hacks-guide/Guide_Switch-OLD
1
0
Fork 0
mirror of https://github.com/hacks-guide/Guide_Switch-OLD.git synced 2024-11-26 19:10:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
master
Guide_Switch-OLD/_pages/th_TH/pegaswitch.txt
Devon Maloney e1b2d39b28
New Crowdin translations (#26)
2018-11-18 21:26:28 -05:00

116 lines
4.3 KiB
Plaintext
Raw Permalink Blame History

---
title: "PegaSwitch"
---
{% include toc title="Table of Contents" %}
### Required Reading
PegaSwitch is a developer-focused exploitation toolkit for the Switch developed by ReSwitched. It is compatible with firmware versions 1.0.0 - 3.0.0.
The toolkit uses a combination of vulnerabilities to take over the WebKit-based browser, giving the user a shell which can be used to read / write memory, call native functions, and otherwise explore the functionality of the Switch.
Note that the current homebrew exploit has the side-effect of corrupting your device's Mii Database. While this effect is harmless, it will result in the loss of any user-created Miis.
{: .notice--warning}
### What You Need
* A supported operating system
+ MacOS and most linux distributions are supported
+ Windows is best supported using a [Windows Subsystem for Linux](https://docs.microsoft.com/en-us/windows/wsl/install-win10) distribution
* The [git](https://git-scm.com/) version control system
* The [Node.JS](https://nodejs.org/en/download/package-manager/) JavaScript runtime (current release)
### Instructions
#### Section I - Network Configuration
PegaSwitch works by hosting a [captive portal](https://en.wikipedia.org/wiki/Captive_portal) using DNS redirection.
For this to work, your device must be able to connect to your PC over the network.
1. Ensure no other applications are bound to UDP port 53 or TCP ports 80 and 8100
+ WSL: look at the "Listening Ports" section of the "Network" tab in `resmon.exe`
+ Linux / MacOS: view the output of `sudo netstat -tulpn`
1. Ensure your firewall does not block incoming connections to any of these ports
#### Section II - Running PegaSwitch
~~~ bash
# clone the repository
git clone https://github.com/reswitched/pegaswitch
# install dependencies
cd pegaswitch
npm install
# start PegaSwitch
# Windows users: omit the 'sudo'
sudo node start.js
~~~
#### Section III - DNS Configuration
Note that these DNS servers will need to be set on each network you connect your device to for it to be able to trigger the exploit.
{: .notice--info}
1. Launch System Settings on your device
1. Navigate to `Internet` -> `Internet Settings`
1. Select your current network
+ This is signified by a green check mark next to the network
1. Select "Change Settings"
1. Set "DNS Settings" to "Manual"
1. Set "Primary DNS" and "Secondary DNS" to your PC's IP address
+ This will be displayed in PegaSwitch
1. Save the network settings
1. Return to `Internet Settings`
#### Section IV - Initial Connection
1. Navigate to `Internet` -> `Internet Settings`
1. Select your current network
1. Select "Connect to this Network"
1. If the DNS connection was successful, you will see the message "Registration is required to use this network."
1. Select "Next"
1. The PegaSwitch webpage will load
1. If the exploit was successful, you will now have a PegaSwitch shell connected to your console
#### Section V - Alternative Browser Applets (Optional)
There are actually [multiple](http://switchbrew.org/index.php?title=Internet_Browser#Browser_Applets) internet browsers on the Switch, and any of them can be used to trigger the browser exploit.
While we used the connection test browser applet to initially trigger the exploit, it may be more convenient in the future to use another browser applet.
Triggering the browser exploit using either of these methods will have the same effect as triggering the exploit through the Connection Test method we used before.
##### eShop Sign In Prompt
To use this method, create a second account on your device. Do not connect it to a Nintendo Account.
1. Launch Nintendo eShop
1. Select the second account
1. Select "Sign In and link"
1. The browser applet will launch
##### Game Update Prompt
To use this method, you must have at least one game on your home screen.
Note that, if you were not connected to the correct DNS servers, this method would *update* your device. It is dangerous!
{: .notice--danger}
1. Press (+) with any game highlighted
1. In the "Software Update" tab, select "Via the Internet"
1. The browser applet will launch
___
You can now easily connect to your device using the PegaSwitch environment.
{: .notice--success}
For debugging purposes, you may want to [enable extra error info](troubleshooting#enable-extra-error-info).
{: .notice--info}
### Return to [Homebrew Development](homebrew-development)
{: .notice--primary}
Reference in New Issue View Git Blame Copy Permalink