Hacking Question Is it possible to install the hb-menu on 4.0.0-4.1.0 (read descripton)

M

mariogamer

Well-Known Member
OP
Member
Level 6
Joined
Aug 12, 2015
Messages
1,256
Trophies
0
Age
28
XP
790
Country
Canada
So, after a quick look at switchbrew, I saw that the exploit used on 3.0.0 to install hbl can be used on 4.0 firms.
Since we have access to loader and sm ( and with those all the permissions) by replacing them with hekate, we have everything to "install" the hbl over the album applet on those firmware, or do we?
 
I

INobody

Well-Known Member
Member
Level 4
Joined
Mar 31, 2016
Messages
138
Trophies
0
Age
28
XP
467
Country
Gambia, The
mariogamer said:
No. I'm talking about doing the same thing that we do on 3.0.0, eg. using the exploit to install without needing to re-install anything.
Click to expand...

Won’t happen any time soon, I think it’s called ASLR and randomises the ram adresses, so we would need to find the right address first before we could attack anything specific.
 
D

Deleted-442439

Guest
mariogamer said:
No. I'm talking about doing the same thing that we do on 3.0.0, eg. using the exploit to install without needing to re-install anything.
Click to expand...

SciresM said the chain exploits used to get it working on 3.0.0 are not the same for 4.x, it requires a private exploit yet to be released, can't remember the name of it though.

So it is possible, just not yet.
 
  • Like
Reactions: mariogamer
I

INobody

Well-Known Member
Member
Level 4
Joined
Mar 31, 2016
Messages
138
Trophies
0
Age
28
XP
467
Country
Gambia, The
jjbredesen said:
SciresM said the chain exploits used to get it working on 3.0.0 are not the same for 4.x, it requires a private exploit yet to be released, can't remember the name of it though.

So it is possible, just not yet.
Click to expand...

A warmboot exploit, which is absolutely fine, but coldboot like on the 3ds won’t happen if Nintendo didn’t fuck up ASLR.
 
D

Deleted-442439

Guest
INobody said:
A warmboot exploit, which is absolutely fine, but coldboot like on the 3ds won’t happen if Nintendo didn’t fuck up ASLR.
Click to expand...

Yes, a warmboot exploit. Scires did however also say that a persistent coldboot exploit is likely for 1.0.0, and possible up to 3.1.0, but that getting it working above 1.0.0 was unlikely at best.

What OP is referring to thought is nspwn.
 
  • Like
Reactions: Draxzelex

Site & Scene News

Go to forum More news

Popular threads in this forum

Emulation Homebrew  duckstation for Switch

Can you trade in a banned switch for an unbanned one?

Why is Atmosphere so dominant?

Crosscode Hacking thread

Hacking  Weird findings from that DQ trilogy switch port

Migswitch backups without certificate files

Hacking Misc Tutorial  Eiyuden Chronicle Hundred Heroes save editing

switch change sd card, but android start fail

General chit-chat
Help Users
    K3Nv2 @ K3Nv2: https://www.acepcs.com/products/wizbox-g-mini-pc-amd-r7-7735hs lol wizbox