Hacking "Get on 3.0.0 - Stay on 3.0.0"

TiMeBoMb4u2

Well-Known Member
OP
Member
Joined
Oct 25, 2008
Messages
1,550
Trophies
0
Location
Hyrule
XP
1,198
Country
United States
Straight from the mouth of "plutoo"...

screencap.png
 

TiMeBoMb4u2

Well-Known Member
OP
Member
Joined
Oct 25, 2008
Messages
1,550
Trophies
0
Location
Hyrule
XP
1,198
Country
United States
Doesn't 3.0 contain the battery bug? Obviously people will need to upgrade anyway but if there are problems then it may be worth reminding people.
I have pokken so I'm staying below for now.
For the record... I'm staying where I am, for now, as well. I'd like to see what comes of the 3.0.0 homebrew scene, before I update.
 
  • Like
Reactions: XxShalevElimelechxX

Lacius

Well-Known Member
Member
Joined
May 11, 2008
Messages
18,099
Trophies
3
XP
18,338
Country
United States
If you're on something lower than 3.0.0, you should not update to 3.0.0 for the time being. In other words, if you're on 1.0.0-3.0.0, stay where you're at.
 
Last edited by Lacius,

Baoulettes

The lonely man
Member
Joined
May 25, 2011
Messages
841
Trophies
1
Age
33
Location
C:\Users\Baoulettes\Desktop\GBATemp
Website
www.baoulettes.fr
XP
2,320
Country
France
Doesn't 3.0 contain the battery bug? Obviously people will need to upgrade anyway but if there are problems then it may be worth reminding people.

I have pokken so I'm staying below for now.
Hm mind explaining that bug ?
I am on 3.0.0 with issue to play all day
 

Thelonewolf88

Well-Known Member
Member
Joined
Jun 11, 2016
Messages
304
Trophies
0
Age
35
XP
333
Country
United States
Doesn't 3.0 contain the battery bug? Obviously people will need to upgrade anyway but if there are problems then it may be worth reminding people.

I have pokken so I'm staying below for now.

It does yeah, which is why i have held off updating from 2.0.0 to 3.0.0 with Pokken. See how it pans out over time.
 

tunip3

[debugger active]
Banned
Joined
Oct 31, 2016
Messages
1,675
Trophies
0
XP
1,661
Country
United Kingdom
I'm not aware of any benefit 2.3 has over 3.0 right now. However, it's always good practice to stay on the lowest software version possible. Better to need to update to 3.0.0 later than to update now and be unable to use something that 2.3 has and 3.0 doesn't.
theyre are a couple extra vulns in 2.3 look over the 34c3 confrence to see which
 
  • Like
Reactions: weatMod

kublai

Well-Known Member
Member
Joined
May 29, 2008
Messages
508
Trophies
1
XP
2,038
Country
United States
Doesn't 3.0 contain the battery bug? Obviously people will need to upgrade anyway but if there are problems then it may be worth reminding people.

I have pokken so I'm staying below for now.
maybe the battery bug can turn into an exploit like the PSP.
 

cholaloula

Well-Known Member
Newcomer
Joined
May 15, 2017
Messages
62
Trophies
0
Age
38
XP
348
Country
France
theyre are a couple extra vulns in 2.3 look over the 34c3 confrence to see which
I saw the conference but can't see what extra vulnerabilities, It's the question of the thread I opened https://gbatemp.net/threads/3-0-0-mandatory.492851/
I'm in the 2.3 case and will wait to see if there's a real advantage. From what I saw 3.0.0 is the way to go as it's the firmware that permitted the ROhan exploit...Am I wrong?
 
  • Like
Reactions: weatMod

TiMeBoMb4u2

Well-Known Member
OP
Member
Joined
Oct 25, 2008
Messages
1,550
Trophies
0
Location
Hyrule
XP
1,198
Country
United States
I'm not aware of any benefit 2.3 has over 3.0 right now. However, it's always good practice to stay on the lowest software version possible. Better to need to update to 3.0.0 later than to update now and be unable to use something that 2.3 has and 3.0 doesn't.
For the most part, this is true, and it is one of the reasons I'll be staying where I'm at, for now.
It's sure tempting, though, when he says, "Get on firmware 3, if you're lower." —

 
Last edited by TiMeBoMb4u2,
  • Like
Reactions: leonmagnus99

Lacius

Well-Known Member
Member
Joined
May 11, 2008
Messages
18,099
Trophies
3
XP
18,338
Country
United States
For the most part, this is true, and it is one of the reasons I'll be staying where I'm at, for now.
It's sure tempting, though, when he says, "Get on firmware 3, if you're lower."
I'm not aware of any benefit 2.3 has over 3.0 right now. However, it's always good practice to stay on the lowest software version possible. Better to need to update to 3.0.0 later than to update now and be unable to use something that 2.3 has and 3.0 doesn't.

I'm staying where i am.
4.1.

But I'm happy for all you that had the patience to wait for boring, worthless homebrew.

Have fun with Pong and DOOM, [emoji23]

Sent from my F8331 via Tapatalk
Don't try to bring people down just because you're on 4.1.
 

cholaloula

Well-Known Member
Newcomer
Joined
May 15, 2017
Messages
62
Trophies
0
Age
38
XP
348
Country
France
Just making a copy/paste from rohan url :

-----------------------------

ROhan is an exploit to enable userland arbitrary code execution on Switch OS 3.0. It works due to Nintendo’s code making a number of assumptions that don’t hold when sm:h is in play:

  • With OS 3.0.0, Nintendo split the ldr:ro service away from the ldr sysmodule, in an attempt to limit the attack surface of the critical ldr.
  • The newly-created RO sysmodule contains a codepath meant to ease testing for use on devkits: when loading in NRR files (which validate the integrity of NRO “dlls”), the module will contact the spl: service to check the IsDebugMode flag, and contact the settings sysmodule to request the ro!ease_nro_restriction setting. If both of these are set, the signature check is skipped.
Both of these changes mark theoretical improvements to the system's security. However, sm:h grants full access to the services API – including both registering and unregistering existing services. As such, the exploit flow looks like this:

  1. Set the ro!ease_nro_restriction setting to 1
  2. Using a compromised sysmodule (more on this later), MITM the spl: service to cause any GetConfig call of type 0xb (IsDebugMode) to return 1
  3. Kill and relaunch ro
  4. Load any unsigned nrr
  5. Load any nro whose hash exists in that nrr
The reason we need a compromised sysmodule is that the ReplyAndReceive syscall, required to imitate a service, simply doesn’t exist in the browser. As such, we hijack an existing sysmodule to perform this attack.

In 3.0, the sdb sysmodule contains a number of bugs that make it a prime target. We currently have an arbitrary write and control of the execution flow; what we don’t have is an actual ROP/JOP-chain to allow arbitrary function calling. This is the sole piece missing for userland ACE on the Switch.

--------------------------

I think that's the reason why Plutoo recommends to upgrade to 3.0.0 but Tunip3 seems to imply the 34c3 speech indicated 2.3.0 could have advantages...
 

TiMeBoMb4u2

Well-Known Member
OP
Member
Joined
Oct 25, 2008
Messages
1,550
Trophies
0
Location
Hyrule
XP
1,198
Country
United States
I'm staying where i am.
4.1.
But I'm happy for all you that had the patience to wait for boring, worthless homebrew.
Have fun with Pong and DOOM, [emoji23]
Sent from my F8331 via Tapatalk
I only bought my Switch for Zelda... Beat it, and I'm still below firmware v3.x.
I can update whenever I like. You, however, cannot ever downgrade, if you decide later you wanted to....unless, of course, someone figures a way to bypass the eFuses.
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • K3Nv2 @ K3Nv2:
    They haslve dedicated on board chips that aren't tweaked like x64/x32 afaik
  • ColdBlitz @ ColdBlitz:
    but its a custom os for both of them
  • ColdBlitz @ ColdBlitz:
    designed for only specific hardware
  • ColdBlitz @ ColdBlitz:
    so you have to learn to emulate that specific hardware which isn't as easy as you'd think
  • K3Nv2 @ K3Nv2:
    It's a locked down Linux distro basically
  • Psionic Roshambo @ Psionic Roshambo:
    I think the only custom hardware is to do with the SSD and a security chip
  • Psionic Roshambo @ Psionic Roshambo:
    Probably combined in one chip
  • K3Nv2 @ K3Nv2:
    They place married security chips onto boards iirc
  • Psionic Roshambo @ Psionic Roshambo:
    Damn Frontier is offering 5Gbps now lol
  • K3Nv2 @ K3Nv2:
    I honestly can't recommend any of the big 3 this years I'd say buy a rog ally z1 if we're being honest
  • Psionic Roshambo @ Psionic Roshambo:
    Honestly after the PS3 and 360 I just went full PC
  • K3Nv2 @ K3Nv2:
    Every games basically cross platform they only have about 6 titles making it worth the $600 price tag
  • Psionic Roshambo @ Psionic Roshambo:
    Didn't see much need for a console, all the advantages have kind of disappeared
  • ColdBlitz @ ColdBlitz:
    the ps3 used to support installing linux because the cpu was so powerful
  • K3Nv2 @ K3Nv2:
    Then the games are $70 and they want to reboot and refresh the same game every year
  • K3Nv2 @ K3Nv2:
    The ps3 was always Linux they just found a way to make it open source
  • ColdBlitz @ ColdBlitz:
    I'm avoiding buying from the big 3 at all atm
  • Psionic Roshambo @ Psionic Roshambo:
    At one point PC game pads where poorly supported, loading a game had setup, it was complicated. Now it's almost as easy as a console.
  • ColdBlitz @ ColdBlitz:
    nintendo needs to up their game soon
  • K3Nv2 @ K3Nv2:
    Yeah even bt support for Xbox one controllers are just as easy as pairing
    +1
  • ColdBlitz @ ColdBlitz:
    considering the steamdeck can emulate the switch (yikes) theres almost 0 reason to buy the switch apart from playing online and using cartridges
  • K3Nv2 @ K3Nv2:
    Xinput and 360 dongles were a driver nightmare
  • K3Nv2 @ K3Nv2:
    I remember having to manually put in drivers and what not
  • Psionic Roshambo @ Psionic Roshambo:
    Yeah the 360 dongles sucked
  • Psionic Roshambo @ Psionic Roshambo:
    But the new Xbox pads? PIr it up and if a game supports it it just works
    Psionic Roshambo @ Psionic Roshambo: But the new Xbox pads? PIr it up and if a game supports it it just works