This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | |||
meta:faq [2017/05/16 08:28] sirocyl added a link |
meta:faq [2017/06/10 01:10] (current) sirocyl Add information about 2.1-2.3 Pegaswitch. |
||
---|---|---|---|
Line 16: | Line 16: | ||
===== Is ReSwitched working on/with "new" firmwares? ===== | ===== Is ReSwitched working on/with "new" firmwares? ===== | ||
=== (aka "Do you have secret exploits that you're not telling us about?") === | === (aka "Do you have secret exploits that you're not telling us about?") === | ||
- | tl;dr: Not yet. //Honest.// | + | <del>tl;dr: Not yet. //Honest.//</del> We have secret exploits; None that we're not telling you about. //Honest.// |
ReSwitched is currently using [[hacking:tools:pegaswitch|PegaSwitch]] for escalated vulnerability research, which targets [[software/os_updates#changes_in_system_version_200|System Software 2.0]]. | ReSwitched is currently using [[hacking:tools:pegaswitch|PegaSwitch]] for escalated vulnerability research, which targets [[software/os_updates#changes_in_system_version_200|System Software 2.0]]. | ||
Unfortunately, consoles with this particular revision aren't common, and there's no current known entrypoint on launch firmware, 1.0. | Unfortunately, consoles with this particular revision aren't common, and there's no current known entrypoint on launch firmware, 1.0. | ||
- | While finding [[hacking:vulnerabilities:start|vulnerabilities]] on current and future [[software:os_updates|firmware revisions]] is important, writing an exploit on [[software/os_updates#changes_in_system_version_200|a version]] where we have a suitable [[hacking:tools:pegaswitch|entrypoint]] and [[hacking:vulnerabilities:webkit:cve-2016-4657|vulnerabilities]] (as is the case with Pegaswitch, 2.0) will enable us to find vulnerabilities on, and write exploits for, current and later versions easier. | + | Internally, PegaSwitch runs on [[software/os_updates#changes_in_system_version_210|System Software 2.1]], [[software/os_updates#changes_in_system_version_220|2.2]] and [[software/os_updates#changes_in_system_version_230|2.3]], as well. These builds are not planned to be released, due to the use of unpublished browser vulnerabilities, until these vulnerabilities are patched or published. |
+ | |||
+ | To reiterate: Internally, what we have currently, enable running the same old Pegaswitch, on 2.1 through 2.3. They do not escalate beyond the browser. | ||
+ | |||
+ | While finding [[hacking:vulnerabilities:start|vulnerabilities]] on current and future [[software:os_updates|firmware revisions]] is important, writing an exploit on [[software/os_updates#changes_in_system_version_200|a version]] where we have a suitable [[hacking:tools:pegaswitch|entrypoint]] and [[hacking:vulnerabilities:webkit:cve-2016-4657|vulnerabilities]] (as is the case with Pegaswitch, 2.0-2.3) will enable us to find vulnerabilities on, and write exploits for, current and later versions easier. |