If possible, could you shed some light on how the web end of the exploit works? I see that you load a static file from the webserver (LoadCode.Dat) and execute it, but I also see in the Javascript "b=q.indexOf('dmc:/');" where I'm assuming dmc is the external SD Card of the system.
However I am confused at these lines
What does this do? I was wondering because I would like to write a program that generates injectable QR Codes for entire SAV files (including exporting them directly to the server.) Does the dmc mean I can see the files on the SD Card? and if possible could I use this to run rsavout.bin, copy the data to my web server, make x changes, and copy it back to the SD card and run rsavin.bin? (Using X QR Codes.)