Another way to access browser

Discussion in 'Switch - Hacking & Homebrew' started by WayneWayne10, Dec 2, 2017.

  1. WayneWayne10
    OP

    WayneWayne10 Newbie

    Newcomer
    4
    5
    Dec 1, 2017
    United States
    Not sure if this is already covered here but I remember people stating you could get to a web browser through a wifi sign in page but you can also get to the browser if you go through the new user setup and click on Facebook or Twitter. I just sent a link to Google through Facebook messages and used that to navigate. I was playing around with .TIFF file formats due to the PSP years ago utilizing executable code through .TIFF images and the first one I tried to load through FB messages gave me:
    Error code: 2168-0002

    This was also on firmware 4.0.1.
     
  2. blinkzane

    blinkzane Panic at your moms house

    Member
    785
    239
    Jul 24, 2012
    United States
    Florida
    Good start, don't think I've heard of that one. Something tells me I tenet exploit will happen eventually, just might be a long time
     
  3. UnsureSherlock

    UnsureSherlock Member

    Newcomer
    48
    82
    Aug 20, 2015
    United States
    Those Tiffs were used to exploit a specific bug in the tiff library of the PSP. The TIFF file has 0 x 0 dimensions, but the bug involved still allocated memory, loaded the image, and attempted to display the image. Upon attempting to display, a buffer overflow occurs and was used (on the PSP 2.0 firmware I believe) to achieve ACE.

    The reason the error is occurring isn't because it's almost working or anything like that, it's simply displaying an error code due to what the browser sees as an invalid image trying to be viewed. Even if by some magic, the TIFF actually did cause some kind of exploitable interaction (which it doesn't), the payload embedded in the TIFF file is for an entirely different architecture.

    Believe me, if it were as easy as just loading up 10+ year old TIFF exploits (which was antiquated even at that time), someone would have figured it out by now.
     
  4. Ptrk25

    Ptrk25 GBAtemp Advanced Fan

    Member
    508
    778
    Sep 6, 2015
    Germany
    ::1
    From Switchbrew:
     
  5. Joom

    Joom  ❤❤❤

    Member
    4,289
    2,947
    Jan 8, 2016
    United States
    It was actually for 6.x I believe. It probably existed in previous firmware, though, but I don't believe it was discovered until nearly the PSP's EoL. 2.x had devhook and the LCS exploit.
     
  6. WayneWayne10
    OP

    WayneWayne10 Newbie

    Newcomer
    4
    5
    Dec 1, 2017
    United States
    Yeah no worries. I'm not super savy with this stuff beyond jailbreaking following a tutorial. The only reason I posted this is because it forced me to restart my system when it happened. And mostly because getting to the browser this was was insanely easier. Cheers and thanks for the info on how the TIFF exploit worked.
     
  7. BlastedGuy9905

    BlastedGuy9905 Ace Bricker

    Member
    1,377
    878
    Apr 13, 2017
    United States
    Outside your windows ᕙ(◔ᗜ◔)ᕗ
    Interesting.

    — Posts automatically merged - Please don't double post! —

    This is how you make a thread. Research your stuff, people!
     
  8. Polopop123

    Polopop123 GBAtemp Regular

    Member
    178
    212
    Aug 21, 2017
    Ireland
    Haven’t tested this but it’s be pretty cool if someone did it
    1) Have Rocket League
    2) Go into the game and click on the window to the right of it where it had all the e sports etc
    3) You’ll be directed to a forum
    4) Go on you PC/ laptop etc and log into the forum and post on a status google.com
    5) Search for that status and click on the hyperlink
    The only way I don’t see this working is if you can’t click on hyperlinks posted by members but it’d be a worth as shot but it’s definitely not at all practical
     
    Last edited by Polopop123, Dec 6, 2017