#168663 - yellowstar - Thu May 14, 2009 6:05 am
This post is outdated, no volunteers are needed anymore.
I need a volunteer to capture/dump the Nintendo Zone client in UK/JP,(Perhaps US, in New York City Nintendo World store) and with my tools, inject a hack into the client and run the hacked client. The purpose of this hack is to dump info about data used for the Nintendo Spot series server authentication system. Once the client connects the server, press L and R. A console will be displayed, displaying the dumps. Note the displayed hex dumps either on paper or other non-ds hb means. Press A, then note the data. Press A, then note each pzA WEP key, IDs 0 - 3, pressing A after noting each. The screen will turn black when all of the dumps have been displayed. Optionally, attempt to connect to the pzA/"Nintendo Zone" AP with homebrew. Note that dumping WEP keys is a bonus feature benefiting only homebrew basically, as all Nintendo Spot series server communications are https/SSL secured.(Dunno if there's anything blocking non-nds mac address Wifi devices connecting though) Contact me via PM, or at yellowstar6 [at] gmail dot com if you're interested in volunteering for this.
The client can be dumped with FwWMBDumper. FwWMBDumper is a work in progress, and can only dump to raw sectors. FAT support is being worked on. The signature should be dumped correctly, but banner dumping is currently unsupported. For running FwWMBDumper, you wouldn't flash the hack to fw nand, you'd run a .nds. Only use FwWMBDumper for dumping the Nintendo Zone client if you have a spare storage medium/spare TF card. FwWMBDumper uses DLDI, and should be compatible with all DLDI no larger than 10KB. FwWMBDumper should automatically boot the un-patched client binary once dumping finishes. With other WMB bin dumping tests, this can take anywhere from 5 to 10 seconds. You can use some NDS hb tools I wrote for transferring the binary from raw sector dump to a TF card with FAT, and patching the binary.
Last edited by yellowstar on Tue Aug 24, 2010 8:59 pm; edited 4 times in total
I need a volunteer to capture/dump the Nintendo Zone client in UK/JP,(Perhaps US, in New York City Nintendo World store) and with my tools, inject a hack into the client and run the hacked client. The purpose of this hack is to dump info about data used for the Nintendo Spot series server authentication system. Once the client connects the server, press L and R. A console will be displayed, displaying the dumps. Note the displayed hex dumps either on paper or other non-ds hb means. Press A, then note the data. Press A, then note each pzA WEP key, IDs 0 - 3, pressing A after noting each. The screen will turn black when all of the dumps have been displayed. Optionally, attempt to connect to the pzA/"Nintendo Zone" AP with homebrew. Note that dumping WEP keys is a bonus feature benefiting only homebrew basically, as all Nintendo Spot series server communications are https/SSL secured.(Dunno if there's anything blocking non-nds mac address Wifi devices connecting though) Contact me via PM, or at yellowstar6 [at] gmail dot com if you're interested in volunteering for this.
The client can be dumped with FwWMBDumper. FwWMBDumper is a work in progress, and can only dump to raw sectors. FAT support is being worked on. The signature should be dumped correctly, but banner dumping is currently unsupported. For running FwWMBDumper, you wouldn't flash the hack to fw nand, you'd run a .nds. Only use FwWMBDumper for dumping the Nintendo Zone client if you have a spare storage medium/spare TF card. FwWMBDumper uses DLDI, and should be compatible with all DLDI no larger than 10KB. FwWMBDumper should automatically boot the un-patched client binary once dumping finishes. With other WMB bin dumping tests, this can take anywhere from 5 to 10 seconds. You can use some NDS hb tools I wrote for transferring the binary from raw sector dump to a TF card with FAT, and patching the binary.
Last edited by yellowstar on Tue Aug 24, 2010 8:59 pm; edited 4 times in total