smhax, the huge Nintendo Switch vulnerability that’s both good and bad news
Good news, smhax is probably one of the biggest vulnerabilities discovered so far on the Nintendo Switch, and will probably pave the way for homebrews on the device in the months to come. Bad news, Nintendo fixed it last month with the latest firmware update, Switch 3.0.1.
What’s Nintendo Switch smhax?
smhax is the informal name of a vulnerability discovered by multiple hackers on the Nintendo Switch. The bug, when fully exploited, appears to be a privilege escalation which allows the attacker to register and run arbitrary services on the console. Specifically, according to the switchbrew wiki:
Prior to 3.0.1, the service manager (sm) built-in system module treats a user as though it has full permissions if the user creates a new “sm:” port session but bypasses initialization. This is due to the other sm commands skipping the service ACL check for Pids <= 7 (i.e. all kernel bundled modules) and that skipping the initialization command leaves the Pid field uninitialized. Successful exploitation results in Acquisition, registering, and unregistering of arbitrary services
In other words, coupled with a userland entry point (typically a webkit vulnerability), this could probably be used to gain full access to the console.
What does smhax mean to the end user for Nintendo Switch hacks?
Hacker SciresM has confirmed on GBATemp that all firmwares up to 3.0.0 included could leverage this exploit once the necessary tools are made available. Technically, if you know your basics in hacking, the information on the switchbrew wiki should almost be enough to get loooking into this specific vulnerability
However the Switch homebrew scene is still an embryo at the point, and many people are mentioning that the latest 3.0.1 firmware is required to play AAA titles such as Splatoon 2. It’s unlikely that many of us will stay on a low firmware at the moment, even if it’s important to emphasize how big of a bug this was, and how unlikely the scene will be to have such a lucky break any time soon.
3DS hacker Smealum also mentioned that a similar vulnerability existed for a long time on the 3DS, and had been leverage by the infamous Gateway 3DS.
Nintendo have been ramping up their game against hacking in the past few years, mostly with tight monitoring of what’s happening on the console (for those who are tinkering but are not very careful about it, their hacks might be patched before they even realize they have a hack), but also with a bounty program that incentivizes hackers to report vulnerabilities to Nintendo directly.
For now, this information about smhax is mostly interesting for those of you who are interested in hacking the device themselves and were looking for pointers. However, now that it’s out in the open, there’s a possibility this will lead to more releases for the scene.
Source: SciresM
Still too early, i hope they keep this “bug” private for at least a year or so i don’t want to see the switch get hacked wide open before it even had a chance.
lol the bug has already been patched, there is no need to keep it secret when nintendo have already fixed it 😛
I fear this will become like PS4 1.76 – exploitable, but far too low a firmware revision to be useful. By time this exploit is developed to the point of being useful for end users, it will be an ancient firmware revision.
You’d be giving up the ability to play all new games just to be able to use Retroarch on yet another handheld.
Very soon, I do not like the nintendo switch to go through the same thing that happened the ps vita that then there is not even a decent game and they killed without giving 100%
You do realize that hackers are the reason the vita is still getting any attention right? Sony messed up with poor marketing and the proprietary memory cards.
Hardly. The Vita is the second biggest console in Japan.
No decent games? So you’re saying Splatoon 2, Breath of the Wild, Mario Kart 8 Deluxe & Street Fighter are not decent? That’s not a bad line up for a system that has just been on the market for 6 months and not to mention upcoming games like Pokken Tournament, Super Mario Odyssey and Mario & Rabbids Kindgom Battle that are coming out later this year. PS4 and Xbox One didn’t have all that much the first 6 months either….most games were on Xbox 360 and PS3…Knack, which was a PS4 exclusive is a game that you don’t even hear about anymore. The Order 1886 on PS4 was a major let down to people due to it only being 4 hours….
Splatoon 2 sucks,
Breath of the Wild sucks,
Mario Kart 8 Deluxe sucks
& Street Fighter sucks
The Switch sux too. Nintendo used to be good. sigh*
Yeah, it sucks so bad that it’s selling out everywhere.
lol thiskid, if these games suck then get out of here, nintendo haters have no business here
You’re comparing that lame brand owner with Nintendo, and that means you don’t know what you’re talking about.
Uneducated twaddle. As usual.
The Vita wasn’t cracked until it was already dead in the west. Before that only PSP games and emulators were cracked. Which is hardly a threat to the Vita’s game base.
Sony gave the Vita ONE year. That’s it. After that they let 3rd parties take over. The Vita has a surprisingly large amount of games despite being perceived as an utter failure. It’s just most of those games aren’t widely appreciated or even great.
Sony killed the Vita. Not homebrew or piracy. The only thing piracy killed was the Famicom Disk system. The dreamcast died because the PS2 came out, with DVD capabilities, and Sega could no longer afford to advertise the Dreamcast since even before it launched they knew they’d have to fold.
Sega Hardware died from Sega incompetence. Starting to see a pattern?
That doesn’t make piracy victimless. Or rather STEALING, since “piracy is not always outright stealing, but it’s NEVER the main reason something fails. It’s a symptom more than a cause.
If Nintendo doesn’t get its act together with save game management and other quality of life, common sense, things it’ll be highly prized to be hacked well outside of simple piracy.
Not to mention, didn’t the PSP see a boost after it was hacked? I sure had my hacked PSP a long time (over 3 years) and remember seeing plenty of great releases up until it died.
I don’t know why I keep getting suckered into this topic, it’s not like people are ever going to stop ***. I’ll say what I always do and be done with it for good!
-Piracy barely affects a system regardless of when it’s released because the percentage of those who take advantage of a hack is ridiculously low anyway.
-Most people play online and don’t want to risk it.
-stealing games saves you money, duh!
-If you decide to steal games (depending on the system), you’re stealing from a multi billion dollar corporation, so that’s a beautiful thing ! Corporations are a major cause of why this world sucks ***! They are poisoning us, and because the “mom and pop shops” were destroyed, we are subjected to inferior products, slave labor, slave wages, unfulfilling jobs, and employers taking advantage by forcing the employees to do the work of 5 people with the only incentive being “you get to keep your *** job until you burn out, or go insane.”, and some places will email or call you during your off time after working hours (they don’t bother with me because I won’t answer my phone, and gave up email years ago) So *** them!!!
Do you have multiple billions of dollars? Do you have multiple thousands of dollars? Do you have 2 nickels to rub together? If you have even any of those, you’re doing better than most people. I don’t live a lavish lifestyle, I don’t even buy anything anymore (besides cigarettes), and I barely get by!
This is with a “decent wage” (really, there’s no such thing in NJ unless you’re a doctor, lawyer, or CEO), a company car /gas card.
How is it that anyone thinks this is acceptable? Why are we not storming government buildings with pitchforks and torches?
Oh yeah, I forgot that they put fluoride in the water, everyone is medicated to the point of being catatonic, and whatever people have spirit left in them- TV programming will take care of that!
Even as I type this, I know that I’m wasting my time. There might be a handful of you that haven’t been completely taken over (if this gets through to even 1 of you, it’s worth it, but I’d be surprised).
The program is always running, and working its magic to eradicate anything resembling critical thought. And when *** like me threaten to expose the world for what it really is, it treats us as a virus. Let’s try a little experiment, I’m going to say something that I know to be true, then ask you if your first thought was A, B, or C. Ok? Here we go…
The world is almost exactly like living in the movie “The Matrix”, and “Dark City”- everything is a lie, and an illusion, some/most of the people around us are basically NPCs (non playable characters). And physical reality is being changed at times.
Yes, I’m totally serious!
Did you think any of these? (It Doesn’t have to be word for word, just basically overall thought)
A. OMG, he’s *** delusional, crazy, etc.?
B. I’m even a conspiracy theorist, and know things are *** up, but that’s taking it way too far!
C. Spot on, Let’s make out!
D. None of the above
If it was D, I’d be interested to know what you did think. Believe it or not, I would love to be proven wrong. If I’m crazy, I can get help and go back to being somewhat normal . Unfortunately, I’ve seen too much evidence showing that this seems to be the case, and others have too.
If it was C, just know that you’re not alone.
If it was A or B, it’s possible that it’s the programs thought and not your own. I don’t mean that in an offensive way, we’re all programmed to some extent, and it’s very hard to break free of it!
I just purchased a second Switch this past Thursday from a local GameStop and it thankfully had a lower firmware (2.3 I believe). So if you already upgraded and want to utilize the hack you better get a second unit while the getting is still good. Don’t hope for a future exploit and be upset when it never comes…
thats exactly what I did, well said.
Def not buying a switch right now, with all the exploits around and very few games….it seems like a bad investment for now
I picked up a second one at launch; it’s still sitting on 1.0.
I bought ten, because like all other basement dwellers here, I earn atleast 30 Grand per Month, cause I save so much living at Home
#buyingmoreswitchconsolesthanyoucanaffort