Deja vu exploit given to Nintendo

Discussion in 'Switch - Exploits, Custom Firmwares & Soft Mods' started by pworld, Oct 18, 2018.

Thread Status:
Not open for further replies.
  1. pworld
    OP

    pworld Advanced Member

    Newcomer
    3
    Jul 15, 2018
    Austria
    Unfortunately, the deja vu exploit an important bug of the deja vu exploit chain (from what I have read in https://daeken.svbtle.com/nintendo-switch-nvservices-info-leak it is "not the most critical bug") has been given to Nintendo as part of a bug bounty program

    Hexkyz thinks there will probably have no bugs usable for hacking the switch when Mariko arrives.

    EDIT for clarity:
    Daeken knew the exploit was found by others, and he found it later, but independently. He still decided to report this exploit to Nintendo.

    EDIT II: Could a mod please edit the title to replace "Deja vu exploit" with "Part of Deja vu exploit chain"? (On a side note: Would it be allowed to use the report function for that? It doesn't seem that way)
     
    Last edited by pworld, Oct 18, 2018
  2. Kubas_inko

    Kubas_inko "Something funny goes here."

    Member
    13
    Feb 3, 2017
    Czech Republic
    I gues on earth.
    old news...
     
    Last edited by Kubas_inko, Oct 18, 2018
  3. Jayro

    Jayro MediCat USB and Mini Windows 10 Developer

    Member
    14
    GBAtemp Patron
    Jayro is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Jul 23, 2012
    United States
    Octo Canyon
    Welp, time to ban @Daeken from the forums for stabbing us all in the back I suppose.
     
    NoNAND and retrofan_k like this.
  4. pworld
    OP

    pworld Advanced Member

    Newcomer
    3
    Jul 15, 2018
    Austria
    Well, I haven't seen it here. If it was already posted, I should be deleted obviously.
     
  5. iriez

    iriez GBAtemp Fan

    Member
    7
    Oct 27, 2016
    United States
    Damn, that blows.

    Greed fucks us again. Daeken apparently cares more about money than the switch community...which isn't that hard to understand when you see all the immature toxicity.
     
  6. Dona97

    Dona97 Member

    Newcomer
    2
    Mar 24, 2018
    Italy
    What is Mariko??? Why is important??? Thanks :)
     
  7. pworld
    OP

    pworld Advanced Member

    Newcomer
    3
    Jul 15, 2018
    Austria
    Mariko is the new hardware revision, probably at least with a better screen, maybe also with a better SoC (at least it has a different number), combing out late in the next year (probably).
    It will completely fix the hardware bug (I mean, it is also fixed now, but the bootrom is old, so maybe the ipatch doesn't fix everything), so we would have to rely on software bugs. However, the main software bug which could have been used to hack the switch was reported to Nintendo and thus fixed, now we can just hope.
     
  8. Tinnetju

    Tinnetju Member

    Newcomer
    2
    Jul 31, 2018
    Netherlands
    Mariko are the new 'patched' switch consoles. The exploit we have now (the thing with the RCM jig) will probably be patched on those.
     
  9. pworld
    OP

    pworld Advanced Member

    Newcomer
    3
    Jul 15, 2018
    Austria
    Not probably, but certainly. Nintendo already mitigated the exploit by an ipatch. They would have to be beyond stupid to not test whether this exploit is still possible on the new hardware revision.
     
    cearp likes this.
  10. Ashura66

    Ashura66 GBAtemp Advanced Maniac

    Member
    6
    Feb 1, 2016
    Portugal
    Under my bed
    The Mariko units are more than just a simple patch friend, it's a complete hardware revision with a brand new motherboard that doesn't have the same vulnerability that lets you enter RCM
     
  11. sj33

    sj33 GBAtemp Psycho!

    Member
    12
    Oct 22, 2013
    Japan
    You should probably post the follow-up tweets for balance.

    Untitled.

     
    hamrawk likes this.
  12. pworld
    OP

    pworld Advanced Member

    Newcomer
    3
    Jul 15, 2018
    Austria
    Ah, yeah, sorry, when I re-read my OP, it isn't clear that the exploit was independently found and not "stolen".
    Daeken know the exploit was found by others, and he found it later, but independently. He still decided to report this exploit to Nintendo.

    It is certainly not clearly immoral, but also not right IMHO, especially as he was part of the hacking scene and thus could use their knowledge, even if not this specific exploit. Of course everybody has to make money somehow.
     
  13. Der_Blockbuster

    Der_Blockbuster GBAtemp Advanced Fan

    Member
    7
    Mar 2, 2016
    Germany
    Sad day as we finally have confirmation that one of the most useful bugs in the déjà-vu exploit chain was reported for a bounty by @daeken.

    This certainly doesn't mean that the deja vu exploit has been given to Nintendo.
    Correct me if I'm wrong...
     
  14. Localhorst86

    Localhorst86 GBAtemp Addict

    Member
    9
    Jul 17, 2014
    Germany
    Nintendo works for my dad
    some people don't understand the difference between an individual bug and an exploit chain.
     
  15. longxa762

    longxa762 GBAtemp Regular

    Member
    5
    Jan 20, 2013
    Australia
  16. pworld
    OP

    pworld Advanced Member

    Newcomer
    3
    Jul 15, 2018
    Austria
    The exploit chain consists of multiple bugs. And I guess what is meant is the most important bug. The chain breaks one single link breaks, so it is broken. I am unsure how to interpret one of his other tweets though, maybe he has some bug to replace this important bug, as he said he could rewrite the chain, but anyway, there is not so much hope.

    EDIT: maybe it was not the most important bug, aka the "deja vu" exploit itself
     
    Last edited by pworld, Oct 18, 2018
  17. Kukielka

    Kukielka GBAtemp Regular

    Member
    3
    Jul 11, 2018
    Germany
    And all the 12 year olds in their moms basement are like "BUT MUH SWITCH".
    Fucking hilarious! :D
     
  18. eyeliner

    eyeliner Has an itch needing to be scratched.

    Member
    5
    Feb 17, 2006
    Portugal
    Like Nintendo wouldn't know about every exploit currently known. Heck, if they even remotely follow the hacking community, it wouldn't take much time to get there.

    Either way, whoever has the console now will not loose anything. This will affect the future console iterations. Not at all problematic. Happens frequently.
     
  19. josephdin

    josephdin Advanced Member

    Newcomer
    2
    Jun 20, 2018
    United States
    my tweet to him: How does it feel to be an E-Snitch all for a quick buck? @daeken lul he's like the worst kind of hacker too xD #CultureVulture i may have went too far but i'm just angry right now, i'm really against hackers stabbing other hackers in the back, those guys worked endlessly to find an exploit only for others to be petty and cash grab on their success. Pisses me off
     
  20. 8BitWonder

    8BitWonder Small Homebrew Dev

    Member
    10
    Jan 23, 2016
    United States
    47 4F 54 20 45 45 4D
    It was confirmed that Daeken discovered the vuln independently. They did nothing wrong by submitting it.

    Plus community praise doesn't pay bills. :P
     
    Last edited by 8BitWonder, Oct 18, 2018
    iktwo likes this.
Loading...
Thread Status:
Not open for further replies.