Hacking New Arbitrary R/W WebKit Writeup

NSStack

NSStack

Member
OP
Newcomer
Level 1
Joined
Apr 24, 2017
Messages
12
Trophies
0
XP
81
Country
United States
  • Like
Reactions: iVcU, supermario18, Selver and 1 other person
Y

yahoo

G͝B͢A͜t͞em҉p̡ R̨e͢g̷ul̨aŗ
Member
Level 4
Joined
Aug 4, 2014
Messages
345
Trophies
0
XP
522
Country
United States
NSStack said:
https://phoenhex.re/2017-05-04/pwn2own17-cachedcall-uaf

This vulnerability was present in WebKit version 602.4.8 (according to https://en.wikipedia.org/wiki/Safari_version_history) and the Nintendo Switch is on WebKit Version 601.6 (according to http://switchbrew.org/index.php?title=Internet_Browser).

NO this is NOT enough to reach Switch homebrew, but a good read nonetheless if you're interested in security research.
Click to expand...
Nintendo cherry picks security fixes, so even though the version of webkit on the switch may be old, they have included fixes from more recent versions as well. You will have to try it to see if the switch is actually vulnerable to this.
 
  • Like
Reactions: RednaxelaNnamtra

Site & Scene News

Go to forum More news

Popular threads in this forum

Homebrew Tutorial  Building Pagascape from source to running Self Hosted mode on Windows and MSYS

Hacking Misc  Getting the MIG Switch to load an XCI dump without its original Initial Data

mig switch not working/updating??

Hacking Homebrew Tutorial  Portable PegaScape (Win32)

Fusee.bin with the new Pre-release of Atmoshere 1.7.0

DBI language error

Homebrew Tutorial  Setup a DevKitPro environment on Windows.

Homebrew  I accidentally updated to fw 18.0 on my switch in cfw and now I am getting an error that says unknown pkg1 version. please help me find a solution

General chit-chat
Help Users
  • Mondooooo @ Mondooooo:
    hi @Xdqwerty
     +1
  • S @ salazarcosplay:
    @Xdqwerty hello
     +1
  • Mondooooo @ Mondooooo:
    why we saying hello again for?
  • Xdqwerty @ Xdqwerty:
    @Mondooooo, cuz you both werent here
     +1
  • Mondooooo @ Mondooooo:
    oh btw, did you know that the teenage mutant ninja turtles is having an r rated live action movie?
  • S @ salazarcosplay:
    I did not know that
  • S @ salazarcosplay:
    but it would make sense
  • Mondooooo @ Mondooooo:
    just look it up
  • S @ salazarcosplay:
    from the perspective that the original audience that saw it as kids are now grown adults
  • Xdqwerty @ Xdqwerty:
    I heard the original comic books were as dark as that
  • Mondooooo @ Mondooooo:
    it's called the last ronin
  • Mondooooo @ Mondooooo:
    while that was a kid-friendly endeavor, this new take will adapt the story Teenage Mutant Ninja Turtles: The Last Ronin. The outlet notes that this new iteration is being written by “Tyler Burton Smith, who co-wrote the upcoming R-rated action movie Boy Kills World and who wrote the 2019 iteration of Chucky horror franchise Child’s Play.”
  • Mondooooo @ Mondooooo:
    The film, titled ‘The Last Ronin,’ will be targeted at adults and promises a high-body count tale
  • Xdqwerty @ Xdqwerty:
    I grew up with the 2012 show
  • Mondooooo @ Mondooooo:
    so yeah, they're will be lots of kills
  • S @ salazarcosplay:
    so kinda like how they went r rated in the Loan movie for wolverine
  • Mondooooo @ Mondooooo:
    and remember that time when someone had the idea to make scooby doo r rated?
  • Mondooooo @ Mondooooo:
    where shaggy is a stoner and a pothead?
  • Mondooooo @ Mondooooo:
    that's a true story
  • Xdqwerty @ Xdqwerty:
    @Mondooooo, the first scooby doo live action film?
  • Mondooooo @ Mondooooo:
    it's cancelled and not in the works anymore
  • S @ salazarcosplay:
    they kinda implied it, and joked about it in the cartoon attorney harvey birdman
  • Mondooooo @ Mondooooo:
    im gonna binge watch metalocalypse, any tips?
  • S @ salazarcosplay:
    @Xdqwerty yeah in th elive action Shaggy meets a girl that introduces herself as "Mary jane" shaggy responds "thats my favorite name"
  • Mondooooo @ Mondooooo:
    damn
    Mondooooo @ Mondooooo: damn