Hackinformer Your device needs to transform, we are here to inform
Over this weekend you might have of heard that the Nintendo Switch ships with a well know WebKit vulnerability, that is the same Webkit vulnerability that iOS 9.3 had in its web browser. This vulnerability seems to span to other devices than just iOS. Developer qwertyoruiop, a well know iPhone hacker on Twitter, has shown that the Nintendo Switch ships with old bugs in its WebKit browser engine the same ones iOS 9.3 had. These bugs allow for arbitrary code to be execution within the hidden browser on the Nintendo Switch.
that's just how it goes pic.twitter.com/ztkFrbjz5u
— @qwertyoruiop@nso.group (@qwertyoruiopz) March 11, 2017
This Webkit vulnerability is just a starting point to get into the system as other exploits would probably need to be found for something like a homebrew loader.
Now LiveOverflow has put together a great video explaining the Webkit vulnerability and how it all works and where to get started. This video might not be for you as its long but he really does get into detail on how all this works so if you are interested in Switch hacking this is a great starting point.
Here are a few articles LiveOverflow pointed out in his video.
The basic PoC: https://github.com/LiveOverflow/lo_ni…
Phrack article: phrack.org/papers/attacking_javascript_engines.html
