Edit Infobox 3DS Homebrews: Spider3DSTools 3DS

You do not have permission to edit this page, for the following reason:

The action you have requested is limited to users in one of the groups: Users, Administrators.

Title:
Image:	Upload file
Description:
Author(s):
Last Updated:
Contributor(s):
Ported by:
Type:
Version:
License:
Language(s):
Format:
Download:
Download Raw:
Website:
Source:
Discussion:
Donation:

Free text:

{{Obsolete}} This is a collection of scripts and tools used for loading code on 9.x 3DS. See [http://yifan.lu/category/devices/3ds/ here] to see how all this works. Please note this is only for developers and 3DS researchers and there is nothing here for the end user. This is not a CFW or any kind of ROM loader. ==Building== You need an arm-none-eabi-gcc toolchain installed. Then just run "make". The toolchain that is tested with is [http://www.yagarto.de/ YAGARTO]. '''LoadCode:''' * This is an Spider ROP script that loads "code.bin" as ARM11 userland code from the SD card and runs it. * It exploits the [http://smealum.net/?p=517 gspwn] vulnerability to load the code. '''LoadROP:''' * This is an deobfuscated and cleaned up version of GW's first stage Launcher.dat loader with two changes. * 1) No decryption is done, and 2) no indexing is done. This means you place the raw ROP.dat on the sdcard. * It is tested to work with [http://github.com/smealum/regionthree regionthree]. '''MemoryDump:''' * Taken from [https://github.com/WinterMute/ROPInstaller WinterMute] ROP scripts for mset on 4.x and 6.x. * Dumps memory to sdcard with 9.x spider. '''Code (UVLoader Lite):''' * A stripped down version of [http://github.com/yifanlu/UVLoader UVLoader] that generates ARM code that runs with LoadCode. * Currently it does nothing except display a random pattern on screen. Think of it as a lazy hello world. It is a starting point for your code. '''Browserify:''' * Compile with "gcc -o browserify browserify.c" on your computer. * Then convert any spider ROP payload to JS string with "browserify LoadCode.dat" (as an example). '''On spider ROP payloads: ''' * There are specific data at specific offsets that spider must see for the ROP to work. * If you look in any of the example linker script, you'll see where the data is placed. * Additionaly, you must make sure the ROP script is exactly 0x300 bytes long. ==Media== '''[3DS] Spider3DSTools Windows Installation & Usage Guide''' ([https://www.youtube.com/watch?v=ohThYRWhltQ BullyWiiPlaza]) <br> <youtube>ohThYRWhltQ</youtube> ==Credits== * smea for ROP gadgets used in LoadCode. * WinterMute for ROP boilerplate code and inspiration for MemoryDump. ==External links== * Author's website - https://yifan.lu/projects * GitHub - https://github.com/yifanlu/Spider3DSTools

Summary:

Cancel