Would it be possible to run code to the switch from Super Smash Bros. Ultimate with a custom game replay (probably not video)? I know you can move videos from smash from the sd card, what about replays or custom replays with data to execute code? Since its an app it has full access to the RAM unlike system apps like the album.
My guess is that it probably wouldn't be possible, as the firmware blocks unsigned code. However if you could enter RCM somehow, maybe.
No, this is not how hacking works, and the switch uses ASLR so memory corruption bugs are useless in non-scripting engines.
Smash bros replays are not a scripting engine.
Also, generally, hacking userland games/applets isn't particularly difficult, it's just pointless because it doesn't enable homebrew because the rest of the OS is secure.
Entering RCM is trivial on all devices (just short the relevant pins), but this has no security/exploit implications because RCM is secure/not bugged on patched Erista units and Mariko units.
Last edited by SciresM,
- Joined
- Sep 9, 2019
- Messages
- 904
- Trophies
- 1
- Location
- Switch scene
- Website
- github.com
- XP
- 2,663
- Country
I keep seeing the no homebrew thing come up because hos is secure but why would that block userland homebrew if someone gains ace in a game? I know lots of homebrew needs full access to services but not everything does. Before b9s I loved playing with userland homebrew on the 3DS, would something like that not be possible on the Switch (excluding fw 3.0.0 since that had access to all services via ro:han)?
Edit: Specifically what I'm asking is what part of hos prevents you from running homebrew in userland unless you can get privileged code execution?
Last edited by CompSciOrBust,
You cannot get ACE in a game.
You can get ROP.
The ability to run arbitrary code requires compromising Loader, FS, RO, or the kernel, all of which are secure.
Unless you're an experienced hacker, you're not going to discover an exploit by randomly suggesting ideas.
SmashBros is also running inside a secure sandbox, just like the Album app.
What you need is a bug/exploit in the kernel functions that SmashBros uses.
Atmosphere CFW maker MScires said that he thinks everything is pretty much patched at this moment so chances of finding something will be quite difficult.
But as we have seen with the PS3/PS4 it sometimes just takes a while before someone finds something.
If this potential exploit worked, could it at least enable basic modification within the game with or without CFW?
I think he means that the application is in its own environment. It cannot interact with the system, it's like locked in an empty room.
Similar threads
-
BigOnYa
-
Psionic Roshambo
-
K3Nv2
-
Xdqwerty
what are you looking at?
-
-
-
-
-
-
@
Psionic Roshambo:
Also it was literally out of a kilo when I got it off the boat so absolutely pure
-
-
@
Psionic Roshambo:
I was getting 3.5 Grams for 320 could have stepped on it and doubled my money easy lol+1
-
@
BigOnYa:
I'd be afraid to it nowdays, my heart would explode prob. I just stick beers n buds nowdays.
-
@
Psionic Roshambo:
I would get to drive from tarpon springs to like Miami a thousand bucks lol do that twice a week and back in 92 that was good money
-
-
-
-
-
@
BigOnYa:
I'd do shrooms again if could find, and I was outside camping/fishing, and had a cooler full of beer.+1
-
-
@
BigOnYa:
You ever try soaper powder/qauludes? I did once and like a dumbass drank beer on top of taking, I woke up laying in my backyard in the pouring rain, it knocked me out. I have not seen it around in many many years.+1
-
-
@
Psionic Roshambo:
I did pass out one time on a floor after taking a bunch of Ambien lol thought it would help me sleep and did it lol
-
@
Psionic Roshambo:
Girlfriend was working at a pharmacy and stole like 500 of them, was and still is the biggest pill bottle I have ever seen lol
-
-
-
@
Psionic Roshambo:
The last time I had to take something to help me sleep, I was prescribed Trazadone it was pretty OK to be honest.
-
-