3dbrew

3DS System Flaws: Difference between revisions

← Older editNewer edit →
Neobrain (talk | contribs)
549 edits
m Point towards memory chunk header documentation
Line 326: Line 326:
|-
|-
| memchunkhax
| memchunkhax
| The kernel originally did not validate the data stored in the FCRAM kernel heap memchunk-headers for free-memory at all. Exploiting this requires raw R/W access to these memchunk-headers, like physical-memory access with gspwn.
| The kernel originally did not validate the data stored in the FCRAM kernel heap [[Memchunkhdrletsusestupidabbreviations|memchunk-headers]] for free-memory at all. Exploiting this requires raw R/W access to these memchunk-headers, like physical-memory access with gspwn.


There are ''multiple'' ways to exploit this, but the end-result for most of these is the same: overwrite code in AXIWRAM via the 0xEFF00000/0xDFF00000 kernel virtual-memory mapping.
There are ''multiple'' ways to exploit this, but the end-result for most of these is the same: overwrite code in AXIWRAM via the 0xEFF00000/0xDFF00000 kernel virtual-memory mapping.
Retrieved from "https://www.3dbrew.org/wiki/3DS_System_Flaws"