3dbrew

3DS System Flaws: Difference between revisions

← Older editNewer edit →
Mtgxyz (talk | contribs)
3 edits
No edit summary
Mtgxyz (talk | contribs)
3 edits
boot9: Removed nedwill because nedwill didn't discover any of the two. Also fixed a huge factual mistake I still think is true?
Line 98: Line 98:
|-
|-
| Incorrect padding check
| Incorrect padding check
| The FIRM signature is using PKCS #1 padding, which mandates that the padding is all 0xFF bytes. This is not checked correctly, because it only checks whether none of the bytes in the padding are 0x00. This allows a signature to be crafted more easily (sighax)
| The signature has a flag byte that determines whether the padding should be checked. This makes you able to bruteforce the padding very easily, as only the flag byte has to be zero.
| N/A
| N/A
| New3DS
| New3DS
| Summer 2015
| Summer 2015
| derrek and/or nedwill
| derrek
|-
|-
| No bound checks inside of ASN.1 parser
| No bound checks inside of ASN.1 parser
Line 109: Line 109:
| New3DS
| New3DS
| Summer 2015
| Summer 2015
| derrek and/or nedwill
| derrek
|}
|}
=== arm9loader ===
=== arm9loader ===
{| class="wikitable" border="1"
{| class="wikitable" border="1"
Retrieved from "https://www.3dbrew.org/wiki/3DS_System_Flaws"