Nintendo Switch Brew

Changes

Switch System Flaws (view source)

Revision as of 22:33, 23 April 2018

246 bytes added ,  22:33, 23 April 2018
Fun stuff
Line 28: Line 28:     
With a way to modify the encrypted state buffer, one can thus dump keys from "write-only" keyslots, etc.
 
With a way to modify the encrypted state buffer, one can thus dump keys from "write-only" keyslots, etc.
 +
 +
This also bypasses the SBK protection of the bootROM: indeed, at warmboot, bootROM will always clear keyslot 0xE to prevent malicious code from saving the SBK. Moving the SBK to another keyslot in the saved context renders this protection moot.
 
| None
 
| None
 
| HAC-001
 
| HAC-001
Motezazer
26

edits

Retrieved from "https://switchbrew.org/wiki/Special:MobileDiff/4514"