Difference between revisions of "Talk:Flash Filesystem"
m |
(→Possible firmware downgrade vulnerability: new section) |
||
Line 46: | Line 46: | ||
@yellows8, since the \titles directory is similar between nand and sdmc, do you think it should have a separate page from the [[SD Filesystem]] page?--[[User:3dsguy|3dsguy]] 02:36, 23 August 2012 (CEST) | @yellows8, since the \titles directory is similar between nand and sdmc, do you think it should have a separate page from the [[SD Filesystem]] page?--[[User:3dsguy|3dsguy]] 02:36, 23 August 2012 (CEST) | ||
:Go ahead.(SD/NAND /title is exactly the same, except for the additional encryption for SD perhaps) NAND has .db files too, but I'm not sure where those are located. --[[User:Yellows8|Yellows8]] 02:59, 23 August 2012 (CEST) | :Go ahead.(SD/NAND /title is exactly the same, except for the additional encryption for SD perhaps) NAND has .db files too, but I'm not sure where those are located. --[[User:Yellows8|Yellows8]] 02:59, 23 August 2012 (CEST) | ||
+ | |||
+ | == Possible firmware downgrade vulnerability == | ||
+ | |||
+ | Please correct where I'm wrong. Assume we have NAND-dumps from two 3DS units A and B for both firmware versions X and Y. I.e. 4 data sets AX, AY, BX, BY. Assume that all clear data is identical for the same firmware version or unique per console and stay untouched with firmware version change (i.e. AX, BX is a brand-new console with a factory reset dumps and AY, BY have just updated firmwares). Then AX xor AY = BX xor BY and BX = BY xor AX xor AY. |
Revision as of 10:33, 10 April 2014
- Can't help with nand reading but lib references give some indication of the filesystem.
Note! some of these NAND paths below may be outdated. Confirmed NAND directories/directory structures are on the Flash Filesystem page.
nand:/extdata |
nand:/ro/ |
nand:/ro/sys/HWCAL0.dat |
nand:/ro/sys/HWCAL1.dat |
nand:/rw/ |
nand:/rw/sys/ |
nand:/rw/sys/config |
nand:/rw/sys/updater.log |
nand:/rw/sys/PlayHistory.dat |
nand:/rw/sys/PedometerHistory.dat |
nand:/rw/sys/LocalFriendCodeSeed |
nand:/rw/sys/SecureInfo |
nand:/title |
nand:/title/%08x/%08x |
nand:/title/%08x/%08x/%08x.app |
nand:/title/%08x/%08x/title.tmd |
nand:/ticket |
nand:/ticket/%08x/%08x.tik |
nand:/tmp |
@yellows8, since the \titles directory is similar between nand and sdmc, do you think it should have a separate page from the SD Filesystem page?--3dsguy 02:36, 23 August 2012 (CEST)
- Go ahead.(SD/NAND /title is exactly the same, except for the additional encryption for SD perhaps) NAND has .db files too, but I'm not sure where those are located. --Yellows8 02:59, 23 August 2012 (CEST)
Possible firmware downgrade vulnerability
Please correct where I'm wrong. Assume we have NAND-dumps from two 3DS units A and B for both firmware versions X and Y. I.e. 4 data sets AX, AY, BX, BY. Assume that all clear data is identical for the same firmware version or unique per console and stay untouched with firmware version change (i.e. AX, BX is a brand-new console with a factory reset dumps and AY, BY have just updated firmwares). Then AX xor AY = BX xor BY and BX = BY xor AX xor AY.