Toggle sidebar

Hacking Deja vu exploit given to Nintendo

  • Thread starter Thread starter pworld
  • Start date Start date
  • Views Views 12,573
  • Replies Replies 39
Status
Not open for further replies.
P

pworld

Well-Known Member
Member
Level 5
Joined
Jul 15, 2018
Messages
114
Reaction score
33
Trophies
0
Age
37
XP
754
Country
Austria
Unfortunately, the deja vu exploit an important bug of the deja vu exploit chain (from what I have read in https://daeken.svbtle.com/nintendo-switch-nvservices-info-leak it is "not the most critical bug") has been given to Nintendo as part of a bug bounty program


Hexkyz thinks there will probably have no bugs usable for hacking the switch when Mariko arrives.

EDIT for clarity:
Daeken knew the exploit was found by others, and he found it later, but independently. He still decided to report this exploit to Nintendo.


EDIT II: Could a mod please edit the title to replace "Deja vu exploit" with "Part of Deja vu exploit chain"? (On a side note: Would it be allowed to use the report function for that? It doesn't seem that way)
 
Last edited by pworld,
Well, I haven't seen it here. If it was already posted, I should be deleted obviously.
 
Damn, that blows.

Greed fucks us again. Daeken apparently cares more about money than the switch community...which isn't that hard to understand when you see all the immature toxicity.
 
Mariko is the new hardware revision, probably at least with a better screen, maybe also with a better SoC (at least it has a different number), combing out late in the next year (probably).
It will completely fix the hardware bug (I mean, it is also fixed now, but the bootrom is old, so maybe the ipatch doesn't fix everything), so we would have to rely on software bugs. However, the main software bug which could have been used to hack the switch was reported to Nintendo and thus fixed, now we can just hope.
 
Tinnetju said:
Mariko are the new 'patched' switch consoles. The exploit we have now (the thing with the RCM jig) will probably be patched on those.
Click to expand...
Not probably, but certainly. Nintendo already mitigated the exploit by an ipatch. They would have to be beyond stupid to not test whether this exploit is still possible on the new hardware revision.
 
  • Like
Reactions: cearp
Tinnetju said:
Mariko are the new 'patched' switch consoles. The exploit we have now (the thing with the RCM jig) will probably be patched on those.
Click to expand...

The Mariko units are more than just a simple patch friend, it's a complete hardware revision with a brand new motherboard that doesn't have the same vulnerability that lets you enter RCM
 
You should probably post the follow-up tweets for balance.

Untitled.jpg


 
  • Like
Reactions: radrom
Ah, yeah, sorry, when I re-read my OP, it isn't clear that the exploit was independently found and not "stolen".
Daeken know the exploit was found by others, and he found it later, but independently. He still decided to report this exploit to Nintendo.

It is certainly not clearly immoral, but also not right IMHO, especially as he was part of the hacking scene and thus could use their knowledge, even if not this specific exploit. Of course everybody has to make money somehow.
 
Sad day as we finally have confirmation that one of the most useful bugs in the déjà-vu exploit chain was reported for a bounty by @daeken.

This certainly doesn't mean that the deja vu exploit has been given to Nintendo.
Correct me if I'm wrong...
 
Der_Blockbuster said:
Sad day as we finally have confirmation that one of the most useful bugs in the déjà-vu exploit chain was reported for a bounty by @daeken.

This certainly doesn't mean that the deja vu exploit has been given to Nintendo.
Correct me if I'm wrong...
Click to expand...
some people don't understand the difference between an individual bug and an exploit chain.
 
The exploit chain consists of multiple bugs. And I guess what is meant is the most important bug. The chain breaks one single link breaks, so it is broken. I am unsure how to interpret one of his other tweets though, maybe he has some bug to replace this important bug, as he said he could rewrite the chain, but anyway, there is not so much hope.

EDIT: maybe it was not the most important bug, aka the "deja vu" exploit itself
 
Last edited by pworld,
And all the 12 year olds in their moms basement are like "BUT MUH SWITCH".
Fucking hilarious! :D
 
Like Nintendo wouldn't know about every exploit currently known. Heck, if they even remotely follow the hacking community, it wouldn't take much time to get there.

Either way, whoever has the console now will not loose anything. This will affect the future console iterations. Not at all problematic. Happens frequently.
 
my tweet to him: How does it feel to be an E-Snitch all for a quick buck? @daeken lul he's like the worst kind of hacker too xD #CultureVulture i may have went too far but i'm just angry right now, i'm really against hackers stabbing other hackers in the back, those guys worked endlessly to find an exploit only for others to be petty and cash grab on their success. Pisses me off
 
iriez said:
Damn, that blows.

Greed fucks us again. Daeken apparently cares more about money than the switch community...which isn't that hard to understand when you see all the immature toxicity.
Click to expand...
It was confirmed that Daeken discovered the vuln independently. They did nothing wrong by submitting it.

Plus community praise doesn't pay bills. :P
 
Last edited by 8BitWonder,
  • Like
Reactions: iktwo
Status
Not open for further replies.

Site & Scene News

Go to forum More news

Popular threads in this forum

Dusk for switch (TLoZ Twilight Princess port)

Homebrew  New Homebrew "Foil Server"?

Homebrew  Full List of N64 Recompilation Switch ports

Hacking  WiFi chip failing and can't boot. is it possible to enable Airplane Mode by editing system save files directly?

Homebrew Tutorial Translation Project  CS2SX — Write Nintendo Switch Homebrew in C#

Homebrew  Sonic Unleashed Recompiled (Homebrew Port)

Is it fixable

Hacking Emulation  Switch Prod Keys downloading from sites okay?