[UPDATE] Goldleaf 0.6 released

Discussion in 'GBAtemp & Scene News' started by RattletraPM, Aug 2, 2019.

  1. ochentay4

    ochentay4 Advanced Member

    Newcomer
    1
    Jun 23, 2015
    Argentina
    The same error. Goldleaf 0.5 USB install work fine using Kosmos 13.1 and Sigpatches.
     
  2. toxic9

    toxic9 GBAtemp Advanced Fan

    Member
    4
    Dec 13, 2016
    Nintendo Switch Horizon is also closed source... I wonder if it could have any time bomb to trigger a repair... we never know.
    Let's speculate...!
     
    tabzer likes this.
  3. RandomUser

    RandomUser What has gotten into you Rosie?

    Member
    5
    May 9, 2010
    United States
    Technically @uyjulian is correct that "wireless is slower than wired".
    See this:
    [​IMG]
    That there is a 40Gbps NIC card, far more faster then wireless 4.6Gbps or maybe 7Gbps. That is a far cry from 40Gbps.

    What really comes in play is what type of Ethernet or WiFi module a console uses and most likely the slower variant of the WiFi module that doesn't support 802.11ac. USB 4 theoretical speed is around 40Gbps. Or the so called "SuperSpeed USB 20Gbps" aka USB 3.2 Gen 2x2. However I highly doubt the switch uses the latest gen or even the previous gen USB 3 protocol so either way the speed will be limited by the hardware either by PC or the console.
     
  4. uyjulian

    uyjulian Homebrewer

    Member
    9
    Nov 26, 2012
    United States
    United States
    Nintendo Switch supports USB 3 if the appropriate option is enabled in atmosphere settings. It is disabled by default.

    In most cases, wired is faster since negotiation is faster and there is no interference to worry about.
     
  5. RandomUser

    RandomUser What has gotten into you Rosie?

    Member
    5
    May 9, 2010
    United States
    True, I supposed I should mentioned that as well. I thought I could defend you as I agree that wired is faster for the most part.
     
  6. tabzer

    tabzer GBAtemp Fan

    Member
    3
    Feb 15, 2019
    Japan

    Sounds like when Goldtree processes whatever payloads it loads, and can give it access to the rest of the PC system. I wonder how TegraRcmGui is different in that regard. I don't know too much about the internal workings of the code.
     
  7. blawar

    blawar GBAtemp Advanced Fan

    Member
    10
    Nov 21, 2016
    United States
    tegrarcm does not give any access to your pc, it is purely one way pc to switch.

    you are correct, goldtree processes whatever requests it receives, whether it’s from a switch or not. which is why a switch is not required to exploit goldtree. the protocol is publicly documented / open source.
     
    tabzer likes this.
  8. satel

    satel Luigi's Big Brother

    Member
    7
    Nov 3, 2004
    Laos
    excellent update,browsing the PC feature is great.
     
  9. bluem6

    bluem6 Member

    Newcomer
    2
    Sep 14, 2009
    United States
    Same here, pretty cool with the browser but it can't install any nsp...same error as other reported on here. Anyone know if there is a fix, work around or something?
     
  10. bluem6

    bluem6 Member

    Newcomer
    2
    Sep 14, 2009
    United States
    Look like it's working now....update Kosmos to the newest release as of today and the Kosmos sig patches..
     
  11. DaFixer

    DaFixer Dare to be stupid

    Member
    5
    Aug 29, 2010
    Netherlands
    In my mencave ;)
    Great, gui makeover looks great.
    Still need to find out how install true USB works.
     
  12. Yeabuddy

    Yeabuddy Advanced Member

    Newcomer
    1
    Jul 27, 2018
    United States
    Anyone know how to fix this?

    upload_2019-8-4_18-53-58.
     
  13. Essasetic

    Essasetic Neutral

    Member
    10
    Jun 16, 2018
    United Kingdom
    "Requested resource not found"

    You sure you have a good USB A to C cable?
     
  14. Shalashaska98

    Shalashaska98 GBAtemp Regular

    Member
    4
    Jan 17, 2018
    United States
    That's nice
     
  15. Yeabuddy

    Yeabuddy Advanced Member

    Newcomer
    1
    Jul 27, 2018
    United States
    Turns out I needed to update Zadig to v2.4.721 and it worked.
     
  16. Chocola

    Chocola GBAtemp Meowgular

    Member
    3
    Sep 18, 2018
    Korea, South
    Neko Paradise
    For exploit this you need Goldtree running, this is the first thing.

    You need a USB device to send and recive data through Goldtree interface, and yes, you can exploit it without USB device, emulating or listening to USB handlers with a external program, but wait, why the fuck I gona complicate the process if I can access to filesystem directly with the program? B-)

    Yes... "A very huge exploit to your PC"... :blink: Im sure that new malware variants gona implement listeners to Goldtree USB interface and exploit it xD

    Same as @Ev1l0rd, I trust more on this open source "huge sploit" than closed source software that.... oh wait... uses network connection too :unsure:.

    Please don't try to difamate the competitors with stupid things when you didn't relase the source code of your tools.

    Your tinfoil apps have more that we can talk, starting with the stolen name of the app and ending with piracy where you are reciving money, that it's the true reason because you develop the "NUT" support.

    I don't waste time for now analyzing your stuff, but I'm sure that can show to you easy that it's a real huge sploits, on your NUT daemon and on your Tinfoil apps... network are always more unsafe that physical ways, so please think a bit before write without sense.

    P.D: Please note that "texts" are ironic...
     
    Last edited by Chocola, Aug 5, 2019
  17. tabzer

    tabzer GBAtemp Fan

    Member
    3
    Feb 15, 2019
    Japan
    You've done nothing to address what was actually said. Both @blawar and @XorTroll make open-source pc applications. Goldtree allows write permission that can be exploited. Nut does not. @blawar argues that his closed source switch application could possibly affect the switch, but not the PC. It'd be nice if @Ev1l0rd could stop by and admit that they had a misunderstanding and is wrong.
     
    Minox likes this.
  18. uyjulian

    uyjulian Homebrewer

    Member
    9
    Nov 26, 2012
    United States
    United States
    If you are doing console hacking, security is the last thing you should be thinking about. Put your banking, crypto, pii, email, business, etc on one computer, and put the rest on another computer. If there is a security problem in a widely used software, there will be a CVE for it and it will be widely publicized, while if it is a rarely used software (like Nut or Goldtree), it won't be, and the person behind it would probably be gone, since in console hacking, old software is abandoned whenever the new console or tool comes out.
     
  19. Ev1l0rd

    Ev1l0rd (⌐◥▶◀◤) Developer - noirscape

    Member
    10
    Oct 26, 2015
    Netherlands
    Site 19
    Except I'm... not in the wrong?

    Look, Goldtree listens for stuff on the USB port and responds to it accordingly. The only possible way this is an exploit is if you start plugging in random USB devices. The only reasonable thing to have plugged in while you have Goldtree running on your Nintendo Switch. I appreciate the supposed concern, but this entire attack vector is already realistically reduced to only Nintendo Switch devices since they're the only thing someone would have plugged in while Goldtree is running, meaning that this is only a security issue if you are a dumbass user who randomly plugs in devices or runs software they can't be assured is safe.

    The reason I'm saying blawar is shooting himself in the foot by pointing this out is because he has a history of being... a fucking dickweed to developers because he doesn't like them and his main thing (DZ) has been affected before by this kind of behavior (the entire Kosmos bullshit) which comes hand in hand with this program not being open source, meaning nobody can safely verify if he's not doing this stuff or is planning to do so in the future.

    Just about the only possible way for him to regain trust from me at this point is if he would FOSS DZ (not that he ever would) and anyone could examine the code to verify he didn't do something like this. Not that he ever would, because if several people are to be believed, he'd also be drowning in licensing violations from hactool and the original tinfoil.

    Also, blawar responded whilst I was asleep, but when he's talking about "payload", he doesn't mean the thing you transfer to your Switch to make it boot. He's talking about a potential malicious program that could be executed to misuse Goldtree.
     
  20. blawar

    blawar GBAtemp Advanced Fan

    Member
    10
    Nov 21, 2016
    United States
    The main issue is not a user plugging in a random device into the USB port (though that is still a security problem), the issue is any 3rd party could do it to gain near full unauthorized access to your system: think law enforcement, a nosey girlfriend, roomate or someone trying to steal data off of your machine and they know you run goldtree.

    The other issue is that a nintendo switch is not a random device, and is the device most likely to be connected via USB. If I wanted to exploit this, I would write a program that replaces the goldleaf binary with a modified version with a malicious payload, then the next time they ran goldleaf while connected to PC, it would infect/attack their PC.
     
    Minox likes this.
Loading...