http://www.livejournal.com/community/nintendo_ds/48965.html
More WiFi hacking news
after a good nights sleep of about 4-6 hours, i have gone back to work intercepting pictochat MAC packets.
things ive been able to figure out:
1) over 500 packets per second are sent, but only in chat room "A"
2) chat rooms "B" "C" and "D" apparently send random information on other wireless channels besides channel 1
3) the size of the transmission is based on how many "lines" you enter into pictochat. IE: the text lines... draw in the first, itl only send the first. much like how it displays on the top screen.
4) sending 1 "line" of information is sent as 13 MAC packets. the first is a NinDS header contaning mac addresses and a message address. second packet is completely empty, im guessing this is used if there are more users in the chat room. (i only have the 2 DSs to test with)
5) all text and drawings in pictochat are sent as raw uncompressed bitmaps. the bitmaps are sent as 4 bits per pixel (one nibble), with the bits equaling "0x1" for black and "0x0" for white.
i have saved the raw binary data for 3 individual messages. a) me drawing an *almost* straight line, b) me typing in "hello", c) an almost completely filled block of black (i didnt want to go over the line, so the bottom still has some white spots in it)
here is the binary data.. however, i have slightly modified each of the binaries for clearity. i have padded each MAC packet with 24 bytes of "EFEFEFEF" to help seperate out each packet in hex workshop on my display.
now its about time to write a simple binary parser in C/C++. however, today *IS* turkey day, so i'm not too sure when im gonna get around to doing this.