Yesterday, hackers Plutoo, Derrek, and Naehrwert were at the 34C3 hacking conference in Germany to give a presentation on their kernel hacks on the Nintendo Switch (video below). Hacker Yellows8 wasn’t there but was also credited for some of the work that led to this presentation.
TL, DR: Stay on firmware 3.0.0. The Kernel exploit itself won’t be released (although the presentation seems to give more than enough hints for skilled people to try and implement one themselves), however a homebrew launcher is coming soon for firmware 3.0.0. Nothing in terms of announcements that the scene didn’t already “know” or expect, but just confirmation from the hackers themselves.
Note: if you’re on a firmware lower than 3.0.0, you’ll need a physical copy of game Pokken Tournament DX which ships with firmware 3.0.0.
In more details, the presentation gives explanation on the Nintendo Switch security system, how it differs from the 3DS, and how the hackers managed to bypass all layers of security.
The Nintendo Switch Security model. Hackers have bypassed all security layers (including TrustZone)
They detail in particular the sm:hax exploit (which consists in skipping an initialization step for a service, which results in the service manager thinking the service has pid 0, making it root giving it additional privileges*), as well as the hardware glitching process that was used to get the Kernel decryption keys. Naehrwert also presents how he bypassed ARM’s Trustzone on the Switch, a stunt he insists “is not useful for homebrew, but fun”.
Hacker Derrek explains how he glitched the Switch Hardware to retrieve Kernel keys
One of the highlights of the presentation is how the hackers leveraged the fact that the Nintendo Switch uses an “off the shelf” Nivdia Tegra X1. A GPU that is well documented, and for which debugging hardware can also be officially be acquired at reasonable prices. The X1 documentation in particular gave the hackers detailed information on how to bypass some security of the SMMU (system Memory Management Unit). “Just search for ‘bypass the SMMU’ in the documentation”, Plutoo says. He concludes: “Nvidia Backdoored themselves”.
The hackers conclude the presentation by explaining they won’t be releasing their kernel exploits, but that a homebrew platform is coming soon. They also reminded everyone that their open source debugger nxdbg is available (here), although it requires a kernel exploit, and announced that a homebrew launcher is coming soon.
Plutoo’s happy: Switch Homebrew is coming soon to the masses.
Beyond the cool exploits, I’m amazed at the amount of dedication that these folks have been putting in the 3DS/Switch hacking scene, for years.
Most of my hacking experience lies in the PSP’s user mode, where overwriting the stack with a buffer overflow was pretty much all we needed to get usermode execution. In today’s presentation, it seems the hackers kept hitting walls and additional security each step of the way, but kept pushing forward. It would be interesting to count how many security mechanisms actually needed to be trumped in order to get access to the Nintendo Switch!
This is even more spectacular given that trust is something that’s been difficult to find on the hacking scene lately. Due to increased security on modern consoles, hackers have to keep their Work in Progress under wraps while they actively work on it,as any leak could jeopardize the whole thing. As I think of the breadth and depth of skills required (hardware, software, OS architecture,…), I feel it is simply amazing that the 3DS/Switch scene had this core of hackers working cooperatively on such a massive project. It makes it even sadder that Plutoo recently announced he’d be on an indefinite hiatus from the hacking scene.
Check the full video below. It’s worth the 45 minutes of your life if you want to know how console hacks work under the hood.
* I originally stated sm:hax gave root access to the service, which was incorrect. @Hedgeberg pointed to me that the microservice kernel running on the Switch does not have a concept of “root”, furthermore services run in userland. What the pid 0 hack did was giving higher privileges to the service, widening the attack surface.