Hacking Revisiting Mariko exploits 4 years later

Deleted member 535703

Waluigi's Propaganda Mine
Member
Joined
Aug 13, 2020
Messages
826
Reaction score
1,844
Trophies
2
XP
3,393
Fours years ago, I asked a simple question: Hack a patched switch in 2021? I was 13 at the time, and had little to no idea what I was doing. But Mariko, the V2 ipatched model of the switch, has continued to interest me throughout the years. I’ve continued to research it, and though I’m no expert cryptographer or software engineer, here’s the findings that I have made.

Nintendo’s hardware revision of the Switch from 2019, model HAC-001(-01), run off of the Tegra X1+ chip. It’s a low power variant that supports better battery life and was initially what was cool about it. On the tech side, though, the X1+ also contained some software fixes in the boot code that patched the Fusée Gelée exploit. Fusée Gelée was an exploit where, given my horrible interpretation, a bug in the USB code could cause the Tegra X1 chip in ReCovery Mode (RCM) to provide too much data, and by exploiting this, you could launch a stack smash attack and ultimately write your to the execution stack, causing it to run. The original write up on Fusée Gelée explains it better than I do here.

Tegra X1+ ultimately patched this vulnerability, which sucked. Switches produced after 2019 needed a mod chip in order to be hacked, and RCM just kind of got swept under the rug. It’s still present in Mariko, it just isn’t vulnerable to the stack smash.

I got curious about the system, as I tend to do with random stuff all the time. So I got to reading.

I studied up on the Switch boot process. BootROM, burned onto the SoC, verifies boot0, which passes on to boot1, which passes on to the bootloader. Fairly simple stuff, right? That’s kind of how computers work.

BootROM specifically verifies the signature of boot0, which according to my understanding of the Fusée Gelée document, is likely signed using RCA-2048. RCM payloads also need to be verified with an RCA-2048 or AES-CSM signature. This is actually what caught my interest. To verify these payloads, they need to verify the key in BootROM to run. Both boot0 and RCM. Maybe RCM remains an entry point. Just with the valid signatures.

So, I’m not an expert cryptographer, but I dove into researching RCA vulnerabilities.

Back on the PS3, an issue with reusing numbers in their random number generation caused a security hole in the system wherein two keys could be compared, and through a little algebra, actually suss out the private key. A legendary leak. My smallest and simplest idea is comparing boot0 codes to see if there’s a random number generation flaw. It’s highly unlikely, and likely tried before, but worth noting.

Recent research from Keyfactor suggests that around 1 in 200 keys, give or take a few, are vulnerable to refactoring with minimal resources. Another flaw in RSA that could potentially affect millions of keys. Could the Switch keys be one of them? Who knows. Why not experiment? This one is also unlikely, but worth noting.

CVE-2017-15361 has particularly tickled my fancy. A vulnerability in RSAlib allows for something called the ROCA vulnerability. This particular attack is known to work against RSA-2048, likely how Nintendo signed their key for boot0. The research team that discovered this vulnerability also estimated that 1 in 4 Trusted Platform Module devices are affected by this issue. Even better, this is when the Nintendo Switch was actually released. 1 in 4 is the same chance of a Balatro Wheel of Fortune Tarot triggering. I consider that good enough to look into.

In 2021, Nvidia published 8 vulnerabilities affecting Tegra hardware, including X1 and X1+. These exploits range from being able to analyze microcode to dumping unscrubbed registers to accessing debugging. These all require root access, but root access exists. Modchipped users of Mariko Switches have that administrative power. I’m not entirely sure what that means, per se, but I think valuable information could be acquired via these exploits, which are known to affect Tegra X1 (Erista) and Tegra X1+ (Mariko). Read more here.

Provided I’m entirely incorrect and it’s AES, or provided an RSA vulnerability exists in this tense, perhaps the AMD microcode vulnerability published in March of this year is worth taking a look at. Considering CVE-2021-23201 and 23219 are microcode exploits that I mentioned earlier, users with mod chips could be able to use this microcode exploit to gain access to information for acquiring the private key.

Acquiring the private key that signed boot0 would make RCM a valid entry point for every model of Nintendo Switch (except Lite, which requires some finicking to get into RCM.) Why? Because we could sign our payloads with Nintendo’s private key and run them as though they are valid Nintendo code. Boot0 has a write-protect fuse on it as well, meaning that nothing in it can ever change. Signing payloads with this key makes it the holy grail of Nintendo Switch homebrew, permanently unlocking the bootloader. From there, it’s only a simple matter of using hekate and Atmosphère to fully jailbreak that John, and we’re home free.

I am not a cryptographer nor am I a software engineer, just a homebrew enthusiast with a lot of time on his hands. But I lack the resources to actually try exploiting any of these vulnerabilities. If anyone on this site thinks that these methods are feasible, feel free to check, and keep me in the loop on your progress as well. I’m very interested in seeing the day when the Mariko unit is finally softmoddable. (Which is a when, not an if, because of quantum computing every reaches a high enough state, Shor’s algorithm will obliterate all RSA encryption.)

Let me know what you think of my findings, and whether or not these have been tried or if my information is entirely wrong.
Post automatically merged:

Addon: given that the source code for Mariko is available online (don’t worry mods I will not link it) including the code for boot0 and the cryptography generation, is it feasible to reverse engineer or craft microcode to exploit the 23201 and 23219 vulnerabilities? Who knows. I don’t. Maybe though…
 
Last edited by Deleted member 535703,
Acquiring the private key that signed boot0 would make RCM a valid entry point for every model of Nintendo Switch
If you could ask a genie for a key, you'd be a fool not to ask for Switch 2 key instead.
 
If you could ask a genie for a key, you'd be a fool not to ask for Switch 2 key instead.
I’m talking about using vulnerabilities to reverse the key, not outlandish magic. Thanks for your support though. Really glad you could offer some advice on something I think is worth putting effort into 👍🏻
 
  • Like
Reactions: russandro
I’m talking about using vulnerabilities to reverse the key, not outlandish magic. Thanks for your support though. Really glad you could offer some advice on something I think is worth putting effort into 👍🏻
Go read up on public key encryption. Knowing the decrypted content provides no utility toward getting the private key.

Public key encryption is how authentication is performed in the cyber world. If the premise that it cannot be hack is not true the world as we know today would be destroyed. Some say maybe quantum computer may be able to hack it one day.
 
Last edited by TomSwitch,
Go read up on public key encryption. Knowing the decrypted content provides no utility toward getting the private key.

Public key encryption is how authentication is performed in the cyber world. If the premise that it cannot be hack is not true the world as we know today would be destroyed. Some say maybe quantum computer may be able to hack it one day.
This is why there’s the search for the private key. It’s all mathematical. These are all flaws or theoretical entry points that could be used to either get into the switch or get the actual private key. I know that they work in practice as well because it’s been used on the PS3 as well. Bringing your “holier than thou” attitude to something entirely feasible is only gonna make you feel like a big strong man during a dick measuring competition. If you don’t have anything useful to say, get out of my thread.
 
  • Like
Reactions: russandro
This is why there’s the search for the private key. It’s all mathematical. These are all flaws or theoretical entry points that could be used to either get into the switch or get the actual private key. I know that they work in practice as well because it’s been used on the PS3 as well. Bringing your “holier than thou” attitude to something entirely feasible is only gonna make you feel like a big strong man during a dick measuring competition. If you don’t have anything useful to say, get out of my thread.
The private key is not in the Switch. If the most powerful computer can derive a private key using the public key and a generated signature then there won't be any secure transaction in the cyber space. That would be dooms day as digital money is suddenly gone.

Trusting public key encryption system cannot be hacked only makes me average. Telling you something that is generally accepted does not make me smarter than you. Go read up on what is public key encryption and how it is being used in our daily life won't make you weak.
Post automatically merged:

Claude explain how public key encryption impacts our daily lives and what would happen if private keys could be reverse engineered.


How Public Key Encryption Affects Our Daily Lives​


Public key encryption (also known as asymmetric encryption) is foundational to modern digital security and has pervasive effects on our daily lives:


  1. Secure Web Browsing: Every time you visit a website using HTTPS (indicated by the lock icon in your browser), you're benefiting from public key encryption. It ensures that your connection to websites is secure and that data exchanged between your device and the website cannot be intercepted by malicious actors.
  2. Digital Payments: When you make online purchases or use digital payment methods, public key encryption protects your financial information and ensures that transactions are secure and authenticated.
  3. Secure Messaging: Many messaging apps use end-to-end encryption based on public key cryptography, ensuring that only the intended recipients can read messages.
  4. Digital Signatures: Public key encryption enables digital signatures that verify the authenticity of documents, software, and communications.
  5. Identity Verification: Various online services use public key encryption to verify user identities and prevent unauthorized access.
  6. Software Updates: Operating systems and applications use digital signatures based on public key encryption to verify that updates come from legitimate sources.

What Would Happen If Private Keys Could Be Reverse Engineered​


If private keys could be efficiently reverse engineered from public keys (effectively breaking the mathematical foundation of public key cryptography), the consequences would be severe:


  1. Collapse of Internet Security: The security of HTTPS would be compromised, meaning that any communication between users and websites could potentially be intercepted and read.
  2. Financial System Vulnerability: Banking systems, cryptocurrencies, and digital payment platforms would become immediately vulnerable, potentially leading to massive financial theft.
  3. Identity Theft Epidemic: With compromised authentication systems, digital identities could be easily stolen and impersonated.
  4. Loss of Communication Privacy: Encrypted communications would become transparent to attackers, eliminating privacy in digital communications.
  5. Software Supply Chain Attacks: Attackers could forge software signatures, making it impossible to verify that software comes from legitimate sources.
  6. Critical Infrastructure Risk: Systems controlling power grids, water systems, and other critical infrastructure that rely on encrypted communications would become vulnerable.
  7. Emergency Migration: There would be an urgent need to migrate to new cryptographic systems not based on the compromised mathematics, which would be challenging given how deeply embedded current systems are.
  8. Quantum Computing Concern: This scenario is actually a real concern with the advancement of quantum computing, as quantum computers could potentially break current public key encryption methods. This has led to research in "post-quantum cryptography" – encryption methods resistant to quantum attacks.

The mathematical difficulty of reversing public key encryption (deriving the private key from the public key) is what makes our digital world possible. If this foundation were compromised, it would trigger a fundamental crisis in digital security.
 
Last edited by TomSwitch,
At least if the digital world is safe, the Digimons can live in peace.
Damn you Dark Masters for compromise the encryption keys!
Oh, my digivice isnt working anymore...
 

Site & Scene News

Popular threads in this forum