Hacking Question so... firmware under 3.0.0 is now useless ?

kumikochan · Apr 25, 2018

TheCyberQuake said:
Again where am I saying it's useless? I already told you it isn't. Maybe try reading my posts before replying. I've stated to some it essentially is useless because they have soldering experience and even the clean internal soldering hardmod is trivial to them. That doesn't mean it's useless to everyone.

I never said in my post you said that. Where am i saying that ? I'm just saying it in my comment not directly directed at you because people don't bother reading old posts. Maybe i should have wrote it down differently wich is my fault but that last part was not directed to you.

roothorick · Apr 25, 2018

Quoth Fail0verflow (emphasis mine):

On the Switch, RCM mode can be entered in multiple ways:

From prior kernel-mode code execution on the system, e.g. using a WebKit exploit and kernel exploit as an entry points

If the eMMC is removed, the Tegra will enter RCM mode on boot

If you hold the Volume Up, Home, and Power buttons on the Switch (not joy-cons) at the same time.

I'm pretty sure Pegaswitch already has a privilege escalation that can be leveraged to do exactly that -- software-request a boot into RCM, meaning Step 1 of FG is done, right there. All you need is a USB-C cable (which you'll want anyway going forward) and you're off to the races.

And there's always the very real possibility of discoveries of more cut-to-the-chase vulnerabilities found in pre-3.0 firmwares. Stick with what you've got. DO NOT UPDATE.

TheCyberQuake · Apr 25, 2018

weatMod said:
reed switches?
like as in magnetic

guess you are nostalgic for ntr hax already

this is a great idea tho
please post some pics of how you did it where you mounted the reed switch etc

i always love to admire tiny soldering

I'll try to remember to document it when I do it. I'll probably make a thread of it ends up working well.
I just hope the magnetism from the rumble won't affect it, I'll be testing that before actually soldering it in.

kumikochan said:
I never said in my post you said that. Where am i saying that ? I'm just saying it in my comment not directly directed at you because people don't bother reading old posts. Maybe i should have wrote it down differently wich is my fault but that last part was not directed to you.

Sorry about that. I guess I just assumed it was directed at me because it was within a block of text where I was being quoted.

HtheB · Apr 25, 2018

BL4Z3D247 said:
... 2.x just got HBL access. ...

I couldn't find anything about this??

charlieb · Apr 25, 2018

HtheB said:
I couldn't find anything about this??

This?

https://gbatemp.net/threads/getting-hbmenu-from-1-0-0-to-3-0-0.501940/

BL4Z3D247 · Apr 25, 2018

HtheB said:
I couldn't find anything about this??

Here you go.

https://gbatemp.net/threads/getting-hbmenu-from-1-0-0-to-3-0-0.501940/page-2#post-7936627

HtheB · Apr 25, 2018

charlieb said:
This?

https://gbatemp.net/threads/getting-hbmenu-from-1-0-0-to-3-0-0.501940/

BL4Z3D247 said:
Here you go.

https://gbatemp.net/threads/getting-hbmenu-from-1-0-0-to-3-0-0.501940/page-2#post-7936627

Thanks guys!

Deathscreton · Apr 25, 2018

roothorick said:
Quoth Fail0verflow (emphasis mine):

I'm pretty sure Pegaswitch already has a privilege escalation that can be leveraged to do exactly that -- software-request a boot into RCM, meaning Step 1 of FG is done, right there. All you need is a USB-C cable (which you'll want anyway going forward) and you're off to the races.

And there's always the very real possibility of discoveries of more cut-to-the-chase vulnerabilities found in pre-3.0 firmwares. Stick with what you've got. DO NOT UPDATE.

Again, it's not as big a deal as it used to be. Even if you upgrade, you won't be missing out on anything except for software based entry points. Who's to say we won't find any of those in future firmwares?

M7L7NK7 · Apr 25, 2018

kumikochan said:
SciresM already said he has a kernel exploit wich works till 3.0.2 wich he will release when atmosphere is done and it can be loaded simply through the webkit exploit. Easy and hassle free, no game needed

You say no game needed but have they said if 1.0.0 will need Puyo to launch the browser still?

BL4Z3D247 · Apr 25, 2018

Milenko said:
You say no game needed but have they said if 1.0.0 will need Puyo to launch the browser still?

Yes but you only need PPT once.

M7L7NK7 · Apr 25, 2018

Yeah currently but I mean have they said if there will be a Puyoless version for 1.0.0 so you don't have to import it

BL4Z3D247 · Apr 25, 2018

Milenko said:
Yeah currently but I mean have they said if there will be a Puyoless version for 1.0.0 so you don't have to import it

They have mentioned the "possiblity" of that in the future. That's all they've really said about it though.

TheCyberQuake · Apr 25, 2018

I firmly believe the current FG software exploits only launch into RCM just like the trivial hardmod, and will not launch into RCM and inject the payload.
Jamais vu and Deja vu (when they get released) will be a software method to warmboot into cfw but they aren't in the FG group of exploits as they don't utilize bootrom coldboot.
Someone can come quote me if I end up being wrong at the release of the software version.
But with what we currently have and what I've read in the RS discord, it wont be untethered software coldboot with FG

guily6669 · Apr 26, 2018

TheCyberQuake said:
That's not a big deal for some. I've already modded two joycon with tiny soldering, and I'll be updating them with reed switches when I get them tomorrow.
For the experienced electronics tinkerers it takes maybe 10 minutes to install and allowed me to continue using my switch on latest fw.

I want to do that too add a button to joy-con...

However I will first wait for CFW as the shorting of the pins might become soon irrelevant 4 me on 3.0.2 at the rate things are getting released.

And I can't also wait to see what TX will offer if it comes with extras I'd rather solder one instead

.

alexj9626 · Apr 26, 2018

So, as long as we have access to RCM, we can get Homebrew/CFW and all the good stuff? Is that stuff also dependant of the firmware?

So if i dont mind doing the pin hardmode, i can update with no worries?

Is Fusee Gelee/CFW related to firmware?

guily6669 · Apr 26, 2018

If your doing the pin method and don't really care you can be on whatever FW...

But up to fw3.0.1 Will have a method with no pin shorting needed. After its release, later eventually up to FW 4.1.0 Will also get the no pin shorting method and above it might be pin shorting method only unless someone find a new way to run via software without needing the pin shorting.

M7L7NK7 · Apr 26, 2018

Really do hope they follow through with the earlier firmware software methods

weatMod · Apr 26, 2018

TheCyberQuake said:
I'll try to remember to document it when I do it. I'll probably make a thread of it ends up working well.
I just hope the magnetism from the rumble won't affect it, I'll be testing that before actually soldering it in.
Sorry about that. I guess I just assumed it was directed at me because it was within a block of text where I was being quoted.

yeah i would try to place it as far away from any motor or magnet as possible
also i wonder if the tiny metal reeds in the switch will be enough to make a good connection
a video would be nice if plan on documenting it

notimp · Apr 26, 2018

BL4Z3D247 said:
They have mentioned the "possiblity" of that in the future. That's all they've really said about it though.

The Fusee Gelee entry point should do. On 1.0.0 if you get code running once - you don't need Puyo Puyo to launch the browser (at that point Fake News can be installed (the hack is called Fake News) to launch the browser subsequently).

kumikochan · Apr 26, 2018

notimp said:
The Fusee Gelee entry point should do. On 1.0.0 if you get code running once - you don't need Puyo Puyo to launch the browser (at that point Fake News can be installed (the hack is called Fake News) to launch the browser subsequently).

I thought you needed it once to install fake news

Hacking Question so... firmware under 3.0.0 is now useless ?

Well-Known Member

Well-Known Member

Certified Geek

Well-Known Member

Well-Known Member

GBAtemp Stoner

Well-Known Member

Well-Known Member

Well-Known Member

GBAtemp Stoner

Well-Known Member

GBAtemp Stoner

Certified Geek

GbaTemp is my Drug

Well-Known Member

GbaTemp is my Drug

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Similar threads

Popular threads in this forum