Pegaswitch is a tool for working in the domain of native code on the Nintendo Switch. It takes advantage of an exploit that utilizes WebKit's CVE-2016-4657 vulnerability.
This tool, and its exploit code, lives at https://github.com/reswitched/Pegaswitch.
We use an Array object as the stale one (garbage collected) and then write a large number of Uint32Array views (of a single ArrayBuffer object) to memory to try to get an overlap. From there, we can both traverse object values, read/write from pointers, and more.
$ npm install
$ git clone [email protected]:reswitched/Pegaswitch.gitto clone the repo
$ npm installto install dependencies
$ npm startto start the server
helpin the shell to see available commands