Hacking Pegaswitch on 2.3 Means Everyone Should Update Now If They Havent !

[Xplic1T]

Get the update now if you havent yet before Nintendo updates their latest fw to 2.4. Pega may be blocked if they figure it out.

https://hackinformer.com/2017/06/10/pegaswitch-updated-2-3-switch-news/

!!!! Update to 3.0 At Your Own Risk - Stay On 2.3 If You Can Help It !!!!

Switch update 3.0.0 fixes a known vulnerability in the NS sysmodule (originally found by @qlutoo in April): https://t.co/P5lobEvZ5v

— Michael (@SciresM) June 20, 2017

Failed to fetch tweet https://twitter.com/daeken/status/876965449837293570

Spoiler

PSA - This Does Not Mean They Have A Jailbreak!
PegaSwitch is a Javascript Toolkit that lets users poke around in ram and execute certain commands outside of normal user space. Team ReSwitched ported a web-kit (internet browser component) vulnerability that has been discovered to jailbreak IOS 9.3.5 on the iPhone. They ported that implementation and had it working on the Switch's 2.0 web browser, but Nintendo then quickly patched the vulnerability in 2.1 and many of us have been not able to use it. As of 6/9/2017, team ReSwitched announced they had a new implementation of the vulnerability that works on 2.3 in addition to 2.0, 2.1, 2.2. This post was made in order to aid in getting people on to 2.3 while it is still active as the latest firmware version for the Switch. We don't know if they will patch this in 2.4 or 2.5 or 4.x but at-least you will be ready and still have the option to download from the store or play online for the time being.

Team ReSwitched is keeping the new method private for now and will most likely release when Nintendo themselves have patched it.

fw 1.0 Definitely Update to Current FW 2.3

fw 2.0 Stay - Old/Current PegaSwitch Compatable

fw 2.1 Your Choice - Exploit Will Still Work

fw 2.2 Your Choice - Exploit Will Still Work

fw 2.3 Stay - 3.0 Works But They May Have Changed Internals

fw 3.0 Pegasus Works But Update 3.0 fixes a known vulnerability in the NS sysmodule (originally found by @qlutoo in April)

 

[PrincessLillie]

Wow, that's a change. We went from "DON'T UPDATE!" to "Update now!"

 

[hexcode99]

My Switch is on 2.0 firmware. We should definitely update you are saying or will "Pegaswitch" work on lower firmware too?

 

[Xplic1T]

They mentioned 2.3 specifically in the tweet ... I'm on 1.0 so I HAVE TO but if you can't get PegaSwtich running currently ... I would update. That means 1.0 and 2.2 should definitely do it. If you're on 2.0 you should be ok to just coast until the next major announcement. If the devs are working on that fw version, I would just stick to that. Next to nobody has it on 2.0 still.

2.3 should be safe for the big exploit

 

[hexcode99]

You forgot 2.0 in your OP? But you think 2.0 would be okay too as it also has the webkit. He should make clear what firmware work and don't work.

 

[adrifcastr]

Whatever "Hackinformers" is, they are late, Daeken alraeady announced this 2 days ago in the reswitched discord:

Small announcement: ReSwitched now has full support in PegaSwitch for OS 2.0-2.3. This will not be released to the public unless Nintendo fixes the bugs we're using in a future release. However, the same exploit could be used for future homebrew support. In other words, stay on 2.3 or below if you want a confirmed way of getting homebrew support in the future. Repeat: Do not upgrade to 2.4 when it comes out. This message will be updated as new versions come out.

 

[EpicLPer]

Get the update now if you havent yet before Nintendo updates their latest fw to 2.4. Pega may be blocked if they figure it out. https://hackinformer.com/2017/06/10/pegaswitch-updated-2-3-switch-news/

fw 1.0 Definitely Update

fw 2.0 Stay (Old PegaSwitch Compatable)

fw 2.1 I Would Update But It's Up To You

fw 2.2 I Would Update But It's Up To You

So I'm still on 2.0, I'll definitely stay on that one for now

 

[spotanjo3]

If 3rd party fully supporting and we will be getting one this fall. Then we will stay with FW 2.0 anyway.

 

[Xyphoseos]

Just for be sure, its good to be in 2.3 ?

 

[adrifcastr]

And here are some Discord logs:

[19:12] TurtleP: hype :smile:
[19:12] TurtleP: also what @Y2K said
[19:12] hedgeberg: well dont hype
[19:13] hedgeberg: again, cant release until it gets patched
[19:13] TurtleP: but mah homebrew for gamedev
[19:13] Daeken: or until we're ready to actually drop homebrew :smiley:
[19:13] Daeken: (it'll probably get fixed first. haha)
[19:13] hedgeberg: yeah...
[19:13] hedgeberg: theres still /lots/ to figure out
[19:13] Daeken: indeed
[19:13] Daeken: but hey, progress!
[19:13] TurtleP: how did you figure it out btw
[19:13] ihaveahax: well that's cool
[19:14] TurtleP: generally speaking
[19:14] ihaveahax: might play with it for a few minutes not knowing what i'm doing(bearbeitet)
[19:14] Daeken: @TurtleP was pointed to an awesome bug, which in conjunction with another bug i'd been investigating let me build the same r/w primitives pegaswitch 1.0 uses :smiley:
[19:15] TurtleP: hah topkek
[19:15] Daeken: one of the weirdest exploits i've ever developed. it's a nasty, nasty hack. but ... it works amazingly well, haha.

 

[BlastedGuy9905]

Get the update now if you havent yet before Nintendo updates their latest fw to 2.4. Pega may be blocked if they figure it out. https://hackinformer.com/2017/06/10/pegaswitch-updated-2-3-switch-news/

fw 1.0 Definitely Update

fw 2.0 Stay (Old PegaSwitch Compatable)

fw 2.1 I Would Update But It's Up To You

fw 2.2 I Would Update But It's Up To You

THIS IS AWESOME!

 

[adrifcastr]

DIS IS AWESOME!

my gosh nt u again, well the more awesome thong is that this exploit is a 100% "homebrew entrypoint" since like he said in the annnouncement it seems to give arbitrary code exec.

 

[BlastedGuy9905]

my gosh nt u again, well the more awesome thong is that this exploit is a 100% "homebrew entrypoint" since like he said in the annnouncement it seems to give arbitrary code exec.

... *sigh*
What's your problem with me again? I stopped posting stuff in the wrong sections. Now, if you excuse me, I wanna go on and live my life.

 

[Xplic1T]

my gosh nt u again, well the more awesome thong is that this exploit is a 100% "homebrew entrypoint" since like he said in the annnouncement it seems to give arbitrary code exec.

Hence the urgency

 

[Jayro]

They mentioned 2.3 specifically in the tweet ... I'm on 1.0 so I HAVE TO but if you can't get PegaSwtich running currently ... I would update. That means 1.0 and 2.2 should definitely do it. If you're on 2.0 you should be ok to just coast until the next major announcement. If the devs are working on that fw version, I would just stick to that. Next to nobody has it on 2.0 still.

2.3 should be safe for the big exploit

I'm on 2.0 still, and refusing to update unless it breaks Splatoon.

 

[Xplic1T]

I'm on 2.0 still, and refusing to update unless it breaks Splatoon.

For sure, stay on 2.0 as it currently works with Pegaswitch... but for others out there that maybe on 1.0(like myself) ... it may be the last hope to being on a f/w that will work with Pegaswitch. Others on 2.1 and 2.2 can choose to go to 2.3 to load up on some demos, download games from the store and play friends online in Mario Kart etc.

 

[Jayro]

For sure, stay on 2.0 as it currently works with Pegaswitch... but for others out there that maybe on 1.0(like myself) ... it may be the last hope to being on a f/w that will work with Pegaswitch. Others on 2.1 and 2.2 can choose to go to 2.3 to load up on some demos, download games from the store and play friends online in Mario Kart etc.

I just feel caught between a rock and a hardplace... 2.0 is better NOW, but Ninty might release 2.4 before Splatoon 2, and block PegaSwitch...

 

[peteruk]

I just feel caught between a rock and a hardplace... 2.0 is better NOW, but Ninty might release 2.4 before Splatoon 2, and block PegaSwitch...

In the same boat here, not sure if to stick or twist

 

[Xplic1T]

I just feel caught between a rock and a hardplace... 2.0 is better NOW, but Ninty might release 2.4 before Splatoon 2, and block PegaSwitch...

In the same boat here, not sure if to stick or twist

Cat and mouse game at this point. Splatoon most likely will work with 2.1+ (I'm sure they wont make it compatible with 2.0 since they quickly platched 2.0 to 2.1). If Splatoon is more important to you that what you can do right now with your switch on 2.0 (which isn't a whole lot) ... I'd update it.

 

[urherenow]

Well, shoot. I can't possibly have an internet connection on my switch for at least 3 weeks. But... oh, looks like I'm on 2.2 already. Internet settings deleted just in case 2.4 is out before I get to some free wifi.