Hacking Will payloads always need to be sent via USB?

Rune

Rune

Well-Known Member
OP
Member
Level 11
Joined
Feb 15, 2017
Messages
693
Trophies
0
XP
2,457
Country
United Kingdom
So far we've seen progress in terms of being able to get into RCM without a jig. But it seems like we still need to send payloads via the USB port, whether that's through a PC, mobile, or a dongle of some sort.

Is it going to be possible in the future to store your payloads on the microSD card like the 3DS and load them with on boot without interfering with the USB port? This seems like one of the last hurdles before we could get a seamlessly working CFW.
 
andijames

andijames

Well-Known Member
Member
Level 5
Joined
Jan 28, 2016
Messages
428
Trophies
0
Age
43
Location
Manchester
XP
759
Country
United Kingdom
Not sure if the RCM mode has access to the SD as it's so low level but I'm not 100% about this. Has access to the USB port but that's obvious as it needs that to get the recovery payload or in our case our mutated one.
 
bytar

bytar

Holy Knight
Member
Level 5
Joined
Jan 5, 2016
Messages
230
Trophies
0
Age
34
XP
666
Country
Japan
so, do we always need a specific quality usb c cable and usb 3.0 port? or will just a normal usb c cable (or a micro usb cable with usb c converter) and usb 2.0 port work?
 
  • Like
Reactions: naddel81
Kubas_inko

Kubas_inko

"Something funny goes here."
Member
Level 15
Joined
Feb 3, 2017
Messages
6,324
Trophies
1
Age
24
Location
I gues on earth.
XP
5,181
Country
Czech Republic
bytar said:
so why do people use high quality usb c cables and usb 3.0 ports right now? or am i missing something?
Click to expand...
1. People are paranoid
2. I think that on Linux you need to patch something to make it work on 2.0 port. Idk how it is on windows. For some time (or still) you needed a USB 3.0.
 
  • Like
Reactions: annson24 and bytar
OkazakiTheOtaku

OkazakiTheOtaku

no thanks, I don't want a custom title
Member
Level 12
Joined
Jul 20, 2016
Messages
1,461
Trophies
1
Location
127.0.0.1
XP
3,114
Country
Japan
bytar said:
so why do people use high quality usb c cables and usb 3.0 ports right now? or am i missing something?
Click to expand...
On Windows and Linux (as well as Android, I think) you need XHCI (which is USB 3.0) so deliver the payload. On Mac you can use USB 2 cables but for everything else you need 3.0, which is going to be newer and more expensive.
 
Rune

Rune

Well-Known Member
OP
Member
Level 11
Joined
Feb 15, 2017
Messages
693
Trophies
0
XP
2,457
Country
United Kingdom
Maybe I should've been more clear with what I'm really asking. What I want to know is if we're stuck with using payloads via RCM mode.
Will it not be possible to permanently flash a CFW to the device that loads from cold boot just like a OFW?

There's been talk about "emunand", but to me it feels like this is it. The fact that payloads are not permanent, and since booting without the dongle and jig leaves your device back to how it used to be, I feel like this is the "emunand" that's going to be presented to us. Which then makes me wonder if we're forever going to have to have the Switch either tethered or with a dongle.
 
Kioku

Kioku

猫。子猫です!
Member
Level 25
Joined
Jun 24, 2007
Messages
12,007
Trophies
3
Location
In the Murderbox!
Website
www.twitch.tv
XP
16,144
Country
United States
Rune said:
Maybe I should've been more clear with what I'm really asking. What I want to know is if we're stuck with using payloads via RCM mode.
Will it not be possible to permanently flash a CFW to the device that loads from cold boot just like a OFW?

There's been talk about "emunand", but to me it feels like this is it. The fact that payloads are not permanent, and since booting without the dongle and jig leaves your device back to how it used to be, I feel like this is the "emunand" that's going to be presented to us. Which then makes me wonder if we're forever going to have to have the Switch either tethered or with a dongle.
Click to expand...
Honestly? I don't see how or why it wouldn't be possible in the near future. What we've got now feels like a temporary bridge to cross until they find a way.
 
  • Like
Reactions: goonbag, TeamScriptKiddies and nWo
Rune

Rune

Well-Known Member
OP
Member
Level 11
Joined
Feb 15, 2017
Messages
693
Trophies
0
XP
2,457
Country
United Kingdom
Memoir said:
Honestly? I don't see how or why it wouldn't be possible in the near future. What we've got now feels like a temporary bridge to cross until they find a way.
Click to expand...
Maybe I'm being a bit impatient. I've never followed a hacking scene from its early days. Normally I'd ignore it and come back in about 8-9 months time to see how things have developed. So normally I'm used to using fully developed exploits as soon as I started "hacking".
 
Draxzelex

Draxzelex

Well-Known Member
Member
Level 23
Joined
Aug 6, 2017
Messages
19,011
Trophies
2
Age
29
Location
New York City
XP
13,379
Country
United States
Kubas_inko said:
1. People are paranoid
2. I think that on Linux you need to patch something to make it work on 2.0 port. Idk how it is on windows. For some time (or still) you needed a USB 3.0.
Click to expand...

OkazakiTheOtaku said:
On Windows and Linux (as well as Android, I think) you need XHCI (which is USB 3.0) so deliver the payload. On Mac you can use USB 2 cables but for everything else you need 3.0, which is going to be newer and more expensive.
Click to expand...
TegraSmash, the program to deliver payloads on Windows devices, can use USB 2.0. My computer and its lack of 3.0 ports are proof of that :D

Rune said:
Maybe I should've been more clear with what I'm really asking. What I want to know is if we're stuck with using payloads via RCM mode.
Will it not be possible to permanently flash a CFW to the device that loads from cold boot just like a OFW?

There's been talk about "emunand", but to me it feels like this is it. The fact that payloads are not permanent, and since booting without the dongle and jig leaves your device back to how it used to be, I feel like this is the "emunand" that's going to be presented to us. Which then makes me wonder if we're forever going to have to have the Switch either tethered or with a dongle.
Click to expand...
To do that, we would need coldboot access because in your scenario, when the Switch turns on, it won't boot Atmosphere. We need access before the Switch can check the firmware and these are in the form of coldboot exploits. Unfortunately, the only one we have at the moment is a tethered one. Will we see someone develop an untethered exploit in our lifetimes? Potentially. The Switch's bootrom has been leaked to the public so there may be someone poking at it everyday.
 
  • Like
Reactions: Don Jon
L

Loaffy

Well-Known Member
Member
Level 2
Joined
Mar 27, 2015
Messages
158
Trophies
0
Age
31
XP
221
Country
Canada
According to various messages/tweets from devs in the scene, it is POSSIBLE that we won't need to use RCM one day. But whether or not anyone will leak those exploits/vulnerabilities, or whether or not anyone will even develop anything for them when RCM is such a simple entry point, is the real question.

Based off history of other game console homebrew scenes I believe that eventually these other vulnerabilities will amount to something and we won't need to use RCM every boot, but it could be years before that happens so in the mean time everyone will get used to using RCM.
 
  • Like
Reactions: TeamScriptKiddies
TiMeBoMb4u2

TiMeBoMb4u2

Well-Known Member
Member
Level 7
Joined
Oct 25, 2008
Messages
1,550
Trophies
0
Location
Hyrule
XP
1,198
Country
United States
Rune said:
Maybe I should've been more clear with what I'm really asking. What I want to know is if we're stuck with using payloads via RCM mode.
Will it not be possible to permanently flash a CFW to the device that loads from cold boot just like a OFW?

There's been talk about "emunand", but to me it feels like this is it. The fact that payloads are not permanent, and since booting without the dongle and jig leaves your device back to how it used to be, I feel like this is the "emunand" that's going to be presented to us. Which then makes me wonder if we're forever going to have to have the Switch either tethered or with a dongle.
Click to expand...
At this point, everything that is not implemented in code is purely speculation.
If I'm not mistaken, @SciresM made it clear, from the beginning, that he wanted to code everything in Atmosphere with complete transparency. So, if you have specific questions regarding functionality, or future functionality, you can have a look at the GitHub code, or ask a dev, like @ktemkin, directly (Although, asking directly may, or may not, give you the answer for which you seek).
 
S

smf

Well-Known Member
Member
Level 16
Joined
Feb 23, 2009
Messages
6,643
Trophies
2
XP
5,863
Country
United Kingdom
Rune said:
Is it going to be possible in the future to store your payloads on the microSD card like the 3DS and load them with on boot without interfering with the USB port? This seems like one of the last hurdles before we could get a seamlessly working CFW.
Click to expand...

My crystal ball is broken, my guess is maybe but not soon.

andijames said:
Not sure if the RCM mode has access to the SD as it's so low level but I'm not 100% about this. Has access to the USB port but that's obvious as it needs that to get the recovery payload or in our case our mutated one.
Click to expand...

The current exploit comes from being sent data via USB, you can't do that from the sd card slot. If there is an exploit when it's looking at files on sd or on your emmc then we don't know if that hypothetical exploit is possible, when it will be found or when it will be released.

OkazakiTheOtaku said:
On Windows and Linux (as well as Android, I think) you need XHCI (which is USB 3.0) so deliver the payload. On Mac you can use USB 2 cables but for everything else you need 3.0, which is going to be newer and more expensive.
Click to expand...

You don't need USB 3, there is a bug in Linux USB 2 drivers that prevent it from working but you can patch it to work.

TiMeBoMb4u2 said:
If I'm not mistaken, @SciresM made it clear, from the beginning, that he wanted to code everything in Atmosphere with complete transparency.
Click to expand...

The exploit is not part of Atmosphere, so it doesn't qualify for complete transparency. Kate has made it clear from the beginning that you won't get complete transparency.
 
Last edited by smf,
  • Like
Reactions: Don Jon

Site & Scene News

Go to forum More news

Popular threads in this forum

Homebrew Tutorial  Building Pagascape from source to running Self Hosted mode on Windows and MSYS

Hacking Misc  Getting the MIG Switch to load an XCI dump without its original Initial Data

mig switch not working/updating??

Hacking Homebrew Tutorial  Portable PegaScape (Win32)

Fusee.bin with the new Pre-release of Atmoshere 1.7.0

DBI language error

Homebrew Tutorial  Setup a DevKitPro environment on Windows.

Homebrew Tutorial  Install MSYS Environment

General chit-chat
Help Users
    Psionic Roshambo @ Psionic Roshambo: https://m.youtube.com/watch?v=_NTF5_qgH0o