Hacking Team-Xecuter coming to your Nintendo Switch console!

[RedHunter]

Why there are 2 threads for the same thing?

Still on 2.3.0 since I could have gotten a used copy of Pokken on ebay any time to update if 3.0 had panned out to be the proper firmware for piracy. I don't mind paying for whatever they have to offer product wise if it's a reasonable amount and doesn't affect the longleviety of the console.

I'm on 2.3 too. I was about to buy Pokken from Amazon but it was out of stock so I saved the money ahaha.
Btw paying for this method is not a problem for me too, is going to be cheaper than buying a second switch and a copy of Pokken for sure.

 

[TheCyberQuake]

Why there are 2 threads for the same thing?

I'm on 2.3 too. I was about to buy Pokken from Amazon but it was out of stock so I saved the money ahaha.
Btw paying for this method is not a problem for me too, is going to be cheaper than buying a second switch and a copy of Pokken for sure.

There are actually 4 threads last I checked, but two seem to have died and we are left with 2.
For those who want homebrew, piracy, and playing the newer games the modchip is the best choice unless you already have a 1.0.0 switch.
People are saying "there will be a free software exploit" do realize that software exploits are very unlikely to persist across updates and without the keyblob bug in 1.0.0 trustzone you won't be playing newer games for later firmwares. If this hardmod works as advertised, you will have homebrew and piracy on latest firmware with no way to patch it due to it being a hardware vulnerability.

 

[V-Temp]

If this hardmod works as advertised, you will have homebrew and piracy on latest firmware with no way to patch it due to it being a hardware vulnerability.

Depending on the solution employed, there's potential (and substantial) wear on the console lifespan. So it would inevitably patch itself out in a way, especially if even a minor Switch revision addresses their chip-solution.

Also I'd be patient on that 'any firmware' claim. Its actually a bit of a loaded claim in the wording. Ya, the solution will work on any firmware in that any firmware is still on a fixed hardware on so modding won't care where you start, but the solution itself may not work to *be* all firmwares when it comes to actual use.

 

[TheCyberQuake]

Depending on the solution employed, there's potential (and substantial) wear on the console lifespan. So it would inevitably patch itself out in a way, especially if even a minor Switch revision addresses their chip-solution.

Also I'd be patient on that 'any firmware' claim. Its actually a bit of a loaded claim in the wording. Ya, the solution will work on any firmware in that any firmware is still on a fixed hardware on so modding won't care where you start, but the solution itself may not work to *be* all firmwares when it comes to actual use.

I haven't looked into it, but is there any evidence of this being a problem on any previous modchips? I haven't heard about this being a problem for modchips on other systems, but I also don't look into them very much.

 

[Soluble]

I haven't looked into it, but is there any evidence of this being a problem on any previous modchips? I haven't heard about this being a problem for modchips on other systems, but I also don't look into them very much.

I don't think RGH was ever patched on the Xbox 360. Possibly the last hardware revision, but I was out of the scene at that time. If it's a hardware flaw then it certainly has the potential to last the consoles lifecycle. My 360s were firmware modded, and then dual boot RGH'd and they're still kicking along nicely.

 

[_______]

I don't think RGH was ever patched on the Xbox 360. Possibly the last hardware revision, but I was out of the scene at that time. If it's a hardware flaw then it certainly has the potential to last the consoles lifecycle. My 360s were firmware modded, and then dual boot RGH'd and they're still kicking along nicely.

If they used the glitch method or the GPU IOMMU bypass, I doubt Ninty could fix it w/o a new HW revision. But we'll need more detail on that mod to be sure.

 

[m_babble]

Will definitely be following this. Will wait for the review to buy, though. Thanks for the hard work!

 

[mendezagus]

Depending on the solution employed, there's potential (and substantial) wear on the console lifespan. So it would inevitably patch itself out in a way, especially if even a minor Switch revision addresses their chip-solution.

I remember RGHing my xbox 360 and by the third year i could barely use it due to the booting times.

As long as i´m here i want to ask about the infamous "keys" needed for running future (pirated) software/firmware updates: does this chip bypass the need of these keys? does it makes easier to decypher them?

 

[Trash_McPhail]

This is gonna be big!

 

[Lumince]

Am i fucked guys? i hoarded all <3.0.0 Switches in my area

How many you got?
Err... You mean below 3.0 or above 3.0?

 

[TheCyberQuake]

I remember RGHing my xbox 360 and by the third year i could barely use it due to the booting times.

As long as i´m here i want to ask about the infamous "keys" needed for running future (pirated) software/firmware updates: does this chip bypass the need of these keys? does it makes easier to decypher them?

It makes it so you dont need the keys. It will run on any firmware, meaning you could be on latest firm to play the newer games and still have cfw/piracy

 

[Lumince]

As soon as this can be preordered I'm getting it Now I can play Odyssey and use homebrew! Woohoo!

 

[smf]

do realize that software exploits are very unlikely to persist across updates

Just like the PS3 right? I guess we'll have to wait for someone to create a hacked update instead. As long as you have kernel access then everything is possible.

and without the keyblob bug in 1.0.0 trustzone you won't be playing newer games for later firmwares.

There is a debate about what version of the kernel everything was fixed in, if you listen to the qa at the end of the 34c3 talk then 2.30 is mentioned during an answer about what firmware versions will be supported. There is nothing to say there aren't exploits in >3.0 either, meltdown cpu exploit allows you to gain kernel read access on any intel system made in the last 20 years.

If this hardmod works as advertised, you will have homebrew and piracy on latest firmware with no way to patch it due to it being a hardware vulnerability.

We don't know that, the boot can be patched on the switch & they might put an update out that renders the glitching hardware completely useless.

 

[V-Temp]

I remember RGHing my xbox 360 and by the third year i could barely use it due to the booting times.

As long as i´m here i want to ask about the infamous "keys" needed for running future (pirated) software/firmware updates: does this chip bypass the need of these keys? does it makes easier to decypher them?

Yes hardmodding can have an extreme effect on the lifespan, it depends on what it is and how it accomplishes its hijack. A glitcher to mess up the bootloader to run unsigned software, for instance, will have major longterm ramifications on your system.

Keys are used to decrypt software for the system to boot, run software, and do pretty much anything. Switches have console unique keys everywhere but by hijacking the system you could get them for your console. This isn't easy nor would it make a very intuitive mod. No solution for the Switch is going to be exactly 'easy' mind you. (And you'd have to do this every time Nintendo updates their keyblobs to get the info out.)

Their "proof" of their capabilities is to this end by leaking a key.

It makes it so you dont need the keys. It will run on any firmware, meaning you could be on latest firm to play the newer games and still have cfw/piracy

I still don't think that's what they are actually saying but we won't know for a while. As I said, "works on any firmware" is technically true in that you can mod any firmware and run their cfw or whatever, but it may not actually let you be any firmware after the fact. In fact, I don't think its remotely possible to guarantee the latter and depending on how this is done could even lead to bricking from Nintendo. Force burn enough fuses and you brick a console.

As mentioned and even noted by those in the scene, this will be REed immediately. Hell, you could even submit a solution to Nintendo through total anonymity in HackerOne if you wanted. Nothing is impervious.

 

[TheCyberQuake]

Yes hardmodding can have an extreme effect on the lifespan, it depends on what it is and how it accomplishes its hijack. A glitcher to mess up the bootloader to run unsigned software, for instance, will have major longterm ramifications on your system.

Keys are used to decrypt software for the system to boot, run software, and do pretty much anything. Switches have console unique keys everywhere but by hijacking the system you could get them for your console. This isn't easy nor would it make a very intuitive mod. No solution for the Switch is going to be exactly 'easy' mind you. (And you'd have to do this every time Nintendo updates their keyblobs to get the info out.)

Their "proof" of their capabilities is to this end by leaking a key.



I still don't think that's what they are actually saying but we won't know for a while. As I said, "works on any firmware" is technically true in that you can mod any firmware and run their cfw or whatever, but it may not actually let you be any firmware after the fact. In fact, I don't think its remotely possible to guarantee the latter and depending on how this is done could even lead to bricking from Nintendo. Force burn enough fuses and you brick a console.

As mentioned and even noted by those in the scene, this will be REed immediately. Hell, you could even submit a solution to Nintendo through total anonymity in HackerOne if you wanted. Nothing is impervious.

If it's a hardware vulnerability its very unlikely a software update could fix it.

 

[smf]

If it's a hardware vulnerability its very unlikely a software update could fix it.

It's using a glitch attack, there are ways to harden code against glitch attacks using software. It's an arms race.

All they need to do is create a work round that means everyone has to buy new chips again.

 

[V-Temp]

If it's a hardware vulnerability its very unlikely a software update could fix it.

Hardware fault is how you get into the system (like the 34c3 glitching) and you can inject code into the system thereafter even without it being signed (for example). But code has to run to do anything and there are ways to combat this, when its REed it'll will be easier to combat it where possible.

Patching it will likely require such a minor revision of hardware that we may never even realize it until someone finds out they can't mod a new batch off the factory. (Of course, we don't know the fault for now. So who knows!)

 

[TheCyberQuake]

It's using a glitch attack, there are ways to harden code against glitch attacks using software. It's an arms race.

All they need to do is create a work round that means everyone has to buy new chips again.

It isn't always possible to defend against depending on how the glitch works.

 

[smf]

It isn't always possible to defend against depending on how the glitch works.

The way I would do it would be to run the signature check multiple times with random delays and randomly have some tests that will pass and some that will fail. Making sure that all the tests have to run for the code to work, not just an "if" test at the end.

 

[kajan]

What are the chances of us being able to go online with these hardmods? Were the hardmodded xboxes able to go online?