Toggle sidebar

Hacking Speculations about Switch 2 hacking

  • Thread starter Thread starter KeeperCP1
  • Start date Start date
  • Views Views 304,648
  • Replies Replies 806
  • Likes Likes 10
Correct me if this can be possible: With this vulnerability over the GPU https://gddr.fail/. An attack can start over the userland(WebGTK exploit), and with the exploit take over the gpu and cpu, dump the kernel,keys,etc and start investigatiom to find a more "easy" vulnerability to exploit so the full attack chain will be: WebGTK Userland -> GDDR Rowhammer over the GPU -> CPU takeover-> Kernel dump
 
  • Like
Reactions: Sun_7zu
jrgf1994 said:
Correct me if this can be possible: With this vulnerability over the GPU https://gddr.fail/. An attack can start over the userland(WebGTK exploit), and with the exploit take over the gpu and cpu, dump the kernel,keys,etc and start investigatiom to find a more "easy" vulnerability to exploit so the full attack chain will be: WebGTK Userland -> GDDR Rowhammer over the GPU -> CPU takeover-> Kernel dump
Click to expand...
Someone with more knowledge of the switch/2 eco system correct me if im wrong but Apparently the switch 2 uses LPDDR5X memory, and like all consoles now it's shared. Does this mean it wont be compatable?
 
jrgf1994 said:
Correct me if this can be possible: With this vulnerability over the GPU https://gddr.fail/. An attack can start over the userland(WebGTK exploit), and with the exploit take over the gpu and cpu, dump the kernel,keys,etc and start investigatiom to find a more "easy" vulnerability to exploit so the full attack chain will be: WebGTK Userland -> GDDR Rowhammer over the GPU -> CPU takeover-> Kernel dump
Click to expand...
The switch doesn't use webgtk. You can't run any custom code even in the exploited browser user space, so how do you think your can take over the CPU and GPU from just the browser
 
  • Love
  • Like
Reactions: ChibiMofo and Newhouse-Estates
Such a concentration of unawareness makes it difficult to take anything seriously at all. Not knowing is no disgrace, but invoking ordinary technical limitations as absolute reasons for impossibility reflects a failure of understanding rather than a meaningful argument.
 
  • Like
  • Haha
Reactions: ChibiMofo and MRJPGames
Why do people want to believe so badly the Switch 2 is unhackable?

Is it because you'd want a hacked Switch 2, and don't want to be disappointed when if it takes a very long time?

Genuinly wondering, what is the point pretending any computer system is unhackable?

Or is the obvious pattern of unhackable devices, that sooner or often, much later, do get hacked really that hard to see?
 
  • Like
  • Haha
Reactions: DavidinCT, ChibiMofo and SuffahBish
MRJPGames said:
Why do people want to believe so badly the Switch 2 is unhackable?

Is it because you'd want a hacked Switch 2, and don't want to be disappointed when if it takes a very long time?

Genuinly wondering, what is the point pretending any computer system is unhackable?

Or is the obvious pattern of unhackable devices, that sooner or often, much later, do get hacked really that hard to see?
Click to expand...
Well, it is unhackable.

Is a hack available? No? Then it is unhackable.
 
  • Haha
  • Love
Reactions: DavidinCT and ChibiMofo
FernandoRocker said:
Well, it is unhackable.

Is a hack available? No? Then it is unhackable.
Click to expand...
That's.... kinda really poor logic.
We didn't notice a hole here, so therefore there isn't any holes, therefore, hole-less.


There's just no known exploits, doesn't mean no exploits.
 
  • Like
  • Haha
Reactions: XRTerra, ChibiMofo, SuffahBish and 1 other person
Reualed said:
That's.... kinda really poor logic.
We didn't notice a hole here, so therefore there isn't any holes, therefore, hole-less.


There's just no known exploits, doesn't mean no exploits.
Click to expand...

This whole thread is pointless. Some people will claim that there might be an exploit, others will say that if there's no proof then there's no exploit, but there might be, but there isn't one right now, but maybe eventually, but... and it just loops back and forth.
 
  • Love
Reactions: ChibiMofo and poisoned_soap
tmnr1992 said:
This whole thread is pointless. Some people will claim that there might be an exploit, others will say that if there's no proof then there's no exploit, but there might be, but there isn't one right now, but maybe eventually, but... and it just loops back and forth.
Click to expand...
Then let them loop, you don't have to engage with the thread.
 
  • Like
Reactions: mad_dog
MRJPGames said:
Why do people want to believe so badly the Switch 2 is unhackable?

Is it because you'd want a hacked Switch 2, and don't want to be disappointed when if it takes a very long time?

Genuinly wondering, what is the point pretending any computer system is unhackable?

Or is the obvious pattern of unhackable devices, that sooner or often, much later, do get hacked really that hard to see?
Click to expand...
I personally do not care if it is unhackable or not, I simply do not want piracy on the system in the first couple of years at least (although ideally until the console stops being supported).

I do not mind mods or CFW, my Wii, DSi and 3DS were softmodded after the systems stopped being supported, although in my case I mainly I only use them for fan translations for the most part. However I do hate piracy on current systems, especially when it's done in a way that ruins the fun for everyone, namely leaks and spoilers. It was great to play Pokopia without a single leak or anything like it.
 
  • Like
  • Sad
Reactions: RyanTheArchivist, lemres, Tigran and 3 others
emmauss said:
The switch doesn't use webgtk. You can't run any custom code even in the exploited browser user space, so how do you think your can take over the CPU and GPU from just the browser
Click to expand...
Well the first exploit we saw runned arbitrary code in the userland it was not a browser the entry point was the browser. And you only need to make sure that the gpu is used to try hammering the dram and make the bit flips for a cpu take over
 
  • Haha
  • Like
Reactions: ChibiMofo and SuffahBish
jrgf1994 said:
Well the first exploit we saw runned arbitrary code in the userland it was not a browser the entry point was the browser. And you only need to make sure that the gpu is used to try hammering the dram and make the bit flips for a cpu take over
Click to expand...
It was in the browser, and it was not running arbitrary code. It used ROP, and was only calling functions already compiled into the browser applet. There's a reason nothing came of it. We want to be able to map memory as executable, but the browser can only map memory as read-write
 
  • Love
  • Like
Reactions: ChibiMofo and jrgf1994
emmauss said:
It was in the browser, and it was not running arbitrary code. It used ROP, and was only calling functions already compiled into the browser applet. There's a reason nothing came of it. We want to be able to map memory as executable, but the browser can only map memory as read-write
Click to expand...
Oh thats sad news :(
 
emmauss said:
It was in the browser, and it was not running arbitrary code. It used ROP, and was only calling functions already compiled into the browser applet. There's a reason nothing came of it. We want to be able to map memory as executable, but the browser can only map memory as read-write
Click to expand...
Do you know how many console exploits have been written completely with ROP?
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Why was there almost no outrage about game keys?

bought a switch 2 from amazon.de(europe) and its banned,what are my chances nitendo unbans it?(i dint know if its seconds hand or not

Gaming  Pokemon Wind/Wave will be the first Pokemon game since X/Y that won't be datamined

STARFOX DIRECT!

Lack of Proper Game Streaming...

Hardware  Mobapad M12 HD

Gaming  Are you enjoying Yoshi and the Mysterious Book?

The Switch interface beats the Wii U's in one aspect