Question Switch Save Transfer exploit concept

Discussion in 'Switch - Exploits, Custom Firmwares & Soft Mods' started by supstar, Jul 18, 2019.

  1. supstar
    OP

    supstar Newbie

    Newcomer
    1
    Jul 18, 2019
    United States
    The Switch has a save data transfer feature built in.

    According to their official site, you can transfer save data from one Switch to another, after which it will delete the data off the source system. It will also overwrite existing data that may be there on the destination system.

    My Question:
    Does anyone know if it's possible to spoof the destination/source system so you can transfer save data to a PC using a bluetooth device or some other sort of wireless adapter? I'm interested in the possibility of a piece of hardware that would allow me to backup/transfer/modify save data through a PC that doesn't require Homebrew or CFW, similar to PowerSaves Pro (a device for 3DS that allows you to backup and restore save data onto a PC, and cheat via save editing).

    In concept, if you could trick a real Switch into thinking the receiver was another Switch, you could get the real Switch to transfer save data to it, thus allowing you to store it on an external device. You could then copy this data to another directory, then transfer if back (when it's transferred to PC to back it up, it would get deleted automatically on the original system), thus retaining the data on your real Switch, and also having the data remain on your PC for later use.

    It could also allow you to use a save editor on the data then transfer it back to the real Switch.

    If it's possible to make a wireless device that can make a real Switch think it's also a real Switch, this would all be possible without installing software on the console that may lead to a bricked system or the inability to update or play online, thus would be very attractive to players that want to play normally, but also want cloud backups for games like Pokemon and Animal Crossing, or they just want multiple saves for those games (Animal Crossing only allows 1 town per console; backing saves up online could allow you to manage saves for multiple towns on your computer).
     
    Last edited by supstar, Jul 18, 2019
    NoNAND likes this.
  2. link42586

    link42586 GBAtemp Fan

    Member
    5
    May 9, 2018
    United States
    NoNAND likes this.
  3. NoNAND

    NoNAND The missing chip

    Member
    10
    Aug 22, 2015
    Antarctica
    The notion and idea of something like that sounds interesting.
    Though our means of doing said things are currently limited.
    As of now checkpoint and other save editing tools are what we've got and at times they fail on us and struggle to get the job done.
    Transferring hacked save data to an unhacked vanilla switch is quite risky.
    I don't understand why would someone go to such great lengths to create a device that sorta emulates (partially) the switch to be used for save transferring in this case.
    Sure devices like the powersaves could be a nifty thing to have around but the cost for that is keeping your switch always offline at all times to avoid a possible ban.
     
  4. supstar
    OP

    supstar Newbie

    Newcomer
    1
    Jul 18, 2019
    United States
    The beauty of this is because the device would appear to be another switch, you could just transfer data to it without needing any modifications to the real system. You just go to the save data transfer built into every switch and use it with the device.

    It would allow you to get your saves on your PC for the purpose of making a backup, or save editing (transfer -> edit -> transfer back).

    The Switch uses a bluetooth 4.1 receiver for local connectivity, so you should just need a device like that to sniff out the whole process as 2 real Switches transfer data, then try to do it a second time using the bluetooth device instead of the 2nd console by replicating the information sent by the 2nd console during the real run.

    — Posts automatically merged - Please don't double post! —

    Also worth noting this could potentially open up the way to using modified save data to run code for installing homebrew without having to risk frying pins by the normal method of getting into recovery mode.
     
    NoNAND likes this.
  5. NoNAND

    NoNAND The missing chip

    Member
    10
    Aug 22, 2015
    Antarctica
    Or to make an android app that would allow us to transfer the save data from switch - android -switch and vice versa.
    That'd be quicker without having the need to invent and develop extra hardware. Given that most smartphones nowdays have Bluetooth this could somehow be achieved.

    I don't know of any exploit that takes advantages of the system's save data and any possible flaw in it but heck that'd be awesome.
     
  6. The Real Jdbye

    The Real Jdbye Always Remember 30/07/08

    Member
    19
    GBAtemp Patron
    The Real Jdbye is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Mar 17, 2010
    Norway
    Alola
    Android does not allow that much control over the Bluetooth, Wii Remotes for example no longer work on newer Android versions as the Wiimote apps can't get the control needed.
    It would be much easier to do on a PC with Bluetooth. Most laptops have it and many desktops have it as well (Bluetooth is often included in those onboard or m.2 wifi cards)
     
  7. supstar
    OP

    supstar Newbie

    Newcomer
    1
    Jul 18, 2019
    United States
    Unless they didn't think of this exploit, I'm guessing there's a series of handshakes and checks in place before wireless connectivity is activated, which could make it difficult to connected to a PC.

    If this does work though, you might even be able to use this spoofing to play locally with a switch emulator on PC.


    I'd imagine to figure out how it works and exploit it you'd need some tool like UberTooth One and of course 2 Switches to perform a normal save transfer and sniff out the signals that result from the operation.
     
Loading...