174
edits
Changes
Jump to navigation
Jump to search
Line 81:
Line 81: +
appendix
::::So no other things inside that package (Only CFA? I'm unable to decrypt the CDN so i can not even get a close look). If that key is stored in NAND, building up a proxy and replacing the original key and cert is not too easy lol (Then 3ds to us using our key and we to ninty using ninty keys, emulated.. able to catch all data pass through proxy SSL-decrypted) - even i don't know how to do that accurately (however can not assure). I don't think that private key is stored in nand or even sd, just cause of that can be easily cheated (if there is write access found). Since there is CRL enabled in the cert, even there is no CRL(Certificate Revocation List) file on remote now - that means they've prepared for declarition of the cert being invalid. after it is invalid they should take action to put a new package including new cert and private key (sounds reasonable for why they get such a package on cdn right?) and flash that into 3ds during a new update. That is why i think there is somewhere with at least write-access to the storation of keys. you mentioned ssl module, have you decrypted the whole executable yet (or from CDN with extracting its material)?
::::So no other things inside that package (Only CFA? I'm unable to decrypt the CDN so i can not even get a close look). If that key is stored in NAND, building up a proxy and replacing the original key and cert is not too easy lol (Then 3ds to us using our key and we to ninty using ninty keys, emulated.. able to catch all data pass through proxy SSL-decrypted) - even i don't know how to do that accurately (however can not assure). I don't think that private key is stored in nand or even sd, just cause of that can be easily cheated (if there is write access found). Since there is CRL enabled in the cert, even there is no CRL(Certificate Revocation List) file on remote now - that means they've prepared for declarition of the cert being invalid. after it is invalid they should take action to put a new package including new cert and private key (sounds reasonable for why they get such a package on cdn right?) and flash that into 3ds during a new update. That is why i think there is somewhere with at least write-access to the storation of keys. you mentioned ssl module, have you decrypted the whole executable yet (or from CDN with extracting its material)?
::::Conclusion: I do think there is some access to the storation of such a ssl private key. but i don't know where it exactly exists (even i hope that is stored in that key-scrambler - would bring a possibility to discovery the key-scrambler). i can not tell that is nand or sd or somewhere inside soc or actually key-scrambler, so i use hardware to refer that instead.--[[User:Syphurith|Syphurith]] 09:58, 4 July 2013 (CEST)
::::Conclusion: I do think there is some access to the storation of such a ssl private key. but i don't know where it exactly exists (even i hope that is stored in that key-scrambler - would bring a possibility to discovery the key-scrambler). i can not tell that is nand or sd or somewhere inside soc or actually key-scrambler, so i use hardware to refer that instead.--[[User:Syphurith|Syphurith]] 09:58, 4 July 2013 (CEST)
::::Appendix:iirc, the resources in one title may be refered and used in another title. so if only a new cert and key should be provided they may not need to rewrite the modules to implement that replacement. if i make a key-updater, i do provide keys in daily updates, and a modules such as connector (so ssl?) to everytime check the keys on server before start the secure connection. If such a speculation is right, then the write access can be in another title not the keys package. BTW have you built a tool that can help you detect the internal actions done in memory (when and who write/read which section of memory. there is such pc tools already but not arm)? It may help your analysing. --[[User:Syphurith|Syphurith]] 10:11, 4 July 2013 (CEST)
===Spam attack===
===Spam attack===