Sorry, I thought putting it in the Public folder would just make it work: http://dl.dropbox.com/u/18757478/alerttest.html R4wrz0rz0r 00:56, 21 June 2011 (CEST) Here's a shortened link: http://tinyurl.com/4x4u69o Kiddyshaq34
I think it is not so easy because this browser using Apple Webkit.
I don't think this is exploitable in any way. To me, seems more like NULL pointer dereferencing. Here's my full theory, may be wrong tho:
- such strings point to NULL instead of pointing to a memory buffer with characters. Their size is checked before trying to read them to display them in an alert.
- now, if you generate a 2^32 string, the length of the string is 0x100000000 characters. This value gets cut off to zero because it doesn't fit in a 32bit integer. Therefore the length property of the string is zero.
- when trying to alert() this string, the security check described above does infact "0 < maxlength", so the string is considered short enough to be displayed. However, since it was made from strings being already too large, its pointer is NULL.
- the browser tries to read from NULL, causing an exception. Probably said exception would trigger special stuff on dev/debug units, but was set to just enter an endless loop on retail units.
Long story short, nothing gets overwritten. Just an attempt at using a NULL pointer. This is only a theory though, I may be wrong. --Luigi2us 01:40, 13 August 2011 (CEST)
I am not sure if this is any help, but browsing to this page http://bit.ly/qV82en in the 3DS browser, causes the page to take an age to load... (around 5 mins), when the page does finally load you can see dots, scrolling down a few times till you see symbols instead of dots, then tapping the lower screen causes a load of pop unders. I had tried other Android based exploits, that were all thrown out (page to big errors), but this one seems different. viewing some pop unders (ones with target like icons) cause some to close and more to open...
Not to mention, the 3DS hardware is surely a lot different from Android/phones. Scriptkiddyish attempts like running Android exploits on a 3DS will not work.