Hacking Question Hack a Patched Switch in 2021?

[MK73DS]

Hmmm. Hopefully some developer messes up enough with their game like how ninjahax was made.

My reply is probably super dumb but can't we modify a game update which breaks the game, allowing for exploits like ninjhacks, and transfert this update from an unpatched Switch to a patched Switch via the local game update transfer thing?
Or more generally, can't we use this feature to transfert unexpected things from one (hacked) Switch to another?

 

[Kallrkyle]

My reply is probably super dumb but can't we make modify a game update which breaks the game, allowing for exploits like ninjhacks, and transfert this update from an unpatched Switch to a patched Switch via the local game update transfer thing?
Or more generally, can't we use this feature to transfert unexpected things from one (hacked) Switch to another?

TBH if it was that easy, don't you think it was already done that way ?

Just accept there is only one way way on patched/Mariko, and that is an expensive chip or go buy an unpatched console

 

[MK73DS]

TBH if it was that easy, don't you think it was already done that way ?

That's not really an argument... Imagine if 150 years ago someone said "Can't we try to mimic birds with a structure composed of a central body and two large wings for us humans to fly?" and you said "TBH if it was that easy, don't you think it was already done that way?"

It's just an idea and I know this is currently not possible. But I'd like to know why. Is this local transfer done online with data checking? Are there some kind of protection against modified game data? Is the Switch immune to save attacks no matter how poorly written a game is?

Just accept there is only one way way on patched/Mariko, and that is an expensive chip or go buy an unpatched console

I already own a hacked Switch. I'd like to be able to homebrew my OLED Switch so I can get the best of both worlds so that's why I'm interested in research of ways to hack a patched Switch. I'd like to know why something doesn't work instead of "it doesn't work because otherwise someone would have done it", this is wrong on so many levels, research (in any domain) couldn't exist if "it's not possible because it hasn't been done before" was true.

 

[Deleted member 550701]

I already own a hacked Switch. I'd like to be able to homebrew my OLED Switch so I can get the best of both worlds so that's why I'm interested in research of ways to hack a patched Switch. I'd like to know why something doesn't work instead of "it doesn't work because otherwise someone would have done it", this is wrong on so many levels, research (in any domain) couldn't exist if "it's not possible because it hasn't been done before" was true.

I applaud anyone who tries to hack the patched switches, just beware it will be hard, many experienced hackers failed at this task, but if you want to try then definitely go for it!

 

[M7L7NK7]

My reply is probably super dumb but can't we modify a game update which breaks the game, allowing for exploits like ninjhacks, and transfert this update from an unpatched Switch to a patched Switch via the local game update transfer thing?
Or more generally, can't we use this feature to transfert unexpected things from one (hacked) Switch to another?

You'd have to re-sign the update with N's key, and if you had the key you wouldn't need to try what you're saying

 

[BaamAlex]

but can't we modify a game update which breaks the game

I would say, nintendo won't do the same mistake again. They learned from their past.

 

[Deleted member 535703]

I would say, nintendo won't do the same mistake again. They learned from their past.

Fair, but no system is completely invulnerable

 

[BaamAlex]

but no system is completely invulnerable

Fair, but i would say a savegame exploit will not happen again. But who knows. I don't want to discuss about this. I'm not a programmer or something like this. But when they find something...why not?

 

[Deleted member 535703]

Fair, but i would say a savegame exploit will not happen again. But who knows. I don't want to discuss about this. I'm not a programmer or something like this. But when they find something...why not?

True true.
For all I know the next exploit would be a Nintendo employee leaking something to us.

 

[BaamAlex]

For all I know the next exploit would be a Nintendo employee leaking something to us.

That would be nice.

 

[ZachyCatGames]

Are there some kind of protection against modified game data? Is the Switch immune to save attacks no matter how poorly written a game is?

All content (excluding saves, cal, etc) has a signature created using an RSA2048 private key which cannot be forged without having that private key, and that key is only known by a special signing box at Nintendo/Nvidia.

Save exploits effectively don't exist, you can pwn games, but it won't get you anywhere without additional non-existent bugs.

 

[rhae]

I'm on a patched switch that came with 5.1, it's been 2 years since I got it, never connected to the internet and I'm still waiting for an exploit. Hope someone finds one soon because I'm getting closer and closer to updating it. I can't find anyone who can install a modchip either.

The only thing keeping me away from doing so is my experience with my 3DS; I didn't research about 3ds cfws and thought i'd be like R4DS, updated it right away. When I realized my mistake I sold it and bought a new one. A month later there was an exploit for the firmware I've updated to.

So I'm being more patient with my switch but this is dragging on for too long.

 

[Kallrkyle]

I'm on a patched switch that came with 5.1, it's been 2 years since I got it, never connected to the internet and I'm still waiting for an exploit. Hope someone finds one soon because I'm getting closer and closer to updating it. I can't find anyone who can install a modchip either.

The only thing keeping me away from doing so is my experience with my 3DS; I didn't research about 3ds cfws and thought i'd be like R4DS, updated it right away. When I realized my mistake I sold it and bought a new one. A month later there was an exploit for the firmware I've updated to.

So I'm being more patient with my switch but this is dragging on for too long.

If its a Erista (V1) ipatched you should be abel to use the Deja vu or whatever its called hack iirc, i never tried it myself since both mines are v1 unpatched

If its a Mariko (v2) (RedBox) there is no other solution than a hardware chip and its damn expensive

 

[Hayato213]

I'm on a patched switch that came with 5.1, it's been 2 years since I got it, never connected to the internet and I'm still waiting for an exploit. Hope someone finds one soon because I'm getting closer and closer to updating it. I can't find anyone who can install a modchip either.

The only thing keeping me away from doing so is my experience with my 3DS; I didn't research about 3ds cfws and thought i'd be like R4DS, updated it right away. When I realized my mistake I sold it and bought a new one. A month later there was an exploit for the firmware I've updated to.

So I'm being more patient with my switch but this is dragging on for too long.

You are above 4.1 so your only other option is SX Core/HW Fly modchip.

 

[Kallrkyle]

Guess you never get to old to learn something new, i thought that the Deja Vu, Caffeine or whatever its called was supported up to 7.0, but i was wrong it seams, sorry for that

 

[ZachyCatGames]

Guess you never get to old to learn something new, i thought that the Deja Vu, Caffeine or whatever its called was supported up to 7.0, but i was wrong it seams, sorry for that

Deja Vu can be used on up to 7.0.1, but nobody’s ported it past 4.x yet (and I think some later firms are missing some vulns that’ll need replacing)

 

[Plazorn]

May be pretty far fetched but what if you change a really old switch update file, and make it say something like 19.0.1. Put it on a hacked switch v1 and transfer it over via system transfer.

 

[Draxzelex]

May be pretty far fetched but what if you change a really old switch update file, and make it say something like 19.0.1. Put it on a hacked switch v1 and transfer it over via system transfer.

We can't modify or even forge system update files because we need the signing key that only Nintendo has. And there is no way we are ever going to get our hands on that key.

 

[tech3475]

We can't modify or even forge system update files because we need the signing key that only Nintendo has. And there is no way we are ever going to get our hands on that key.

Plus efuses.

 

[Deleted member 535703]

Update: Maybe naming a peripheral like a microSD or USB-C connector something really specific can do something like the PS3 Vendor Mode.