Hacking Plutoo's dumped binaries

[thomasnet]

[Edit: could mods change the title to Switch Hacking News please]

Here are the latest news:
- Derrek got the kernel who has no kernel address space layout randomization according to plutoo
- He also published a key (boot0 maybe ?)
- Plutoo dumped some sysmodules

Hi there,
As you can see in this Tweet:

Got a good view of the Horizon this morning @SciresM @ylws8 @derrekr6 @smealum pic.twitter.com/txm6YmrIJD

— plutoo (@qlutoo) June 25, 2017

Plutoo (qlutoo) has dumped some code binaries of the Switch sysmodules.
As I'm not an expert, I'll let you debate about what this could change about Switch homebrew.

 

[Oleboy555]

looks pretty kewl

 

[hitodesu]

Those guys have actually been doing quite a lot from what I can tell recently. http://switchbrew.org/index.php?title=Special:RecentChanges

I'd say its only a matter of time.

 

[yanagi]

https://twitter.com/qlutoo/status/879096936514695169

It seems like the compression algorithm used is figured out too

 

[SciresM]

Hi there,
As you can see in this Tweet:
https://twitter.com/qlutoo/status/878841977466482688

Plutoo (qlutoo) has dumped some code binaries of the Switch sysmodules.
As I'm not an expert, I'll let you debate about what this could change about Switch homebrew.

Not super relevant to end users atm: basically, the code for all Switch sysmodules (other than builtins + kernel + trustzone) have been dumped -- this'll allow for the services to be REd and documented, and for vulns to be more easily found in them.

 

[Sonic Angel Knight]

That is a huge dump.

So what does it all mean anyway? I can't read matrix code.

 

[Jayro]

It looks like he's dumped Boot2 as well?

 

[Deleted User]

Is this "Get Hyped" territory yet?

 

[DarthDub]

I wonder how long it'll take?

 

[MopSec]

Is this "Get Hyped" territory yet?

Not really

 

[TheMCNerd2017]

Oh wow. Only a few months since the console has been released and a bunch of system stuff has been dumped.

 

[thomasnet]

Holy crap that could be a huge thing:

65B5019CE1C46C6C79D402D9AC657A51
1 for all, and all for 1!@qlutoo @ylws8 @pomfpomfpomf3 @NedWilliamson @naehrwert @smealum #switchieee

— derrek (@derrekr6) July 8, 2017

"Unkown exception occured."
my favourite exception

— derrek (@derrekr6) July 8, 2017

 

[spotanjo3]

For your information: Everything is hackable. It is matter of time and when, that's all.

 

[zoogie]

Holy crap that could be a huge thing:

https://twitter.com/derrekr6/status/883483659302559744
https://twitter.com/derrekr6/status/883486535693340674

16 bytes hmm. Is this a key?

 

[thomasnet]

Seems to be. Smea, xyzz, ylws8 and more RT'd it.

 

[whateverg1012]

Failed to fetch tweet https://twitter.com/NedWilliamson/status/883484569806274560

4 months this has to be some kind of record.

 

[thomasnet]

Well now we have a hardware key -> not fixable

Why should they not at least tell us precisely what this is

 

[Bug_Checker_]

Hypothetically speaking, if this were a key of any kind it would violate gbatemp's ToS and thus not be allowed to be posted on this site.

 

[thomasnet]

If a mod thinks that should not be allowed, he's free to remove it from my posts, as specified in the ToS.

 

[The Real Jdbye]

https://twitter.com/NedWilliamson/status/883484569806274560

4 months this has to be some kind of record.

Wii U was less than a month, so no

Not super relevant to end users atm: basically, the code for all Switch sysmodules (other than builtins + kernel + trustzone) have been dumped -- this'll allow for the services to be REd and documented, and for vulns to be more easily found in them.

I'd say it's pretty big news, even if it's not useful to end users. The first step to finding exploits (besides actually learning asm and all that ) is getting ahold of the binaries, or at least a RAM dump, without that you can't even begin to look for exploits.
So it might be months, years, it all depends on how vulnerable the Switch OS is and how willing the hackers are to share their findings (I'm sure you already know all this though )
Anyway, main point is, I think it's relevant to end users, because of what it means for the Switch scene. Not because it means "hax are coming soon hurr durr" because it doesn't, but it's a good sign of things to come.