Line 11: |
Line 11: |
| The only difference between the ExeFS .code for each region of the Old3DS/New3DS browser, is byte values for the title uniqueID/region. | | The only difference between the ExeFS .code for each region of the Old3DS/New3DS browser, is byte values for the title uniqueID/region. |
| | | |
− | A [[#v9.9_dummy_web-browser|"dummy" browser]] (which replaces the actual browser) is being included with cartdrige games shipping with system updates starting with [[9.9.0-26|9.9.0-X]]. | + | A [[#Dummy_web-browser|"dummy" browser]] (which replaces the actual browser) is being included with cartdrige games shipping with system updates starting with [[9.9.0-26|9.9.0-X]]. |
| In addition, versions of the real browser since 9.9.0-26X attempt to [[#Forced_system-update|check-in with a Nintendo server]] to determine if the existing browser version is out of date. | | In addition, versions of the real browser since 9.9.0-26X attempt to [[#Forced_system-update|check-in with a Nintendo server]] to determine if the existing browser version is out of date. |
| | | |
Line 112: |
Line 112: |
| | See below. | | | See below. |
| |- | | |- |
− | | ? | + | | None |
− | | ? | + | | None |
| + | | v9217 |
| + | | v11.4 CUP |
| + | | v11.4 CUP dummy web-browser, see below. |
| + | |- |
| + | | 1.9.10160 |
| + | | Mozilla/5.0 (New Nintendo 3DS like iPhone) AppleWebKit/536.30 (KHTML, like Gecko) NX/3.0.0.5.20 Mobile NintendoBrowser/1.9.10160.<region> |
| | v9232 | | | v9232 |
| | [[11.4.0-37]] | | | [[11.4.0-37]] |
| + | | See below. |
| + | |- |
| + | | 1.10.10166 |
| + | | Mozilla/5.0 (New Nintendo 3DS like iPhone) AppleWebKit/536.30 (KHTML, like Gecko) NX/3.0.0.5.22 Mobile NintendoBrowser/1.10.10166.<region> |
| + | | v10272 |
| + | | [[11.9.0-42]] |
| + | | See below. |
| + | |- |
| + | | 1.11.10172 |
| + | | Mozilla/5.0 (New Nintendo 3DS like iPhone) AppleWebKit/536.30 (KHTML, like Gecko) NX/3.0.0.5.23 Mobile NintendoBrowser/1.11.10172.<region> |
| + | | v11264 |
| + | | [[11.14.0-46]] |
| | See below. | | | See below. |
| |} | | |} |
Line 362: |
Line 380: |
| The only changes in RomFS was for "/build/buildinfo.dat" and "/static.crs", hence no OSS in CRO(s) were updated. | | The only changes in RomFS was for "/build/buildinfo.dat" and "/static.crs", hence no OSS in CRO(s) were updated. |
| | | |
− | The main codebin was updated. | + | The main codebin was updated. Exactly two functions were updated, these are not related to code exec vulns. |
| | | |
| cat v9232/00000027_romfs/build/buildinfo.dat | | cat v9232/00000027_romfs/build/buildinfo.dat |
Line 500: |
Line 518: |
| | v10240 | | | v10240 |
| | [[11.1.0-34]] | | | [[11.1.0-34]] |
| + | | See below. |
| + | |- |
| + | | 1.7636 |
| + | | v11297 |
| + | | [[11.9.0-42]] |
| + | | See below. |
| + | |- |
| + | | 1.7639 |
| + | | v12288 |
| + | | [[11.14.0-46]] |
| | See below. | | | See below. |
| |} | | |} |
Line 725: |
Line 753: |
| The only actual code change with Old3DS/New3DS browser v10.7 was that the code which calculates the diff_timestamp was moved to immediately after the block which initializes <state_timestamp> when <state_timestamp> is all-zero. This fixed the browser-version-check [[3DS_Userland_Flaws|bypass]]. | | The only actual code change with Old3DS/New3DS browser v10.7 was that the code which calculates the diff_timestamp was moved to immediately after the block which initializes <state_timestamp> when <state_timestamp> is all-zero. This fixed the browser-version-check [[3DS_Userland_Flaws|bypass]]. |
| | | |
− | == v9.9+/v10.7+ dummy web-browser == | + | == Dummy web-browser == |
| Gamecards v9.9 and above include, with their sysupdate, a dummy Old3DS/New3DS web-browser. The *only* thing this title does is display the same message listed in the above forced-update section. The message files in RomFS *only* contain that message string above. There are no "http" strings in the main codebin, and [[RO_Services|RO]] isn't used either(no CRO data in RomFS at all). Both browsers are internally called "dummySpider". | | Gamecards v9.9 and above include, with their sysupdate, a dummy Old3DS/New3DS web-browser. The *only* thing this title does is display the same message listed in the above forced-update section. The message files in RomFS *only* contain that message string above. There are no "http" strings in the main codebin, and [[RO_Services|RO]] isn't used either(no CRO data in RomFS at all). Both browsers are internally called "dummySpider". |
| | | |
| Hence, if you update your system below v9.8 with any v9.9 or above gamecard, the system web-browser will be rendered *completely* useless until you install a system-update from CDN(no network requests involved here). | | Hence, if you update your system below v9.8 with any v9.9 or above gamecard, the system web-browser will be rendered *completely* useless until you install a system-update from CDN(no network requests involved here). |
| | | |
− | Gamecards v10.7 and above include an updated dummy web-browser, where the only difference is the title version. | + | Gamecards v10.7 and v11.4(New3DS only) have updated the dummy web-browser, where the only difference is the title version. |
| | | |
| == Savedata == | | == Savedata == |
Line 868: |
Line 896: |
| * [http://www.nintendo.com/3ds/internetbrowser/bookmarks Nintendo 3DS Bookmarks] - This is the first bookmark pre-installed in the browser. | | * [http://www.nintendo.com/3ds/internetbrowser/bookmarks Nintendo 3DS Bookmarks] - This is the first bookmark pre-installed in the browser. |
| * [http://3ds.andysmith.co.uk/jFox.html jFox] (Short URL: http://bit.ly/iB7FqW) | | * [http://3ds.andysmith.co.uk/jFox.html jFox] (Short URL: http://bit.ly/iB7FqW) |
− | * [http://ditto3d.com/3ds Ditto3D] (Short URL: http://bit.ly/oVreWA) | + | * [http://ditto3d.com/3ds Ditto3D (Dead Link)] (Short URL: http://bit.ly/oVreWA) |