Hacking RELEASE NSScreenshotMaker

[cheuble]

Could this be used for an userland exploit ? Much like the PSP's ChickHEN which exploited TGA parsing in the console.

No

When I tested the screenshot stuff last night I "resigned" a pic of the reswitched logo and put on my SD card, verified album loaded it with no problems...didn't bother posting to social media because like I said it's only screenshots editing...

I think you took "it's only screenshots" to mean "no custom pictures" -- not what I meant, those work fine, I just meant screenshot editing isn't a huge deal in terms of hax-noteworthiness

 

[CTCaer]

Btw, the video info and the new image calc is out:
http://switchbrew.org/index.php?title=Capture_services#Notes

 

[wicksand420]

Btw, the video info and the new image calc is out:
http://switchbrew.org/index.php?title=Capture_services#Notes

It would be cool to play around with the video feature, I'm hoping one day we can get it to make bigger videos than 30 seconds

 

[CTCaer]

It would be cool to play around with the video feature, I'm hoping one day we can get it to make bigger videos than 30 seconds

There's no limit for playing actually.

Also having these videos is non ban-able, because no change to OS is done. Legit movie player.

 

[wicksand420]

There's no limit for playing actually.

Also having these videos is non ban-able, because no change to OS is done. Legit movie player.

Its a good idea, are you looking into it?

 

[Naked_Snake]

There's no limit for playing actually.

Also having these videos is non ban-able, because no change to OS is done. Legit movie player.

Have you gotten any to run yet?

 

[SimonMKWii]

I extracted the movie keks a few hours ago after that info was added, I really wish I could share them here.

 

[Naked_Snake]

I extracted the movie keks a few hours ago after that info was added, I really wish I could share them here.

How did you extract them?

 

[SimonMKWii]

How did you extract them?

I got them from the capsrv sysmodule.
Essentially, once you have those kek sources, run a GenerateAesKek function using the usecase 0 key.
Next, generate a CMAC using the kek you just generated as the secret key, then calculate the SHA256 hash of that CMAC.
That hash is the signing key.

 

[Naked_Snake]

I got them from the capsrv sysmodule.
Essentially, once you have those kek sources, run a GenerateAesKek function using the usecase 0 key.
Next, generate a CMAC using the kek you just generated as the secret key, then calculate the SHA256 hash of that CMAC.
That hash is the signing key.

You’ll have to sign a random video and upload it

 

[CTCaer]

Yeah, the procedure to generate the correct CMAC and it's SHA256 is straight forward.

 

[Naked_Snake]

@cheuble looksnlike this app needs an update

 

[SimonMKWii]

COUGH

 

[Naked_Snake]

COUGH
View attachment 124404

Well they are not on SciresM pastebin yet lol

 

[SimonMKWii]

Well they are not on SciresM pastebin yet lol

They do need to be derived first...

 

[Naked_Snake]

Fair enough I have no idea how to even start getting them or what to use honestly, I got the key for
This program from the pastebin lol

 

[Austzy]

Great job! Although relatively useless, I am sure this can be used for exploits in the future!

Ammunition for Fake Leakers haha

 

[DocKlokMan]

Can't seem to get this to work. I got the key, put the pics in the input file, the script runs without error, produces the SD folder with the properly named files, I put them on my FAT32 formatted Switch card, but the gallery shows no screenshots on the microSD. Any suggestions?

 

[Dr.doom]

Wish it was the video capture that runs libstage fright then we'd have something.

 

[cheuble]

Can't seem to get this to work. I got the key, put the pics in the input file, the script runs without error, produces the SD folder with the properly named files, I put them on my FAT32 formatted Switch card, but the gallery shows no screenshots on the microSD. Any suggestions?

It seems you aren't the only one with issues like this. I'll try to implement the new MAC calculation, once I get the new keys. In the meantime, could you please send me the images in PM? I'll take a look and see if I can do anything.