🍪

By entering this site you need to consent to the use of cookies and their functional use according to this privacy policy. Cookies help us to provide the functional services of the website. Kindly read the below message of use and consent to the use. The following cookies are stored and shared when accessing this website: - Internal cookies for the MediaWiki site. This is used for user authentication and article modifications. - Third-party cookies from Google providing services for Google AdSense and Google Analytics We will never use data collected outside of the above scope.

Changes

3DS System Flaws (edit)

Revision as of 13:01, 30 December 2016

107 bytes removed , 13:01, 30 December 2016

→‎boot9: Removed nedwill because nedwill didn't discover any of the two. Also fixed a huge factual mistake I still think is true?

Line 98: Line 98:

|-

|-

| Incorrect padding check

| Incorrect padding check

−

| The ~~FIRM~~ signature ~~is using PKCS #1 padding, which mandates~~ that the padding ~~is all 0xFF bytes~~. This ~~is not checked correctly~~, ~~because it~~ only ~~checks whether none of~~ the ~~bytes in the padding are 0x00. This allows a signature~~ to be ~~crafted more easily (sighax)~~

+

| The signature has a flag byte that determines whether the padding should be checked. This makes you able to bruteforce the padding very easily, as only the flag byte has to be zero.

| N/A

| N/A

| New3DS

| New3DS

| Summer 2015

| Summer 2015

−

| derrek ~~and/or nedwill~~

+

| derrek

|-

|-

| No bound checks inside of ASN.1 parser

| No bound checks inside of ASN.1 parser

Line 109: Line 109:

| New3DS

| New3DS

| Summer 2015

| Summer 2015

−

| derrek ~~and/or nedwill~~

+

| derrek

|}

|}

+

=== arm9loader ===

=== arm9loader ===

{| class="wikitable" border="1"

{| class="wikitable" border="1"

3

edits

Retrieved from "https://www.3dbrew.org/wiki/Special:MobileDiff/19081"

Please enable JavaScript to pass antispam protection!
Here are the instructions how to enable JavaScript in your web browser http://www.enable-javascript.com.
Antispam by CleanTalk.