Chicken Strips

news Browserhax exploit for ipatched Switch hardware will be out later this week

Recommended Posts

help_6001488428918.png.9e1d90df3ddfe2d025c935fa06fc17bc.png

While prospects for homebrew on newer Nintendo Switch hardware, "ipatched" units, have been fairly bleak, it appears that a new exploit will be here soon. Mike Heskin (hexkyz) has confirmed that a method for users on current Switch hardware is set to be released later this week. Browserhax + nvhax will allow for ipatched systems below OFW 6.2.0 to access userland and use homebrew. This is far more limited than what can be done on unpatched units, but it marks the first breakthrough for newer hardware. Projects that work through userland mode Please login or register to see this link. , and this also means you'll be able to utilize homebrew made for the Please login or register to see this link. .
 

Quote

Anyway, browserhax + nvhax for < 6.2.0 will be released later this week (along with the writeup) so people with ipatched units can play around a bit in userland. It's not much, but hopefully will lead to more people researching other attack vectors in the latest firmwares.

— Mike Heskin (@hexkyz) Please login or register to see this link.

 

Please login or register to see this link.

  • Like 1

Share this post


Link to post
Share on other sites

Dunno what any of the details mean, but I guess they have a way of getting into the newer hardware fixed Switches now.

  • Like 2

Share this post


Link to post
Share on other sites

@Ravenstorm yeah more or less, there still isn't a new exploit for the tegra boot mode (and may never be) so we can't boot a "full cfw" on the patched switches but it looks like work has been done on finding a new userland exploit. Userland is anything the end user (you :P) have accuses to. So you can run games, surf the web and stuff like that but you can't touch the kernel. The most common userland exploit is with the most common of the self plug'n'play web browser API that most device makers use any time there need there device to access the web. So this exploit will involve you changing the DNS setting on the switch to a custom server and then when you try and open the eshop (or anything else that uses the web browser like the ps4 uses the online user manual link) insted of going to the eshop the switch will go to a custom web site and that site will try and run code on the switch which most likely will end up with a home brew menu thing so we can run home brew and other custom apps but wont be able to install full retail apps. The switch did have a userland exploit in like firmware 3 or 4 but that got patched quickly but as this is a open source API anyone can download the code and try and find there own exploits.

Sorry I think I rambled a bit but I think that covers most of it :KannaWave:

Also knowing my luck this exploit will go public when im on holidays / afk and will be patched by the time I come back :KannaSpooky: but I don't have to update my switch now I got the games working offline soo that's a plus

  • Like 2
  • Upvote 1

Share this post


Link to post
Share on other sites

Thanks for explaining. Especially "Userland". Being able to browse would of been nice..I do it on my Vita all the time.

  • Like 2

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • By Chicken Strips
      Ubisoft's online shooter sequel The Division 2 is mere days away from its March 15th launch now, but PS4 owners might want to prepare themselves for a bit of an extended wait before play can commence; the game's day one update on PS4 will weigh in at a mammoth 90GB.
      That's according to a new Please login or register to see this link. (as spotted by Please login or register to see this link. ) in which Ubisoft warns PS4 players who've opted to purchase The Division 2's physical edition that they should expect an 88-92GB download on launch day. "If you purchased a physical copy of the game, begin installing from the disc," it explains. "Provided you are online, your console will simultaneously download Title Update 1 while you install it."
      Ubisoft also notes that the the final HDD install size on PS4 will be between 88-92GB, for both the digital and disc versions. In other words, it sounds like physical owners are essentially being asked to download the entire game from scratch when release day comes.
      It's obviously a whopper of a download (even Please login or register to see this link. , one of the larger in recent memory, looks positively dainty in comparison) although it's not entirely clear why. According to Ubisoft's same support page, Xbox One and PC players should "expect a 48-52GB download" on launch day, meaning that the PlayStation 4 update is, for some reason, almost twice the size of other versions.
      All of which is to say that you probably shouldn't bank on playing The Division 2 soon after launch if you've plumped for the physical release, regardless of platform. And if you're on PlayStation 4, you'll have plenty of time to, say, read a book or learn a language or transcend entirely to another plane, while you wait for your download to complete.
       
      Please login or register to see this link.
       
       
    • By Chicken Strips
      Google’s Threat Analysis group has Please login or register to see this link. affecting Google Chrome and Windows 7 PCs yesterday (via Please login or register to see this link. ). Google said it has already patched Chrome to remediate the vulnerability on March 1, and it’s recommending users to make sure that they have already updated the web browser to version 72.0.3626.121 or newer.
      As for the Windows 7 vulnerability, Google says that it already reported it to Microsoft but had to reveal it yesterday after the end of its to a 90-day disclosure deadline. The Redmond giant is said to already be working on a fix, but according to Google this vulnerability is already being exploited in targeted attacks.
       
       
      As Microsoft has yet to announce when it will fix this vulnerability, Google is recommending Windows 7 users to upgrade their PCs to Windows 10. Microsoft announced yesterday that the new OS is now running on 800 million devices worldwide, but 43.93% of Windows users were still using Windows 7 in March according to Please login or register to see this link. .
       
      MY NOTE: Just because this is currently only being used against 32 bit versions of Windows 7 does not mean that the 64 bit version is safe. No where does anyone mention that windows 7 64bit is safe either. Just that it is has not being exploited on the 64bit version yet. It's just a matter of time. Microsoft has not even announced a fix yet.  PLEASE FOR THE LOVE OF GOD UPDATE TO WINDOWS 10. ITS FREE.
       
      Please login or register to see this link.
    • By Chicken Strips
      Last month, Devil May Cry 5 director Hideaki Itsuno and producer Matt Walker said how they would "love" to see the popular hack and slash series on the Nintendo Switch.
      Now, in a recent interview with German magazine M!, Itsuno said the latest game in the Devil May Cry series would be considered for the Switch if Capcom's April release Dragon's Dogma: Dark Arisen "sells well" on the platform. Below is the translation:
       
      As for why Devil May Cry 5 wasn't announced for Nintendo's hybrid system in the first place, it's because development began before the team had access to Switch development kits.
       
      Please login or register to see this link.
    • By Chicken Strips
      Looks like June 15th came early! A new version of Atmosphère has just been released, 0.8.5 to be precise, which brings several new features an improvements to the table.
      First of all, there's the Please login or register to see this link. cheat functionality: a new system module which uses a format compatible with SX OS's cheats while also bug fixing and improving it. The implementation is Please login or register to see this link. in the repo and users are recommended to read through it to get a better understanding on how to use it. The system module also supports interfacing itself with homebrew apps and, if you're a developer and want to make use of it, you may want to read Atmosphère's accompanying Please login or register to see this link. aswell.

      Other additions include being able to override content on a per-title basis, separately from HBL's override key, added content headers in fusee-secondary (which primarily affects and enhances Hekate and other bootloaders that do not use fusee-primary) and a bug fixes for AMS' fatal screen on firmwares 1.0.0-2.3.0 and prodinfo backups.

      As usual, you can read the full changelog below:
      Please login or register to see this link.
      Please login or register to see this link.
    • By Chicken Strips
      One of the earliest Nintendo 64 titles to truly dazzle gamers was Turok: Dinosaur Hunter. At a time when many FPS titles still employed 2D sprites, this full-3D shooter really impressed and was arguably something of a killer app for the console.
      It has now been confirmed that the game - alongside its sequel, Turok 2: Seeds of Evil - will be coming to the Switch. The original Turok will launch on March 18th for $19.99. Release details for Turok 2 have yet to be confirmed.
      Please login or register to see this link.