Lecture: It's not safe on the streets... especially for your 3DS!
Exploring a new attack surface on the 3DS
The 3DS is reaching end of life but has not revealed all its weaknesses yet. This talk will go through the process of reverse engineering an undocumented communication protocol and show how assessing hard-to-reach features yields dangerous results, including remote code execution exploits!
Embedded Devices are all around us, talking to each other in ways we often don't even realize. In this talk, we discuss how one such communication mechanism in the 3DS remained unexplored for over seven years as well as the vulnerabilities that were lying dormant as a result.
We will explore specific features of the 3DS and talk about their low-level implementation details and about why they were not tested before. Besides, we will walk through the (lengthy) dev process involved in putting together this exploit, and the significant risks involved in devices (even game consoles) having this kind of vulnerability.
Finally, we will demonstrate the attack in action.
Since the talk will be a bit technical some basic knowledge about network protocols and software exploitation techniques is recommended, but it is aimed to be enjoyable for non-technical audiences as well.
One might also take a look at previous talks (32c3 and 33c3) about the 3ds for more in-depth background knowledge.
- 3DBrew Wiki
- 32c3 - Breaking the 3ds security system by smea, plutto and derrek
- 33c3 - Nintendo Hacking 2016 - Game Over by naehrwert, derrek and nedwill