Hacking Hacking the Switch through the Album?

GerbilSoft

Well-Known Member
Member
Joined
Mar 8, 2012
Messages
2,395
Trophies
2
Age
34
XP
4,249
Country
United States
Define those, I am not sure what those are (I know, I'm stupid).
HMAC = Hash-based message authentication code. Basically, you use a standard hash function, but add in a secret key. Nintendo DSi uses SHA1-HMAC for banners, which is why DSi-compatible flash carts use banners from licensed games instead of their own games.

RSA signature = using RSA public key cryptography to create a signature that validates the contents of some file. Usually this is done by taking a hash of the contents and then encrypting the hash using the RSA private key. The signature can be verified by decrypting the hash with the public key and comparing that hash with the actual hash. RSA signatures are used by the DSi and 3DS for virtually everything.

As far as I know, there are no general-purpose cracks for RSA signatures other than brute-force. However, that's assuming the implementation is working. The 3DS Boot ROM signature hax was only possible because the Boot ROM's RSA verification function is broken. (The main FIRM RSA verification is correct, though.)
 
D

Deleted User

Guest
HMAC = Hash-based message authentication code. Basically, you use a standard hash function, but add in a secret key. Nintendo DSi uses SHA1-HMAC for banners, which is why DSi-compatible flash carts use banners from licensed games instead of their own games.

RSA signature = using RSA public key cryptography to create a signature that validates the contents of some file. Usually this is done by taking a hash of the contents and then encrypting the hash using the RSA private key. The signature can be verified by decrypting the hash with the public key and comparing that hash with the actual hash. RSA signatures are used by the DSi and 3DS for virtually everything.

As far as I know, there are no general-purpose cracks for RSA signatures other than brute-force. However, that's assuming the implementation is working. The 3DS Boot ROM signature hax was only possible because the Boot ROM's RSA verification function is broken. (The main FIRM RSA verification is correct, though.)
Alrighty! Thanks for letting me know. I'm assuming these things are stored outside of the image?
 

GerbilSoft

Well-Known Member
Member
Joined
Mar 8, 2012
Messages
2,395
Trophies
2
Age
34
XP
4,249
Country
United States
Alrighty! Thanks for letting me know. I'm assuming these things are stored outside of the image?
I haven't checked yet, but it may or may not be. The signature and/or HMAC could be in some EXIF tags, or simply appended to the file, or stored in some extra database file somewhere.

The secret keys are definitely not stored in the image, though.
 
D

Deleted User

Guest
Not confirmed that it is a hash or anything.
But after checking the header, the only part that changes consistently between files and could contain a hash is this.
Alright. Thanks for letting me know. I have to work on my 3ds homebrew for a few hours, but later I can check it out.
 
  • Like
Reactions: Seelbreaker

SciresM

Developer
Developer
Joined
Mar 21, 2014
Messages
972
Trophies
3
Age
33
XP
8,253
Country
United States
Seems like the Switch signs the JPGs with hashes much like the DSi did. I suppose in time that will be cracked. It was for the DSi. Sadly we found no flaws in the JPG stuff on DSi. :(

I already documented how the hash works, post a few above yours references my tweet, it's just an sha256 hmac with a hard coded key lol -- eventually I'll probably make a tool but I tested and a custom "resigned" JPEG worked fine last night.
 
D

Deleted User

Guest
I already documented how the hash works, post a few above yours references my tweet, it's just an sha256 hmac with a hard coded key lol -- eventually I'll probably make a tool but I tested and a custom "resigned" JPEG worked fine last night.
i assume then you have the hardcoded key?

also, i'm happy my theory about the album was actually true.
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • AdRoz78 @ AdRoz78:
    Hey, I bought a modchip today and it says "New 2040plus" in the top left corner. Is this a legit chip or was I scammed?
  • Veho @ Veho:
    @AdRoz78 start a thread and post a photo of the chip.
    +2
  • Xdqwerty @ Xdqwerty:
    Yawn
  • S @ salazarcosplay:
    and good morning everyone
    +1
  • K3Nv2 @ K3Nv2:
    @BakerMan, his partner is Luke
  • Sicklyboy @ Sicklyboy:
    Sup nerds
    +1
  • Flame @ Flame:
    oh hi, Sickly
  • K3Nv2 @ K3Nv2:
    Oh hi flame
  • S @ salazarcosplay:
    @K3Nv2 what was your ps4 situation
  • S @ salazarcosplay:
    did you always have a ps4 you never updated
  • S @ salazarcosplay:
    or were you able to get new ps4 tracking it \
    as soon as the hack was announced
  • S @ salazarcosplay:
    or did you have to find a used one with the lower firm ware that was not updated
  • K3Nv2 @ K3Nv2:
    I got this ps4 at launch and never updated since 9.0
  • K3Nv2 @ K3Nv2:
    You got a good chance of buying a used one and asking the seller how often they used or even ask for a Pic of fw and telling them not to update
  • RedColoredStars @ RedColoredStars:
    Speaking of PLaystation. I see Evilnat put out a beta for PS3 CFW 4.91.2 on the 22nd.
  • K3Nv2 @ K3Nv2:
    Don't really see the point in updating it tbh
  • BigOnYa @ BigOnYa:
    Yea you right, I thought about updating my PS3 CFW to 4.91, but why really, everything plays fine now. I guess for people that have already updated past 4.9 it would be helpful.
  • K3Nv2 @ K3Nv2:
    Idk if online servers are still active that would be my only thought
    +1
  • BigOnYa @ BigOnYa:
    Thats true, personally I don't play it online at all, in fact, I deleted all wifi details on it once I installed CFW, so it won't connect and auto-update itself
  • BigOnYa @ BigOnYa:
    I play most games that are on both PS3/360 strickly on the 360, but PS3 exclusives are really only games I play on the PS3 (You know me, I'm more of a Xbox junkie)
  • K3Nv2 @ K3Nv2:
    Ps3 really has no titles worth going online over nps is the only reason you'd want wifi
  • BigOnYa @ BigOnYa:
    what is nps?
  • Xdqwerty @ Xdqwerty:
    @K3Nv2, what about GTA v onl... O Yea the PS3 versión got discontinued
    Xdqwerty @ Xdqwerty: @K3Nv2, what about GTA v onl... O Yea the PS3 versión got discontinued