EurAsiayour console hacking resource
Select topic
  Create an account Home  ·  Your Account  ·  Online Shop  ·  Forums  ·  Downloads new  ·  Wiki  
Main Menu
· Home
· About Us
· Downloads
· FAQ
· Forums
· Info Pages
· Members List
· Online Shop
· PDA - AvantGo
· Private Messages
· Search Stories
· Statistics
· Stories Archive
· Submit Story
· Top 10
· Topics
· Upload
· WAP
· Web Links
· Wiki
· Your Account

Online Shop
Credit Card

Bitcoin

EurAsia Online Shop
enter

new products
· R4i Gold 3DS RTS
· Mars Pro GM-816HD
· EurAsia File Collection 2017
· Matrix Infinity 2.0
· Modbo 5.0
· Screwdriver GC/SNES
· X360ACE V3
· E3 NOR Flasher
· Corona Postfix Adapter V2
· SuperCIC cart key
· SuperCIC SNES kit
· Gateway 3DS
· X360ACE V1
· 3k3y 3KR (SATA)
· Mtx Glitcher v1
· HAKKO WICK
· HAKKO PRESTO 980
· ULTRACORE Solder
· Crystal Oscillator 48MHz
· X-TOOL

complete price list

Tor Hidden Service
Tor Project
EurAsia Onion URL: wrqgfbrcgttkp6pi.onion

Who's Online
There are currently 436 guest(s) and 9 member(s) online.

Alexw535434 - Berserker666 - delaware - dzenc - fragthewife - gross7 - koko_es - kuipo - paidamoyo

Welcome honored guest. You can register for free by clicking here.

Site Protection
INFOSEC
BM

Hot Wikis
· Switch Key List
· PS4 firmware updates
· 3k3y nokeys ISO tutorial
· 3DS game fw updates
· 3k3y microSD recovery
· PS3 SKU Models
· PS3 Metldrpwn
· Xk3y microSD recovery
· Xbox360 motherboards
· Xbox360 Reset Glitch Hack
· PS3 Blu-ray Drive
· Homemade Sputnik360
· PS3 BD drive swap
· PSP Crypto Keys
· PS3_Crypto_Keys
· PS3 Hypervisor RE
· PS3 Dongle User Guide
· PSGroove tutorial
· Xecuter LT Fakir
· PS3 YLOD Fix
· NSMB Modchip Tutorial
· PS3 Glitch Hack
· Xbox360NoDvdRom
· Ps3FactoryRestore
· Free60JtagHack
· Ps3HddDecrypt
· WiiKey2EjectFix
· SaveMiiFree
· WiiHwDiagram
· Ps3OsRels
· PandoraNoHomebrewPsp
· GcOsMultiGameWiiHowTo
· Xbox360LinuxBurn
· Xbox360EraserFix
· Xbox360Kernel
· Xbox360DisasmXtreme
· Ps2HdlPatchTutorial
· Ps2VersionTable
· XboxErrorCodes
· XboxVersionTable
· GameCubeLaserTweak
· ModchipSolderingGuide
· PspUmdIsoHaxorLinux

RSS Feed
News & Downloads & Wiki

IRC
#eur
EFnet

Hosted By

Ad

Respected Sites
· Home of the Hitmen
· radare
· gc-forever
· pouet.net
· English Amiga Board
· GXArena OFW Repo
· WiiBrew
· WiiUBrew
· 3DBrew
· SwitchBrew
· Games and Consoles
· Maxconsole.com
· Console Wizard
· GameCube Linux
· Xbox Linux
· Xbox-Scene.com
· XboxHacker.Net
· xbins.org
· Doom9.net
· bunnie's blog
· debugmo.de
· GX-Mod.com
· ElOtroLado.net
· uCON64
· GBADEV.ORG
· GBAtemp.net
· PocketHeaven.com
· PDRoms
· GameSX.com
· ASSEMbler
· phrack.org
· Woz.org

Support...

Bitcoin

Namecoin

radare

OpenCores
Electronic Frontier Foundation
Amnesty International

Nectarine Radio

Demovibes Radio

GNU
Linux
Mozilla

Total Page Views
We received
152662974
page views since June 2002


Moderated by: Robert

EurAsia : Index » » Switch » » Switch fireworks of exploits and rushed releases
New Topic   Post Reply
Author Switch fireworks of exploits and rushed releases
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6357
Status: Offline
 _#35966 posted 2018-04-24 @ 08:39 GMT   
This morning, after waking up a bit groggy, I checked my Twitter feed and it was like watching fireworks in reverse consisting of leaks, exploits, rushed releases and rage quitting hackers. You might wonder what triggered it all, so lets start with a little recap. Yesterday the Tegra X1 BootROM was released for Switch along with IDC debug info for IDA Pro, and various hackers started to play around with this including myself.

A few hours after this, not sure about the time frame, a bug for Tegra X1 was posted anonymously on pastebin.com ( mirror).

Quote:
Tegra X1 RCM forgets to limit wLength field of 8 byte long Setup Packet in some USB control transfers. Standard Endpoint Request GET_STATUS (0x00) can be used to do arbitrary memcpy from malicious RCM command and smash the Boot ROM stack before signature checks and after Boot ROM sends UID. Need USB connection and way to enter RCM (Switch needs volume up press and JoyCon pin shorted).



Apparently this isn't just any bug, it's in hardware, and actually not possible for Nintendo to patch without releasing new console hardware.

The bug info somehow opened the floodgates; teams and individuals previously holding information regarding Switch suddenly released everything they had in a flurry. To name a few; plutoo, SciresM, ktemkin, and last but not least fail0verflow. The leaks and releases are still ongoing.

What I think we can expect from all this eventually is a custom firmware with persistent exploit which will load homebrew and game dumps. I hope you enjoyed the news, to be continued...
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
johhenrik



private

Registered: 2011-11-16
Messages: 1
Status: Offline
 _#35971 posted 2018-04-24 @ 21:11 GMT   
Holy shit! That's good news.

 Profile  pm    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6357
Status: Offline
 _#35972 posted 2018-04-25 @ 14:17 GMT   
Quote:
Atmosphère is a work-in-progress customized firmware for the Nintendo Switch.



I'm just going to drop these links here:

https://github.com/Atmosphere-NX/Atmosphere
https://github.com/thomleg50/Atmosphere/releases

Seems like you need Fusée Gelée to install this. Thanks goes to pOOBAH for the heads up.
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6357
Status: Offline
 _#35973 posted 2018-04-29 @ 10:31 GMT   
Quote:
TegraRcmSmash - a fusee-launcher for Windows

Get the easy-to-use binaries at https://switchtools.sshnuke.net
Make sure to read the README.txt for how to use/install drivers.
(Source available on https://github.com/rajkosto/TegraRcmSmash if you want to compile it yourself)



Source: rajkosto @ gbatemp.net

  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6357
Status: Offline
 _#35975 posted 2018-04-30 @ 10:15 GMT   
Quote:
Web Fusée Launcher
Fusee Launcher ported to JavaScript using WebUSB.

Source can be found on GitHub (or by hitting view source, there is no backend!). Ported from fusee-launcher. Thanks to ktemkin and ReSwitched for Fusée Gelée and a ton of other things!



https://fusee-gelee.firebaseapp.com/

Thanks goes to pOOBAH for the heads up.


...and Ubuntu Linux on Switch:

https://gbatemp.net/threads/ubuntu-18-04-on-a-switch.502147/
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
Robert





Registered: 2002-06-14
From: Bangkok
Messages: 1422
Status: Offline
 _#35976 posted 2018-04-30 @ 10:31 GMT   
Quote:
Scene developer @hexkyz recently updated the 'SwitchBrew Wiki', to document the 'TegraRCM' in full, and at the same time dropped a rather useless (but hilarious) 'unpatchable' bug. - That he found in the 'TSEC firmware' for v5.02 that not very useful but still its there



Source: GaryOPA @ maxconsole.com
                                      .--.
          ________ ____ __  ________ /    \   _______  ___  _______
     _ __/   - __//    |  |/   ____//  \   \ /___  --|/   |/   __  |__ _
   - - --\_______/\_______|\___|---/   _\   \\_______|\___|\_______|-- - -
          -------  -------  ---   /____\_____\-------  ---  -------
                                  ------------

 Profile  pm  www    Quote
BonerBoy



lt

Registered: 2006-02-22
Messages: 62
Status: Offline
 _#35977 posted 2018-04-30 @ 10:40 GMT   
fusee gelee via raspberry pi(e) for switch https://github.com/Darkmelman/udev_rule_fusee_gelee_pi3
      )
     (
      )
  _.-~(~-.
 (@\`---'/.             Tea,     
('  `._.'  `)             anyone?
 `-..___..-' 

 Profile  pm    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6357
Status: Offline
 _#35978 posted 2018-04-30 @ 17:27 GMT   
Quote:
NXLoader [ALPHA - EXPERIMENTAL]

My first Android app: Launch Fusée Gelée payloads from stock Android

Heavily based on Fusée Gelée and ShofEL2. fusee.bin is bundled as a default payload

Does it work on your device? Report here

Get the APK release

This app is currently in "Alpha" state, it's my first Android app and there is some rather disgusting code (Potentially blocking tasks on the UI thread ). This will be improved soon™.

HOWTO:
* Launch the app.
(Optional) go to the Config tab, and select a custom payload file.
* Plug in your Switch. (On my Nexus 5, I use a micro USB OTG cable, and an A-to-C cable)
* Put it into RCM mode. (Note: your switch will power on by itself when plugged in, be sure to hold VOL+).
* Grant permission to the app to access the USB device.
* Enjoy!

Note: The app does not need to be running in order to launch the payload. The phone can even be locked!

FAQ:
* Why use this over a web-based launcher?: No internet required, and can auto-launch even if your phone is locked. Plug and play!
* Can it load Linux?: soon™
* Will it brick my phone/switch?: Hopefully not, but I an certainly not responsible if it does!
* Does it need root?: Nope!

TODO:
* Refactor the code so it's less hacky
* Improve UI/UX
* Implement loader for fail0verflow's Linux

For anyone who wants to look at the exploit source, the magic happens here.



https://github.com/DavidBuchanan314/NXLoader

[ This message was edited by modrobert on 2018-04-30 @ 17:30 GMT ]
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6357
Status: Offline
 _#35979 posted 2018-05-01 @ 09:43 GMT   
Quote:
hekate
Nintendo Switch bootloader, firmware patcher, and more.




Project home: https://github.com/nwert/hekate

  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
delaware



private

Registered: 2003-09-09
From: germans
Messages: 22
Status: Online
 _#35980 posted 2018-05-02 @ 07:03 GMT   
Thats all chinese for me .. Is there any USB Loader released and will it come now ?
The most importand question is, we need something to play backups or games from external HDD !

Will this come soon or not ?

 Profile  pm  www    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6357
Status: Offline
 _#35981 posted 2018-05-02 @ 07:55 GMT   
Soon (tm).
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
BonerBoy



lt

Registered: 2006-02-22
Messages: 62
Status: Offline
 _#35982 posted 2018-05-02 @ 08:01 GMT   
https://www.youtube.com/watch?v=g_f1HfEPpMs

atmosphere custom loader test
      )
     (
      )
  _.-~(~-.
 (@\`---'/.             Tea,     
('  `._.'  `)             anyone?
 `-..___..-' 

 Profile  pm    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6357
Status: Offline
 _#35989 posted 2018-05-05 @ 07:03 GMT   
https://github.com/moriczgergo/rocontrol
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
_
New Topic   Post Reply
Jump To
 

All trademarks and copyrights on this page are owned by their respective owners.
Comments and forum messages are owned by the Poster.