Hacking Got an idea...

[DoJo_Master]

Probably completely stupid idea but I had this thought while working.

Its strange but if you dont know already, a usb keyboard does infact work with the nintendo switch
( http://www.nintendolife.com/news/2017/03/usb_keyboards_work_with_the_nintendo_switch )

I was thinking maby we could use a device like a USB rubber ducky to brute force keystrokes into the switch, Im almost positive there has to be an exploit using this method. I highly doubt we will ever find that exploit but it is an idea, and the rubber ducky could help by mass entering keys and impossible speeds. Have it run for a month for example and record it until the switch encounters an error/glitch.

I doubt the switch/modern devices work this way but another reason I thought this might work is due to the ability to inject code into the SNES with various D pad movements in mario, it is a tedious task as your writing code in binary but never the less it is possible. ( )

With all this info I cant help but think there is an exploit berried in here somewhere, I just think that the ability to use a keyboard on a nintendo device is too good of an opportunity to overlook.


Thats my two cents

 

[Sonic Angel Knight]

Someone been watching TAS videos.

 

[DoJo_Master]

Someone been watching TAS videos.

Haha exactly!, don't think this has an potential tho?

 

[linuxares]

If I remember a thread correct a guy checked how the ARM works and it will dump scrap memory before it becomes an issue. So I'm not sure if this is a valid option.

 

[DoJo_Master]

If I remember a thread correct a guy checked how the ARM works and it will dump scrap memory before it becomes an issue. So I'm not sure if this is a valid option.

Do you have a link?

 

[linuxares]

Do you have a link?

Sorry no, it was on the forum though.

 

[CeeDee]

We'd still need an exploit (say a bug in a game) to be able to do any sort of button-press based arbitrary code execution on the Switch.

 

[DoJo_Master]

We'd still need an exploit (say a bug in a game) to be able to do any sort of button-press based arbitrary code execution on the Switch.

Thats why I thought a rubber ducky could help find that exploit, brute force kinda thing

 

[linuxares]

Thats why I thought a rubber ducky could help find that exploit, brute force kinda thing

Well the question is how ARM Trustzone works now days. Does it properly handle a buffer overflow?

 

[DoJo_Master]

Well the question is how ARM Trustzone works now days. Does it properly handle a buffer overflow?

Ya that was my main worry, the SNES is a very old system that did not have brute force keystroke protection... Still would like some more info on how the switch deals with mass ammount of key inputs

 

[linuxares]

Ya that was my main worry, the SNES is a very old system that did not have brute force keystroke protection... Still would like some more info on how the switch deals with mass ammount of key inputs

It's have nothing to do with brute forcing. It have to do it's not clearing the memory properly, that's why you even can program the game with a normal SNES controller. By doing jumps etc. at specific parts, you program different bites and bytes.
So basically what the rubberducky would do on a SNES is just overload it with different commands to do at the same time reprogramming the game into a glitchy mess.

 

[DoJo_Master]

It's have nothing to do with brute forcing. It have to do it's not clearing the memory properly, that's why you even can program the game with a normal SNES controller. By doing jumps etc. at specific parts, you program different bites and bytes.
So basically what the rubberducky would do on a SNES is just overload it with different commands to do at the same time reprogramming the game into a glitchy mess.

I understand that, but my idea was that in order to find the correct combination we use a crazy ammount of other combinations with the ducky there for increasing your odds of finding that working injection point

 

[linuxares]

Of course... dumb question however. Wouldn't it be just as easy to plugin a cheap keyboards and smack it randomly? Just to see if something happens?

 

[DoJo_Master]

Of course... dumb question however. Wouldn't it be just as easy to plugin a cheap keyboards and smack it randomly? Just to see if something happens?

Haha maby, I already own a ducky and they are dirty cheap.... I have a feeling smashing your keyboard wouldnt do shite for the longest amount of time, could just plug in that ducky and have it go crazy for a few weeks until the camera catches something odd, effort is minimum

 

[linuxares]

Haha maby, I already own a ducky and they are dirty cheap.... I have a feeling smashing your keyboard wouldnt do shite for the longest amount of time, could just plug in that ducky and have it go crazy for a few weeks until the camera catches something odd, effort is minimum

well then! Best bet I would say is a indie game. Look for a dirty cheap one and not so known one, they often don't have the most experienced programmers.

 

[DoJo_Master]

well then! Best bet I would say is a indie game. Look for a dirty cheap one and not so known one, they often don't have the most experienced programmers.

Do games on the switch use keyboard input? As far as I know its just the system menus

 

[linuxares]

Do games on the switch use keyboard input? As far as I know its just the system menus

not sure, maybe Isaac?

 

[DoJo_Master]

This here is exactly what I am referring too, the kid in the video is basically a rubber ducky pressing random buttons on his xbox and somehow he bypassed the log in screen due to a bug this method found!

Just pretend the usb ducky is this same kid, very good example of what Im trying to accomplish

 

[yardie]

so much stupidity in one thread

 

[BL4Z3D247]

so much stupidity in one thread

It's not like you weren't warned. The OP literally says it in the first sentence of the first post.

Probably completely stupid idea but I had this thought while working.