax) (New 3DS only) From 9.0.0-X up to and including 10.7.0-32. Super Smash Bros 3DS (full-game) and a way to broadcast raw wifi beacons. The demo(prior to the updated November 2015 version) isn't usable with the *hax payloads. Game-version v1.1.3 fixed the vuln used with this, see the repo for a workaround for that. Yellows8 Install
No browserhax (Old 3DS) From 9.0.0-16 to 9.5.0-22, 9.5.0-23 to 9.8.0-25, 9.9.0-26 to 10.1.0-27, 10.2.0-28 to 10.5.0-30

(New 3DS) From 9.0.0-20 to 9.2.0-20, 9.3.0-21 to 9.5.0-23, 9.6.0-24 to 9.8.0-25, 9.9.0-26 to 10.1.0-27, 10.2.0-28 to 10.5.0-30

Note that the browser-version-check bypass is only usable prior to 10.7.0-32.

An USA, EUR, or JPN system. Yellows8 Install

Note that ninjhax 1.x is still not obsolete. Even though ninjhax 2.x can be run on 9.3+, this was made possible (amongst other things) by sacrificing the memory remapping exploit used in ninjhax 1.x (rohax). Therefore, things like JIT engines for emulators can only be supported on ninjhax 1.x. Furthermore, ninjhax 2.x does not run on system versions below 9.0.0-X, while ninjhax 1.x does.

Secondary Exploits

Installation of these exploits requires a previously exploited system to install. After installation, they can be used on their own. Again, these exploits are only at best proven to work on 10.7.0-32!!! These may no longer function in 11.0.0-33!!!

Works on latest fw Name Supported firmwares Requirements Author Install
No ironhax From 9.5.0-X up to and including 10.3.0-X, for X up to and including 28. A copy of "Ironfall: Invasion" downloaded from eShop before August 11th, 2015. Note the updated version that was released on October 13th, 2015 is not supported. smea Install
Yes oot3dhax From 9.0.0-X up to and including 10.7.0-X, for X up to and including 32. A gamecard or eShop-install of Legend of Zelda: Ocarina of Time 3D. Besides using the installer app, writing raw saveimages with a save dongle for example is another option. Due to lack of free space with the size of the *hax payload, the only save-slot that can exist in the *gamecard* savedata is the oot3dhax save-slot. Yellows8 / smea et al. See here.
No menuhax From 9.0.0-X up to and including 10.5.0-X, for X up to and including 30. Yellows8 Download
Yes supermysterychunkhax From 9.9.0-X (USA/JPN) / 10.2.0-X (EUR) up to and including 10.7.0-X, for X up to and including 32. A gamecard or eShop-install of Pokémon Super Mystery Dungeon. Shiny Quagsire / SALT team Install.
Yes (v*)hax From 9.0.0-X up to and including 10.7.0-X, for X up to and including 32.

Note that 9.0.0-X is only required for the Homebrew Launcher - the game itself only requires 2.1.0-X for primitive userland code execution.

A copy of VVVVVV downloaded after March 2012 (v1) Shiny Quagsire / SALT team Install.
Yes humblehax From 9.0.0-X (USA/EUR) up to and including 10.7.0-X, for X up to and including 32. An eShop-install of Citizens of Earth, featured in the Humble "Friends of Nintendo" Bundle. Dazzozo / SALT team Install.

Exploits without Homebrew Launcher (Not recommended)

Warning: The following exploits can run code, but are missing a 3DSX launcher. They cannot launch any homebrew in the 3DSX format.

Works on latest fw Name Supported firmwares Requirements Author Install
No browserhax (Without the loader in the 3ds_browserhax_common repo) (Old3DS) From 2.1.0-4 to 3.0.0-6, 4.0.0-7 to 4.5.0-10, 5.0.0-11 to 7.0.0-13, 7.1.0-16 to 9.5.0-22, 9.5.0-23 to 9.8.0-25, 9.9.0-26 to 10.1.0-27, 10.2.0-28 to 10.5.0-30

(New3DS) From 9.0.0-20 to 9.2.0-20, 9.3.0-21 to 9.5.0-23, 9.6.0-24 to 9.8.0-25, 9.9.0-26 to 10.1.0-27, 10.2.0-28 to 10.5.0-30

Note that the browser-version-check bypass is only usable prior to 10.7.0-32.

An USA, EUR, or JPN system. Yellows8 Install

Previous Exploits

Warning: These exploits do not work. They are exploits which no longer function at all, regardless of software or firmware revision.

Works on latest fw Name Supported firmwares Requirements Author Install
No Tubehax None. Was: From 9.0.0-X up to and including 10.1.0-X, for X up to and including 27. The YouTube application and an Internet connection. As of October 15, 2015, this is no longer usable due to an update being released which fixes the vuln used by tubehax + app update being forced(see here). smea Install

Other Homebrew Loaders

The hblauncher_loader title can be used when running under modded-FIRM which allows running unsigned titles, to boot the *hax payloads.

Sysmodule Exploits

This section is for system-module exploits, which can be run from the *hax payloads.

Works on latest fw Name Supported firmwares Requirements Author
Yes, that's not the intended default use however. ctr-httpwn From 9.6.0-X up to and including 10.7.0-X, for X up to and including 32. None Yellows8

WebKit vuln testing

See here.