Hacking Exploiting the Switch with Ocarina of Time

OldGnashburg

Cobra Chicken Summoner
OP
Member
Joined
Feb 6, 2017
Messages
435
Trophies
0
Location
Alberta, Canada
XP
2,024
Country
Canada
So here's a possibly dumb question, back in 2019 Arbitrary Code Execution was discovered in OoT, it was crude, required crazy controller shenanigans, but as more things were discovered, OoT is at the point where you can get Total Control with one instance of SRM which is basically a use after free bug. It's fully within the capabilities of OoT on the Wii and GameCube to sandbox escape and in the case of the GameCube, warp to the credits in Majora's Mask, and I'm the case of Wii, anything, including homebrewing the console, the only reason it hasn't been done is because it requires designing a rather larger payload and the only way to run something like that without being a TAS is removing the character limit on the file screen and using that to type in your payload. It's been theorized that you could also pull data from system information from the host console, for example in the Wii, pulling data from a Mii, or System Name or other stuff. Anyways long story short, what ACE in N64 games mean for Switch homebrew.
 

masagrator

The patches guy
Member
Joined
Oct 14, 2018
Messages
4,442
Trophies
2
XP
7,388
Country
Poland
issue with your theorem is that Gamecube and Wii don't use or use fake ASLR (with predictable randomization). This was issue with all Nintendo consoles to 3DS and WiiU lineup included.
Switch is using full-fledged ASLR. Escaping sandbox is not possible without defeating ASLR unpredictability.
 

Draxzelex

Well-Known Member
Member
Joined
Aug 6, 2017
Messages
16,219
Trophies
1
Age
27
Location
New York City
XP
11,074
Country
United States
So here's a possibly dumb question, back in 2019 Arbitrary Code Execution was discovered in OoT, it was crude, required crazy controller shenanigans, but as more things were discovered, OoT is at the point where you can get Total Control with one instance of SRM which is basically a use after free bug. It's fully within the capabilities of OoT on the Wii and GameCube to sandbox escape and in the case of the GameCube, warp to the credits in Majora's Mask, and I'm the case of Wii, anything, including homebrewing the console, the only reason it hasn't been done is because it requires designing a rather larger payload and the only way to run something like that without being a TAS is removing the character limit on the file screen and using that to type in your payload. It's been theorized that you could also pull data from system information from the host console, for example in the Wii, pulling data from a Mii, or System Name or other stuff. Anyways long story short, what ACE in N64 games mean for Switch homebrew.
Also, we don't have Ocarina of Time for the Switch...
 

Arilys

Member
Newcomer
Joined
Feb 3, 2018
Messages
21
Trophies
0
Age
28
XP
84
Country
Portugal
Also, we don't have Ocarina of Time for the Switch...
OP probably asked this because of the N64 games that Nintendo's gonna make available with the Online Expansion Pack, where OoT is included.

But yeah, wouldn't expect too much due to what masagrator mentioned.
 
General chit-chat
Help Users
    KennieDaMeanie @ KennieDaMeanie: It's my alter egos fault