Nintendo Wi-Fi Connection spoofing: Difference between revisions
Jump to navigation
Jump to search
Content added Content deleted
>Ryccardo (updated for nds-constrain't and other details) |
>Sherkel mNo edit summary |
||
Line 10: | Line 10: | ||
==nds-constrain't Exploit== |
==nds-constrain't Exploit== |
||
Due to the use of encryption (chiefly, SSL v3), connecting to custom servers (except for the GTS, as described above) theoretically requires modifying the games to disable encryption and identity verification, as commonly done on the DS via cheat codes or ROM patching (often amounting to replacing https addressess with http ones) |
Due to the use of encryption (chiefly, SSL v3), connecting to custom servers (except for the GTS, as described above) theoretically requires modifying the games to disable encryption and identity verification, as commonly done on the DS via cheat codes or ROM patching (often amounting to replacing https addressess with http ones). This changed dramatically in November 2018 when [https://github.com/KaeruTeam/nds-constraint it was discovered] that all versions of the official WFC libraries (statically linked in every WFC game) will engage in encrypted communications with any server as long as the server's certificate is signed by a Nintendo certificate, even if the latter does not have permission to sign certificates. (Every Wii and newer Nintendo console includes at least one certificate as well as its matching private key, used for example to sign in to the online shop.) |
||
⚫ | |||
this changed dramatically in November 2018, when [https://github.com/KaeruTeam/nds-constraint it was discovered] that all versions of the official WFC libraries (statically linked in every WFC game) will engage in encrypted communications with any server as long as the server's certificate is signed by a Nintendo certificate, even if the latter does not have permission to sign certificates! (Every Wii and newer Nintendo console includes at least one certificate as well as its matching private key, used for example for signing in to the online shop) |
|||
⚫ | While this oversight doesn't apply to Wii software, patching them to enable the use of an alternative server is generally |
||
[[Category:Non-glitch exploits]] |
[[Category:Non-glitch exploits]] |