I don't understand, what can we do with this ?
Alright,
1) we have a library that allows us to program for the switch easier.
2) We have an emulator to run some code made with said library.
3) We have a way to host the exploit using node js on our personal computer, then we can connect to our pc with the switch and launch a program we made with the library.
4) We can't yet launch a "real" program mentioned in 3 I.E. Hello World!... because we don't yet have ROP chain.
"In 3.0, the sdb sysmodule contains a number of bugs that make it a prime target. We currently have an arbitrary write and control of the execution flow; what we don’t have is an actual ROP/JOP-chain to allow arbitrary function calling. This is the sole piece missing for userland ACE on the Switch." - From rohan website:
https://reswitched.tech/rohan
So currently they don't have an ROP chain yet.
See the first two paragraphs of
https://en.wikipedia.org/wiki/Return-oriented_programming
So it looks like they need a memory dump so that they can see what gadgets are available to be strung together to make an ROP chain.
But you can't just "get a memory dump". So I'm pretty sure they will need to guess and check which "gadgets" are available in memory already to string together. Hopefully, they can string together the right gadgets and obtain ROP-chain. Then we will see our Hello World! Hax for real.
Disclaimer: I don't really know what I'm talking about, just trying to piece together what I can figure out. I hope this helps some people understand exactly where we are at though.