Friday, November 4, 2016

The aftermath: What's next?

Even though HENkaku's KOTH challenge has ended, this is far from being the end!

First and foremost, I want to personally congratulate Team molecule for their achievements and show my appreciation for what they have done.
In the past few days we've got a full fledged CFW framework (taiHEN), an upgraded HENkaku payload (taiHENkaku), a SDK with plugin and kernel module support and a handful of valuable documentation on the Vita's internals.
I've taken the time to analyze everything and I simply stared at my laptop's screen in awe. The level of dedication that has been put into this project is mind blowing.
Their talent is unquestionable, sure, but the professional and meticulous way they handled everything is unparalleled.
Many successful companies (which actually profit from their work) don't have this level of coordination and dedication. I can easily tell this is a labor of pure love. Love for knowledge, curiosity and overall fun.
I can't thank you enough for what you have done here. I hope this will help cement how much hackers' love their work and promote an healthy coexistence between companies and individuals.
Four talented individuals brought interest back to a forsaken video game console and did it in the most respectful and professional way I've ever seen.
I can't stress this enough, everything was orchestred in such a way that the intentions of Team molecule became fully transparent and resulted in something that opens many doors without hurting the (almost non-existent anyway) market.

History has been made. Yes, we are talking about hacking video game consoles, but the principles behind this go way past that. We are actually seeing talented people doing something good and showing the world we have the right to explore, research and reverse-engineer in the name of knowledge.
Actions like this help building and supporting those who defend our rights and I eager for the day we have the freedom to explore without being afraid.
Thank you Yifan Lu, Davee, Proxima and xyz. Your work will never be forgotten.

So, what's next?
As you've probably noticed, the challenge's prize was the access to the now public Vita Wiki. Me and st4rk (the other winner of the challenge) were granted write access to this collaborative Wiki and I plan to put that privilege to good use.
I've been spending a lot of time researching the Vita's kernel and planning TrustZone attacks. All the information I'm acquiring in the process will be gradually added to the Wiki not only to fill in the gaps but also to continue Team molecule's work for as long as I can.
Even though we are running code inside the Vita's kernel by now, there's still a lot to do. Team molecule themselves have already defeated the secure kernel (a.k.a. TrustZone) and learned about it's true purpose: communicate with the security processor (dubbed F00D due to ELF headers).
I plan on following their steps and, hopefully, defeat the secure kernel next. After that comes the massive challenge of defeating the obscure F00D processor.
Considering how little is known about it and how small it's attack surface is, we may never even be able to take it down. Still, the process is guaranteed to provide critical information just like Team molecule has proven.

Parallel to all this, I've been introduced to a whole different "scene" recently. Earlier this week, a friend of mine came to me complaining about how disappointed he was with his latest purchase: a Wii U.
Apparently he hated the console and watching the new Switch's trailer was enough for him to get rid of it. Believe it or not, he wanted to toss it in the trash (yeah, money is not a problem there) but asked me first if I wanted it.
The last Nintendo console I ever had was a SNES so, why not?
Naturally, I began looking into hacking it and learned a looooong story about it in the process. Popular video game console hackers fail0verflow were the first to crack this device back in 2012, but only recently people have managed to defeat it's most critical security components.
Unfortunately, it appears that hacking efforts for this device are heavily fragmented with a large group of people working on it publicly and a smaller one working in private. Useful vulnerabilities are already public and a few shaky implementations are out in the wild as well.
After researching the console and analyzing what's been documented already I've decided to take a shot at it and over the last few days I've spent plenty of time digging into it and working on cool stuff for it (emuNAND, USB read/write, boot-time launching, to name a few).
I'll be publishing a few articles about this along with a crude CFW and some tools. I'm working on top of other hackers' work, so I'll be sure to cover and credit their work as well.

Stay tuned!
Posted by at

21 comments:

  1. AnonymousNovember 5, 2016 at 7:30 PM

    Looking forward to your great work! Ganbatte!

    ReplyDelete
  2. HarmfulMushroomNovember 6, 2016 at 7:35 AM

    Keep it up man! I can't understand anything you do, but you phrase it in a way that makes reading your articles fun!

    ReplyDelete
  3. HarmfulMushroomNovember 6, 2016 at 7:35 AM

    And I mean that in a good way, keep it up!

    ReplyDelete
  4. cPLbNovember 8, 2016 at 4:33 PM

    This comment has been removed by the author.

    ReplyDelete
  5. britneyJuly 14, 2021 at 5:37 AM

    Who knew that apart from the Pen Testing the hacking can do such benefits.

    ReplyDelete
  6. David CarlisDecember 1, 2021 at 10:10 PM

    What an amazing shared. I have read and appreciated this well published. Thank you so much. Drop Shadow Helps
    Clipping Path
    Photo Cut Out
    Image Manipulation
    Image Retouching
    Clipping Path Tutorial
    Background Remove
    Image Editing
    Neck Joint
    eCommerce Photo Editing

    ReplyDelete
  7. casinosite.oneJanuary 14, 2024 at 5:10 PM

    I read it and I'm very happy with the post.

    ReplyDelete
  8. casinosite777.topJanuary 14, 2024 at 5:11 PM

    It’s very informative and you are obviously very knowledgeable content on your site.

    ReplyDelete
  9. casinositeguide.comJanuary 14, 2024 at 5:11 PM

    I really enjoyed reading it.

    ReplyDelete
  10. safetotosite.proJanuary 14, 2024 at 5:11 PM

    This subject offered by you is very helpful and accurate.

    ReplyDelete
  11. casinositerankJanuary 17, 2024 at 12:49 AM

    I’m really glad I have found this information.

    ReplyDelete
  12. totosafesiteJanuary 17, 2024 at 12:50 AM

    I am so happy to read this.

    ReplyDelete
  13. gwolfJanuary 17, 2024 at 12:50 AM

    Attractive portion of content.

    ReplyDelete
  14. bacarasiteJanuary 17, 2024 at 12:50 AM

    I like what you guys are usually up too.

    ReplyDelete
  15. edwardsrailcarJanuary 17, 2024 at 12:51 AM

    I am sure this piece of writing has touched all the internet users

    ReplyDelete
  16. gostopsiteJanuary 17, 2024 at 12:51 AM

    Interesting blog! Is your theme custom made or did you download it from somewhere?

    ReplyDelete
  17. Majortotosite TopApril 21, 2024 at 2:22 AM

    Great blog! Is your theme custom made or did you download it from somewhere?

    ReplyDelete
  18. Sportstoto LinkApril 21, 2024 at 2:23 AM

    A theme like yours with a few simple adjustements would really make my blog jump out.

    ReplyDelete
  19. Oncasinosite NetApril 21, 2024 at 2:23 AM

    Please let me know where you got your design. Thanks a lot

    ReplyDelete
  20. Totopick ProApril 21, 2024 at 2:23 AM

    I know my audience would appreciate your work.

    ReplyDelete
  21. Totosafeguide ComApril 21, 2024 at 2:23 AM

    If you’re even remotely interested, feel free to shoot me an e mail.

    ReplyDelete

Subscribe to: Post Comments (Atom)