Hacking Question Any progress in hacking the patched switch?

[defrb]

Hello people,

Bought a switch for christmas but it was not possible to run cfw sinds my switch is patched. Now my switch is back in the box and waiting till there will be a new way to hack the system.
I was wondering if there is allready some progression in hacking the new patched switch?

Tried to convince my wife to buy a second switch, which will be hackable but she was not very eager to buy another one

thanks for listening

 

[The Real Jdbye]

As long as you don't update it past 4.1.0, you'll be able to use the warmboot exploit when that eventually releases.

 

[defrb]

As long as you don't update it past 4.1.0, you'll be able to use the warmboot exploit when that eventually releases.

Thanks for the fast response and advice. Good to hear there is some w.i.p. , will certainly stay under FW 4.1.0

 

[altorn]

follow Team Xecuter forums for their supposed solution for the ipatched units. it's been a while since they promised it, and never heard any other progress on it personally.

 

[lieder1987]

Thanks for the fast response and advice. Good to hear there is some w.i.p. , will certainly stay under FW 4.1.0

Just remember there is no timeline for these exploits, it could be in a week it could be in 2 years.

 

[Dust2dust]

Obvious solution is to return it to the store and buy a hackable one. I'm sure you've thought about that already.

 

[defrb]

Will watch the team Xecuter forums closely.

Just remember there is no timeline for these exploits, it could be in a week it could be in 2 years.

Yes, true. I will burn some candles and wish it take like 2 months max Otherwise we are forced to go to plan B

Great info, thanks for helping! Wish you all the best in 2019.

 

[Eukelade]

As long as you don't update it past 4.1.0, you'll be able to use the warmboot exploit when that eventually releases.

Do you talk about the write-up of hexkyz? Is it possible to boot a CFW with that exploit? I read the write-up, but it is not clearly answered. I think this is only a userland exploit and maybe only part of the exploit chain to get full control of the switch?

 

[defrb]

Obvious solution is to return it to the store and buy a hackable one. I'm sure you've thought about that already.

haha yeah, the thing was, my switch was "possibly patched" So i made a paperclip and scratched my switch with it

 

[Yamathedestroyer]

NVHax will be released soon, but it only allows Homebrew up to 6.0.0

 

[Eukelade]

NVHax will be released soon, but it only allows Homebrew up to 6.0.0

That's what I thought, too. The exploit gives you the permission to run Homebrew on the switch. There is no possibility to run custom firmware on the patched units at the moment.

 

[The Real Jdbye]

That's what I thought, too. The exploit gives you the permission to run Homebrew on the switch. There is no possibility to run custom firmware on the patched units at the moment.

That's a different thing, on 4.1.0 and lower specifically it's possible to run CFW.
The exploit chain is developed and works AFAIK, just hasn't been released yet.

 

[Eukelade]

Is there any documentation of the warmboot exploit chain available?

 

[ZachyCatGames]

Do you talk about the write-up of hexkyz? Is it possible to boot a CFW with that exploit? I read the write-up, but it is not clearly answered. I think this is only a userland exploit and maybe only part of the exploit chain to get full control of the switch?

Those exploits alone won't let you boot CFW. But in combination with a few other exploits, you can boot CFW (and some of those other exploits only work on 4.1 and below)

 

[Eukelade]

Is there any documentation of the warmboot exploit chain available?

Found the exploit chain description by hexkyz:

Just to provide a bit more context and hopefully clear some doubts:
- The déjà-vu exploit chain goes browserhax > nvhax > gmmuhax > nspwn > [undisclosed] > warmboothax;
- What is going to be released is a browser exploit for firmware versions 4.0.0 to 6.0.1 and the "nvhax" exploit which allows you to take over the nvservices' process and access the GPU MMU (which we used for gmmuhax).

I know it's not much yet, but this will grant those with ipatched units the ability to explore the system further and look for even more vulnerabilities on a higher privilege level.
For general users (with ipatched units), the benefits will depend on the firmware version you are on:
- 4.1.0: vulnerable to the entire déjà-vu chain so it can go up to nspwn right away (full userland takeover and therefore, homebrew);
- 5.0.0 to 5.1.0: nspwn was patched in this version, but workarounds are possible by abusing gmmuhax;
- 6.0.0 to 6.0.1: many changes made exploitation really hard to achieve, but there are still workarounds.

6.1.0 patched the browser exploit that will be released (others are already being worked on) and 6.2.0 patched "nvhax" (closing down the current exploit chain).

 

[mrswitch82]

mine is at 9.0.1 can i downgrade to be able to use a hack and its patched

--------------------- MERGED ---------------------------

mine is at 9.0.1 can i downgrade to be able to use a hack and its patched

 

[ZachyCatGames]

mine is at 9.0.1 can i downgrade to be able to use a hack and its patched

--------------------- MERGED ---------------------------

Downgrading without bricking your system is impossible.

 

[mrswitch82]

Downgrading without bricking your system is impossible.

what can i do ?

 

[Draxzelex]

what can i do ?

Buy an unpatched console.

 

[DKAngel]

nothing you can do except wait for a hardware mod