The day the flood gates opened for the Nintendo Switch scene
The past 48h have been historical for the Nintendo Switch scene, culminating with the release of multiple implementations of the RCM vulnerability on the Nvidia Tegra bootrom, and opening the doors of hacking to virtually every Nintendo Switch available today, independently of its installed firmware.
But it’s also been confusing, with multiple releases and announcements crammed in two very short days. So here’s a small recap for future reference.
Oct 2017: Nvidia Tegra Bootrom dump
In October 2017, hacking team Reswitched announced they had been able to dump the Nvidia Tegra Bootrom. Given that the Tegra powers the Nintendo Switch, this was an important event. The team did not publish that bootrom (probably for copyright reasons), but given their track record on the Switch so far, proof was not really needed.
It was unclear at the time how much effort they would focus on reverse engineering the bootrom: the team were in the middle of releasing their work for a 3.0.0 exploit, which back then was considered as the holy grail of firmwares for Switch hacks.
But extracting this code from the chip was a feat in itself, and an exploitable bug in the SoC of the Switch would basically mean game over for Nintendo, as it would give hackers full control of the console at startup. Additionally, we wrote at the time:
Some people have stated that the bootrom could also reveal more than bugs, such as for example a backdoor process to get the device into service mode. This is of course only random speculation at the moment.
Those guesses were actually spot on, as we would learn later.
Jan-Apr 2018: Hacking teams share promising news
In January 2018, Team Xecuter, popular for creating and selling hardware mods on multiple gaming systems, announced they would be soon releasing a “solution” for Switch hacking, which would work on all firmwares. It was a bit hard to believe, but this group had a successful track record on older console generations.
From our perspective, it was sad that what was touted as the “ultimate” solution would come from a for-profit group, but it was better than nothing.
Less than a week after the Xecuter announcement, Team Fail0verflow stated they had a boot exploit, compatible with all firmwares as well. This was soon followed by an announcement from Reswitched hacker Kate Temkin in February: Reswitched also had a boot exploit, codenamed Fusee Gelee.
Although neither Reswitched nor Fail0verflow had promised a release by then (Fail0verflow in particular had become known for not releasing their exploits on the latest generation of consoles), in hindsight it should have been clear: multiple hacking teams now had access to the Tegra Bootrom, and had found exploits in it. Possibly the same exploits. And although we, the general public, only knew about 3 teams actively working on those exploits, it turned out others had found these vulnerabilities as well. A race was secretly on.
Between February and April, things hummed along, and the scene was looking forward to “something good” for 2018: Fail0verflow demonstrated Linux running on the Switch on their exploit, while still not mentioning any release. In parallel, Ktemkin and Reswitched announced they would release their exploit chain and a custom firmware in Summer 2018. The release date was mostly dictated by the timeline of the group’s responsible disclosure of the bug to Nvidia.
Meanwhile Team Xecuter, who had promised their “solution” in time for Spring, were scrambling to “finalize” their product. They were likely busy obfuscating their modchip as much as possible, to avoid a quick reverse-engineer by competitors or open source proponents. This effort would turn out to be a waste of time.
Apr 2018: The Tegra Bootrom “leak”, and the explosion of releases
By mid April, the future was bright for the Switch hacking scene which was expecting two releases for 2018: an imminent for-profit modchip from Team Xecuter, and an open source solution from Reswitched, for those patient enough to wait until July~ish. Fail0verflow were showcasing cool stuff, but nobody expected them to release an actual exploit.
Around April 23rd, a dump of the Tegra bootrom was published anonymously on the intertubes. That data in itself wasn’t useful for the end user, but skilled hackers could use it to start looking for the vulnerabilities that had been secretly used by the 3 hacking teams. This was big, and I made the assumption it could precipitate some of the carefully planned releases. But that was not an exploit yet, it just made it easier for lots of people to start looking for one.
However that “leak” triggered a bunch of follow up releases from various sources: some hackers started sharing scripts to help debugging the bootrom with popular reverse engineering tools, among other things.
Then, less than 24h after the bootrom leak, an anonymous source shared details of “the” Recovery Mode exploit used by Fail0verflow, Reswitched, and, as far as we know, Team Xecuter.
And because hacking is easy; the Tegra X1 Bug.Tegra X1 RCM forgets to limit wLength field of 8 byte long Setup Packet in some USB control transfers. Standard Endpoint Request GET_STATUS (0x00) can be used to do arbitrary memcpy from malicious RCM command and smash the Boot ROM stack before signature checks and after Boot ROM sends UID. Need USB connection and way to enter RCM (Switch needs volume up press and JoyCon pin shorted).To:ReSwitchedfail0verflowSwitchBrewBBBTeam XecuterTeam SALTReminder: Real hackers hack in silence. You all suck.“Game Over.”F8001BE1190CAED74BBDDAD78667877C84D1A128
The cat was out of the bag, and this had the effect of a bomb.
Immediately, Reswitched’s ktemkin released her work along with a detailed writeup on the vulnerability, quickly followed by Fail0verflow.
Fail0verflow stated they actually had secret plans to release all of their work on April 25th due to their disclosure policy. Ktemkin revealed that the planned date for the Fusee Gelee exploit was June 15th. The releases also confirmed these hacking groups had been using the exact same vulnerability. For us regular people, it was an epic discovery to see how easily one can boot the Nintendo Switch in Recovery Mode, and how that could then be leveraged to load unsigned code onto the device.
By April 24th, 2018, every Nintendo Switch owner had all the necessary tools, available for free and open source, to hack their console.
Epilogue
In parallel to these massive releases, multiple hackers have released their own work, in particular older, patched software exploits for the console. Plutoo for example released the source code of the 3.0.0 exploit, as well as some details on a 1.0.0 exploit. SciresM also released details of “nspwn”, an exploit that was patched in firmware 5.0.0.
Some of these parallel releases, on any normal day, would have been huge news for the scene. But in the wake of the Tegra Exploit release, those were just hackers publishing their work for historical reference.
first!
so uhhhhh…. should we all buy a switch like right now?
Lol, you bet !
I bought mine two months ago, what a let down when I discovered it was running on 4.1.0 FW. That doesn’t seem to be a problem anymore.
So… what do you think, how long will it take until we see the first backup loader? Just curious.
One to two weeks max
You forgot to mention Plutoo throwing his teddy out the pushchair and ‘quiting the scene’.
He’s a hacker. The switch is now permanently hacked. There’s nothing are for him to do. You act like he left out of anger. There’s nothing fir him to be angry about. In fact he expressed the opposite saying he’s enjoyed the journey.
actually there is,as the glitch will be patched in the factory for all upcoming shipments,so there will be a big need to find a way to hack those so that we dont end up with the PS3 situation again,only worse because far fewer switches were sold thus far than PS3s when the 3.55keys became available.
and i certainly think he left out of anger.
I am tired of refreshing the site for more refreshing switch news 😉
So…should one stay on firmware 3.0.0 or is it okay to update to the latest firmware with these latest exploits?
Personally, I’m staying on 3.0.0 until significant software comes out such as Atmosphere, etc… that would make it ok to upgrade. But that’s just my opinion.
There is still a wee ‘issue’ with the firmware number. As the exploit needs the switch to be in recovery mode in order to do something like Atmosphere. On 3.0.0 the WebKit exploit that Plutoo used, can be used to put the switch into recovery mode so that the RCM vulnerability on the Nvidia Tegra bootrom can be used and Atmosphere can be installed from a computer via USB.
For people on firmware other than 3.0.0 the switch can be put into recovery mode by bridging pins inside the right joy-con connector on the switch. This is why Kate mentioned in her FAQ that 3.0.0 is the easiest firmware to use Atmosphere and that 3.0.1 would take a little more work.
If you are on 3.0.0 and want to install Atmosphere, all the goodies that will come with that and don’t want to open up a part of the switch, I would stay on 3.0.0
It would be cool if the nvidia shield tv (mind you same hardware) would get a custom rom to allow the nintendo titles running on it. That would be the best switch never made by nintendo. 🙂
Sorry to be pedantic, but I’ve seen this on a few articles on this website now: “announce” is just the verb, the noun derived from it is “announcement”.
Good day.
Thanks. That’s on me, not being a native speaker. I learn new things every day 🙂 I’ll fix, thanks!
You’re welcome!
Thanks for changing it and thank you for the awesome article!
Will Nintendo® abandon ship? XD
No, they are already actively making a complete hardware revision codenamed “Mariko” that will be the mainstay once it gets released. It will supposedly fix the vulnerability.
Well written Wololo! This post would make the perfect “looking back” post in some years time! 🙂
More like the day Nintendo got completely destroyed, I bet they are all freaking out rn in HQ lol. All those pointless updates and withholding features for nothing, still got a hack in record time.
They know about the Tegra vulnerability for months, it was just a matter of time until it that would leak to public. The new revision is on the way, and all the current Switches with that vulnerability won’t be such a big deal tbh. They’ll be fine.
It’s a big deal, you don’t understand how severe this bug is… regardless of FW, every single switch out there right now is completely hackable, so every single Switch out there and for the next couple of months will be affected until the revision comes out.
A bug this big is unheard of in the console hacking scene, they can’t simply release an update and patch it out.
Not unheard of – the Dreamcast at launch could boot CD-R copies of games with no modification to the console whatsoever. This Switch exploit is simply an entrypoint for developers to then go on and start trying to modify the OS, and requires a PC that can deliver the correct malformed USB commands, whereas the DC bug was straight up piracy out of the box.
It’s certainly big for the Switch scene, but still not unprecedented – the 3DS is also unpatchably hacked at the bootrom level via B9S and the magnet trick.
Fair point, still, pretty unprecedented in terms of a successful console and so early in it’s life cycle (just a year for an unpatchable bug this severe, holy cow).
Dreamcast flopped, and 3DS only got magnethax basically at EOL.
It isn’t like Nintendo hasn’t made constant revisions to their handheld consoles in the past for profit. They could easily market a Switch with a ‘bigger screen’ or ‘better hardware’ that would also patch these exploits.
Why should they freak out? They knew it was going to happen since this exploit has already been reported to Nintendo ages ago..
Think idiot, of course they would freak out since every single switch out there can run code easily and it can’t be patched out with software.
Think for yourself you ***, why should they freak out NOW if they already knew that it would be leaked sooner or later??
Would you actually freak out about something, even if you were already prepared for it to happen? I wouldn’t.
LMAO, idiot, still not thinking, must be hard for you aw.
Of course you’d freak out if every single system was gonna be plagued to piracy cause it was rushed out to release and no software updates can fix it.
Excellent article! Thank you!
My body… my body is ready.
Its hard to feel sorry for some of these hack groups. I really hope their hubris is perminently in check for future generations. Im sure their work was very hard, and definitely beneficial to the community but they had nothing to gain by boasting their achievements and providing no information. This anon leak forced them to release their info and their “secret” plans because they showed that there was no reason to sit on the information, and took their credit away (which is honestly all they get for this.) Bottom line, if it is a secret race, you have nothing to gain by sitting on the information, nor boasting about that fact to the empty handed community. It just makes you look bad.
AMEN. FULLY agree 😀
The only problem I have with all of this is that it can’t be done on Windows, and I seem to have a unique problem with the Linux VM in that attempting to run the fusee-launcher results in a libusb timeout error 95% of the time.
Get a ESP8266 this seems to work with ps4/ps3/switch
way better than the stupid PS4 scene. congregates
When you have a console that has such bad security it can be easily modded with just a paperclip, this is the wonderful news you get 🙂
this is incredible news!
i can’t wait to place my order with Xecuter for their modchip 😀 😀
Nintendo always gets h4x’d so easy. I don’t really like nintendo but I do like better res portable gaming consoles. I dunno if I will get a switch now bc I picked up a 4.55 pro recently. But of the nintendo titles names seem funky since I have a hacked ps3,vita, and ps4. It would be cool tho I would try hacked switch.
This happens when you are an nvidiot and nintendo is one