3dbrew

3DS System Flaws: Difference between revisions

← Older editNewer edit →
Line 30: Line 30:
=== [[TWL_FIRM]] ===
=== [[TWL_FIRM]] ===
==== Process9 ====
==== Process9 ====
=== [[FIRM]] Process9 ===
{| class="wikitable" border="1"
{| class="wikitable" border="1"
|-
|-
Line 40: Line 42:
!  Discovered by
!  Discovered by
|-
|-
| TWL RSA signature padding checks
| RSA signature padding checks
| The TWL_FIRM RSA sig padding check code used for all TWL RSA sig-checks has issues, see [[FIRM|here]].
| The TWL_FIRM RSA sig padding check code used for all TWL RSA sig-checks has issues, see [[FIRM|here]].
The main 3DS RSA padding check code(non-certificate) uses the function used with the above to extract PKCS padding + the actual hash from the message. This is not an issue when it's verifying signatures *where* the attacker *doesn't* have the private key for the input modulus.
|  
|  
| None
| None
| Old3DS: [[6.2.0-12]]. New3DS: [[8.1.0-0_New3DS]]
| [[9.5.0-22|9.5.0-X]]
|  
| March 2015
| [[User:Yellows8|Yellows8]]
| [[User:Yellows8|Yellows8]]
|}
=== [[FIRM]] Process9 ===
{| class="wikitable" border="1"
|-
!  Summary
!  Description
!  Successful exploitation result
!  Fixed in [[FIRM]] system version
!  Last [[FIRM]] system version this flaw was checked for
!  Timeframe this was discovered
!  Discovered by
|-
|-
| Uncleared New3DS keyslot 0x11
| Uncleared New3DS keyslot 0x11
Retrieved from "https://www.3dbrew.org/wiki/3DS_System_Flaws"