46
edits
Changes
Jump to navigation
Jump to search
Line 11:
Line 11: − + Line 110:
Line 110: + + + + + + + + + + + + + + + + + + + + + + + + Line 352:
Line 376: + + + + + + + + + + Line 385:
Line 419: − + − Line 471:
Line 504: + + + + + Line 477:
Line 515: − + + + + + + + + + + + Line 705:
Line 753: − + − + Line 848:
Line 896: − +
→Old3DS browser: 11.9 and 11.14
The only difference between the ExeFS .code for each region of the Old3DS/New3DS browser, is byte values for the title uniqueID/region.
The only difference between the ExeFS .code for each region of the Old3DS/New3DS browser, is byte values for the title uniqueID/region.
A [[#v9.9_dummy_web-browser|"dummy" browser]] (which replaces the actual browser) is being included with cartdrige games shipping with system updates starting with [[9.9.0-26|9.9.0-X]].
A [[#Dummy_web-browser|"dummy" browser]] (which replaces the actual browser) is being included with cartdrige games shipping with system updates starting with [[9.9.0-26|9.9.0-X]].
In addition, versions of the real browser since 9.9.0-26X attempt to [[#Forced_system-update|check-in with a Nintendo server]] to determine if the existing browser version is out of date.
In addition, versions of the real browser since 9.9.0-26X attempt to [[#Forced_system-update|check-in with a Nintendo server]] to determine if the existing browser version is out of date.
| v8192
| v8192
| [[11.1.0-34]]
| [[11.1.0-34]]
| See below.
|-
| None
| None
| v9217
| v11.4 CUP
| v11.4 CUP dummy web-browser, see below.
|-
| 1.9.10160
| Mozilla/5.0 (New Nintendo 3DS like iPhone) AppleWebKit/536.30 (KHTML, like Gecko) NX/3.0.0.5.20 Mobile NintendoBrowser/1.9.10160.<region>
| v9232
| [[11.4.0-37]]
| See below.
|-
| 1.10.10166
| Mozilla/5.0 (New Nintendo 3DS like iPhone) AppleWebKit/536.30 (KHTML, like Gecko) NX/3.0.0.5.22 Mobile NintendoBrowser/1.10.10166.<region>
| v10272
| [[11.9.0-42]]
| See below.
|-
| 1.11.10172
| Mozilla/5.0 (New Nintendo 3DS like iPhone) AppleWebKit/536.30 (KHTML, like Gecko) NX/3.0.0.5.23 Mobile NintendoBrowser/1.11.10172.<region>
| v11264
| [[11.14.0-46]]
| See below.
| See below.
|}
|}
The filepath base used in the assert strings were changed from "d:\Jenkins\workspace\MPSkaterBuild\MVPlayer\Skater\Base\Android\frameworks\base\media\libstagefright\" to "d:\jenkins\workspace\MPSkaterBuild-Git\Base\Android\frameworks\base\media\libstagefright\".
The filepath base used in the assert strings were changed from "d:\Jenkins\workspace\MPSkaterBuild\MVPlayer\Skater\Base\Android\frameworks\base\media\libstagefright\" to "d:\jenkins\workspace\MPSkaterBuild-Git\Base\Android\frameworks\base\media\libstagefright\".
==== v11.4 ====
The only changes in RomFS was for "/build/buildinfo.dat" and "/static.crs", hence no OSS in CRO(s) were updated.
The main codebin was updated. Exactly two functions were updated, these are not related to code exec vulns.
cat v9232/00000027_romfs/build/buildinfo.dat
10160
applet
2017-03-08 19:44
=== New3DS Browser Specifications ===
=== New3DS Browser Specifications ===
* "User agent: Mozilla/5.0 (Nintendo 3DS; region; ; en) Version/1.7498.US"
* "User agent: Mozilla/5.0 (Nintendo 3DS; region; ; en) Version/1.7498.US"
* "Supported protocols: HTTP1.0/HTTP1.1/SSLv3/TLS1.0"
* "Supported protocols: HTTP1.0/HTTP1.1/SSLv3/TLS1.0"
* "Web standard: HTML 4.01/XHTML 1.1/CSS 1/CSS 2.1/CSS 3 (partial functionality)/DOM Levels 1-3/ECMAScript
* "Web standard: HTML 4.01/XHTML 1.1/CSS 1/CSS 2.1/CSS 3 (partial functionality)/DOM Levels 1-3/ECMAScript/XMLHttpRequest/Canvas Element (partial functionality)"
/XMLHttpRequest/Canvas Element (partial functionality)"
* "Image format: MPO / GIF / JPEG / PNG / BMP / ICO (some images cannot be displayed)"
* "Image format: MPO / GIF / JPEG / PNG / BMP / ICO (some images cannot be displayed)"
* "Plug-ins: Plug-ins such as Adobe Flash are not supported"
* "Plug-ins: Plug-ins such as Adobe Flash are not supported"
| [[10.6.0-31]]
| [[10.6.0-31]]
| See below.
| See below.
|-
| None
| v9216
| v10.7 CUP
| v10.7 CUP dummy web-browser, see below.
|-
|-
| 1.7625
| 1.7625
| See below.
| See below.
|-
|-
|
| 1.7630
| v10240
| v10240
| [[11.1.0-34]]
| [[11.1.0-34]]
| See below.
|-
| 1.7636
| v11297
| [[11.9.0-42]]
| See below.
|-
| 1.7639
| v12288
| [[11.14.0-46]]
| See below.
| See below.
|}
|}
The only actual code change with Old3DS/New3DS browser v10.7 was that the code which calculates the diff_timestamp was moved to immediately after the block which initializes <state_timestamp> when <state_timestamp> is all-zero. This fixed the browser-version-check [[3DS_Userland_Flaws|bypass]].
The only actual code change with Old3DS/New3DS browser v10.7 was that the code which calculates the diff_timestamp was moved to immediately after the block which initializes <state_timestamp> when <state_timestamp> is all-zero. This fixed the browser-version-check [[3DS_Userland_Flaws|bypass]].
== v9.9+/v10.7+ dummy web-browser ==
== Dummy web-browser ==
Gamecards v9.9 and above include, with their sysupdate, a dummy Old3DS/New3DS web-browser. The *only* thing this title does is display the same message listed in the above forced-update section. The message files in RomFS *only* contain that message string above. There are no "http" strings in the main codebin, and [[RO_Services|RO]] isn't used either(no CRO data in RomFS at all). Both browsers are internally called "dummySpider".
Gamecards v9.9 and above include, with their sysupdate, a dummy Old3DS/New3DS web-browser. The *only* thing this title does is display the same message listed in the above forced-update section. The message files in RomFS *only* contain that message string above. There are no "http" strings in the main codebin, and [[RO_Services|RO]] isn't used either(no CRO data in RomFS at all). Both browsers are internally called "dummySpider".
Hence, if you update your system below v9.8 with any v9.9 or above gamecard, the system web-browser will be rendered *completely* useless until you install a system-update from CDN(no network requests involved here).
Hence, if you update your system below v9.8 with any v9.9 or above gamecard, the system web-browser will be rendered *completely* useless until you install a system-update from CDN(no network requests involved here).
Gamecards v10.7 and above include an updated dummy web-browser, where the only difference is the title version.
Gamecards v10.7 and v11.4(New3DS only) have updated the dummy web-browser, where the only difference is the title version.
== Savedata ==
== Savedata ==
* [http://www.nintendo.com/3ds/internetbrowser/bookmarks Nintendo 3DS Bookmarks] - This is the first bookmark pre-installed in the browser.
* [http://www.nintendo.com/3ds/internetbrowser/bookmarks Nintendo 3DS Bookmarks] - This is the first bookmark pre-installed in the browser.
* [http://3ds.andysmith.co.uk/jFox.html jFox] (Short URL: http://bit.ly/iB7FqW)
* [http://3ds.andysmith.co.uk/jFox.html jFox] (Short URL: http://bit.ly/iB7FqW)
* [http://ditto3d.com/3ds Ditto3D] (Short URL: http://bit.ly/oVreWA)
* [http://ditto3d.com/3ds Ditto3D (Dead Link)] (Short URL: http://bit.ly/oVreWA)