Question Is it possible to find exploit that way?

Discussion in 'Switch - Exploits, Custom Firmwares & Soft Mods' started by Noctosphere, Sep 21, 2017.

  1. Noctosphere
    OP

    Noctosphere Adoptive father of my kitty named Zelda

    Banned
    13
    GBAtemp Patron
    Noctosphere is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Dec 30, 2013
    Canada
    Back with kitty Zelda forever :D
    By comparing the source code of two firmware, is it possible for expert to find exploit?
    If it is, how much time should we stay on previous firmware before updating and assuming there are no exploit fixed on the latest firmware?
    Thanks
     
  2. TheCyberQuake

    TheCyberQuake Certified Geek

    Member
    14
    Dec 2, 2014
    United States
    Las Vegas, Nevada
    AFAIK without the previous huge big they don't have as much access and thus can't just compare the source.
     
    Tsubakiandou likes this.
  3. MatMaf

    MatMaf Advanced Member

    Newcomer
    3
    Jun 5, 2016
    United Kingdom
    Okay, so how do you expect anyone to find the source of a proprietary, closed Nintendo OS?
     
  4. TheCyberQuake

    TheCyberQuake Certified Geek

    Member
    14
    Dec 2, 2014
    United States
    Las Vegas, Nevada
    This too. They can't just compare source.
     
    Tsubakiandou, adrifcastr and Biff627 like this.
  5. mark3p

    mark3p Newbie

    Newcomer
    2
    Dec 21, 2008
    Technically this is possible given that you can be on an exploited firmware and then download the new firmware to the console without applying it.

    With SM access you could write an unpacker to extract the new firmware update and then copy to SD for external reading / modification.

    Think back to original Wii days where you were overwriting stubbed iOS with non-stubbed ones from an original firmware.

    The tricky part here is efuses and their behaviour in updates. Anyone analysing this has the potential to either update firmware and lose hack or brick if modifying update and efuses blow. Given that the core hackers aren’t bothered about piracy so would have no need to update to a newer firmware I wouldn’t expect there to be much progress in this area.
     
    peteruk likes this.
  6. mikey420

    mikey420 GBAtemp Advanced Fan

    Member
    4
    Dec 11, 2015
    United States
    Yeah um no. No hacker/dev has said code. And I guarantee Nintendo won't be sharing. If we had the source for the OS finding an exploit would be way way easier. In short no. You can't just compare source code to do this. Furthermore the chance of anyone sharing an exploit they discovered is small especially if said flaws aren't very plentiful. Hackers have a tendency of waiting for there exploits to be patched before releasing them.
     
  7. Thirty3Three

    Thirty3Three Musician Member

    Banned
    11
    Mar 22, 2013
    United States
    Wherever you want me, baby.
    Don't think it's as easy as "comparing source code"
     
  8. blinkzane

    blinkzane Panic at your moms house

    Member
    8
    GBAtemp Patron
    blinkzane is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Jul 24, 2012
    United States
    Florida
    Sure let me just use my mind powers and I'm gonna hook my switch up to my laptop via us and just download it
     
  9. Bladexdsl

    Bladexdsl ZOMG my posts...it's over 9000!!!

    Member
    16
    Nov 17, 2008
    Australia
    Queensland
    yeah...NAH
     
  10. FAST6191

    FAST6191 Techromancer

    pip Reporter
    23
    Nov 21, 2005
    United Kingdom
    While I agree I do have to ask has anybody checked to see if it is ground up custom or uses another more known OS as a base?
     
    peteruk likes this.
  11. thla

    thla Member

    Newcomer
    4
    Jul 30, 2017
    Denmark
    From a purely academic argument, sure it's possible, except you would be comparing machine-readable assembly code, and not human-readable source code.

    But in practice it's not that simple, I don't know much about reverse engineering, but from a developer standpoint, code doesn't always do what we expect it to do, and it is not until the point of running the code and feeding it different input that you actually begin to understand how the code works, vs. how it was written to work.
     
  12. UnsureSherlock

    UnsureSherlock Advanced Member

    Newcomer
    2
    Aug 20, 2015
    United States
    I mean, if you're a lazy dev and write spaghetti code in a higher level language or unstable platform, then yeah sure, code doesn't do what you expect it to do. But writing C and compiling or directly writing assembly, you know precisely what it's going to do. It IS an exact science, with a specific intent and purpose behind it. If you ever write code that you don't know the effect of, then you shouldn't be writing it in the first place.

    As to the "machine readable assembly code": nah. An executable binary can be viewed directly as assembly, and with the required knowledge and experience of writing standard assembly on that platform, there's no reason you couldn't rewrite the same program in C by hand.

    All of this isn't to say that OP has said anything accurate or worthwhile, just making sure that you correcting him was in itself correct.

    It wouldn't particularly matter even if they did. They could use a custom fork of the Darwin kernel, and it wouldn't make a difference if the services, IPC, and executable format were implemented differently. But to answer your question: It's based on *nix.
     
    Last edited by UnsureSherlock, Sep 24, 2017
Quick Reply
Draft saved Draft deleted
Loading...