Hacking Discussion is deja vu dead (on new units)?

[TotalInsanity4]

No, thats the point, its untethered.

Yes, you would. It's just the payload would come from the SD card

 

[leo60228]

Yes? Like, powering on (OFW) and then using the exploit (to go to CFW). No dongle/PC payload, but we do need to send it. I think?

You don't need to send it, but you have to have never updated above 4.1.0 without AutoRCM.

 

[guicrith]

Yes? Like, powering on (OFW) and then using the exploit (to go to CFW). No dongle/PC payload, but we do need to send it. I think?

He said "send" a payload, that means data transfer, deja vu doesnt require data transfer.
Its all on the device.

 

[alexj9626]

You don't need to send it, but you have to have never updated above 4.1.0 without AutoRCM.

So once we use the exploit, what if i turn off my console? I need to do the exploit again, right? With what you are saying im understanding that you do it and no need for it again if im 4.1 or under.

 

[MostGood]

You don't need to send it, but you have to have never updated above 4.1.0 without AutoRCM.

Well that sucks, bought my switch and it came with 6.2.0. Rip.

 

[leo60228]

So once we use the exploit, what if i turn off my console? I need to do the exploit again, right? With what you are saying im understanding that you do it and no need for it again if im 4.1 or under.

No, you need to do it every power-on. It's just stored entirely on the SD card, no external device required.

 

[TotalInsanity4]

So once we use the exploit, what if i turn off my console? I need to do the exploit again, right? With what you are saying im understanding that you do it and no need for it again if im 4.1 or under.

No, you'd need to send the exploit every time. What he's saying is that the software portion was patched in all FWs above 4.1.0, so unless you use a hardware flaw (??) you'd need to have a console <=4.1.0 to even launch it

 

[alexj9626]

He said "send" a payload, that means data transfer, deja vu doesnt require data transfer.
Its all on the device.

I mean no payload for the exploit, but we do need to do the exploit everytime we turn on, or im missing something.

No, you need to do it every power-on. It's just stored entirely on the SD card, no external device required.

This, thats what i meant. Thanks

 

[SciresM]

EDIT2: oh boy

It's the same exploit, hence "there are other arbitrary writes in this code as well" in wiki description. In particular, the patch he merged causes 0x22CF2000 to be written to an IPATCH register during warmboot. This causes the bootrom to patch itself, making the warmboot firmware signature check function always return zero. (In particular, the instruction at 0x10459E is replaced with "MOVS R0, #0x0").

 

[M7L7NK7]

You boot the browser and reset into cfw

Won't be that good til we get emunajd so we can go stock>Deja vu>emunand on whatever firmware you want

 

[cyndor]

Yay, release soon?

 

[M7L7NK7]

You boot the browser and reset into cfw

Won't be that good til we get emunajd so we can go stock>Deja vu>emunand on whatever firmware you want

And you'll still need a PC around you, it's the same as Pegaswitch where it gets the exploit wirelessly

 

[YugamiSekai]

And you'll still need a PC around you, it's the same as Pegaswitch where it gets the exploit wirelessly

You'd most likely be able to self-host the exploit, so you could also use an Android

 

[M7L7NK7]

You'd most likely be able to self-host the exploit, so you could also use an Android

Yeah true, just don't want everyone to think (like I did for the longest time) that Deja and Jamais are completely stand alone exploits

 

[MostGood]

If we're above 4.1.0 are we sol?

 

[leo60228]

And you'll still need a PC around you, it's the same as Pegaswitch where it gets the exploit wirelessly

It's stand-alone as long as you have internet. Somebody else can host it.

--------------------- MERGED ---------------------------

If we're above 4.1.0 are we sol?

Maybe, but that's not guaranteed. The lower the better, though; IIRC 6.0.0 fixed another part of the exploit.

 

[uyjulian]

It's stand-alone as long as you have internet.

If I could do it 100% with no network, no soldering or connecting internal devices, no external devices, no USB, or no SD/TF card after the initial setup, I would call it a stand-alone exploit.
However, if it requires network, USB, or external devices, I would call it a tethered exploit.
If it requires soldering or connecting internal devices to the mainboard, I would call it a modchip.
If it requires SD/TF card or other modular storage device, I would mention the requirement of the SD/TF card.

 

[PolloDiablo]

Oh, this sucks major balls.
So the guy snuck in a part of the deja vu chain (the warmboot bootrom exploit). This can't be a coincidence.

If we're above 4.1.0 are we sol?

We still don't know yet. Actually, I was waiting for confirmation regarding Deja Vu before updating the Firmware Status chart.

 

[guicrith]

Could it be stored in the switch web browser cache to work offline, like web apps on iOS?

 

[TotalInsanity4]

Could it be stored in the switch web browser cache to work offline, like web apps on iOS?

Does that Switch actually have a web browser now? Granted I'm still way back at 4.1.0, but I don't remember hearing an update giving the console a full web browser