Changes

75 bytes added ,  21:32, 29 July 2019
Updated exploits used today to 11.10
Line 515: Line 515:  
|-
 
|-
 
| [[DSiWare_Exports]] [[CTCert]] verification
 
| [[DSiWare_Exports]] [[CTCert]] verification
| Just like DSi originally did, 3DS verifies the APCert for DSiWare on SD with the CTCert also in the DSiWare .bin. On DSi this was fixed with with system-version 1.4.2 by verifying with the actual console-unique cert instead(stored in NAND), while on 3DS it's still not(?) fixed.
+
| Just like DSi originally did, 3DS verifies the APCert for DSiWare on SD with the CTCert also in the DSiWare .bin. On DSi this was fixed with with system-version 1.4.2 by verifying with the actual console-unique cert instead(stored in NAND), while on 3DS it's still not fixed.
On 3DS however this is useless, unless one can obtain the console-unique movable.sed keyY which encrypts the entire DSiWare .bin.
+
On 3DS this is used in conjunction with seedminer to be able to decrypt & modify DSiWare TAD containers and inject them with exploitable DSiWare titles such as sudoku (sudokuhax) and Flipnote JPN (ugopwn)
 
| When the movable.sed keyY for the target 3DS is known and the target 3DS CTCert private-key is unknown, importing of modified DSiWare SD .bin files.
 
| When the movable.sed keyY for the target 3DS is known and the target 3DS CTCert private-key is unknown, importing of modified DSiWare SD .bin files.
 
| None.
 
| None.
| 11.8.0-X
+
| 11.10.0-X
 
| April 2013
 
| April 2013
 
|  
 
|  
Line 537: Line 537:  
| This allows embedding older, exploitable DSiWare titles in completely different, unexploitable DSiWare titles. Since DSiWare has raw NAND RW, this can result in arm9 control through FIRM known-plaintext and sighax attacks.
 
| This allows embedding older, exploitable DSiWare titles in completely different, unexploitable DSiWare titles. Since DSiWare has raw NAND RW, this can result in arm9 control through FIRM known-plaintext and sighax attacks.
 
| None.
 
| None.
| 11.8.0-X
+
| 11.10.0-X
 
| 2015?
 
| 2015?
 
| December 2016
 
| December 2016
Line 546: Line 546:  
| When combined with other public vulns, arm9 code execution.
 
| When combined with other public vulns, arm9 code execution.
 
| None.
 
| None.
| 11.8.0-X
+
| 11.10.0-X
 
| May 2018
 
| May 2018
 
| Sept 2018
 
| Sept 2018
11

edits