Since the webkit vulnerability and Pegaswitch were released on the Nintendo Switch a few day after the console’s launch, several hackers have been digging into the internals of the console to learn about its system.
Hacker Plutoo of 3DS/Wii U Fame confirmed yesterday that he has been able to grab what appears to be data/API call names from one of the modules on the Nintendo Switch. The module in question, according to the hacker, is NS, which might be the equivalent of the module of the same name on the 3DS. Plutoo has however stated that given the differences in API names, it appears that this is not based on 3DS firmware code.
The webkit exploit lets hackers look at some parts of the RAM (and of the filesystem) of the Nintendo Switch, the same RAM that was accessible to the webkit process. In that RAM, some modules of the system have been loaded for webkit to interact with the system, and that’s what hackers can poke within the Webkit exploit.
Hackers are interested in knowing what’s in RAM, not only to “draw the map” but because one of the modules accessible to Webkit can potentially be leveraged to break out of the webkit process. Typically with a privilege escalation vulnerability. So the idea here is to reverse engineer the modules loaded in ram, understand what they do, and find a bug in one of them.
There’s nothing of use for the typical end user yet. But if you’re interested in how systems get hacked from scratch, you’re at the right point in time to watch this evolve for the Nintendo Switch.
As a reminder, the webkit exploit was patched in Nintendo Switch Firmware update 2.1.
- Qwertyoruiop claims PS4 is pwned on f... — Qwertyoruiop is in the news again now claiming to have crack [...]
- Xbox One hack: Xbox One Exploit Proof... — Developer unknownv2 has released a proof of concept exploit [...]
- PS4 Webkit hack: SpecterDev explains ... — A few days ago, hacker qwertyoruiop released a Webkit exploi [...]
- PSvita Adrenaline-2 and Easy installe... — Adrenaline version 2 is finally out after being promised by [...]
- PS4 Jailbreak: qwertyoruiop states he... — A lot seems to be happening on the PS4 homebrew scene since [...]