Keyshuffling

Keyshuffling Attack for Persistent Early Code Execution in the Nintendo 3DS Secure Bootchain
Alternatives To Keyshuffling
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Citra9,360
15 hours ago592gpl-2.0C++
A Nintendo 3DS Emulator
Luma3ds4,505
5 days ago68gpl-3.0C
Noob-proof (N)3DS "Custom Firmware"
Godmode91,857
a month ago19gpl-3.0C
GodMode9 Explorer - A full access file browser for the Nintendo 3DS console :godmode:
Hb Appstore844
a month ago12gpl-3.0C++
Homebrew App Store - GUI for downloading/managing homebrew apps for video game consoles
Anemone3ds738
4 months ago21gpl-3.0C
A theme and boot splash manager for the Nintendo 3DS console
Libctru698
5 days ago21C
Homebrew development library for Nintendo 3DS/Horizon OS user mode (Arm11)
Universal Updater685
3 months ago20gpl-3.0C++
An easy to use app for installing and updating 3DS homebrew
Custom Install469
a month ago25mitPython
Installs a title directly to an SD card for the Nintendo 3DS
Godmode9i376
a month ago30gpl-3.0C
GodMode9i Explorer - A full access file browser for the Nintendo DS and DSi consoles :godmode:
Ninfs370
a month ago13March 25, 202219mitPython
FUSE filesystem Python scripts for Nintendo console files
Alternatives To Keyshuffling
Select To Compare


Alternative Project Comparisons
Readme

Keyshuffling Attack for Persistent Early Code Execution in the Nintendo 3DS Secure Bootchain

View PDF

Abstract

We demonstrate an attack on the secure bootchain of the Nintendo 3DS in order to gain early code execution. The attack utilizes the block shuffling vulnerability of the ECB cipher mode to rearrange keys in the Nintendo 3DS's encrypted keystore. Because the shuffled keys will deterministically decrypt the encrypted firmware binary to incorrect plaintext data and execute it, and because the device's memory contents are kept between hard reboots, it is possible to reliably reach a branching instruction to a payload in memory. This payload, due to its execution by a privileged processor and its early execution, is able to extract the hash of hardware secrets necessary to decrypt the device's encrypted keystore and set up a persistent exploit of the system.

Background

Information in this article (especially the keyshuffling vulnerability) is original, independent work unless cited otherwise. Note that the keyshuffling vulnerability detailed here is the same one documented publicly by much of this team including "stuckpixel" (also known as "dark_samus") on sites such as 3DBrew. Additionally, note that the persistence vulnerability detailed here is the same one documented publicly as "arm9loaderhax" by "plutoo", "derrek", and "smea" at the 2015 32c3 conference.

Popular 3ds Projects
Popular Nintendo Projects
Popular Games Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Vulnerabilities
Cryptography
Attack
Encrypted
Aes
Nintendo
3ds
Nintendo 3ds