Hacking Mariko revision. Does nobody care about hacking these?

SciresM

Developer
Developer
Joined
Mar 21, 2014
Messages
946
Trophies
2
Age
31
XP
7,659
Country
United States
if you don't mind me asking, (since you are here) for unpatched units Is 7.0 software cfw exploit realistic or not? I don't mean now or the near future.

(I don't want to hold you by the books since you already do so much for the community, and would be really rude and unrealistic to ask for a time or date. As I'd imagine your more busy keeping up with Nintendo's shenanigans per update and continued implementation/expanding features of atmosphere)

But I heard that 7.0 is the last software entry point that can have cfw. Has something got in the way of that by any chance?

That's a super "eventually" thing.

On < 8.x Erista units, TrustZone can be compromised if you control the bpmp at wake-from-sleep.

In practice, this means a full userland compromise is needed.

You can maybe do some stuff with tsec or GPU dma if you compromise nvservices, but it needs research and isn't straightforward.



So, pieces needed for cfw on a < 8.0.0 erista console:
* Console is not update nagged (this is unfixable).
* Browser exploit.
* nvservices exploit.
* Further userland escalation.
* TrustZone compromise.

Stuff we have:
* TrustZone compromise.

Stuff we kind of have:
* Browser exploit (I have a webkit 0-day, but I would like to avoid burning it for something like this when it might be useful to me if I want to look at PS5 or a future console).
* The userland escalation bit via tsec or gpu, but this would probably be 50-100 hours of research/work once an nvservices compromise is in hand.

Stuff we don't have:
* nvservices compromise.

Nvservices is pretty dogshit from a security pov, and it's all nvidia code and not Nintendo code -- this means it's lower security.

I'm sure nvservices vulnerabilities exist to be found, but I don't actually have one.

Combining all those factors, it's just super low priority. I expect "eventually" it'll happen, but like...don't expect it any time soon, and it's not an area of active work on my part, especially since it would be so much work and so few people will benefit from it.

So what, am I seriously just going to shell out $60 when Nintendo releases another game I want?

Even ignoring the fact that I and other hackers don't support and aren't motivated by piracy, it may surprise you to learn that the fact that you don't want to pay for games doesn't make exploitable bugs magically exist.

Perhaps a clear analogy: I'd prefer not to have to pay my rent. Unfortunately my apartment's lease, like Mariko units, doesn't have any exploitable bugs. My not wanting to pay my rent doesn't make any bugs exist in my lease.

My options, then, are to pay my rent or live somewhere else.

Your options are to buy switch games, or not play games on your switch.
 
Last edited by SciresM,

godreborn

Well-Known Member
Member
Joined
Oct 10, 2009
Messages
24,208
Trophies
1
XP
15,262
Country
United States
the ones who complain about a $60 game are the same ones who get pissed off at theflow for making 10 grand for disclosing an exploit on the ps4. they do absolutely nothing in the scene, yet they feel entitled.
 

zenjiki

Well-Known Member
Newcomer
Joined
Feb 13, 2006
Messages
81
Trophies
0
XP
992
Country
United States
We have 3 OG switches all unbanned and just been used for retrogaming with emulators I'll sell you 1. How much you willing to pay to not pay $60 for new games? lol Love my retrogaming though, so its going to cost.
 
Last edited by zenjiki,

JeepX87

Well-Known Member
Member
Joined
Aug 17, 2016
Messages
1,107
Trophies
0
Age
34
XP
1,879
Country
United States
DM me a link, please!

SX Core and SX Lite are no longer manufactured so don't bother to hunt for this and cost is going up due to higher demand.

You have to wait for next clone in near future.

So what, am I seriously just going to shell out $60 when Nintendo releases another game I want?

I have no sympathy for people whoever pirate the game and you just contaminated the CFW that supposed to use with homebrew, save sharing and cheating, so you gave Nintendo a major reason to crack all of us who use CFW down because you want to pirate the game.

Go find a job or ask your boss for pay raise if they don't pay you enough.

I'm not going assist with people whoever want to pirate the games and you are on own.

SX Core and SX Lite are no longer manufactured, anyway.

Edit: I don't mean to be rude to you and it is very bad deal to bring up about pirated games.
 
Last edited by JeepX87,
  • Like
Reactions: Skelletonike

WiiMiiSwitch

RiiConnect24 STAN
Member
Joined
Dec 18, 2020
Messages
1,744
Trophies
1
Age
22
Location
Not Society
XP
3,772
Country
United States
It has been 4 full years since the Switch has been released, and 2 years since Mariko was released. Yet, we still have no softmod for Mariko. What's taking so long?
People have been trying to install CFW but it's very hard to find a bug that allows it. HB channel may be different but no one try experimenting with basic homebrew anymore.

--------------------- MERGED ---------------------------

Just for the record, as a hacker who's been involved in every cfw-related exploit for the switch and works on this stuff regularly: it's probably not going to happen.

I've sunk ~300-400 hours of my time investigating Mariko exploit stuff.

There are no trustzone bugs. This means no custom firmware.

There are no kernel bugs. This means no shitty fake custom firmware where you pretend you hacked trustzone, which is something I was prepared to work to support if I found the right bug.

Nintendo got the security right this time. Waiting for a software exploit is almost certainly not gonna do anything for you.

Mariko is almost impossible to install cfw on, but what about plain hb[/QUOTE]
 

SciresM

Developer
Developer
Joined
Mar 21, 2014
Messages
946
Trophies
2
Age
31
XP
7,659
Country
United States
Mariko is almost impossible to install cfw on, but what about plain hb

My analysis is basically the same.

Getting plain hb requires full userland compromise.

Mariko fixes the GPU DMA bug; getting just homebrew isn't impossible but isn't happening any time soon.

You'd have to find an exploitable bug in FS, and good luck with that lmao.
 

WiiMiiSwitch

RiiConnect24 STAN
Member
Joined
Dec 18, 2020
Messages
1,744
Trophies
1
Age
22
Location
Not Society
XP
3,772
Country
United States
My analysis is basically the same.

Getting plain hb requires full userland compromise.

Mariko fixes the GPU DMA bug; getting just homebrew isn't impossible but isn't happening any time soon.

You'd have to find an exploitable bug in FS, and good luck with that lmao.
Especially on latest firmware
 

JeepX87

Well-Known Member
Member
Joined
Aug 17, 2016
Messages
1,107
Trophies
0
Age
34
XP
1,879
Country
United States
My analysis is basically the same.

Getting plain hb requires full userland compromise.

Mariko fixes the GPU DMA bug; getting just homebrew isn't impossible but isn't happening any time soon.

You'd have to find an exploitable bug in FS, and good luck with that lmao.

I'm wonder about patched Switch prior to Mariko?
 
  • Like
Reactions: WiiMiiSwitch

SciresM

Developer
Developer
Joined
Mar 21, 2014
Messages
946
Trophies
2
Age
31
XP
7,659
Country
United States
I'm wonder about patched Switch prior to Mariko?

You'd need a browser exploit + an nvservices compromise.

Then you'd be able to use the GPU dma bug to play homebrew games.

Note that you'd have almost no privileges -- this means no editing savedata, no overclocking or using interesting system modules, no custom themes, no game mods, etc etc. Homebrew games that don't use special privileges only.

See a few posts above -- you still need an nvservices bug and a browser exploit, and it's kind of like "who cares" imo when it doesn't let you do game mods or save editing.

Probably not impossible, but hard for me to imagine anyone with the skill to find the bugs sinking in all the time/effort?
 

legendheaven

Well-Known Member
Member
Joined
Oct 31, 2015
Messages
203
Trophies
0
XP
1,114
Country
United States
You'd need a browser exploit + an nvservices compromise.

Then you'd be able to use the GPU dma bug to play homebrew games.

Note that you'd have almost no privileges -- this means no editing savedata, no overclocking or using interesting system modules, no custom themes, no game mods, etc etc. Homebrew games that don't use special privileges only.

See a few posts above -- you still need an nvservices bug and a browser exploit, and it's kind of like "who cares" imo when it doesn't let you do game mods or save editing.

Probably not impossible, but hard for me to imagine anyone with the skill to find the bugs sinking in all the time/effort?
U got me fish pokemon I find bug and I did cfw but still have problems 3/1 brick.... My old posts I said I find a method lol
 

WiiMiiSwitch

RiiConnect24 STAN
Member
Joined
Dec 18, 2020
Messages
1,744
Trophies
1
Age
22
Location
Not Society
XP
3,772
Country
United States
You'd need a browser exploit + an nvservices compromise.

Then you'd be able to use the GPU dma bug to play homebrew games.

Note that you'd have almost no privileges -- this means no editing savedata, no overclocking or using interesting system modules, no custom themes, no game mods, etc etc. Homebrew games that don't use special privileges only.

See a few posts above -- you still need an nvservices bug and a browser exploit, and it's kind of like "who cares" imo when it doesn't let you do game mods or save editing.

Probably not impossible, but hard for me to imagine anyone with the skill to find the bugs sinking in all the time/effort?
You could still pirate :)
th
 

linuxares

I'm not a generous god!
Global Moderator
Joined
Aug 5, 2007
Messages
9,248
Trophies
1
XP
10,796
Country
Sweden
"no overclocking" that's like one of the best features of a homebrewed Switch. Like with the Vita. Some games require OC to work, atleast feel smooth.
 
  • Like
Reactions: Jayro

WiiMiiSwitch

RiiConnect24 STAN
Member
Joined
Dec 18, 2020
Messages
1,744
Trophies
1
Age
22
Location
Not Society
XP
3,772
Country
United States
No, you couldn't.

Piracy requires substantially higher privileges than homebrew, not lower.

In the low privileges homebrew scenario described, you very much would not be able to pirate games.
You could without sigpatches, for example, the USB loader, or an sd loader

--------------------- MERGED ---------------------------

Anyways there will be cfw one day, whether it's near or end of life
 
General chit-chat
Help Users
    Psionic Roshambo @ Psionic Roshambo: Spider wrap spider wrap spins a web in your fries look out it's a spider wrap!