6,264
edits
Changes
Jump to navigation
Jump to search
Line 29:
Line 29: − + Line 38:
Line 38: − Accesses to 0x1EC40180 have been replaced by a new syscall, [[SVC|0x5A]].+ − + + +
→NWM-sysmodule
===[[NWM_Services|NWM-sysmodule]]===
===[[NWM_Services|NWM-sysmodule]]===
The [[CONFIG11_Registers]] are no longer directly mapped under userland for NWM-sysmodule.
The [[CONFIG11_Registers]] are no longer directly mapped under userland for NWM-sysmodule.
This prevents anything under NWM-module from modifying the GPUPROT register.
This prevents anything under NWM-module from modifying the GPUPROT register. This was used by both *hax payload(prior to v11.4 release) and [https://github.com/smealum/udsploit udsploit].
The codebin was updated.
The codebin was updated.
.. has been removed from NWM. This one has been moved into kernel bootup.
.. has been removed from NWM. This one has been moved into kernel bootup.
All accesses to 0x1EC40180 have been replaced by a new syscall, [[SVC|0x5A]].
A new string was added at 0x13E200: "used"(with 3 0xFF bytes afterwards). The wifi-fw was moved from .data to .rodata.
This now includes code from old CTRSDK update(s). The only other changes was new heap code, for fixing the NWMUDS sharedmem [[3DS_System_Flaws|vuln]]. This includes code which actually validates heap memchunkhdrs, with svcBreak being executed on failure.
A new string was added at 0x13E200: "used"(with 3 0xFF bytes afterwards), this is used by the new heap code. The wifi-fw was moved from .data to .rodata.
===[[Internet Browser]]===
===[[Internet Browser]]===