Hacking CVE-2016-4657 walk-through and intro to browser exploitation

[GerbilSoft]

Can we all for the love of god just use ELF for once? Preferably PIE/PIC.

Wii homebrew used plain old ELF format, though non-PIE since PIE wouldn't have been very useful without an operating system. A good amount of Wii homebrew was also distributed in Nintendo's DOL format for various reasons. (Among other things, early versions of devkitPPC didn't set up the ELF headers properly for some reason.)

The reasoning for the 3DSX format was something with ensuring future compatibility with system updates. I don't think any system updates actually broke anything that would have caused problems with ELF format, though.

 

[InsaneNutter]

...I have no words.

Is this not an old webkit exploit been adapted to work on the Switch, as the Switch used a version of webkit vulnerable to this exploit?

If i'm not understanding that correctly i'd sooner you told me, rather than imply i'm incorrect and not bother to tell me why...

 

[Red1Reaper]

Kay, time to block system updates

 

[iAqua]

snip

 

[Thirty3Three]

Wii homebrew used plain old ELF format, though non-PIE since PIE wouldn't have been very useful without an operating system. A good amount of Wii homebrew was also distributed in Nintendo's DOL format for various reasons. (Among other things, early versions of devkitPPC didn't set up the ELF headers properly for some reason.)

The reasoning for the 3DSX format was something with ensuring future compatibility with system updates. I don't think any system updates actually broke anything that would have caused problems with ELF format, though.

.SWT, .SWC, .SWH, or .FUCK are my votes

 

[CrimsonMaple]

Is this not an old webkit exploit been adapted to work on the Switch, as the Switch used a version of webkit vulnerable to this exploit?

If i'm not understanding that correctly i'd sooner you told me, rather than imply i'm incorrect and not bother to tell me why...

Yeah its an old WebKit bug. It was used in some iOS malware, and then in the jbme jailbreak. WebKit is a fun target.

 

[Deleted User]

.SWT, .SWC, .SWH, or .FUCK are my votes

Or whatever extension the actual system apps use (once we have a system dump)

 

[Thirty3Three]

Or whatever extension the actual system apps use (once we have a system dump)

No we need a .fuck

 

[TheCyberQuake]

No we need a .fuck

As a person who avoids such words in most circumstances (which can usually be replaced with better language skills and smarter words) I vote against that thanks.

 

[Thirty3Three]

As a person who avoids such words in most circumstances (which can usually be replaced with better language skills and smarter words) I vote against that thanks.

Ohh oh! We've got a genius in here folks

 

[GerbilSoft]

No we need a .fuck

But then we wouldn't be able to give any of those homebrews.

 

[InsaneNutter]

Yeah its an old WebKit bug. It was used in some iOS malware, and then in the jbme jailbreak. WebKit is a fun target.

I thought so, cheers for confirming.

 

[Thirty3Three]

But then we wouldn't be able to give any of those homebrews.

We'd have an excuse. "But it's the file type". Plus I say fuck here all the time so posting won't be an issue haha!

Just picture a homebrew named "fuck". Wouldn't that be comical? "Fuck.fuck"?


Or he'll, "Ijustwantto.fuck". I'd play the fuck out of that fucking homebrew

 

[hitodesu]

I kinda think this is getting off topic here

 

[Deleted User]

I don't own a Switch (yet). Really really bad, the exploit was made public until an useful hack was developed...

The system doesn't auto update!

 

[eskinner3742]

Think it was released because there is more coming, has advanced further. already have seen 2 diff emulators load -- no gameplay, but they loaded.

Didn't hear about the emulators already loading. Even without the ability to run games I could have sworn it would take a while to even get just homebrew to boot up at all.

Now for the hard part. Resisting the probable update required to play the new releases after Nintendo pushes out the patches.

 

[osaka35]

I just want access to my saves

 

[yeddish]

If you went to the CVE page on that with the public DNS, did it do a successful run through?

I didn't try it.

 

[Thirty3Three]

My system just told me to update when I inserted my SD

 

[TheCyberQuake]

My system just told me to update when I inserted my SD

You inserted an SDXC card, which requires the day one 2.0 update to work.