next time add more info in your title, so we don't have to enter your thread.
D
Deleted User
Guest
?
--------------------- MERGED ---------------------------
I just want to know?
--------------------- MERGED ---------------------------
Ignored
--------------------- MERGED ---------------------------
I just want to know?
--------------------- MERGED ---------------------------
Ignored
Well, if it's publicly documented, don't you think someone would've taken advantage of it if possible already? -_-
"it's unknown if anyone actually exploited this successfully at the time of writing"
ARM9's and ARM11's exception vectors are hardcoded to point at the CPU's internal memory (0x08000000 region for ARM9, AXIWRAM for ARM11). While the bootrom does set them up to point to an endless loop at some point during boot, it does not do so immediately. As such, a carefully-timed fault injection (via hardware) to trigger an exception (such as an invalid instruction) will cause execution to fall into ARM9 RAM.
Since RAM isn't cleared on boot (see below), one can immediately start execution of their own code here to dump bootrom, OTP, etc. The ARM9 bootrom does the following at reset: reset vector branches to another instruction, then branches to bootrom+0x8000. Hence, there's no way to know for certain when exactly the ARM9 exception-vector data stored in memory gets initialized.
ARM9's and ARM11's exception vectors are hardcoded to point at the CPU's internal memory (0x08000000 region for ARM9, AXIWRAM for ARM11). While the bootrom does set them up to point to an endless loop at some point during boot, it does not do so immediately. As such, a carefully-timed fault injection (via hardware) to trigger an exception (such as an invalid instruction) will cause execution to fall into ARM9 RAM.
Since RAM isn't cleared on boot (see below), one can immediately start execution of their own code here to dump bootrom, OTP, etc. The ARM9 bootrom does the following at reset: reset vector branches to another instruction, then branches to bootrom+0x8000. Hence, there's no way to know for certain when exactly the ARM9 exception-vector data stored in memory gets initialized.
Thing is that's not going to lead to an exploit most (if any) people would use because A. It needs existing access to arm9 RAM (which would probably turn into an exploit in itself) and B. It's a hardware exploit, which means practically nobody will use it, and an extremely timing-sensitive one at that. The only thing it would be useful for is dumping the bootrom.
But that exploit was not patched yet so people with a hardmod can dump otp on 11.0
--------------------- MERGED ---------------------------
--------------------- MERGED ---------------------------
Possibly
Similar threads
Site & Scene News
New Hot Discussed
-
-
35K views
Nintendo Switch 2 Direct - Launches June 5. $449.99 price
Soon, Nintendo will be bringing us the highly-awaited Nintendo Direct, focused solely on the Switch 2 console. The stream will begin at 6am PT/9am ET/15:00 CEST/1pm... -
24K views
Nintendo delays Switch 2 pre-orders in USA over ongoing tariff situation, release date unaffected
The Nintendo Switch 2 is still releasing on June 5th, but the price might be up in the air, at least for those in the United States. While the Direct earlier this... -
12K views
Nintendo Direct - March 27, 2025 - Nintendo announces Virtual Game Card feature
The Nintendo Switch 2 is just around the corner, but that isn't stopping Nintendo from revealing what they still have in store for the Switch. We're getting 30 full... -
11K views
Billy Mitchell wins defamation lawsuit against YouTuber, owed $240,000 in damages
Billy Mitchell is no newcomer to lawsuits, having already been to court regarding the legitimacy of his Donkey Kong world records. That lawsuit took place over the... -
11K views
Azahar 3DS emulator reaches its first stable public build
The newest challenger in 3DS emulation, Azahar, has finally reached its first stable build this week. Since Yuzu's takedown by Nintendo last year, the eventual... -
11K views
The Switch 2's Joy-Cons will not have Hall Effect sticks
The Nintendo Switch found itself at the center of technical issues throughout its lifespan, thanks to its Joy-Con controllers. Referred to as Joy-Con drift, it led to... -
9K views
Fan-made remake Gamma Emerald gets a release date for its first demo
After more than a year of development, fan-made Pokemon Emerald remake Gamma Emerald is getting its first demo in just over a month. Posted today by developer... -
8K views
After controversy, Assassin's Creed Shadows is reportedly the series' second biggest launch ever
Assassin's Creed Shadows faced a few bumps on its way to launch, ranging from a multitude of delays, to controversy over one of the game's characters, Yasuke, as well... -
8K views
Game Key Cards - an improved digital release or stripped down physical cartridge?
Since the Direct at the start of the month, Nintendo have attracted a lot of ire regarding the Switch 2. I’ve seen comments on either side of the fence when it comes... -
7K views
ROM Hack Pokemon Evolved ROM hack shows a fresh take on Kanto’s original 151 species
Kanto is for many the image of nostalgia when it comes to Pokemon. It’s the region where it all started, and it’s the region where many started their Pokemon...
-
-
-
598 replies
Nintendo Switch 2 Direct - Launches June 5. $449.99 price
Soon, Nintendo will be bringing us the highly-awaited Nintendo Direct, focused solely on the Switch 2 console. The stream will begin at 6am PT/9am ET/15:00 CEST/1pm... -
411 replies
Nintendo delays Switch 2 pre-orders in USA over ongoing tariff situation, release date unaffected
The Nintendo Switch 2 is still releasing on June 5th, but the price might be up in the air, at least for those in the United States. While the Direct earlier this... -
150 replies
Nintendo Direct - March 27, 2025 - Nintendo announces Virtual Game Card feature
The Nintendo Switch 2 is just around the corner, but that isn't stopping Nintendo from revealing what they still have in store for the Switch. We're getting 30 full... -
141 replies
The Switch 2's Joy-Cons will not have Hall Effect sticks
The Nintendo Switch found itself at the center of technical issues throughout its lifespan, thanks to its Joy-Con controllers. Referred to as Joy-Con drift, it led to... -
137 replies
Game Key Cards - an improved digital release or stripped down physical cartridge?
Since the Direct at the start of the month, Nintendo have attracted a lot of ire regarding the Switch 2. I’ve seen comments on either side of the fence when it comes... -
130 replies
After controversy, Assassin's Creed Shadows is reportedly the series' second biggest launch ever
Assassin's Creed Shadows faced a few bumps on its way to launch, ranging from a multitude of delays, to controversy over one of the game's characters, Yasuke, as well... -
107 replies
Billy Mitchell wins defamation lawsuit against YouTuber, owed $240,000 in damages
Billy Mitchell is no newcomer to lawsuits, having already been to court regarding the legitimacy of his Donkey Kong world records. That lawsuit took place over the... -
92 replies
Happy, underwhelmed, and something in between - GBAtemp staff react to the Switch 2 Direct
April 2nd has come and gone, and the cat is truly out of the bag now. Nintendo have announced the Switch 2 is launching in June, alongside notable first and third... -
76 replies
Azahar 3DS emulator reaches its first stable public build
The newest challenger in 3DS emulation, Azahar, has finally reached its first stable build this week. Since Yuzu's takedown by Nintendo last year, the eventual... -
73 replies
Nintendo Switch 2 Edition - not necessarily a definitive release?
During the Direct at the start of the month, Nintendo laid out their plans for breathing new life into a number of Switch games through a series of free and paid...
-
- No one is chatting at the moment.
-
@
Skelletonike:
So yeah, went to a private hospital to take care of it. Public hospitals would take a few years to fix it, I'd rather pay and he done with it. -
@
K3Nv3:
One reason why I'm so focused on dental this year I'm doing pretty stable with income so trying to get that expensive crap out the way+1 -
@
Skelletonike:
Some people just ignore their own health a lot of times, even people that can afford it.
-
-
@
K3Nv3:
Well alot of people don't have or can afford the insurance aspect system of it America has options to cancel and purchase more people aren't aware of
-
-
-
@
Skelletonike:
We have free healthcare care but a lot of people just neglect their own health. Those that do use it may have to wait longer than they have at times.
-
-
-
@
Sicklyboy:
The vast majority of Americans are in a situation where their ability to seek adequate healthcare is tied to 1) having a job that provides an adequate benefits/insurance package, and 2) that job paying them enough to be able to afford the balance that insurance doesn't cover -
@
Sicklyboy:
3), that job having sufficient time-off options where they are able to take time off of work to go to an appointment
-
-
-
@
Sicklyboy:
I got decent enough insurance through work that I don't utilize often enough tbh. Like not even making checkups when I should be
-
-
-
-
-
@
K3Nv3:
https://www.foxweather.com/extreme-weather/mount-spurr-volcano-alaska-eruption-update-april-2025 volcano in Alaska sounds wild
-
-
-
-
-
