3dbrew

Changes

3DS System Flaws (edit)

Revision as of 18:35, 4 February 2015

691 bytes added ,  18:35, 4 February 2015
→‎FIRM Process9
Line 43: Line 43:  
!  Timeframe this was discovered
 
!  Timeframe this was discovered
 
!  Discovered by
 
!  Discovered by
 +
|-
 +
| Uncleared New3DS keyslot 0x11
 +
| Originally the New3DS [[FIRM]] arm9bin loader only cleared keyslot 0x11 when it gets executed at firmlaunch. This was fixed with [[9.5.0-22|9.5.0-X]] by completely clearing keyslot 0x11 immediately after the loader finishes using keyslot 0x11.
 +
This means that any ARM9 code that can execute before the loader clears the keyslot at firmlaunch(including firmlaunch-hax) can get access to the uncleared keyslot 0x11, which then allows one to generate all <=v9.5 New3DS keyXs which are generated by keyslot 0x11.
 +
| New3DS keyXs generation
 +
| [[9.5.0-22|9.5.0-X]]
 +
|
 +
| February 3, 2015 (one day after [[9.5.0-22|9.5.0-X]] release)
 +
| [[User:Yellows8|Yellows8]]
 
|-
 
|-
 
| firmlaunch-hax: FIRM header ToCToU
 
| firmlaunch-hax: FIRM header ToCToU
Retrieved from "https://www.3dbrew.org/wiki/Special:MobileDiff/11569"