Nintendo switch hax: #1 source of informations

[Switch] A feat of kernel was found to be in 3.0, homebrews soon

This is the Chaos Communication Congress, an annual gathering of hackers held this year in Leipzig, Germany, the now well-known Plutoo, Derrek and Naehwert (with the help of yellows8, who was not present that day) presented their recent achievements on the latest Nintendo.

Note that if you want to take advantage of future advances in terms of hack on Switch, you need to be in version 3.0.0. Do especially not to update your console, because a downgrade is impossible (and will remain no doubt : a fuse in the processor crame with each update, making it impossible to boot to the console if an older firmware is installed).
If you’re in an earlier version, the only way for you to update in 3.0.0 is to buy Pokken Tournament DX, mediocre brawler themed Pokémon. I agree, 50€ to have the correct version of the firmware, it is expensive, but you can always use the game as a hold-table.

The demo presented.

The presentation begins with a launch attempt of the feat based on Webkit on a Switch. You probably know, the Switch does not have a web browser, at least not directly accessible. They use so here PuyoPuyo Tetris, game published by Sega… who has had the good idea to put a link to the site sega.jp is in the game manual. There’s nothing to say, Sega is really stronger than you.

Well played…

This is not the first time that a feat is possible thanks to a game : Splinter Cell for the Xbox, Cubic Ninja for the 3DS, Patapon 2 for the PSP… But this is the first time that it is thanks to an internet address in the instructions of the game !
The test does not succeed, and the result of the presentation is thus launched.

It then learns a few things about the hardware of the console, in particular, that the Joy-Cons are not protected, and that all the information transiting through them are in the clear.

A feat via the Joy-Cons soon ?

It is from 8:05 as we enter in the heart of the matter : our dear hackers talk about the processor of the Switch, which is in fact a derivative of the Tegra X1 by Nvidia (the details that we already knew). What is “fun”, is that Nvidia has very well documented the Tegra X1, and a documentation of more than 3,000 pages is available freely on the internet, which has greatly facilitated the work of the team. They do not, for example, have had to look for “bypass the SMMU (bypassing the SMMU)” in the documentation to find out how to circumvent the security features of the SMMU Management Unit (System Memory) !

Thank You Nvidia ! xD

A few details we are given (to 11:40) on the Switch. We learn that it is not a system based on FreeBSD (like the PS4 and the PS Vita) as we have heard in the past, but a derivative ofthe Horizon, the kernel of the 3DS.

The presentation ends with a sentence that everyone had hoped to hear at that precise moment : “there will be homebrews. Soon.”, in collaboration with the Team ReSwitched. They are subsequently chained together by a demonstration of the exploit (to 49:58).

You are the hands because it cool 😛

We are not entered in the details in this article because, as you can imagine, all of this is very technical. In spite of everything, if you have a little time to kill, and that the topic interests you, you can watch the video of the conference below.

As said our dear Wololo, it is impressive to see how the hackers are cooperating on a Switch, but also on 3DS and Wii U. Especially when we think of the community underground to the PS Vita, it’s a pleasure to see !

Updated: January 5, 2018 — 2:02 pm

Leave a Reply

Your email address will not be published. Required fields are marked *

Switchack © 2018