Difference between revisions of "Homebrew Exploits"
Line 50: | Line 50: | ||
==Secondary Exploits== | ==Secondary Exploits== | ||
Installation of these exploits requires a previously exploited system to install. After installation, they can be used on their own. | Installation of these exploits requires a previously exploited system to install. After installation, they can be used on their own. | ||
− | + | '''Again, these exploits are only at best proven to work on 10.7.0-32!!! These may no longer function in 11.0.0-33!!!''' | |
{| class="wikitable" border="1" | {| class="wikitable" border="1" |
Revision as of 01:58, 10 May 2016
Standalone Homebrew Launcher Exploits
The following homebrew exploits can be executed on a previously un-exploited system. WARNING!!! These exploits are only proven to work on 10.7.0-32!!! These may no longer function in 11.0.0-33!!!
Works on latest fw | Name | Supported firmwares | Requirements | Author | Install |
---|---|---|---|---|---|
No | Ninjhax 1.1b | From 4.0.0-7 up to and including 9.2.0-20. | A cartridge or eShop version (JPN-only) of "Cubic Ninja". | smea | Install |
Yes | Ninjhax 2.5 | From 9.0.0-7 up to and including 10.7.0-32. | A cartridge or eShop version (JPN-only) of "Cubic Ninja". | smea | Install |
Yes | smashbroshax (beaconhax) | (New 3DS only) From 9.0.0-X up to and including 10.7.0-32. | Super Smash Bros 3DS (full-game) and a way to broadcast raw wifi beacons. The demo(prior to the updated November 2015 version) isn't usable with the *hax payloads. Game-version v1.1.3 fixed the vuln used with this, see the repo for a workaround for that. | Yellows8 | Install |
No | browserhax | (Old 3DS) From 9.0.0-16 to 9.5.0-22, 9.5.0-23 to 9.8.0-25, 9.9.0-26 to 10.1.0-27, 10.2.0-28 to 10.5.0-30
(New 3DS) From 9.0.0-20 to 9.2.0-20, 9.3.0-21 to 9.5.0-23, 9.6.0-24 to 9.8.0-25, 9.9.0-26 to 10.1.0-27, 10.2.0-28 to 10.5.0-30 Note that the browser-version-check bypass is only usable prior to 10.7.0-32. |
An USA, EUR, or JPN system. | Yellows8 | Install |
Note that ninjhax 1.x is still not obsolete. Even though ninjhax 2.x can be run on 9.3+, this was made possible (amongst other things) by sacrificing the memory remapping exploit used in ninjhax 1.x (rohax). Therefore, things like JIT engines for emulators can only be supported on ninjhax 1.x. Furthermore, ninjhax 2.x does not run on system versions below 9.0.0-X, while ninjhax 1.x does.
Secondary Exploits
Installation of these exploits requires a previously exploited system to install. After installation, they can be used on their own. Again, these exploits are only at best proven to work on 10.7.0-32!!! These may no longer function in 11.0.0-33!!!
Works on latest fw | Name | Supported firmwares | Requirements | Author | Install |
---|---|---|---|---|---|
No | ironhax | From 9.5.0-X up to and including 10.3.0-X, for X up to and including 28. | A copy of "Ironfall: Invasion" downloaded from eShop before August 11th, 2015. Note the updated version that was released on October 13th, 2015 is not supported. | smea | Install |
Yes | oot3dhax | From 9.0.0-X up to and including 10.7.0-X, for X up to and including 32. | A gamecard or eShop-install of Legend of Zelda: Ocarina of Time 3D. Besides using the installer app, writing raw saveimages with a save dongle for example is another option. Due to lack of free space with the size of the *hax payload, the only save-slot that can exist in the *gamecard* savedata is the oot3dhax save-slot. | Yellows8 / smea et al. | See here. |
No | menuhax | From 9.0.0-X up to and including 10.5.0-X, for X up to and including 30. | Yellows8 | Download | |
Yes | supermysterychunkhax | From 9.9.0-X (USA/JPN) / 10.2.0-X (EUR) up to and including 10.7.0-X, for X up to and including 32. | A gamecard or eShop-install of Pokémon Super Mystery Dungeon. | Shiny Quagsire / SALT team | Install. |
Yes | (v*)hax | From 9.0.0-X up to and including 10.7.0-X, for X up to and including 32.
Note that 9.0.0-X is only required for the Homebrew Launcher - the game itself only requires 2.1.0-X for primitive userland code execution. |
A copy of VVVVVV downloaded after March 2012 (v1) | Shiny Quagsire / SALT team | Install. |
Yes | humblehax | From 9.0.0-X (USA/EUR) up to and including 10.7.0-X, for X up to and including 32. | An eShop-install of Citizens of Earth, featured in the Humble "Friends of Nintendo" Bundle. | Dazzozo / SALT team | Install. |
Exploits without Homebrew Launcher (Not recommended)
Warning: The following exploits can run code, but are missing a 3DSX launcher. They cannot launch any homebrew in the 3DSX format.
Works on latest fw | Name | Supported firmwares | Requirements | Author | Install |
---|---|---|---|---|---|
No | browserhax (Without the loader in the 3ds_browserhax_common repo) | (Old3DS) From 2.1.0-4 to 3.0.0-6, 4.0.0-7 to 4.5.0-10, 5.0.0-11 to 7.0.0-13, 7.1.0-16 to 9.5.0-22, 9.5.0-23 to 9.8.0-25, 9.9.0-26 to 10.1.0-27, 10.2.0-28 to 10.5.0-30
(New3DS) From 9.0.0-20 to 9.2.0-20, 9.3.0-21 to 9.5.0-23, 9.6.0-24 to 9.8.0-25, 9.9.0-26 to 10.1.0-27, 10.2.0-28 to 10.5.0-30 Note that the browser-version-check bypass is only usable prior to 10.7.0-32. |
An USA, EUR, or JPN system. | Yellows8 | Install |
Previous Exploits
Warning: These exploits do not work. They are exploits which no longer function at all, regardless of software or firmware revision.
Works on latest fw | Name | Supported firmwares | Requirements | Author | Install |
---|---|---|---|---|---|
No | Tubehax | None. Was: From 9.0.0-X up to and including 10.1.0-X, for X up to and including 27. | The YouTube application and an Internet connection. As of October 15, 2015, this is no longer usable due to an update being released which fixes the vuln used by tubehax + app update being forced(see here). | smea | Install |
Other Homebrew Loaders
The hblauncher_loader title can be used when running under modded-FIRM which allows running unsigned titles, to boot the *hax payloads.
Sysmodule Exploits
This section is for system-module exploits, which can be run from the *hax payloads.
Works on latest fw | Name | Supported firmwares | Requirements | Author |
---|---|---|---|---|
Yes, that's not the intended default use however. | ctr-httpwn | From 9.6.0-X up to and including 10.7.0-X, for X up to and including 32. | None | Yellows8 |
WebKit vuln testing
See here.