Difference between revisions of "Nintendo Zone"
(Added exploits section. DS Station has stack smash bugs, unknown if Nintendo Zone has these bugs.) |
|||
| Line 14: | Line 14: | ||
DS Station's web browser uses NetFront 3.3. This browser version has stack smash bugs in basically all functions handling tag fields with variable values.(URLs, etc.) | DS Station's web browser uses NetFront 3.3. This browser version has stack smash bugs in basically all functions handling tag fields with variable values.(URLs, etc.) | ||
| − | It is currently unknown if Nintendo Zone uses a newer NetFront version with these bugs fixed. A Nintendo Zone exploit couldn't be easily used by everyone, as Linux and a compatible hostapd wireless NIC is required. | + | It is currently unknown if Nintendo Zone uses a newer NetFront version with these bugs fixed. A Nintendo Zone exploit couldn't be easily used by everyone, as Linux and a compatible hostapd wireless NIC is required. An SSID, and the WEP key generated from the SSID, from a real Nintendo Zone/DS Station AP is required. |
At real Nintendo Zone APs, a laptop running Linux with a wireless NIC supporting monitor mode would be needed. | At real Nintendo Zone APs, a laptop running Linux with a wireless NIC supporting monitor mode would be needed. | ||
| − | This exploit would be meant more for reverse engineers. | + | This exploit would be meant more for reverse engineers. A DS Station exploit has been written by Yellows8. This DS Station exploit can't be adapted to Nintendo Zone until an Nintendo Zone AP capture and Nintendo Zone binary are obtained. |
== Technical information == | == Technical information == | ||
More technical information is available [http://code.google.com/p/wmb-asm/wiki/NintendoSpot here.] | More technical information is available [http://code.google.com/p/wmb-asm/wiki/NintendoSpot here.] | ||
Revision as of 21:02, 6 March 2010
Nintendo Zone is the successor of DS Download Station, the latest revision in the Nintendo Spot series. The predecessor of Nintendo Zone in this series is DS Station, and the first revision in this series is Nintendo Spot. Although Nintendo Zone is the latest revision in the series, most game stores still use DS Station. This series downloads DS demos from an Internet server, rather than from a local DS host. Nintendo Zone locations have additional company-specific content. Companies can use this for information about the store/location, coupons with McDonalds, mini-games, etc.
Client usage
Unlike DS Station, the Nintendo Zone client is rigged to only connect to an AP with a certain Broadcom tag. In other words, the client is rigged to only work with a certain router. When the AP has the correct SSID, WEP key, and Broadcom tag, the client attempts to connect to the AP.(WEP key is generated from the SSID, Nintendo software can automatically connect to these APs without any configuration.) When the DSi is in range of a Nintendo Zone AP, sysmenu will display a message that you're in range of a Nintendo Zone AP. The hidden DSi Nintendo Zone client will then appear in the menu. The client is basically a NetFront browser rigged to only work with certain APs, and with the capability of booting RSA-1024 signed NDS software. The client seems to only support Nintendo's custom NTFA file format for graphics.
Versions
Version 3.0 of DSi Nintendo Zone client was released with the February 9, 2010 update. The Japanese client was updated to v3.0 on January 8, 2010. It is unknown what has changed.
Exploits
DS Station's web browser uses NetFront 3.3. This browser version has stack smash bugs in basically all functions handling tag fields with variable values.(URLs, etc.) It is currently unknown if Nintendo Zone uses a newer NetFront version with these bugs fixed. A Nintendo Zone exploit couldn't be easily used by everyone, as Linux and a compatible hostapd wireless NIC is required. An SSID, and the WEP key generated from the SSID, from a real Nintendo Zone/DS Station AP is required. At real Nintendo Zone APs, a laptop running Linux with a wireless NIC supporting monitor mode would be needed. This exploit would be meant more for reverse engineers. A DS Station exploit has been written by Yellows8. This DS Station exploit can't be adapted to Nintendo Zone until an Nintendo Zone AP capture and Nintendo Zone binary are obtained.
Technical information
More technical information is available here.