So, you've all been yelling on me that "sOfTmOd iS iMpOsSiBlE", but there could be less expensive and easier to do hardmods. For example, have you looked into the joycon pins? These are one of the only exposed contacts. These can flash firmware to joycons, why hasn't anyone looked into these?
Better, less expensive hardmods
- Thread starter Ondrashek06
- Start date
- Views 8,062
- Replies 107
- Likes 2
- Status
tHe sYsTeM iS pAtChEd - FUCK OFF. All of the consoles were hacked eventually. Wii? DS? DSi? 3DS? Wii U?
These were all hacked. All of them, through a softmod (except with the DS which just requires a flashcard and no fucking up with the hardware).
This should be the case with the switch. Either through a softmod or something simple like a flashcard or a device that can easily be connected to it.
These were all hacked. All of them, through a softmod (except with the DS which just requires a flashcard and no fucking up with the hardware).
This should be the case with the switch. Either through a softmod or something simple like a flashcard or a device that can easily be connected to it.
They have. They looked in to the joycon firmware, there is apparently nothing to gain from it.
I'm not saying that it needs to be a joycon firmware exploit. It could just be a device with a button that you plug into the joycon slot, and pushing the button flashes CFW.
Try this softmod, I've heard it works:
- Find out where the Fuse location is on your revision of Switch online.
- Get some silver conductive tape and cut out enough just to mask the location of the Fuses on the case (no need to open Switch)
- Place it in the microwave for exactly 43.8 seconds on medium power. The number is precise, any more or less and it will be a brick.
- ??????????
- Install Custom Firmware as Fuses aren't an issue any more.
- Profit. Enjoy your new softmeldded Switch for phree!
The Switch isn't an unbreakable castle made from unbreakanium that is simply impossible to get into without Lord Miyamoto's honorary permission.
I wonder if someone could make a game that looks like trash shovelware, but by pressing a certain key combo, it would open an exploit. Like those 3DS games that you used only and solely as exploits.
If it was so easy, please do exploit it.
The games on the Swith runs in a sandbox environment. The 3DS had bugged games that got to talk differently with the kernel. They aren't the same.
K.
So the Switch is apparently the headquarters of FBI (pun intended), which is impossible to break into without any sort of proper authorization.
Got it, I'll just keep begging Daddy Nintendo along with the millions of others so they can release features already present on the 3DS in 5 years, and do it in a half-assed way.
More or less. So far Nintendo haven't done the mistakes. It's actually been the browser and Nvidia.
Man, I'm so done with sucking Nintendo's cock. That's why I homebrewed my 3DS and solely pirate games on it, because soon that'll be the only way to play them.
Okey, do you want a cookie or something?
I mean, you still provided Nintendo cash by buying the 3DS. They don't really care if you pirate on it if it's obsolete.
The main problems on the switch are those:
* it's a rewrite from the 3ds os, with lessons learned with the 3ds applied.
* the aslr makes game exploits everywhere, where we don't have some type of scripting or jit so hard, that it's nearly impossible in most scenarios to pull it off concistenly. But the browser could probably still work as entry point.
* it's a micro kernel architecture, so everything is split into parts with as little permissions as possible, so you would need to move from the entry point, so the game, webrowser, hid systemmodule and so on to higher permission modules/kernel/trustzone with more exploits.
* the privileged parts like the kernel are very small compared to something like Linux. So it's relatively easy to have a full understanding of the code and its interactions. If you are interested in checking it out yourself, you can beginn with checking out atmospheres exosphere (trust zone) and mesosphere(kernel) source code, because those two are the parts you need to exploit to get deep enough into the system for cfw
* for hardware glitching you need high enough control over the cpu power, by reducing the power very low in a specific timing for the cpu to glitch out and get the wrong result for an operation(in the modchips case it's the comparison of the public key part hash to the one in the fuses of the cpu, if I understand the attack correctly). This attack also needs some trigger to make it consistent, since there are some timing randomisations in the bootrom, which is the nand read in case of the current modchip.
This means it's not something you can do with something like the joycon rails.
To be fair, they did the sm mistake in 3.0, which allowed at least homebrew, but even that wasn't enough for cfw in itself. But without nvidias warmboot and cold boot exploits we might not have had any modchip free cfw exploits.
Totally makes sense that the people who are smart enough to break the Switch's security with a hardware method in the first place would choose the worst, most expensive way to do it.
What makes you so sure that Nintendo hasn't learned from past consoles and eliminated software based vulnerabilities? Microsoft has even managed to prevent hardware mods starting with the Xbox One. Why is it so much of a stretch to think that Nintendo can't do the same in the future? Cybersecurity of the past wasn't nearly as advanced as it is now and it certainly wasn't applied to game consoles like it is now. Rather than try to hide vulnerabilities companies actively ask people to look for them so that they can be eliminated. This is why software mods will likely become extinct in the future but were quite prevalent in the past. That's not to say that other types of mods and vulnerabilities won't exist.
- Status
Similar threads
-
- Article
-
-
-
-
-
@
K3Nv2:
Hm doing research quite possible my issue with this drive is bios related not detecting it fully -
-
-
-
-
-
@
Jayro:
Thanks for that bundle, I had the games already but got all the DLC for them for just $5. What a steal!+1 -
-
-
-
-
-
-
-
-
-
-
-
-
@
BigOnYa:
I'm gonna buy another Series X, but can't decide if I should wait till the Xbox June event (maybe they get discounted) or just buy now. What do you guys think?+1 -
