Got an idea...

Discussion in 'Switch - Hacking & Homebrew' started by DoJo_Master, Mar 25, 2017.

  1. DoJo_Master
    OP

    DoJo_Master GBAtemp Advanced Fan

    Member
    605
    154
    May 7, 2013
    Canada
    Probably completely stupid idea but I had this thought while working.

    Its strange but if you dont know already, a usb keyboard does infact work with the nintendo switch
    ( http://www.nintendolife.com/news/2017/03/usb_keyboards_work_with_the_nintendo_switch )

    I was thinking maby we could use a device like a USB rubber ducky to brute force keystrokes into the switch, Im almost positive there has to be an exploit using this method. I highly doubt we will ever find that exploit but it is an idea, and the rubber ducky could help by mass entering keys and impossible speeds. Have it run for a month for example and record it until the switch encounters an error/glitch.

    I doubt the switch/modern devices work this way but another reason I thought this might work is due to the ability to inject code into the SNES with various D pad movements in mario, it is a tedious task as your writing code in binary but never the less it is possible. ( )

    With all this info I cant help but think there is an exploit berried in here somewhere, I just think that the ability to use a keyboard on a nintendo device is too good of an opportunity to overlook.


    Thats my two cents
     
    Last edited by DoJo_Master, Mar 25, 2017
    Quantumcat likes this.


  2. Sonic Angel Knight

    Sonic Angel Knight GBAtemp Guru

    Member
    9,484
    4,693
    May 27, 2016
    United States
    New York
    Someone been watching TAS videos. :P

     
  3. DoJo_Master
    OP

    DoJo_Master GBAtemp Advanced Fan

    Member
    605
    154
    May 7, 2013
    Canada
    Haha exactly!, don't think this has an potential tho?
     
  4. linuxares

    linuxares GBAtemp Psycho!

    Member
    3,024
    1,202
    Aug 5, 2007
    If I remember a thread correct a guy checked how the ARM works and it will dump scrap memory before it becomes an issue. So I'm not sure if this is a valid option.
     
  5. DoJo_Master
    OP

    DoJo_Master GBAtemp Advanced Fan

    Member
    605
    154
    May 7, 2013
    Canada
    Do you have a link?
     
  6. linuxares

    linuxares GBAtemp Psycho!

    Member
    3,024
    1,202
    Aug 5, 2007
    Sorry no, it was on the forum though.
     
  7. CeeDee

    CeeDee Can't Think Straight

    Member
    GBAtemp Patron
    CeeDee is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    3,785
    5,273
    May 4, 2014
    United States
    We'd still need an exploit (say a bug in a game) to be able to do any sort of button-press based arbitrary code execution on the Switch.
     
  8. DoJo_Master
    OP

    DoJo_Master GBAtemp Advanced Fan

    Member
    605
    154
    May 7, 2013
    Canada
    Thats why I thought a rubber ducky could help find that exploit, brute force kinda thing
     
  9. linuxares

    linuxares GBAtemp Psycho!

    Member
    3,024
    1,202
    Aug 5, 2007
    Well the question is how ARM Trustzone works now days. Does it properly handle a buffer overflow?
     
  10. DoJo_Master
    OP

    DoJo_Master GBAtemp Advanced Fan

    Member
    605
    154
    May 7, 2013
    Canada
    Ya that was my main worry, the SNES is a very old system that did not have brute force keystroke protection... Still would like some more info on how the switch deals with mass ammount of key inputs
     
  11. linuxares

    linuxares GBAtemp Psycho!

    Member
    3,024
    1,202
    Aug 5, 2007
    It's have nothing to do with brute forcing. It have to do it's not clearing the memory properly, that's why you even can program the game with a normal SNES controller. By doing jumps etc. at specific parts, you program different bites and bytes.
    So basically what the rubberducky would do on a SNES is just overload it with different commands to do at the same time reprogramming the game into a glitchy mess.
     
  12. DoJo_Master
    OP

    DoJo_Master GBAtemp Advanced Fan

    Member
    605
    154
    May 7, 2013
    Canada
    I understand that, but my idea was that in order to find the correct combination we use a crazy ammount of other combinations with the ducky there for increasing your odds of finding that working injection point
     
  13. linuxares

    linuxares GBAtemp Psycho!

    Member
    3,024
    1,202
    Aug 5, 2007
    Of course... dumb question however. Wouldn't it be just as easy to plugin a cheap keyboards and smack it randomly? Just to see if something happens?
     
  14. DoJo_Master
    OP

    DoJo_Master GBAtemp Advanced Fan

    Member
    605
    154
    May 7, 2013
    Canada
    Haha maby, I already own a ducky and they are dirty cheap.... I have a feeling smashing your keyboard wouldnt do shite for the longest amount of time, could just plug in that ducky and have it go crazy for a few weeks until the camera catches something odd, effort is minimum
     
  15. linuxares

    linuxares GBAtemp Psycho!

    Member
    3,024
    1,202
    Aug 5, 2007
    well then! Best bet I would say is a indie game. Look for a dirty cheap one and not so known one, they often don't have the most experienced programmers.
     
  16. DoJo_Master
    OP

    DoJo_Master GBAtemp Advanced Fan

    Member
    605
    154
    May 7, 2013
    Canada
    Do games on the switch use keyboard input? As far as I know its just the system menus
     
  17. linuxares

    linuxares GBAtemp Psycho!

    Member
    3,024
    1,202
    Aug 5, 2007
    not sure, maybe Isaac?
     
  18. DoJo_Master
    OP

    DoJo_Master GBAtemp Advanced Fan

    Member
    605
    154
    May 7, 2013
    Canada
    This here is exactly what I am referring too, the kid in the video is basically a rubber ducky pressing random buttons on his xbox and somehow he bypassed the log in screen due to a bug this method found!

    Just pretend the usb ducky is this same kid, very good example of what Im trying to accomplish
     
  19. yardie

    yardie GBAtemp Regular

    Member
    285
    177
    Mar 27, 2016
    United States
    so much stupidity in one thread
     
    Mnecraft368 likes this.
  20. BL4Z3D247

    BL4Z3D247 GBAtemp Stoner

    Member
    1,527
    362
    Oct 22, 2008
    United States
    I'm so high, I don't even know!
    It's not like you weren't warned. The OP literally says it in the first sentence of the first post.