User blog:P0six/p0sixpwn presents: ptctutz

Happy Summer!



After 3 weeks of work (and several failed attempts), we have finally put together a functional PTC exploit. Your probably thinking ''"why would we want a PTC exploit PTC gives you the ability to run your own custom code already?" ''Well, to be honest, there isn't really a reason. It's just pretty cool ☺. Since PTC runs in DSi mode, you can only run .nds files through this. And a special effort will be put to make sure no-one out there is trying to pirate games with this *cough*Smoked*cough* and that it will be strictly homebrew. It will be done by checking for Nintendo's code signature. If it's not there, the exploiting process will proceed. If it is there, prepare to get DS mode disabled...

So when is the ETA? I'm probably going to keep it private for now to find simalar bugs in PTC3D. Afterwards, I'm probably going to release some code on GitHub. It dosen't modify the binary like previous DSi exploits. It's simply just CrashPTC (which dosen't have anything to do with the exploit) with some extended/corrupted keys in the name -ex. Instead of the name being 'CRASHPTC' it would be '?????????.'

WIll this work on the 3DS? Yes, but to an extent. I have foun it to work only on SDMC cards formatted to FAT32. Reason: unknown.

Just so you guys know, CrashPTC isn't exploitable. It's nowhere even close to a buffer overflow. I'm now starting to think that it's not even a bug considering no logs are generated, unlike other DSiWare crashes including this buffer overflow. You can even see for yourself. Open /nand/private/ds/BINNAME/log/.

That pretty much concludes this blog post. That, and that after I release this, I will be posting tutorials on how YOU can do stuff like this in PTC using simalar bugs.

With love,

~bugre;)