This shows you the differences between two versions of the page.
|Both sides previous revision Previous revision Next revision||Previous revision|
meta:faq [2017/05/12 14:05]
sirocyl link fix
meta:faq [2017/06/10 01:10] (current)
sirocyl Add information about 2.1-2.3 Pegaswitch.
|Line 15:||Line 15:|
|===== Is ReSwitched working on/with "new" firmwares? =====||===== Is ReSwitched working on/with "new" firmwares? =====|
|-||=== (aka "Do you have secret exploits that you're not telling us about?) ===||+||=== (aka "Do you have secret exploits that you're not telling us about?") ===|
|-||tl;dr: Not yet. //Honest.//||+||<del>tl;dr: Not yet. //Honest.//</del> We have secret exploits; None that we're not telling you about. //Honest.//|
|-||ReSwitched is currently using PegaSwitch for escalated vulnerability research, which targets System Software 2.0.||+||ReSwitched is currently using [[hacking:tools:pegaswitch|PegaSwitch]] for escalated vulnerability research, which targets [[software/os_updates#changes_in_system_version_200|System Software 2.0]].|
|Unfortunately, consoles with this particular revision aren't common, and there's no current known entrypoint on launch firmware, 1.0.||Unfortunately, consoles with this particular revision aren't common, and there's no current known entrypoint on launch firmware, 1.0.|
|-||While finding vulnerabilities on current and future firmware revisions is important, writing an exploit on a version where we have a suitable entrypoint and vulnerabilities (as is the case with Pegaswitch, 2.0) will enable us to find vulnerabilities on, and write exploits for, current and later versions easier.||+||Internally, PegaSwitch runs on [[software/os_updates#changes_in_system_version_210|System Software 2.1]], [[software/os_updates#changes_in_system_version_220|2.2]] and [[software/os_updates#changes_in_system_version_230|2.3]], as well. These builds are not planned to be released, due to the use of unpublished browser vulnerabilities, until these vulnerabilities are patched or published.|
|+||To reiterate: Internally, what we have currently, enable running the same old Pegaswitch, on 2.1 through 2.3. They do not escalate beyond the browser.|
|+||While finding [[hacking:vulnerabilities:start|vulnerabilities]] on current and future [[software:os_updates|firmware revisions]] is important, writing an exploit on [[software/os_updates#changes_in_system_version_200|a version]] where we have a suitable [[hacking:tools:pegaswitch|entrypoint]] and [[hacking:vulnerabilities:webkit:cve-2016-4657|vulnerabilities]] (as is the case with Pegaswitch, 2.0-2.3) will enable us to find vulnerabilities on, and write exploits for, current and later versions easier.|