Nintendo Switch V2 Jailbreak Theory

Status
Not open for further replies.
CruzeForce

CruzeForce

Active Member
OP
Newcomer
Level 1
Joined
Apr 18, 2023
Messages
29
Trophies
0
XP
41
Country
United States
There is a vulnerability with the Bluetooth as the 8bitdo takes advantage and allows any controller to connect so what if someone connects a microcontroller that contains a jailbreak script, as there was a video with a jailbreak using a microcontroller, but to do that you have to open up a switch, so cant you just buy a microcontroller with a 8bitdo, put the jailbreak command on the microcontroller and then run a script that will let the switch identify it as a joycon and then add the jailbreak script? as then the switch would run anything the microcontroller says as it will be known as an admin? this would work as the Nintendo switch (including the chip) follows any joycon command and you could buy a possible microcontroller with Bluetooth like a Pico w for cheap, this would be a simple process as someone would make the script, you would connect the microcontroller with Bluetooth to the 8bitdo and run the command on the switch. I hope someone reaches out to me as a response to my theory.
 
Last edited by CruzeForce,
Draxzelex

Draxzelex

Well-Known Member
Member
Level 23
Joined
Aug 6, 2017
Messages
19,012
Trophies
2
Age
29
Location
New York City
XP
13,395
Country
United States
CruzeForce said:
im trying to find a vulnerability its because there is a vulnerability with the Bluetooth as the 8bitdo takes advantage and allows any controller to connect so what if someone connects a microcontroller that contains a jailbreak script, as there was a video with a jailbreak using a microcontroller, but to do that you have to open up a switch, so cant you just buy a microcontroller with a 8bitdo, put the jailbreak command on the microcontroller and then run a script that will let the switch identify it as a joycon and then add the jailbreak script? as then the switch would run anything the microcontroller says as it will be known as an admin? this would work as the Nintendo switch (including the chip) follows any joycon command and you could buy a possible microcontroller with Bluetooth like a Pico w for cheap, this would be a simple process as someone would make the script, you would connect the microcontroller with Bluetooth to the 8bitdo and run the command on the switch. I hope someone reaches out to me as a response to my theory.
Click to expand...
Your post was responded to in this thread. For the second time, use that thread instead of cluttering the forum with useless new threads.
 
  • Love
Reactions: impeeza
CruzeForce

CruzeForce

Active Member
OP
Newcomer
Level 1
Joined
Apr 18, 2023
Messages
29
Trophies
0
XP
41
Country
United States
Draxzelex said:
Your post was responded to in this thread. For the second time, use that thread instead of cluttering the forum with useless new threads.
Click to expand...
I'm pretty sure that somebody will use this to make something, please stop sending messages if you don't want to support the idea or use it
 
CruzeForce

CruzeForce

Active Member
OP
Newcomer
Level 1
Joined
Apr 18, 2023
Messages
29
Trophies
0
XP
41
Country
United States
hippy dave said:
Controller input won't provide any kind of privileged system access. No go.
Click to expand...
there were some flaws jailbreaking it through wifi or bluetooth but we could probably overcome those with a new script
1682193151837.png

Post automatically merged:

linuxares said:
https://switchbrew.org/wiki/Switch_System_Flaws

EDIT: Even if you manage to break in with Bluetooth. It isn't 100% you get kernel exploit.
Click to expand...
true, but maybe we could overcome it with a new script as that was version 4
 
linuxares

linuxares

The inadequate, autocratic beast!
Global Moderator
Level 26
Joined
Aug 5, 2007
Messages
13,352
Trophies
2
XP
18,247
Country
Sweden
CruzeForce said:
there were some flaws jailbreaking it through wifi or bluetooth but we could probably overcome those with a new script
View attachment 366551
Post automatically merged:


true, but maybe we could overcome it with a new script as that was version 4
Click to expand...
This is probably to 99.9% patched or no need to care about since it have no meaningful application.
Else it would already be a exploit for it.
 
  • Like
Reactions: impeeza
BaamAlex

BaamAlex

UDE GA NARU ZE!
Member
Level 17
Joined
Jul 23, 2018
Messages
6,065
Trophies
1
Age
29
Location
Lampukistan
Website
hmpg.net
XP
6,185
Country
Germany
Let's assume that your theory is correct. What then? You would still need a kernel exploit afterwards. Or TrustZone. Whatever. And those don't exist at all atm. And on top of that, Bluetooth is so low level (afaik) that nothing big can be done with it.
 
  • Like
Reactions: impeeza
linuxares

linuxares

The inadequate, autocratic beast!
Global Moderator
Level 26
Joined
Aug 5, 2007
Messages
13,352
Trophies
2
XP
18,247
Country
Sweden
BaamAlex said:
Let's assume that your theory is correct. What then? You would still need a kernel exploit afterwards. Or TrustZone. Whatever. And those don't exist at all atm. And on top of that, Bluetooth is so low level (afaik) that nothing big can be done with it.
Click to expand...
I think the idea is like with blue bomb. But I highly doubt it's as easy on the Switch as with the WIi.
 
Tomato123

Tomato123

Well-Known Member
Member
Level 11
Joined
Feb 8, 2020
Messages
734
Trophies
1
Location
England
XP
2,522
Country
United Kingdom
CruzeForce said:
There is a vulnerability with the Bluetooth as the 8bitdo takes advantage and allows any controller to connect so what if someone connects a microcontroller that contains a jailbreak script, as there was a video with a jailbreak using a microcontroller, but to do that you have to open up a switch, so cant you just buy a microcontroller with a 8bitdo, put the jailbreak command on the microcontroller and then run a script that will let the switch identify it as a joycon and then add the jailbreak script? as then the switch would run anything the microcontroller says as it will be known as an admin? this would work as the Nintendo switch (including the chip) follows any joycon command and you could buy a possible microcontroller with Bluetooth like a Pico w for cheap, this would be a simple process as someone would make the script, you would connect the microcontroller with Bluetooth to the 8bitdo and run the command on the switch. I hope someone reaches out to me as a response to my theory.
Click to expand...
There are threads like this posted pretty often and there's a reason that after so many of them that there are no more useful exploits. The Switch is a pretty tough console in terms of security. RCM was a fluke more than anything and I doubt we'd get anything as 'easy' as that again. It will take years of research to find anything that SciresM hasn't found already. They already reversed engineered basically the whole firmware and found nothing useful (Yes, there is a chance they missed something).

People are pretty desperate for something on V2 but there are still options (modchips) and that's the way it's going to stay for a while unfortunately. You have to either get a V1 or a modchip for a V2. As much as I hate to say stuff like "if you don't know what you're talking about then don't try" well... This is one of those cases as it's so much more complicated than vulnerability = jailbreak/CFW/etc.
 
  • Like
Reactions: peteruk and Lumince
CruzeForce

CruzeForce

Active Member
OP
Newcomer
Level 1
Joined
Apr 18, 2023
Messages
29
Trophies
0
XP
41
Country
United States
BaamAlex said:
Correct. I doubt that nintendo will make the same mistakes like on their old consoles.
Click to expand...
But then also, they did allow the OLED to have the same chip as the v2 but y'all are right, this might not work but I'm still testing it out, I will post a response after I make the script on a microcontroller and test it, if this works then I'll post it on gbatemp
 
  • Haha
  • Like
Reactions: BigOnYa and SparkyX1
BigOnYa

BigOnYa

Has A Very Big
Member
Level 18
Joined
Jan 11, 2021
Messages
3,207
Trophies
1
Age
50
XP
7,578
Country
United States
CruzeForce said:
But then also, they did allow the OLED to have the same chip as the v2 but y'all are right, this might not work but I'm still testing it out, I will post a response after I make the script on a microcontroller and test it, if this works then I'll post it on gbatemp
Click to expand...
"You Da Man! F the haters and do it!"
 
Last edited by BigOnYa,
  • Haha
Reactions: impeeza and M7L7NK7
CruzeForce

CruzeForce

Active Member
OP
Newcomer
Level 1
Joined
Apr 18, 2023
Messages
29
Trophies
0
XP
41
Country
United States
BigOnYa said:
"You Da Man! F the haters and do it!"
Click to expand...
Thank you for the motivational response ☺️
Post automatically merged:

linuxares said:
I think the idea is like with blue bomb. But I highly doubt it's as easy on the Switch as with the WIi.
Click to expand...
It actually is
Post automatically merged:

BaamAlex said:
Let's assume that your theory is correct. What then? You would still need a kernel exploit afterwards. Or TrustZone. Whatever. And those don't exist at all atm. And on top of that, Bluetooth is so low level (afaik) that nothing big can be done with it.
Click to expand...
Using trustzone
 
CruzeForce

CruzeForce

Active Member
OP
Newcomer
Level 1
Joined
Apr 18, 2023
Messages
29
Trophies
0
XP
41
Country
United States
hippy dave said:
Controller input won't provide any kind of privileged system access. No go.
Click to expand...
There was a wifi/Bluetooth jailbreak by yellows8 on switch firmware v4
Post automatically merged:

linuxares said:
Aight! Go for it!
Click to expand...
Wow, thanks a lot, I will try to wrap this up by the end of summer
But then also if anyone wants to help I will post my discord right now
Post automatically merged:

Cruze Force#4787
 
Status
Not open for further replies.

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Misc  Getting the MIG Switch to load an XCI dump without its original Initial Data

Emulation Homebrew  duckstation for Switch

Can you trade in a banned switch for an unbanned one?

Why is Atmosphere so dominant?

Crosscode Hacking thread

Hacking  Loader.kip for AMS 1.7.0 with FW 17.0.1 - sys-clk error ??

Migswitch backups without certificate files

Hacking  Weird findings from that DQ trilogy switch port

General chit-chat
Help Users
  • Xdqwerty @ Xdqwerty:
    @K3Nv2, i have a physical copy of mgs4
  • Xdqwerty @ Xdqwerty:
    ok I tried it and 1) it doesnt boot wood menu automatically and 2) when trying to load a game through wood theres just a loading screen
  • K3Nv2 @ K3Nv2:
    It's low on wood
     +1
  • Xdqwerty @ Xdqwerty:
    lemme ask in forums
  • Xdqwerty @ Xdqwerty:
    yawn
  • Psionic Roshambo @ Psionic Roshambo:
    https://www.youtube.com/watch?v=jyFoWftIDXg
     +1
  • BigOnYa @ BigOnYa:
    @Xdqwerty No you heard wrong, and don't believe till you experience yourself. Fallout 4 is one of my favorite games of all time. Yes it had issues early on, esp with older hardware like the xbox1, but it is awesome, esp now being 4k on Series S/X or PS5
     +2
  • Xdqwerty @ Xdqwerty:
    @BigOnYa, Then i think people were talking about fallout 76
  • Xdqwerty @ Xdqwerty:
    that one was buggy too
  • BigOnYa @ BigOnYa:
    Yea you right there, fallout 76 was a letdown, but it not that bad now, they have fixed slot of issues they had at launch. Biggest issue with Fallout 76 is its a pay to advance further type of game, which sucks
  • Xdqwerty @ Xdqwerty:
    @BigOnYa, I may probably download fallout 3 or new vegas on my ps3
  • Xdqwerty @ Xdqwerty:
    cuz I didnt like fallout 1 that much
  • BigOnYa @ BigOnYa:
    New Vegas is awesome, F3 was ok too.
  • Psionic Roshambo @ Psionic Roshambo:
    I played Fallout 4 on PC, I enjoyed it honestly. Not my favorite game on earth but at the same time I didn't hate it at all lol
  • BigOnYa @ BigOnYa:
    That's cool you got a ps3... Glad to hear. Game on!
     +1
  • Psionic Roshambo @ Psionic Roshambo:
    https://www.youtube.com/watch?v=Fnd9umSCsws
     +1
  • Psionic Roshambo @ Psionic Roshambo:
    Ironic this was posted today lol
  • BigOnYa @ BigOnYa:
    I think the tv series has boasted play of, I did see they said playing of it Is up, way more than norm
     +1
  • BigOnYa @ BigOnYa:
    I've been playing the next gen version on Series X all day, I love it. :wub:
     +1
  • Psionic Roshambo @ Psionic Roshambo:
    Downloading some random stuff, damn almost 400GBs in like 4 hours lol
  • Psionic Roshambo @ Psionic Roshambo:
    Gonna be over 1TB this month.... damn lol
  • Xdqwerty @ Xdqwerty:
    good night
     +1
  • BigOnYa @ BigOnYa:
    At least you have some fast speeds. What a drag that used to be, I remb downloading 1 pic back in the day, and seeing line by line show
  • BigOnYa @ BigOnYa:
    Nighty night.
  • BigOnYa @ BigOnYa:
    Or worse, you downloading something, and someone calls your phone and interupts the download, good ole AOL
    BigOnYa @ BigOnYa: Or worse, you downloading something, and someone calls your phone and interupts the download...