Question Possibilities of Exploit NSwitch with FW 3.0.x or 4.x.x by means of modified saved game

Discussion in 'Switch - Exploits, Custom Firmwares & Soft Mods' started by Ghost92, Jan 11, 2018.

  1. Ghost92
    OP

    Ghost92 GBAtemp Fan

    Member
    5
    Jun 29, 2017
    Colombia
    If with the introduction of current exploits and there is a Homebrew that makes backup of saved games. If I upload or inject an altered game on a Nintendo Switch with FW 3.0.0 or lower, and transfer that game to a console 3.0.1 or higher (4.x.x).

    - Could the console of 4.x.x be modified by means of an exploit in a Videogame with the altered savegame?.

    -There's a possibility?.

    - What risks would a brick ?.

    Leave your opinion. :)

     
    Last edited by Ghost92, Jan 11, 2018
  2. Zyvyn

    Zyvyn GBAtemp Advanced Maniac

    Member
    8
    Aug 9, 2017
    United States
    pretty sure saves are saved to the switch not cart
     
  3. mustafag32g

    mustafag32g GBAtemp Advanced Fan

    Member
    7
    Jul 30, 2014
    Argentina
    clickbait title! Change it before people rage :P
     
  4. Zyvyn

    Zyvyn GBAtemp Advanced Maniac

    Member
    8
    Aug 9, 2017
    United States
    its tagged as a question and you cant change titles
     
  5. Ghost92
    OP

    Ghost92 GBAtemp Fan

    Member
    5
    Jun 29, 2017
    Colombia
    I would add off-topic, if I could. The same is a question that invites to comment, I do not assure that there is an exploit of this type currently in process.
     
  6. Mnecraft368

    Mnecraft368 I hate my name.

    Member
    8
    Aug 8, 2015
    United Kingdom
    You can ask a mod to change it.
    And already got over 50 people baited to the thread :P (unless they are actually reading)

    Also, unless their is an actual exploit in the system that can be abused by a game save, then no this isnt possible. Brick level probably 0 if userland (thats if this exists).
     
  7. Ghost92
    OP

    Ghost92 GBAtemp Fan

    Member
    5
    Jun 29, 2017
    Colombia
    I just open a topic, and it's useless. The consoles must have the same update of FW (from 4.x.x) to perform transfer of saved games. :( only, if this type of exploit were to exist, it seems to me inevitable that the source console must be updated with the modified saved game to carry out the modification ...


    https://www.nintendo.es/Atencion-al...-usuario-y-los-datos-de-guardado-1294746.html

     
    Last edited by Ghost92, Jan 11, 2018
  8. yardie

    yardie Banned

    Banned
    8
    Mar 27, 2016
    United States
    take this thread out to the barn and shoot it
     
    cagycee likes this.
  9. Bedel

    Bedel The key of the blade

    Member
    7
    Oct 28, 2015
    United States
    Afaik, any. I recall it was comented at the 34c3, that games have no access to the kernel so it's not possible to do this.
     
  10. TotalInsanity4

    TotalInsanity4 GBAtemp Supreme Overlord

    Member
    20
    Dec 1, 2014
    United States
    Under a rock
    Address randomization would make VERY difficult, if not impossible
     
  11. DinohScene

    DinohScene Feed Dino to the Sharks

    Moderator
    23
    GBAtemp Patron
    DinohScene is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Oct 11, 2011
    Antarctica
    Восторг
    Say you're correct and you can modify save games on carts.
    You'd still need a vulnerability on the other console to exploit.
     
  12. yardie

    yardie Banned

    Banned
    8
    Mar 27, 2016
    United States
    wait for team xecuter
     
  13. Kubas_inko

    Kubas_inko "Something funny goes here."

    Member
    14
    Feb 3, 2017
    Czech Republic
    I gues on earth.
    Don't worry. Just because of you, we are going to make sure these apps/mods are going to have 100% brick rate.
     
  14. puelo

    puelo Newbie

    Newcomer
    1
    Jan 5, 2018
    Germany
    Switch uses ASLR (Address space layout randomization) in the complete user-space (i believe). This is what makes save-game exploits extremly difficult because it is very hard to predict where in memory your save game will be loaded to or where you need to jump.
     
    Last edited by puelo, Jan 12, 2018
    Ghost92, a5723797 and TotalInsanity4 like this.
  15. Quantumcat

    Quantumcat Dead and alive

    Moderator
    20
    GBAtemp Patron
    Quantumcat is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Nov 23, 2014
    Australia
    Canberra, Australia
    Doesn't the Switch save the save games on the console? So the target would have to have access to homebrew already to import the save.
     
  16. sarkwalvein

    sarkwalvein There's hope for a Xenosaga port.

    Member
    18
    GBAtemp Patron
    sarkwalvein is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Jun 29, 2007
    Germany
    Niedersachsen
    Of course it saves in the console. The game cards contain no save data at all.
     
    Quantumcat likes this.
  17. Uumas

    Uumas GBAtemp Addict

    Member
    7
    Sep 17, 2016
    Finland
    The way to transfer the hacked save to a new console could be updating the hacked console and then doing a normal transfer. The hard part is creating a save that could be used as a exploit.
     
  18. TheCyberQuake

    TheCyberQuake Certified Geek

    Member
    14
    Dec 2, 2014
    United States
    Las Vegas, Nevada
    We've already discussed this. Switch is not likely to have save game exploits. You need at least two vulnerabilities; an info leak and a buffer overflow. Very unlikely to get both in one game. On top of that you wouldn't be able to transfer the save from a homebrew-compatible device because that feature was introduced into later firmwares and likely uses server verification before the transfer.
     
  19. Ghost92
    OP

    Ghost92 GBAtemp Fan

    Member
    5
    Jun 29, 2017
    Colombia
    I understand then it is probably null for a vulnerability to come out from a saved game, and ASRL, reminds me of something like online video games, where they prevent cheating. In any case, the softmod is the only salvation for FW 3.0.1 and higher. I'll keep thinking about the possibilities, even if I'm not a modder.

     
    Last edited by Ghost92, Jan 13, 2018
    TotalInsanity4 likes this.
Quick Reply
Draft saved Draft deleted
Loading...