If you modified a keyboard in the right way (or just used an Arduino or something) is it possible to type Unicode control characters and stuff through USB? If so, could this be used for code injection?
From https://github.com/dekuNukem/Nintendo_Switch_Reverse_Engineering (at the bottom of the Page):
Docking station firmware dump
The docking station uses a STM32F048 microcontroller. It's actually labeled as STM32P048 because it uses the FASTROM option where ST pre-programs the flash memory inside the factory. It has 32KB flash memory and 6KB RAM, runs at 48MHz.
It uses SWD debugging and programming interface, and interestingly the programming testpoints are on the PCB and clearly labeled. After connecting a ST-Link programmer to it reveals that the chip is not read-protected at all, so a firmware dump was easily made. I'm not going to post it in the repo, but if you want it just ask.
May be helpfull information, maybe get in contact with him?
Most motherboards should include USB-Type C.So I ordered a USB C extension cord, only to realize I do not have a USB C port on my PC. Doh!
most motherboards "that came out within the past year"-ish will have them.Most motherboards should include USB-Type C.
As far as i know AM4 motherboards have these [AMD Ryzen 7 motherboard]
From https://github.com/dekuNukem/Nintendo_Switch_Reverse_Engineering (at the bottom of the Page):
Docking station firmware dump
The docking station uses a STM32F048 microcontroller. It's actually labeled as STM32P048 because it uses the FASTROM option where ST pre-programs the flash memory inside the factory. It has 32KB flash memory and 6KB RAM, runs at 48MHz.
It uses SWD debugging and programming interface, and interestingly the programming testpoints are on the PCB and clearly labeled. After connecting a ST-Link programmer to it reveals that the chip is not read-protected at all, so a firmware dump was easily made. I'm not going to post it in the repo, but if you want it just ask.
May be helpfull information, maybe get in contact with him?
I fly racing drones and almost all of our flight controllers are based on the STM family of chips F1 through F4 currently. I wonder what would happen if I tried to connect to the dock with our flight controller software and run the dump command.
3) ***The most exciting*** Nintendo was thinking about future expansion. By using a lower level protocol than DP they can offer a higher end dock down the road that offers improved capabilities like 4K. This is not uncommon for Nintendo. The N64 had that memory expansion. Plus such a device has been rumored to be in development, and the source of the rumor has brought up several other things that turned out to be true.
What? No reliable source ever mentioned something like that. The only place that "rumor" was mentioned was in a Nintendo patent that will never get used like the clickeable scroll wheels and the oval-shaped handheld.There is a rumor that something like that is in the works, and it is coming from a reliable source. Time will tell though.
That isn't the Switch OS. It's only specific open-source components that they made use of:I dont know if this is possible but can we inject a certain firmware to downgrade cause the switch os is open source
https://www.nintendo.co.jp/support/oss/data/NintendoSwitch_OpenSources1.0.0.zip
(i dont know so much but could this after some research be done, i dont even know if the dock has acces to the firmware so...)
I dont know if this is possible but can we inject a certain firmware to downgrade cause the switch os is open source
https://www.nintendo.co.jp/support/oss/data/NintendoSwitch_OpenSources1.0.0.zip
(i dont know so much but could this after some research be done, i dont even know if the dock has acces to the firmware so...)
Is it possible to just put the HDMI chip into a empty 3D printed Switch dock? Then you would not need to decode.After doing more research I have pretty much given up on using generic hardware to make my own dock. I will probably be modding my own.
As for using this as a hacking vector, I think this is definitely possible looking at the various chips and how the system is working. It all comes down to how much trust they put in the hardware behaving how the software expects. I will never underestimate lazy programmers under a time crunch to do stupid things.
As for sniffing the USB communications, it is a matter of tricking the bus to connect at slower speeds. USB 3.1 is backwards compatible with USB 1.1. As such if you take USB 1.1 hub and plug it in between the Switch and it's dock, the USB communication should still try to work. It will take some goofy cable arrangements to get this to work, but it should be doable. The devices will probably hate operating at that speed, but that shouldn't stop them from trying to do so. Just like if you plug a USB 3.0 thumb drive into a USB 1.1 port. If this works (I give it a 30% chance of doing so) then it is just a matter of using an Arduino to dump the USB bus. No $10K debuggers needed.
What? There is only one little board on the dock, which has the HDMI, USB, and charging ports on there. Putting it in a different case wont make a difference, its like putting a PCs internals into a different case, just the outer shell has changed.Is it possible to just put the HDMI chip into a empty 3D printed Switch dock? Then you would not need to decode.
Yes. There are actually a number of projects/designs in the wild with this in mind already.Is it possible to just put the HDMI chip into a empty 3D printed Switch dock? Then you would not need to decode.