Twitter | Pretraživanje | |
fail0verflow
222
Tweetovi
11
Pratim
49.222
Osobe koje vas prate
Tweetovi
fail0verflow 12. stu 2018.
Took a peek at latest PS4 Pro (CUH-72xx, board NVG-001): same southbridge (CXD90046GG), newly marked syscon (A06-C0L2 but still RL78/G13) - so nothing changes in terms of "Aux Hax" stuff :)
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 5. stu 2018.
Another "PS4 Aux Hax" blog! Using HDMI-CEC to get code exec on all PS4 southbridge versions (including PS4 Pro, etc.), without requiring other parts of the system to be pwned:
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 3. lis 2018.
Small update to Aux Hax: Nearly same methods are working against devices on recent PS4 Pro board NVB-003: Syscon A05-C0L2 (R5F101LL) Belize southbridge (CXD90046GG) Belize has ROM readout protection and clears stack...they're learning ;)
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 30. srp 2018.
Odgovor korisniku/ci @drtune @cybergibbons
Agree; would be nice if it were useful on other devices too. Note the FM3 on that board was still marked Fujitsu. Design has gone to Spansion, which has merged with Cypress since then. A lot of opportunity for change - or not :D
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 29. srp 2018.
A trio of new blog posts! Checkout "PS4 Aux Hax": hacking Aeolia, Syscon, and DS4.
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 25. tra 2018.
Odgovor korisniku/ci @wmbell
It's an upper bound. It could've been disclosed earlier, but not later, otherwise a CVE wouldn't have been allocated (unless we requested it ourselves, which we didn't).
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 25. tra 2018.
Odgovor korisniku/ci @diwidog @St4rkDev
Touchée
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 25. tra 2018.
Odgovor korisniku/ci @fail0verflow
Note the CVE creation date, in case anyone doubted our disclosure timeline. And don't even *think* about trying to give the bug itself a cutesy name. We have enough of those already ;-)
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 25. tra 2018.
The Tegra X1 flaw that both ShofEL2 and Fusée Gelée exploit now has a name: CVE-2018-6242.
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 24. tra 2018.
Odgovor korisniku/ci @coreboot_org
We don't even have any useful ATF patches left ever since we switched to coreboot. As for upstreaming, we've already started: :-)
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 23. tra 2018.
Odgovor korisniku/ci @DenysVitali
Yes, the recent Mesa patchsets work pretty well. We've had working 3D since February.
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 23. tra 2018.
Odgovor korisniku/ci @DenysVitali
We know. Where do you think all those people suddenly commenting on and ultimately getting it fixed came from? ;)
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 23. tra 2018.
Odgovor korisniku/ci @ktemkin
Eww, Xen. Sorry, we're strictly KVM people ;-)
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 23. tra 2018.
Fun fact: we started upstreaming some patches months ago (working with the linux-tegra community on Tegra X1 support in mainline Linux), so if you've seen anyone else running Linux on the Switch recently... chances are they were running some of our code unknowingly ;-)
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 23. tra 2018.
Reminder: ShofEL2 cannot be patched in existing units (it will work on *any* firmware, past or future), it allows full access (all keys and secrets), and it is completely undetectable by normal software. You can dual boot Linux and Switch OS with impunity.
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 23. tra 2018.
ShofEL2, a Tegra X1 and Nintendo Switch exploit
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 23. tra 2018.
Odgovor korisniku/ci @endrift @delroth_
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 23. tra 2018.
ShofEL2 also supports running Switch homebrew. Technically.
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 23. tra 2018.
Odgovor korisniku/ci @fail0verflow
Extra derp points because that China-only port was *Twilight Princess*, not *Wind Waker*.
Reply Retweet Označi sa "sviđa mi se"
fail0verflow 23. tra 2018.
Odgovor korisniku/ci @arstechnica
Protip for : this is Dolphin on Linux, not some dodgy China-only port for the Shield.
Reply Retweet Označi sa "sviđa mi se"