D
Deleted-355425
Guest
See: https://www.reddit.com/r/SwitchHack...is_vu_a_100_trustzone_code_execution_exploit/
The following is a write-up of how I initially achieved TrustZone code execution on the Nintendo Switch, very much inspired by hexkyz's write-ups. The work completed was done over the course of a couple of days from start to finish in early December, 2017.
The exploit development was a collaborative process between myself and motezazer – together we found, developed, and exploited the flaw(s) described below.
To get the most out of this text, you should at least have basic knowledge of: symmetric cryptography, block cipher modes of operation and the general architecture of the Nintendo Switch security model. It's recommended that readers watch the 34C3 talk "Console Security - Switch" before continuing.
The following is a write-up of how I initially achieved TrustZone code execution on the Nintendo Switch, very much inspired by hexkyz's write-ups. The work completed was done over the course of a couple of days from start to finish in early December, 2017.
The exploit development was a collaborative process between myself and motezazer – together we found, developed, and exploited the flaw(s) described below.
To get the most out of this text, you should at least have basic knowledge of: symmetric cryptography, block cipher modes of operation and the general architecture of the Nintendo Switch security model. It's recommended that readers watch the 34C3 talk "Console Security - Switch" before continuing.