-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
Switch browser exploit proof of concept
- Thread starter nynt9
- Start date
It's like me tweeting Taylor Swift "Hi" as a proof of concept of me sleeping with her.
killatopak
Gold Member
Whelp.
It was fun while it lasted. Lmao.
It was fun while it lasted. Lmao.
It will depend on if the webapplet that this is running/calling has any actual reach to the kernel or other functions, or if its completely isolated out and going through it would be effectively impossible.
Just having it think its reaching a web-login page is meaningless. You can do this on your own computer by just making it look like a "website for logins" to the Switch. It will display whatever you want.
This is the very definition of meaningless.
chillybright
Banned
Already?
LambdaTeos
Member
Pppffffffftttt hahahaha what!? Even some of the people who actively hack new consoles and old ones mention this means nothing.
The fuck you talking about? Hahahha
No agenda againts Nintendo right? No agenda, so, how you load isos again?
Funnily enough their anti-consumer practices are what drove a lot of people to hack their 3DS's and Wii U's
Switch would probably be able to run gamecube and ps2 at some capacity though. PS1 and PSP for sure.
LordRaptor
Member
The wii also allowed this, end result; savegame exploit, rampant piracy.
Like the wiiu had an excellent and capable HTML5 compliant browser, end result; browser exploit, rampant piracy.
So its not super insane that those features are not available at launch.
I'm so frustrated at the fact that people actually believe this is hacking, but at the same time I know it's pretty useless to explain anything to certain people.
Guys. If any random hotel changes their wifi login page to a matrix thing, the browser will display that. This person enabled a "wifi login page" on his PC/Network that looks like it so the Switch's browser displays it. WOW SO MUCH HACKING INVOLVED
Guys. If any random hotel changes their wifi login page to a matrix thing, the browser will display that. This person enabled a "wifi login page" on his PC/Network that looks like it so the Switch's browser displays it. WOW SO MUCH HACKING INVOLVED
rayman1900
Member
In fact, it's a proof of concept. Normally, you can't access other web pages other than social media websites and hotspot. Showing that you can acess any web page could lead to easily exploitable backdoors...
...but the video in question shows a hotspot website. did you watch it?
AcademicSaucer
Member
The wii also allowed this, end result; savegame exploit, rampant piracy.
Like the wiiu had an excellent and capable HTML5 compliant browser, end result; browser exploit, rampant piracy.
So its not super insane that those features are not available at launch.
xbone and ps4 have fully functional browsers and haven't been hacked
ps3 was hacked, but not through its browser
its possible to have both
Nintendo held off piracy on the Wii U for years and made 3DS piracy either impossible or inconvenient for years as well. Also see MS and Sony's successes with their consoles - PS3 wasn't hacked until 2011. Why would they just 'accept' it when 1. piracy costs them money and they can stop it from happening for several years 2. unauthorised access = possibility to cheat in games, which pretty much ruined online play on DS and Wii
Pokemaniac
Member
This... doesn't really even qualify as an exploit. Like, being able to load arbitrary pages is something the system does by design to support captive portal Wifi logins. Of course, people will eventually try to exploit the system via the web applet, but this isn't that. Really the best thing Nintendo can do is try to merge in security fixes from mainline WebKit as fast as possible.
PS4 has definitely been hacked. Otherwise PS4 Linux wouldn't be a thing.
PS4 has definitely been hacked. Otherwise PS4 Linux wouldn't be a thing.
That's really cool.
The browser UI looks nice too. Almost like they're going to release it for real eventually.
I actually didn't know that was a thing. I have an un-updated ps4, I should give it a shot
Enter The 36 Chambers
Member
The only way I would.buy a switch was it could be hacked and load cfw.
I mean, its inevitable of course.
But when that happens I may have my new emulator machine.
I mean, its inevitable of course.
But when that happens I may have my new emulator machine.
T
thepotatoman
Unconfirmed Member
It really makes no sense to limit the browser to just hotspots for the purposes of limiting hacking when it's still very easy for hackers to get access to the browser that way. Should an exploit be found through the browser, I don't think that many of your everyday pirates would be turned off by the additional the steps of going in their router settings to set up their own login page.
I guess a few might have to buy a new router if theirs doesn't do it, but that benefit to nintendo really doesn't seem worth the cost of making their tablet not function as a tablet.
I guess a few might have to buy a new router if theirs doesn't do it, but that benefit to nintendo really doesn't seem worth the cost of making their tablet not function as a tablet.
Its certainly a driving force, or really alot of Hackers take up the *challenge* to remove these limitations, a very small hardcore niche. Not saying piracy isn't a huuuge factor but there are alot that simply wanted emulation and removing region locking.
LambdaTeos
Member
Yep, ir i remember, the 3ds scene started with people wanting to remover region lock
â̴̧̭̻͍̯ͮ͗͑͋ͩͅṟ̛̹͕̪̥̔̊̒̇̾̃̚͠e̦͓̤̺̜̯̙̬̓̄̐͆ͤ̊ ̶̥ͬ̑͆̅̌ͥͧ̚̚ͅyͨ̈͆͊ͩ̀̓ͦ̍͠͏̲̣̯̫̙o̡̙̲͚̰̰̯ͪ͆͟ư̴̯̝͖͉͚̫̂ͫͤ ̋̂ͬ҉̫̘̗̠͖s̶̗̐ͦ̉̓ͥͣ̽͞u̵̡̙̟̮̣͍̼̔͆̂ͯ̆͒͞ͅr̶̴̭͎͓̖̱͈͔̖̿͒͗̑ͤ͞e̟͕͓̳̝̻̔͌ͮͫͫ̌͂͟͡ ͎͍̒͋̃̃̃̋͐ͬ̿̀a͚̗͎̖̗͍ͯ͋̿̏ͦ̅̚b̵̍̈́ͪ̈ͥ͆͏̩̙̫͍o̴͎̮͚̟̓ͭ͌̚͘u̢͈̩̒́̈́̑́t͈͈͉̣̯̰̤̉͗ ̡̻͚̖ͫ͆̓̏͜t̗͎̩̪̃ͦ͝ͅh̆ͩ͗̽̎̆̈ͯ̚͏̧̡͔̣̲͎͕͕͈á̸̷̠͇̜͕̔͆̄ͦ̉ͫ̅͠t͈̻̮̓ͪ̆̊̈́͜?̛̼͎̓̽̃̓͒̋ͤ͋̕
2Smashed4U
Banned
A fairly well featured one at that.
I'll be surprised if they don't add one in a software update.
UnemployedVillain
Member
I had always assumed that to be the case
WhiskerFrisker
Member
Man, I just want to go to Neogaf on my Switch. Nintendo, please.
Huw_Dawson
Member
Being able to get to a web browser and render javascript is a good start - the question is if that web browser (which is presumably Webkit?) has vulnerabilities that can be exploited via javascript, and, if so, how they can go from that to breaking into the important bits like, say, the kernel.
Yes, and abusing Unicode isn't hacking ether, just annoying.
The Faceless Master
Member
you can't back up game saves on the Switch?
WhiskerFrisker
Member
you must be a lot of fun at parties. Nobody in this thread other than the OP thinks anyone was hacked, relax
ss_lemonade
Member
Still waiting for my Switch to arrive (UPS delay
) but isn't it missing a good dpad? Also, there already used to be a decent 720p solution with the Shield Portable, which features a good, full set of buttons for controls. Don't know how easy it is to purchase nowadays though
The Faceless Master
Member
what year is this?
AcademicSaucer
Member
Current year of our Lord
Elfforkusu
Member
Well, good to know that Zelda will be playable at 30 fps in docked mode by hook or by crook
Aztechnology
Member
I'm not saying they shouldn't attempt to stop piracy, it's a worthwhile endeavor. However, when it comes to the choice of inhibiting piracy or removing/obstructing features that people have come to expect and enjoy. I'm sorry but the consumer wins for me.
You win by accessibility, functionality and features. I could pirate all my shows, movies etc. Instead I choose to pay for services like Netflix every month because of the value in functionality and features it provides. We already have cautionary tales of what happens when you go too far. The Vita springs to mind.
As for cheating I can't speak to that, but I somehow doubt there was enough cheaters on DS and Wii to be what ruined online play. Most consoles if exploited, are accessed by a fraction of a percentage and of that a fraction actually cheat in game. I do agree though that it's a skinners box type problem, where you never know if someone is just good, it's connection, or maybe they actually are cheating. It can be extremely annoying.
Unknown Soldier
Member
Sony had a tool for you to connect your Vita to PC and transfer stuff back and forth on day 1, including save games.
http://cma.dl.playstation.net/cma/win/en/
The cautionary tale of Vita is to not use ridiculous proprietary memory cards to try and make up for selling the system at a loss. They could have just charged more for the Vita and used microSD so people understood what the real cost was. There was nothing wrong with Vita's functionality.
Aztechnology
Member
True, I'm just saying the primary BS reason they gave for the Memory card was worries of exploitation. They killed their system out of fear of piracy, and obviously inflated prices on the peripherals. Getting some minor Deja vu.
I will give credit where it's due though. The Vita had most of the functionality you'd want/expect. If they hadn't been so foolish with the Memory card and had a micro-hdmi out like was shown on some of the prototype models it could have turned out very different for the Vita.
chertipros
Member
Wait, so Nintendo is supposed to be okay with having their systems be easily exploitable and not take any precautions at all?
MikeyKlump
Member
Still waiting for my Switch to arrive (UPS delay
The d-pad is pretty good I'm not really super anal when it comes to that sort of thing though so I am probably the wrong guy to ask.
Permanently A
Junior Member
Since hackers (its not a hack I get it) can visit any pages they want by spoofing a hotel wifi might as well release the web browser for general use right?
"Precautions"? Removing all the useful features from your system isn't a "precaution", it's fucking laziness. They could allow you to have save export without ever being "exploitable".