Hacking Discussion: What is Xecuter's mod?

[kataclysmicmind]

Most likely it's a device that takes advantage of the four corners magnet exploit. If you hold all four corners of the screen while booting it up and then place a neodymium magnet in the back dead center you can boot anything you want.,

works!!!

 

[Spotted Cube]

Most likely it's a device that takes advantage of the four corners magnet exploit. If you hold all four corners of the screen while booting it up and then place a neodymium magnet in the back dead center you can boot anything you want.,

It works guys.

 

[FliP0x]

It works guys.

What exactly were you able to boot? Something useful or just PoC?

 

[Spotted Cube]

What exactly were you able to boot? Something useful or just PoC?

Wow

 

[nikeymikey]

No in the video they show a cooldboot, you cannot do it with a cartridge.

The video was from failoverflow not Xecuter, they are different groups and would NEVER work together!!

What exactly were you able to boot? Something useful or just PoC?

Some people are just born gullible

 

[studio1b]

my thoughts and these are only thoughts.

1.) hard mod to solder in to the system more or less the points that are next to the emmc
2.) some keys are unique to the console itself so this would make me believe that some type of glitching after you have installed the hard mod in to the system to get your OWN keys.
3.) once you have the keys of the system then you can build a cfw image.

I'm thinking it will be something like XEXBUILD where you dump the nand add it to the program and add the key needed. then build a cfw.

to everyone that says the system is to small to be adding things inside this is false the system has way then enough room for a chip that is the size of my thumb nail

 

[TheCyberQuake]

The video was from failoverflow not Xecuter, they are different groups and would NEVER work together!!



Some people are just born gullible

Actually the TX vid also appears to be coldboot . Two different teams can achieve coldboot exploits without working together.

 

[nikeymikey]

Actually the TX vid also appears to be coldboot . Two different teams can achieve coldboot exploits without working together.

Yes you are correct Brainfart!!!!!

 

[brickmii82]

I’m honestly thinking it’s gonna be a 1 time glitch/Programmer tool. It seems from this video that they undervolted the cpu to glitch it and get the console specific key from the keyblob, which is only accessible to pkg1ldr.

Watch from about 25 minutes on. This is why I’m inclined to believe it’s a glitch device with a programming functionality. I’d imagine after decryption, the efuse downgrade protection could be rendered useless. Plus he mentions that the hash is stored in the efuses, similar to the CPU key on the Xbox 360.

 

[urherenow]

No in the video they show a cooldboot, you cannot do it with a cartridge.

that's no logic at all. A cartridge could be used to exploit the system, allowing their cold-boot stuff to be installed. Like ntrboot.

 

[GilgameshArcher]

We can speculate

Like in the stocks

 

[Bladexdsl]

team x only do hard mods

 

[FliP0x]

Wow

I would not know what a wow is in the hacking scene, please elaborate with your kind knowledge.

 

[lembi2001]

What exactly were you able to boot? Something useful or just PoC?

I would not know what a wow is in the hacking scene, please elaborate with your kind knowledge.

You are kidding right???

Let me spell it out for you.

DO NOT DO THIS!!! IT WILL MORE THAN LIKELY BREAK YOUR SWITCH

 

[FliP0x]

You are kidding right???

Let me spell it out for you.

DO NOT DO THIS!!! IT WILL MORE THAN LIKELY BREAK YOUR SWITCH

I am not kidding, but I like to make fun of stupid suggestions.

 

[boscocraftXD]

Man, if it's hard mod, Nintendo will be in trouble. There WILL be no stopping players.

Oh you banned me? Here. Let me change my console ID. Oh? You pushed an update that blocks my exploit? Give me a minute to re flash my nand.

 

[Selver]

Man, if it's hard mod, Nintendo will be in trouble. There WILL be no stopping players.
Oh you banned me? Here. Let me change my console ID. Oh? You pushed an update that blocks my exploit? Give me a minute to re flash my nand.

Except that each switch has a unique client certificate that is required for talking to their servers. Therefore, if your switch gets banned from online, that client certificate is banned forever... no more online for you.
And no sharing of certificates, because they can (and likely will) scan for multiple users using a common client certificate... easy ban. Doesn't matter what your console ID is, and it's cryptographically infeasible to generate your own valid client certificates.

Nintendo has done quite a bit right in securing the Switch console. Nothing is unhackable, but any detected hack can be perma-banned from online services.

 

[TheCyberQuake]

that's no logic at all. A cartridge could be used to exploit the system, allowing their cold-boot stuff to be installed. Like ntrboot.

That's... Not how it works. Ntrboot only worked because nintendo left in a secret backdoor using specially encrypted carts, and bootrom had an exploit that essentially let us sign our own firms, which meant we could sign our own specialty boot carts. Very unlikely switch has both of those. Nintendo likely left out cart booting in favor of going through usb c. So no I can pretty much guarantee it won't be a flash card solution.

 

[Bladexdsl]

their device is just a code to unlock hax and it's

U,U,D,D,L,R,L,R,A,B,Select,Start