Changes

Jump to navigation Jump to search

3DS System Flaws (edit)

Revision as of 00:50, 12 January 2015

2 bytes added , 00:50, 12 January 2015

→‎ARM11 system applications and applets

Line 210: Line 210:

| None

| None

| [[9.4.0-21]]

| [[9.4.0-21]]

−

|

+

|

|-

|-

−

| ~~ropwn~~

+

| rohax

| Using gspwn, it is possible to overwrite a loaded [[CRO0]]/[[CRR0]] after its RSA-signature has been validated. Badly validated [[CRO0]] header leads to arbitrary read/write of memory in the ro-process. This gives code-execution in the ro module, who has access to [[SVC|syscalls]] 0x70-0x72, 0x7D.

| Using gspwn, it is possible to overwrite a loaded [[CRO0]]/[[CRR0]] after its RSA-signature has been validated. Badly validated [[CRO0]] header leads to arbitrary read/write of memory in the ro-process. This gives code-execution in the ro module, who has access to [[SVC|syscalls]] 0x70-0x72, 0x7D.

Line 219: Line 219:

| [[9.3.0-21]]

| [[9.3.0-21]]

| [[9.4.0-21]]

| [[9.4.0-21]]

−

|

+

|

|-

|-

| 3DS [[System Settings]] DS profile string stack-smash

| 3DS [[System Settings]] DS profile string stack-smash

Bureaucrats, Administrators

869

edits

Retrieved from "https://www.3dbrew.org/wiki/Special:MobileDiff/11449"

Navigation menu

Please enable JavaScript to pass antispam protection!
Here are the instructions how to enable JavaScript in your web browser http://www.enable-javascript.com.
Antispam by CleanTalk.