Internet Browser: Difference between revisions

(9 intermediate revisions by 3 users not shown)

Line 11:

The only difference between the ExeFS .code for each region of the Old3DS/New3DS browser, is byte values for the title uniqueID/region.

A [[#~~v9.9_dummy_web~~-browser|"dummy" browser]] (which replaces the actual browser) is being included with cartdrige games shipping with system updates starting with [[9.9.0-26|9.9.0-X]].

A [[#Dummy_web-browser|"dummy" browser]] (which replaces the actual browser) is being included with cartdrige games shipping with system updates starting with [[9.9.0-26|9.9.0-X]].

In addition, versions of the real browser since 9.9.0-26X attempt to [[#Forced_system-update|check-in with a Nintendo server]] to determine if the existing browser version is out of date.

Line 110:

| v8192

| [[11.1.0-34]]

| See below.

|-

| None

| v9217

| v11.4 CUP

| v11.4 CUP dummy web-browser, see below.

|-

| 1.9.10160

| Mozilla/5.0 (New Nintendo 3DS like iPhone) AppleWebKit/536.30 (KHTML, like Gecko) NX/3.0.0.5.20 Mobile NintendoBrowser/1.9.10160.<region>

| v9232

| [[11.4.0-37]]

| See below.

|-

| 1.10.10166

| Mozilla/5.0 (New Nintendo 3DS like iPhone) AppleWebKit/536.30 (KHTML, like Gecko) NX/3.0.0.5.22 Mobile NintendoBrowser/1.10.10166.<region>

| v10272

| [[11.9.0-42]]

| See below.

|-

| 1.11.10172

| Mozilla/5.0 (New Nintendo 3DS like iPhone) AppleWebKit/536.30 (KHTML, like Gecko) NX/3.0.0.5.23 Mobile NintendoBrowser/1.11.10172.<region>

| v11264

| [[11.14.0-46]]

| See below.

|}

Line 352:

Line 376:

The filepath base used in the assert strings were changed from "d:\Jenkins\workspace\MPSkaterBuild\MVPlayer\Skater\Base\Android\frameworks\base\media\libstagefright\" to "d:\jenkins\workspace\MPSkaterBuild-Git\Base\Android\frameworks\base\media\libstagefright\".

==== v11.4 ====

The only changes in RomFS was for "/build/buildinfo.dat" and "/static.crs", hence no OSS in CRO(s) were updated.

The main codebin was updated. Exactly two functions were updated, these are not related to code exec vulns.

cat v9232/00000027_romfs/build/buildinfo.dat

10160

applet

2017-03-08 19:44

=== New3DS Browser Specifications ===

Line 385:

Line 419:

* "User agent: Mozilla/5.0 (Nintendo 3DS; region; ; en) Version/1.7498.US"

* "Supported protocols: HTTP1.0/HTTP1.1/SSLv3/TLS1.0"

* "Web standard: HTML 4.01/XHTML 1.1/CSS 1/CSS 2.1/CSS 3 (partial functionality)/DOM Levels 1-3/ECMAScript

* "Web standard: HTML 4.01/XHTML 1.1/CSS 1/CSS 2.1/CSS 3 (partial functionality)/DOM Levels 1-3/ECMAScript/XMLHttpRequest/Canvas Element (partial functionality)"

/XMLHttpRequest/Canvas Element (partial functionality)"

* "Image format: MPO / GIF / JPEG / PNG / BMP / ICO (some images cannot be displayed)"

* "Plug-ins: Plug-ins such as Adobe Flash are not supported"

Line 485:

Line 518:

| v10240

| [[11.1.0-34]]

| See below.

|-

| 1.7636

| v11297

| [[11.9.0-42]]

| See below.

|-

| 1.7639

| v12288

| [[11.14.0-46]]

| See below.

|}

Line 710:

Line 753:

The only actual code change with Old3DS/New3DS browser v10.7 was that the code which calculates the diff_timestamp was moved to immediately after the block which initializes <state_timestamp> when <state_timestamp> is all-zero. This fixed the browser-version-check [[3DS_Userland_Flaws|bypass]].

== ~~v9.9+/v10.7+ dummy~~ web-browser ==

== Dummy web-browser ==

Gamecards v9.9 and above include, with their sysupdate, a dummy Old3DS/New3DS web-browser. The *only* thing this title does is display the same message listed in the above forced-update section. The message files in RomFS *only* contain that message string above. There are no "http" strings in the main codebin, and [[RO_Services|RO]] isn't used either(no CRO data in RomFS at all). Both browsers are internally called "dummySpider".

Hence, if you update your system below v9.8 with any v9.9 or above gamecard, the system web-browser will be rendered *completely* useless until you install a system-update from CDN(no network requests involved here).

Gamecards v10.7 and ~~above include an~~ updated dummy web-browser, where the only difference is the title version.

Gamecards v10.7 and v11.4(New3DS only) have updated the dummy web-browser, where the only difference is the title version.

== Savedata ==

Line 851:

Line 894:

==Example Sites==

* [http://www.nintendo.com/3ds/internetbrowser/bookmarks Nintendo 3DS Bookmarks] - This is the first bookmark pre-installed in the browser.

* [http://www.nintendo.com/3ds/internetbrowser/bookmarks Nintendo 3DS Bookmarks]: This is the first bookmark pre-installed in the browser.

* [https://imgsharetool.herokuapp.com ImageShare]: Image uploader for the 3DS ([https://github.com/corbindavenport/image-share source code])

* [http://3ds.andysmith.co.uk/jFox.html jFox] (Short URL: http://bit.ly/iB7FqW)

* [http://ditto3d.com/3ds Ditto3D] (Short URL: http://bit.ly/oVreWA)

* [http://ditto3d.com/3ds Ditto3D (Dead Link)] (Short URL: http://bit.ly/oVreWA)

@@ Line 11: / Line 11: @@
 The only difference between the ExeFS .code for each region of the Old3DS/New3DS browser, is byte values for the title uniqueID/region.
-A [[#v9.9_dummy_web-browser|"dummy" browser]] (which replaces the actual browser) is being included with cartdrige games shipping with system updates starting with [[9.9.0-26|9.9.0-X]].
+A [[#Dummy_web-browser|"dummy" browser]] (which replaces the actual browser) is being included with cartdrige games shipping with system updates starting with [[9.9.0-26|9.9.0-X]].
 In addition, versions of the real browser since 9.9.0-26X attempt to [[#Forced_system-update|check-in with a Nintendo server]] to determine if the existing browser version is out of date.
@@ Line 110: / Line 110: @@
 | v8192
 | [[11.1.0-34]]
+| See below.
+|-
+| None
+| None
+| v9217
+| v11.4 CUP
+| v11.4 CUP dummy web-browser, see below.
+|-
+| 1.9.10160
+| Mozilla/5.0 (New Nintendo 3DS like iPhone) AppleWebKit/536.30 (KHTML, like Gecko) NX/3.0.0.5.20 Mobile NintendoBrowser/1.9.10160.<region>
+| v9232
+| [[11.4.0-37]]
+| See below.
+|-
+| 1.10.10166
+| Mozilla/5.0 (New Nintendo 3DS like iPhone) AppleWebKit/536.30 (KHTML, like Gecko) NX/3.0.0.5.22 Mobile NintendoBrowser/1.10.10166.<region>
+| v10272
+| [[11.9.0-42]]
+| See below.
+|-
+| 1.11.10172
+| Mozilla/5.0 (New Nintendo 3DS like iPhone) AppleWebKit/536.30 (KHTML, like Gecko) NX/3.0.0.5.23 Mobile NintendoBrowser/1.11.10172.<region>
+| v11264
+| [[11.14.0-46]]
 | See below.
 |}
@@ Line 352: / Line 376: @@
 The filepath base used in the assert strings were changed from "d:\Jenkins\workspace\MPSkaterBuild\MVPlayer\Skater\Base\Android\frameworks\base\media\libstagefright\" to "d:\jenkins\workspace\MPSkaterBuild-Git\Base\Android\frameworks\base\media\libstagefright\".
+==== v11.4 ====
+The only changes in RomFS was for "/build/buildinfo.dat" and "/static.crs", hence no OSS in CRO(s) were updated.
+The main codebin was updated. Exactly two functions were updated, these are not related to code exec vulns.
+  cat v9232/00000027_romfs/build/buildinfo.dat
+  applet
+-03-08 19:44
 === New3DS Browser Specifications ===
@@ Line 385: / Line 419: @@
 * "User agent: Mozilla/5.0 (Nintendo 3DS; region; ; en) Version/1.7498.US"
 * "Supported protocols: HTTP1.0/HTTP1.1/SSLv3/TLS1.0"
-* "Web standard: HTML 4.01/XHTML 1.1/CSS 1/CSS 2.1/CSS 3 (partial functionality)/DOM Levels 1-3/ECMAScript
+* "Web standard: HTML 4.01/XHTML 1.1/CSS 1/CSS 2.1/CSS 3 (partial functionality)/DOM Levels 1-3/ECMAScript/XMLHttpRequest/Canvas Element (partial functionality)"
-/XMLHttpRequest/Canvas Element (partial functionality)"
 * "Image format: MPO / GIF / JPEG / PNG / BMP / ICO (some images cannot be displayed)"
 * "Plug-ins: Plug-ins such as Adobe Flash are not supported"
@@ Line 485: / Line 518: @@
 | v10240
 | [[11.1.0-34]]
+| See below.
+|-
+| 1.7636
+| v11297
+| [[11.9.0-42]]
+| See below.
+|-
+| 1.7639
+| v12288
+| [[11.14.0-46]]
 | See below.
 |}
@@ Line 710: / Line 753: @@
 The only actual code change with Old3DS/New3DS browser v10.7 was that the code which calculates the diff_timestamp was moved to immediately after the block which initializes <state_timestamp> when <state_timestamp> is all-zero. This fixed the browser-version-check [[3DS_Userland_Flaws|bypass]].
-== v9.9+/v10.7+ dummy web-browser ==
+== Dummy web-browser ==
 Gamecards v9.9 and above include, with their sysupdate, a dummy Old3DS/New3DS web-browser. The *only* thing this title does is display the same message listed in the above forced-update section. The message files in RomFS *only* contain that message string above. There are no "http" strings in the main codebin, and [[RO_Services|RO]] isn't used either(no CRO data in RomFS at all). Both browsers are internally called "dummySpider".
 Hence, if you update your system below v9.8 with any v9.9 or above gamecard, the system web-browser will be rendered *completely* useless until you install a system-update from CDN(no network requests involved here).
-Gamecards v10.7 and above include an updated dummy web-browser, where the only difference is the title version.
+Gamecards v10.7 and v11.4(New3DS only) have updated the dummy web-browser, where the only difference is the title version.
 == Savedata ==
@@ Line 851: / Line 894: @@
 ==Example Sites==
 <!-- If you have a website that demonstrates these techniques, place it here! -->
-* [http://www.nintendo.com/3ds/internetbrowser/bookmarks Nintendo 3DS Bookmarks] - This is the first bookmark pre-installed in the browser.
+* [http://www.nintendo.com/3ds/internetbrowser/bookmarks Nintendo 3DS Bookmarks]: This is the first bookmark pre-installed in the browser.
+* [https://imgsharetool.herokuapp.com ImageShare]: Image uploader for the 3DS ([https://github.com/corbindavenport/image-share source code])
 * [http://3ds.andysmith.co.uk/jFox.html jFox] (Short URL: http://bit.ly/iB7FqW)
-* [http://ditto3d.com/3ds Ditto3D] (Short URL: http://bit.ly/oVreWA)
+* [http://ditto3d.com/3ds Ditto3D (Dead Link)] (Short URL: http://bit.ly/oVreWA)