Hacking Do you ever think that there is going to be a patched switch exploit on modern firmware.
- Thread starter Deleted member 546149
- Start date
- Views 15,543
- Replies 58
You have softmod Deja Vu exploits that works up to 7.0.1, patched in 8.0.0 firmware, with entry point public available only up to 4.1.0 right now, and then there is the SX OS modchip. There is no exploitable bug at the moment according to SciresM.
https://www.reddit.com/r/SwitchHacks/comments/ju4vaw/sciresm_mariko_switch_will_likely_never_have/
https://www.reddit.com/r/SwitchHacks/comments/ju4vaw/sciresm_mariko_switch_will_likely_never_have/
The Nintendo Switch is a pretty secure piece of hardware, and we really lucked out with the RCM exploit on older models and other exploits on low system version models. I really doubt that kind of luck is going to happen again anytime soon, if ever.
Unless someone can find exploit for latest firmware then you ain't going to expect an exploit, the SX Modchip grant people entry to CFW and that people can load Atmosphere on patched/Mariko unit from there. Not saying it is not possible, most developer ain't focusing on finding bootrom bugs anyway.
might be something like hen on the ps3/.4, but probably not a coldboot type hack.
Imagine what the switch pro will do to the modchip
--------------------- MERGED ---------------------------
Hopefully
It is as expected, new revision of the switch will patch out existing exploit, so if there is a newer model there will need new exploit most likely.
--------------------- MERGED ---------------------------
That is how CFW on the switch is , once you shut it off you got to load the payload again, so it ain't permanent.
Maybe someone should set up a bounty, challenging hackers to exploit current ofw and see what happens
Ain't going to work, developers aren't interested in bounty, they like their freedom.
if theres going to be anything that dosnt require hard modding it will be years after Switch is discounted cause no devs are looking into that now since theres is more then enough OG v1 RCM exploitable units theres hard mods for everything else and if anyone finds anything is more likely to be sold to Nintendo and maybe released years down the line
3DS got some good exploits after a while; the same will happen with the Switch.
- Joined
- Sep 9, 2019
- Messages
- 904
- Trophies
- 1
- Location
- Switch scene
- Website
- github.com
- XP
- 2,663
- Country
This probably won't happen unless Nintendo fucks up like they did with ro:han on 3.0.0. Unlike most other consoles the Switch is a micro kernel design which means that the surface area for attack is very small so there aren't many vulnerabilities. As well as reducing the number of vulns the small kernel size means the entire thing can be reverse engineered relatively quickly compared to other consoles. Old consoles get hacked when people look in to areas of the OS that haven't been thoroughly explored before but the entire Switch kernel has now been faithfully reimplemented in Atmosphere. If there was a useful bug in the current firmware, it would have been found in the process of doing that.
There may be bugs in the boot rom but if there were TX would have likely sold them instead of the SX Core. Selling an easy to use vulnerability is better than a glitch chip because most people aren't willing to solder shit to their motherboard. Additionally the software methods of launching cfw on low firmware Erista units relied on a bug in how the boot rom handled sleep mode, that is why Mariko units couldn't be hacked with Deja Vu despite shipping with a low enough firmware.
You might be able to get regular homebrew access by hacking each individual sys-module but that would take considerable effort and wouldn't allow for most cfw features, it would be like the 3.0.0 exploit before Fusee-Gelee was released. The only way we will get CFW on new units without a modchip is if Nintendo massively fucks up a future firmware update, someone at Nintendo leaks the signature keys for the firmware, or by waiting until computers are fast enough to bruteforce the signature keys.
If you want to hack the Switch pro there is still a way you could do it but it would need a glitch chip and it could be patched in firmware. You may recall before the SX Core was released people in ReSwitched were speculating that it was glitching the boot loader, it was actually glitching the boot rom BCT checks, but in theory glitching the bootloader would work. The downside is Nintendo could just add random timings in a future update and I don't think any Open Source people would work on it as it would risk them getting sued like Max Louarn and Gary Bowser currently are. There is also another potential exploit that would be easier to pull off than glitching the bootloader but that would also require a glitch chip and I haven't seen anyone else discussing it (I don't even now if it's possible because I don't have the time or skills to reverse engineer the boot rom but based on public knowledge and my understanding of glitch attacks I don't see why it wouldn't work).
Edit: Also Nintendo has a bug bounty so most people would rather sell if and get $$$, I know I would. If a bug is reported and Nintendo fixes it though it would be made public soon enough because people will just diff the binaries to see what changed and why.
There may be bugs in the boot rom but if there were TX would have likely sold them instead of the SX Core. Selling an easy to use vulnerability is better than a glitch chip because most people aren't willing to solder shit to their motherboard. Additionally the software methods of launching cfw on low firmware Erista units relied on a bug in how the boot rom handled sleep mode, that is why Mariko units couldn't be hacked with Deja Vu despite shipping with a low enough firmware.
You might be able to get regular homebrew access by hacking each individual sys-module but that would take considerable effort and wouldn't allow for most cfw features, it would be like the 3.0.0 exploit before Fusee-Gelee was released. The only way we will get CFW on new units without a modchip is if Nintendo massively fucks up a future firmware update, someone at Nintendo leaks the signature keys for the firmware, or by waiting until computers are fast enough to bruteforce the signature keys.
If you want to hack the Switch pro there is still a way you could do it but it would need a glitch chip and it could be patched in firmware. You may recall before the SX Core was released people in ReSwitched were speculating that it was glitching the boot loader, it was actually glitching the boot rom BCT checks, but in theory glitching the bootloader would work. The downside is Nintendo could just add random timings in a future update and I don't think any Open Source people would work on it as it would risk them getting sued like Max Louarn and Gary Bowser currently are. There is also another potential exploit that would be easier to pull off than glitching the bootloader but that would also require a glitch chip and I haven't seen anyone else discussing it (I don't even now if it's possible because I don't have the time or skills to reverse engineer the boot rom but based on public knowledge and my understanding of glitch attacks I don't see why it wouldn't work).
Edit: Also Nintendo has a bug bounty so most people would rather sell if and get $$$, I know I would. If a bug is reported and Nintendo fixes it though it would be made public soon enough because people will just diff the binaries to see what changed and why.
Last edited by CompSciOrBust,
"ever"
well yes, at some point it will likely happen. At any point in the near future? Probably not.
well yes, at some point it will likely happen. At any point in the near future? Probably not.
Mostly likely... even if it’s at the end of the life span... the only modern console that was not really hacked for back ups was the xbox1 ...
- Joined
- Sep 9, 2019
- Messages
- 904
- Trophies
- 1
- Location
- Switch scene
- Website
- github.com
- XP
- 2,663
- Country
Winchester xbox 360s can not be hacked either without extensive hardware modifications, i.e reballing the cpu with an older model.
Last edited by CompSciOrBust,
Similar threads
- Question
![[Truth]](/data/avatars/s/37/37733.jpg?1351072321){kind=avatar}
