Funny how 400 people liked a text that's written like someone in a kindergarten singing a song about motivation or something like this. There is an episode of Hello Internet where they talk about this kind of posts. I think it was #109 Twitter war room
He seemed SO nervous at first, and then talked a mile a minute after that. Seemed like he got semi-comfortable when talking shop, but any time he slowed down a little it's like he got nervous all over again and sped back up.
They are schedued for a specific time slot at DEF CON, which I think are about 45 minutes long. The only ones that get to 1h + of time are the panels with multiple people. That is probably why he is rushing through.
Man i have the same problem, when i have to speak publicly even with people I know, i get all choked up, idk what it is or how to speak without having that problem of nervousness
@@brunocar02 I don't see how. Of course Nintendo had a "mole" there. If a company is big in the software or hardware industry, chances are that they will send an employee to defcon or have an employee that will go of their own accord. And my comment wasn't even about Nintendo - it was about defcon being a polished corporate turd.
Nintendo *watches this* Nintendo *makes the next update make it impossible to use any ram at all* Smea *makes a new exploit* Nintendo *reports smea to the govement saying he is using copyrighted content*
You had some sound glitches in it other than that great, kinda fun because at the time i didn't understood shit on how it worked or how they were doing it and now i'm quite happy to be there
I hope you do good because work isnt necessary for jobs on the nintendo software i guess we havent found the settings on the systems. Thank you for allowing people to review your build and thank you for the jailbreaking.
I probably have misunderstood something, but regarding the null pointer dereferences in the kernel (due to the SLAB allocator running out of memory), if I understand this correctly, the null page is mapped by the ro-specific syscall in the virtual address space of the hijacked process. When the SLAB allocator runs out, and the alloc result is not checked, leading to a null pointer dereference, that dereference is going to happen in the kernel's virtual address space, right? Or does the kernel (during a syscall) use the caller process's address space?
3DS abandoned by nintendo already, the hacking is for preservation for the genuine experience. See how there's everdrives, R4s and stuff, because Nintendo just doesn't have in their " " roadman " " to keep their older online shops on foot, or their devices untampered. A lot of games' history has been lost already because of the pursuit
There is argument to be made right now that thanks for the hacking scene of Wii just about full library of all that was available as WiiWare titles are still available. Some early 3DS games were physical only as eShop release was optional (and probably cost it's own set of costs in publishing) like Kingdom Hearts Dream Drop Distance which may become rare later on, I really do not know how many games are in that status.
What are you talking about, the last update does nothing other than implement the new ticket requirements and the update before that changed text to reflect GDPR
@Johnny Woods it also patches all of smea's hacks that he reported. look at the updated modules. all of them are talked about in this talk. in addition, the Nintendo bug bounty page shows the same number of exploits reported before the talk from smea hackerone.com/nintendo/hacktivity?sort_type=latest_disclosable_activity_at&filter=type%3Aall%20to%3Anintendo&page=1
In the end, it really doesnt matter. I wasnt aware that he had told them but we have multiple userland exploits and at least one bootrom exploit so the point is moot
How did the 3ds work with other nintendo systems i know im new to hacking so i read a couple of books on networking not so good with wifi. I thank the comments. And further my life with software i guess im not the only one to guess who this piece is for.
This topic interests me greatly, but the audio problems drove me to stop watching about halfway through. It's really, really bad. Was it really like this to the live audience as well?
As a front-end web dev a lot of this went way over my head :D - "overwrite a function pointer [...] invokes linked list right after freeing the kernel object to make an indirect call to the vtable" phew...
it's actually easier than it sounds: first, you put the vtable in a glass and mash it with a stick blender; then you pour the mashed vtable in a flat pan, glaze it with function pointer sauce and sprinkle generously with linked lists.. finally, you let it rest in the fridge for - ok, I didn't understand some concepts I guess
Perfectly good talk ruined by shit audio, unfortunately for me I'm not intelligent enough for defcon but I love watching the talks... But this audio is horrible, you have done the speaker a great injustice
not a question of intelligence but more of a knowledge. Just the fact that you enjoyed this talk prove you have the inteligence required to aquire the knowledge, if you ever want it and invest time :)
@@pierrebe4492 I appreciate the reply, I guess my limiting factor in learning is time and self patience with anything of the sort... I have a good grasp and I love a lot of the defcon talks, and the knowledge of these people.
Jan Feeder II Many 3DS and CFW need control of the ARM9 first to do something. I think the most recently Seedminer method used ARM9 to install B9S. This is why these exploits require compatible DSiWare games to run, NDS and DSi games uses ARM9.
Thats really interesting. I still got legacy 4.5 sysnand 3ds and 11.3 emunand. Sadly gateway stopped releasing updates. Kinda pain in the ass. I saw some people made that last patch compactible with up to date patch, but also heard some people complaining about bricking.
Aren't most drivers of Windows running in user Mode these days? MS has developed towards a micro-kernel for a long time now. If I recall correctly, the Linux kernel is more monolithic than the Windows Kernel today.
What did this hacker even do i couldnt understand what the hack was really about. Please hack back and talk to my comment. Thank you my students. Practise.
How could they I don't think you can because their just gain full access for something they paid for also they arnt doing this for free games they are doing it for fun or to see if they can it others who take the full access and use it for free games and stuff
@@cookiemonster-ky9ru => Nintendo literally sued a teenager because he used a picture of Pikachu to advertise a local amateur pokemon event in his town, yet this guy is hacking a Nintendo device resulting in people being able to play any games for free and he's not sued.... ok...
@@bonbon_ann2701 but they arnt pirating the games anyway my main point is they don't really have anything to sue these guys with because they arnt actually doing anything bad. Yes it pisses off nintendo he even say that in the video but they arnt actually using copyrighted content in this video so nintendo can sue them for what the teenager did
@@bonbon_ann2701 side note I tried searching up something on the teen who got sued and can't find anything do you have a link or something (it's not that I don't believe you it's more that I'm intrigued by this I'm curious as to why they did it)
@@cookiemonster-ky9ru => yeah, it was in 2015, two teens actually. You can read a gamespot article here => www.gamespot.com/articles/pokemon-company-sues-over-fan-event/1100-6430137/ . I understand but I'm still a bit surprised because Nintendo used to sue people over the most trivial things.
Programming alone doesn't help you here. You need at least some basic knowledge of computer structure to understand stuff. If you want to get into it learn any kind of assembly like ARM or RISCV. 'ts enough to follow basically everything shown here :)
@@MariomasterNSMBHD That is where it gets interesting. Often assembly is implemented through microcode. As a result, some people actually argue x86, for example, is a high level language. Of course, in the case of x86 there are more factors that come into these assertions but that is a bit out of scope for this comment. Now, nobody outside of CPU manufacturers has the necessary pieces to write and use microcode but we can still observe the results of it indirectly. As an example, non-trivial opcodes can take variable execution time. This means we can expose the microcode to a sidechannel attack. I'm going to cut off here as this is starting to become tl;dr I imagine, but there are certainly many layers below assembly these days :). As always the lower you go the more interesting it gets and as a corollary voodoo blackmagic rapidly increases as you get lower level :D
this makes way more complacaded than it should be. i homebrewed and put cfw on my new nintendo 3ds xl in less than 30 minutes. jack sorell gives great guides on youtube on how to homebrew your nintendo 3ds and nintendo switch 2019. i strongly reccommend Jack Sorrell.
Seems like you're lost. This is the guy who ACTUALLY researched and found some exploits to make homebrew on the 3DS possible. No part of this video tells you how to install CFW.
Someone needs to do a defcon talk on how to fix all the AV issues that defcon talks have.
superscatboy god I know right hahaha
that was probably someone using a hacked badge to mess with the stream
hundreds if not thousands of IT people there... Yet no AV guy xD
Wha... re... you talki... out? ...eemed fine t... me.
is tradition!!
STOP 👏LETTING 👏PEOPLE👏HACK👏YA 👏DAMN 👏MICROPHONES
lmfao
wow I got four hundo big thumbs
did you see this on the news
Funny how 400 people liked a text that's written like someone in a kindergarten singing a song about motivation or something like this.
There is an episode of Hello Internet where they talk about this kind of posts. I think it was #109 Twitter war room
@@sporqist It's a meme
@@DeoMachina @Marius Meyer
r/woooosh :/
This dude is a legend. I would actually pay to get my 3DS autographed by him.
same!
You do know you can jailbreak it yourself and this work was done by multiple people
@Ice Surfer I've hacked my 3ds twice before. You can find out how to hack it at 3ds.hacks.guide
Ice Surfer Literally shows his Twitter handle at the end of the presentation.
@@geogeo3644 the point is that smea made it possible
He seemed SO nervous at first, and then talked a mile a minute after that. Seemed like he got semi-comfortable when talking shop, but any time he slowed down a little it's like he got nervous all over again and sped back up.
Technical talks are incredibly difficult to deliver without a lot of practice
They are schedued for a specific time slot at DEF CON, which I think are about 45 minutes long. The only ones that get to 1h + of time are the panels with multiple people. That is probably why he is rushing through.
Insufficient lubrication. Still watching the stream - Is this is first? Wondering if/when the shot crew is going to show up on stage.
Man i have the same problem, when i have to speak publicly even with people I know, i get all choked up, idk what it is or how to speak without having that problem of nervousness
Dollar signs flash right in front of you I cause you to get the hibby jibs and make you keep talking like nothing happen booo
Next talk at Deafcon™
How to protect your equipment from EMP attacks 😘
They know how to jailbreak anything but cant run their studio video/audio equipment properly.....
Priorities. 👌
Someone is haking their equipment
a/v might be analog, so it's not their field ;)
they actually just run all the software on jailbroken Wiimotes
Elmias I’m sure they could learn about it and fix it, they are amazing individuals
How refreshing. No 'whoami' or 'whois' slide. No disclaimer, no posturing. Is this old defcon?
It's what happens when people that hack for fun and don't work for a security firm get accepted for talks. SO NICE.
that is only because the 3ds system isn't nix*
Miss old defcon so much
this comment aged terribly knowing that nintendo had a fucking mole in this conference lmao
@@brunocar02 I don't see how. Of course Nintendo had a "mole" there. If a company is big in the software or hardware industry, chances are that they will send an employee to defcon or have an employee that will go of their own accord. And my comment wasn't even about Nintendo - it was about defcon being a polished corporate turd.
No clue what half of the stuff he said meant yet, but this was for sure an experience.
how is it so difficult for a hacker conference to have proper AV gear?
WOW ! it's you ! i havn't seen your comments for ages !
everyone is trying to hack it.
*sigh* churches have better av
Someone give this man a glass of water, hes struggling to swollow
You, sir, have saved me from a summer of boredom. Thank you.
Nintendo *watches this*
Nintendo *makes the next update make it impossible to use any ram at all*
Smea *makes a new exploit*
Nintendo *reports smea to the govement saying he is using copyrighted content*
this isnt too far from reality, as it turns out
Haha, this is great!
I opened my old 3Ds looking for something interesting yesterday, and then I find this the next day!
So many of these great talks are made nearly unwatchable by the broken camera/mic! Come on!
I remember reading how sophisticated the PICA 200 GPU was when it came out; it even supported functions the Tegra couldn't.
When it comes to custom theme managers on the 3ds there haven't always been that many choices
I can only think of three off the top of my head
Why would you need more than one? It's a theme manager, not that completex thing to have.
Very interesting, kudos to Smealum. Too bad the audio and video are messed up. What happened?
Sadly unwatchable esp in the latter two thirds of the video. Not only that the audio breaks horribly but the video blacks out too...
I love my DEAFcon talks.
I've been so excited for this talk
How did he manage to obtain the binaries to reverse and reconstruct the RO module and understand the CRO file format?
probably a rom dump, for every software problem there's a hardware solution
Thom Hughes what the fuck is that
@@Gladlion he's talking about the the raw executable code, in binary form, to feed into a hex editor, disassembler, etc.
You had some sound glitches in it
other than that great, kinda fun because at the time i didn't understood shit on how it worked or how they were doing it and now i'm quite happy to be there
I hope you do good because work isnt necessary for jobs on the nintendo software i guess we havent found the settings on the systems.
Thank you for allowing people to review your build and thank you for the jailbreaking.
the mic is a corruption target
God i remember when ntrboothax came out, it was a glorious day for 3ds shackers around the globe
Really interested in viewing this. Seemed fairly well presented.
But the audio is just too bad for me. Please fix this for next DefCon...
DeafCon, amirite?
@@SianaGearz HAHAHAHAHA
12:40 THIS IS WHAT ANNEX K IS FOR
Basically every exploit is trivial to this guy
FIX THE AUDIO PLEASE
this guy is a legend and the shoddy AV equipment ruins his talk.
Oh my god fix your equipment. I was really enjoying this talk but it starts to become unbearable halfway through
I probably have misunderstood something, but regarding the null pointer dereferences in the kernel (due to the SLAB allocator running out of memory), if I understand this correctly, the null page is mapped by the ro-specific syscall in the virtual address space of the hijacked process. When the SLAB allocator runs out, and the alloc result is not checked, leading to a null pointer dereference, that dereference is going to happen in the kernel's virtual address space, right? Or does the kernel (during a syscall) use the caller process's address space?
kernal
This is really really interesting!
3DS abandoned by nintendo already, the hacking is for preservation for the genuine experience. See how there's everdrives, R4s and stuff, because Nintendo just doesn't have in their " " roadman " " to keep their older online shops on foot, or their devices untampered.
A lot of games' history has been lost already because of the pursuit
There is argument to be made right now that thanks for the hacking scene of Wii just about full library of all that was available as WiiWare titles are still available.
Some early 3DS games were physical only as eShop release was optional (and probably cost it's own set of costs in publishing) like Kingdom Hearts Dream Drop Distance which may become rare later on, I really do not know how many games are in that status.
This guy is smart enough to work at NASA and he's hacking a kid's toy lulz
Sadly those were not even 0days because they were reported to nintendo by him and nintendo had a firmware update out before the talk.
What are you talking about, the last update does nothing other than implement the new ticket requirements and the update before that changed text to reflect GDPR
@Johnny Woods it also patches all of smea's hacks that he reported. look at the updated modules. all of them are talked about in this talk. in addition, the Nintendo bug bounty page shows the same number of exploits reported before the talk from smea
hackerone.com/nintendo/hacktivity?sort_type=latest_disclosable_activity_at&filter=type%3Aall%20to%3Anintendo&page=1
In the end, it really doesnt matter. I wasnt aware that he had told them but we have multiple userland exploits and at least one bootrom exploit so the point is moot
smea got the community's blessing to report ahead of disclosure, in order to pay off his mortgage.
To clarify. Not saying he did anything wrong by disclosing them. Its his right to do so. Just advertising them as 0days is wrong :)
How did the 3ds work with other nintendo systems i know im new to hacking so i read a couple of books on networking not so good with wifi.
I thank the comments. And further my life with software i guess im not the only one to guess who this piece is for.
nintendo fuzzing the audio oof
1:05 I remembered it has 8MiB VRAM in the newer version.
This topic interests me greatly, but the audio problems drove me to stop watching about halfway through. It's really, really bad. Was it really like this to the live audience as well?
As a front-end web dev a lot of this went way over my head :D - "overwrite a function pointer [...] invokes linked list right after freeing the kernel object to make an indirect call to the vtable" phew...
it's actually easier than it sounds: first, you put the vtable in a glass and mash it with a stick blender; then you pour the mashed vtable in a flat pan, glaze it with function pointer sauce and sprinkle generously with linked lists.. finally, you let it rest in the fridge for - ok, I didn't understand some concepts I guess
really interested, but that audio is a huge turn-off
Defcon: we can hack things, but we can't be fucked to learn how to fix audio issues
Oh my god is that smea, the man himself?
pretty sure the new 3DS has 10 MB of VRAM
That’s smea?
Watching this on my hacked 3DS.
Wow naughty GPU! Now get back to rendering my Luigi’s Mansion game.
Perfectly good talk ruined by shit audio, unfortunately for me I'm not intelligent enough for defcon but I love watching the talks... But this audio is horrible, you have done the speaker a great injustice
not a question of intelligence but more of a knowledge. Just the fact that you enjoyed this talk prove you have the inteligence required to aquire the knowledge, if you ever want it and invest time :)
@@pierrebe4492 I appreciate the reply, I guess my limiting factor in learning is time and self patience with anything of the sort... I have a good grasp and I love a lot of the defcon talks, and the knowledge of these people.
smelum is cool. I've talked to him on reddit and i followed his work for a while
Wait, the audience had a laugh. Why is everyone laughing? Oh gosh, I feel dumb again.
And i fkin though that ARM 9 was there just for backwards compactibility of DS games. I see now why gateway needed to exploid ds mode.
Jan Feeder II Many 3DS and CFW need control of the ARM9 first to do something. I think the most recently Seedminer method used ARM9 to install B9S. This is why these exploits require compatible DSiWare games to run, NDS and DSi games uses ARM9.
Thats really interesting. I still got legacy 4.5 sysnand 3ds and 11.3 emunand. Sadly gateway stopped releasing updates. Kinda pain in the ass. I saw some people made that last patch compactible with up to date patch, but also heard some people complaining about bricking.
Why the fuck are you still using gateway? Just update to b9s
I stopped watching when the A/V issues got really bad. just before 30 minutes, issues became more common.
Could not watch more than half. Audio pops and drops...
Aren't most drivers of Windows running in user Mode these days? MS has developed towards a micro-kernel for a long time now. If I recall correctly, the Linux kernel is more monolithic than the Windows Kernel today.
Haxxors accessed the Super Mario Bros server.
Audio is bugged.
Really? I didn't hear anything weird. Care to timestamp when the audio bugs out?
good talk next time do it without tweeking out
damn what happen to this video some needs to work on it badly
Did they hire Nintendo to record this shit?
did Nintendo hack the AV to stop you talking
talk is much better at .75 speed
Sure, he just sounds a little drunk, its fine...
2x for me. Bonus hack: Get 2.75x speed with document.getElementsByTagName("video")[0].playbackRate=2.75
Can hack a 3ds, can't use a microphone
23:45 fking physical memory well I guess that's what your doing
Messed up audio, but good content
So... we have phones out now that are 32x as powerful as the "New 3DS"... They must REALLY be aiming to sell these to 6 year olds.
Still not better games for the phone than 3ds have
@@retroke6560 Really... Final Fantasy, Crusaders of Light, Runescape, Fortnite, PUBG, the list goes on.... versus what? lol
You need to remeber this is 7 year old device and mobile hardware advance (or rether catch up) a lot quicker then full power hardware
Maybe if you're lucky your mom will buy you one for Christmas
@@ioaoioaoi buuuuurn unit for one? yes please.
I'm 30 but I'll ask my mom if she'll buy me one. Nothing more nostalgic than ancient hardware.
Why don't you hack metatrader 4 or the Forex market
i wonder , what laptop is he using
some sort of Razer laptop
If only I could get claps everytime I crash Windows in a presentation...
hackers often don't run windows for various obvious reasons...
Would be funny in future Defcon meetings.. people from said companies saying from the crowd...
WRONG.. NUP..NO.. UHAH.
Right to the system, arm9 acts as server side for arm11
this bloke sounds like he's off his chops on ice, great talk though
Can someone upload this video with AAC audio at a fucking CONSTANT FUCKING BITRATE (384 kbps). PLEASE. FUCK.
neat
20:55
Couldent get past the choking
What did this hacker even do i couldnt understand what the hack was really about.
Please hack back and talk to my comment.
Thank you my students.
Practise.
increible!
Can somebody tell me why nintendo don't sue these guys ?
How could they I don't think you can because their just gain full access for something they paid for also they arnt doing this for free games they are doing it for fun or to see if they can it others who take the full access and use it for free games and stuff
@@cookiemonster-ky9ru => Nintendo literally sued a teenager because he used a picture of Pikachu to advertise a local amateur pokemon event in his town, yet this guy is hacking a Nintendo device resulting in people being able to play any games for free and he's not sued.... ok...
@@bonbon_ann2701 but they arnt pirating the games anyway my main point is they don't really have anything to sue these guys with because they arnt actually doing anything bad. Yes it pisses off nintendo he even say that in the video but they arnt actually using copyrighted content in this video so nintendo can sue them for what the teenager did
@@bonbon_ann2701 side note I tried searching up something on the teen who got sued and can't find anything do you have a link or something (it's not that I don't believe you it's more that I'm intrigued by this I'm curious as to why they did it)
@@cookiemonster-ky9ru => yeah, it was in 2015, two teens actually. You can read a gamespot article here => www.gamespot.com/articles/pokemon-company-sues-over-fan-event/1100-6430137/ . I understand but I'm still a bit surprised because Nintendo used to sue people over the most trivial things.
A phone would've been better, come on
dat mic crust
I watched the whole thing but couldn't understand shit, am i a bad programmer or this is too high level?
Programming alone doesn't help you here. You need at least some basic knowledge of computer structure to understand stuff. If you want to get into it learn any kind of assembly like ARM or RISCV. 'ts enough to follow basically everything shown here :)
I guess you could say it’s too low level
___ ___ You can't get much lower than assembly though :P
RicBent sadly it wasn’t “high level” enough for him to understand
@@MariomasterNSMBHD That is where it gets interesting. Often assembly is implemented through microcode. As a result, some people actually argue x86, for example, is a high level language. Of course, in the case of x86 there are more factors that come into these assertions but that is a bit out of scope for this comment. Now, nobody outside of CPU manufacturers has the necessary pieces to write and use microcode but we can still observe the results of it indirectly. As an example, non-trivial opcodes can take variable execution time. This means we can expose the microcode to a sidechannel attack. I'm going to cut off here as this is starting to become tl;dr I imagine, but there are certainly many layers below assembly these days :). As always the lower you go the more interesting it gets and as a corollary voodoo blackmagic rapidly increases as you get lower level :D
Fantastic talk, but shitty audio.
I love you
One thing that i notice with all these hacker talks is that the speaker is always looking very insecure/anxious lol
Even screen hacking xD
Or just use Browserhaxx.
This is basically how browserhaxx is developed
How can a DEF CON has such shitty equipment? Barely unwatchable.
this makes way more complacaded than it should be. i homebrewed and put cfw on my new nintendo 3ds xl in less than 30 minutes. jack sorell gives great guides on youtube on how to homebrew your nintendo 3ds and nintendo switch 2019. i strongly reccommend Jack Sorrell.
Seems like you're lost. This is the guy who ACTUALLY researched and found some exploits to make homebrew on the 3DS possible. No part of this video tells you how to install CFW.
or get an r4
ez
Was there really no one else that could talk about this, he's so very uncomfortable on the stage that it's actually difficult to watch.
Uh
Based white boy
bad quality.
why is he so nervous :P
How many times does he say "Uh"?
Atleast 200 times fuck me even after he's done he's like "uh i wanna uh give uhhhh special thanks to uhhh Robert for uhhh" like fucking rehearse.
Unwatchable
Just slow down take a breath and continue.
I can't watch this so boring :(
Then don't watch I'm finding interesting so I'm watching it