0 00:00:00,000 --> 00:00:30,000 Dear viewer, these subtitles were generated by a machine via the service Trint and therefore are (very) buggy. If you are capable, please help us to create good quality subtitles: https://c3subtitles.de/talk/44 Thanks! 1 00:00:09,760 --> 00:00:12,009 OK, everyone, welcome to this next 2 00:00:12,010 --> 00:00:15,099 talk console hacking 2013 3 00:00:15,100 --> 00:00:17,259 by Sven Marchin and 4 00:00:17,260 --> 00:00:18,189 Comics'. 5 00:00:18,190 --> 00:00:19,749 Please give a warm round of applause to 6 00:00:19,750 --> 00:00:20,750 our speakers. 7 00:00:29,930 --> 00:00:32,359 All right, good evening and 8 00:00:32,360 --> 00:00:33,580 thanks for attending this talk. 9 00:00:34,700 --> 00:00:36,529 So as already mentioned, I'm certain of 10 00:00:36,530 --> 00:00:39,109 that that's comics and that's Mark here. 11 00:00:39,110 --> 00:00:41,329 And we'll be talking about 12 00:00:41,330 --> 00:00:42,330 that with you. 13 00:00:44,120 --> 00:00:45,469 That's with you. For those of you who've 14 00:00:45,470 --> 00:00:46,470 never seen, it 15 00:00:47,600 --> 00:00:50,059 was released last year in November. 16 00:00:50,060 --> 00:00:52,129 And we bought it on the launch date 17 00:00:52,130 --> 00:00:54,199 and it pretty much took us around a month 18 00:00:54,200 --> 00:00:57,019 to break most of the security apart. 19 00:00:57,020 --> 00:00:58,669 And that's essentially what we'll be 20 00:00:58,670 --> 00:00:59,670 presenting right now 21 00:01:01,070 --> 00:01:03,529 are some of you may know the 22 00:01:03,530 --> 00:01:06,139 Wii U is pretty much just an upgrade from 23 00:01:06,140 --> 00:01:08,659 its previous console, the Wii, which 24 00:01:08,660 --> 00:01:11,569 was released all the way back in 2006. 25 00:01:11,570 --> 00:01:13,039 The Wii itself was also just an update of 26 00:01:13,040 --> 00:01:14,480 the Game Cube released even earlier. 27 00:01:17,570 --> 00:01:19,729 We we we all have also 28 00:01:19,730 --> 00:01:21,439 been working on the Wii itself back then 29 00:01:21,440 --> 00:01:23,719 with called team tweezers. 30 00:01:23,720 --> 00:01:24,919 And what a pretty good run. 31 00:01:28,350 --> 00:01:30,519 A pretty good run on the Web itself, and 32 00:01:30,520 --> 00:01:31,959 because the security architecture mostly 33 00:01:31,960 --> 00:01:33,039 stayed the same. 34 00:01:33,040 --> 00:01:35,529 I'll be giving a very brief introduction 35 00:01:35,530 --> 00:01:37,629 about how the Weebles was broken 36 00:01:37,630 --> 00:01:39,309 arm for those of you who are more 37 00:01:39,310 --> 00:01:40,599 interested in the war itself. 38 00:01:40,600 --> 00:01:42,799 There's a talk at the 25 39 00:01:42,800 --> 00:01:45,009 three called We Fail, which 40 00:01:45,010 --> 00:01:46,300 explains a lot more detail. 41 00:01:49,540 --> 00:01:51,219 So the first thing we did back then, 42 00:01:51,220 --> 00:01:53,139 estimate reserves, was that we used the 43 00:01:53,140 --> 00:01:54,759 Game Cube compatability amount. 44 00:01:54,760 --> 00:01:57,339 We could only see a fraction of the rim. 45 00:01:57,340 --> 00:01:59,379 Then we used a pair of tweezers directly 46 00:01:59,380 --> 00:02:01,359 on the to bridge if you Etta's lines and 47 00:02:01,360 --> 00:02:03,639 move that frame around to be able to dump 48 00:02:03,640 --> 00:02:05,839 code that was left over from our full 49 00:02:05,840 --> 00:02:06,840 remote. 50 00:02:08,060 --> 00:02:10,339 And back then probably is 51 00:02:10,340 --> 00:02:12,629 probably the most prominent was 52 00:02:12,630 --> 00:02:14,689 that they used a string 53 00:02:14,690 --> 00:02:16,819 comparison function to compare 54 00:02:16,820 --> 00:02:18,559 binary hash and all of that signature 55 00:02:18,560 --> 00:02:19,560 verifications, 56 00:02:20,780 --> 00:02:22,520 thus rendering them completely useless. 57 00:02:29,360 --> 00:02:31,489 And what we did in the end was 58 00:02:31,490 --> 00:02:33,709 we built our own custom game like 59 00:02:33,710 --> 00:02:34,979 channel on the we called the Homebrew 60 00:02:34,980 --> 00:02:37,309 Channel, which is pretty much 61 00:02:37,310 --> 00:02:39,559 the most famous launcher used on the we 62 00:02:39,560 --> 00:02:41,849 installed on their own 5.2 million 63 00:02:41,850 --> 00:02:42,769 wheels. 64 00:02:42,770 --> 00:02:44,479 And we later ported over to. 65 00:02:52,380 --> 00:02:54,419 And when they departed over to the 66 00:02:54,420 --> 00:02:56,069 backwards compatibility mode and that we, 67 00:02:56,070 --> 00:02:58,679 you and I, we have around 20 of 27000 68 00:02:58,680 --> 00:02:59,680 installs as well. 69 00:03:01,300 --> 00:03:03,609 And yeah, so we had a pretty, 70 00:03:03,610 --> 00:03:04,779 really good run of the week. 71 00:03:04,780 --> 00:03:06,129 Let's see if we can do that on the way 72 00:03:06,130 --> 00:03:07,130 up. Well, 73 00:03:09,190 --> 00:03:10,569 just a quick introduction. How do we look 74 00:03:10,570 --> 00:03:13,329 like it has a PowerPC processor 75 00:03:13,330 --> 00:03:15,339 running at around seven seven hundred 76 00:03:15,340 --> 00:03:17,439 thirty megahertz, its code 77 00:03:17,440 --> 00:03:18,440 name to Broadway. 78 00:03:19,630 --> 00:03:21,249 And on top of that, it also has that 79 00:03:21,250 --> 00:03:23,829 whole system on a chip that contains 80 00:03:23,830 --> 00:03:25,329 the rest of the hardware. 81 00:03:25,330 --> 00:03:28,299 And that thing was code named Hollywood. 82 00:03:28,300 --> 00:03:29,589 I'm in there. There's the memory 83 00:03:29,590 --> 00:03:31,659 controller. So you get 64 megabytes 84 00:03:31,660 --> 00:03:33,729 of RAM, 24 megabytes 85 00:03:33,730 --> 00:03:35,859 of really, really fast ram. 86 00:03:35,860 --> 00:03:38,379 And there's the old GPU called the Jex, 87 00:03:38,380 --> 00:03:40,119 which is just a custom fixed function 88 00:03:40,120 --> 00:03:42,129 repu that was also used back in the Game 89 00:03:42,130 --> 00:03:43,130 Cube. 90 00:03:43,870 --> 00:03:45,189 And on top of that, they have a second 91 00:03:45,190 --> 00:03:47,499 code processor in their arm, which 92 00:03:47,500 --> 00:03:49,419 is an arm which is based on the 93 00:03:49,420 --> 00:03:52,269 architecture and does all the security. 94 00:03:52,270 --> 00:03:54,249 We nicknamed that one Starlite, because 95 00:03:54,250 --> 00:03:55,270 it's part of Hollywood. 96 00:03:57,680 --> 00:03:59,769 All right, so that's all that we look 97 00:03:59,770 --> 00:04:01,329 like. Let's take a look at what they've 98 00:04:01,330 --> 00:04:02,330 changed for the way you 99 00:04:03,820 --> 00:04:06,009 are most in all, the most important 100 00:04:06,010 --> 00:04:07,209 changes are marked in red. 101 00:04:07,210 --> 00:04:09,249 As you can see, the PowerPC processor is 102 00:04:09,250 --> 00:04:10,989 now called Espresso. 103 00:04:10,990 --> 00:04:13,359 And instead of just containing one car, 104 00:04:13,360 --> 00:04:15,340 it now has three cars it can use. 105 00:04:16,839 --> 00:04:18,969 All of them have an individual to cash. 106 00:04:18,970 --> 00:04:21,299 One of them has a larva and L2 107 00:04:21,300 --> 00:04:23,499 cushion the other two on top of that. 108 00:04:23,500 --> 00:04:25,629 They also up the clock 109 00:04:25,630 --> 00:04:26,919 frequency to around one point two 110 00:04:26,920 --> 00:04:27,920 gigahertz. 111 00:04:29,550 --> 00:04:31,619 Then they edit the 112 00:04:31,620 --> 00:04:33,389 game out of the way, you the one the you 113 00:04:33,390 --> 00:04:35,279 saw on the first slide, it looks like a 114 00:04:35,280 --> 00:04:37,349 console itself has its own screen and 115 00:04:37,350 --> 00:04:38,249 so on. 116 00:04:38,250 --> 00:04:40,379 And if you interested in that army, 117 00:04:40,380 --> 00:04:42,569 there's another talk on day three done 118 00:04:42,570 --> 00:04:43,570 by Dell. 119 00:04:44,830 --> 00:04:46,320 That thing is called the DARPA H. 120 00:04:47,560 --> 00:04:49,259 They're still the ultra deepu in their 121 00:04:49,260 --> 00:04:51,179 arm, but that one's only used for 122 00:04:51,180 --> 00:04:53,789 backwards compatibility reasons 123 00:04:53,790 --> 00:04:55,919 and the memory can be repurposed as some 124 00:04:55,920 --> 00:04:56,999 really fast on 125 00:04:58,080 --> 00:04:59,209 general purpose as well. 126 00:05:00,660 --> 00:05:02,959 And this time the system 127 00:05:02,960 --> 00:05:04,739 on on the ship is called the Latza 128 00:05:04,740 --> 00:05:05,699 because they want to stick with the whole 129 00:05:05,700 --> 00:05:08,579 coffee theme and that's why we nickname 130 00:05:08,580 --> 00:05:10,230 the security process at the Starbucks. 131 00:05:13,930 --> 00:05:15,289 I know that it's talked about the 132 00:05:15,290 --> 00:05:16,880 hardware, there's also the software side. 133 00:05:19,850 --> 00:05:21,919 There's also the softer side of 134 00:05:21,920 --> 00:05:23,839 the games running on the Broadway are 135 00:05:23,840 --> 00:05:26,209 running on the Bamidele, and 136 00:05:26,210 --> 00:05:28,729 there's no operating system, absolutely 137 00:05:28,730 --> 00:05:31,109 nothing except for the game itself. 138 00:05:31,110 --> 00:05:33,319 So there's no shared libraries, 139 00:05:33,320 --> 00:05:35,059 no linking, no memory protection, 140 00:05:35,060 --> 00:05:37,129 nothing. It's really just take 141 00:05:37,130 --> 00:05:38,509 the executive out of the game, put it 142 00:05:38,510 --> 00:05:39,510 into memory and run it 143 00:05:41,120 --> 00:05:42,499 on the Wii U. They learned a little bit 144 00:05:42,500 --> 00:05:44,869 from there from the past, and 145 00:05:44,870 --> 00:05:46,550 they are running a custom cafe OS 146 00:05:48,170 --> 00:05:49,669 on the PowerPC. 147 00:05:49,670 --> 00:05:51,799 It does real process 148 00:05:51,800 --> 00:05:54,109 separation, memory, management, 149 00:05:54,110 --> 00:05:55,939 privilege, separation and so on. 150 00:05:55,940 --> 00:05:57,469 So it's really their own custom custom 151 00:05:57,470 --> 00:05:58,729 operating system running on their doing 152 00:05:58,730 --> 00:06:00,799 its own part of the security. 153 00:06:03,060 --> 00:06:05,249 Arm now on the we 154 00:06:05,250 --> 00:06:07,349 the security was all done on this arm 155 00:06:07,350 --> 00:06:09,959 that it was running iOS, 156 00:06:09,960 --> 00:06:12,209 which was also a custom micro kernel only 157 00:06:12,210 --> 00:06:14,279 related to security, cryptography and 158 00:06:14,280 --> 00:06:16,859 various hardware. 159 00:06:16,860 --> 00:06:18,299 This is still true for the Wii U. 160 00:06:18,300 --> 00:06:19,949 So they have two parts that are taking 161 00:06:19,950 --> 00:06:21,329 care of the security. 162 00:06:21,330 --> 00:06:23,099 And but it's significant. 163 00:06:23,100 --> 00:06:25,109 It's significantly changed. 164 00:06:25,110 --> 00:06:27,029 It's been completely rewritten. 165 00:06:27,030 --> 00:06:28,469 It's a lot larger. 166 00:06:28,470 --> 00:06:30,689 And we've just called it called it you 167 00:06:30,690 --> 00:06:32,279 because it's still performing most of the 168 00:06:32,280 --> 00:06:34,619 same same tasks as the original 169 00:06:34,620 --> 00:06:35,620 one. 170 00:06:36,480 --> 00:06:38,759 Then games and software can be loaded 171 00:06:38,760 --> 00:06:39,989 either from the disk, from a disk, you 172 00:06:39,990 --> 00:06:41,909 insert the console or from an integrated 173 00:06:41,910 --> 00:06:43,259 NAND flash. 174 00:06:43,260 --> 00:06:45,359 But RSA signatures were 175 00:06:45,360 --> 00:06:47,429 only checked when you installed a 176 00:06:47,430 --> 00:06:49,749 title on your intent on your NAND flash. 177 00:06:49,750 --> 00:06:51,359 If it was later on, there was no 178 00:06:51,360 --> 00:06:53,189 signature signature verification 179 00:06:53,190 --> 00:06:54,449 performed whatsoever. 180 00:06:54,450 --> 00:06:56,609 So as soon as you gained some, 181 00:06:56,610 --> 00:06:57,689 as soon as you gained the ability to 182 00:06:57,690 --> 00:06:59,759 modify the NAND file system, you are 183 00:06:59,760 --> 00:07:02,309 able to run your own custom code and 184 00:07:02,310 --> 00:07:03,959 actually get a persistency as well. 185 00:07:03,960 --> 00:07:06,389 Across reboots again 186 00:07:06,390 --> 00:07:08,519 on the Wii U, they learn from this. 187 00:07:08,520 --> 00:07:10,799 They are at an EMC storage for user 188 00:07:10,800 --> 00:07:12,269 software and games as well. 189 00:07:12,270 --> 00:07:14,489 But this time whenever you launch 190 00:07:14,490 --> 00:07:16,079 an application, it will be signature 191 00:07:16,080 --> 00:07:18,119 checked. So you can't just put something 192 00:07:18,120 --> 00:07:20,279 on the file system and get away with 193 00:07:20,280 --> 00:07:22,589 it. Are the IRS 194 00:07:22,590 --> 00:07:24,089 you running on this topic will catch you 195 00:07:24,090 --> 00:07:25,090 doing that? 196 00:07:27,240 --> 00:07:29,909 One interesting thing about this is 197 00:07:29,910 --> 00:07:31,139 the reason I've been talking about the 198 00:07:31,140 --> 00:07:33,209 war so much is that the new 199 00:07:33,210 --> 00:07:35,549 features fully backwards compatibility. 200 00:07:35,550 --> 00:07:37,409 So if you buy any game, you can plug it 201 00:07:37,410 --> 00:07:39,539 into Yueyue and it will run it. 202 00:07:39,540 --> 00:07:41,309 And this is done. 203 00:07:41,310 --> 00:07:42,929 We call this because come to 204 00:07:42,930 --> 00:07:44,310 belittlement, the virtual WI. 205 00:07:45,390 --> 00:07:47,279 And the interesting thing is that we have 206 00:07:47,280 --> 00:07:49,619 the software called the impersonator, 207 00:07:49,620 --> 00:07:51,689 which all it does is it pretends to 208 00:07:51,690 --> 00:07:53,399 be a we connect it to Nintendos update 209 00:07:53,400 --> 00:07:54,959 service and tries to get the latest 210 00:07:54,960 --> 00:07:56,399 software version, download them, install 211 00:07:56,400 --> 00:07:57,779 them on your computer. 212 00:07:57,780 --> 00:08:00,059 And we ran we ran this 213 00:08:00,060 --> 00:08:03,119 even before the launch and figured out 214 00:08:03,120 --> 00:08:05,039 that there's a new console type there, 215 00:08:05,040 --> 00:08:06,659 which was the backwards compatibility 216 00:08:06,660 --> 00:08:07,769 remote. 217 00:08:07,770 --> 00:08:09,929 And, well, we couldn't decrypt any 218 00:08:09,930 --> 00:08:11,249 of the data that was downloaded because 219 00:08:11,250 --> 00:08:13,019 they changed all the keys around. 220 00:08:13,020 --> 00:08:14,849 We could see that the hashes of certain 221 00:08:14,850 --> 00:08:16,709 files still stayed the same. 222 00:08:16,710 --> 00:08:17,939 This was what you see in the bottom 223 00:08:17,940 --> 00:08:20,159 there, like Info's or 0002 224 00:08:20,160 --> 00:08:21,689 is already in cash. 225 00:08:21,690 --> 00:08:23,759 So this means that we 226 00:08:23,760 --> 00:08:26,129 backwards compatibility mode is 227 00:08:26,130 --> 00:08:28,049 not emulated or anything like that. 228 00:08:28,050 --> 00:08:29,549 It's actually sandbox. 229 00:08:29,550 --> 00:08:31,709 So it's so they turn just turn off all 230 00:08:31,710 --> 00:08:33,839 the new hardware, then 231 00:08:33,840 --> 00:08:35,459 switch back to weemote and it's running 232 00:08:35,460 --> 00:08:36,749 mostly the same software. 233 00:08:36,750 --> 00:08:38,969 That's been a few tweaks here and there. 234 00:08:38,970 --> 00:08:41,219 But we have the code for all of this. 235 00:08:41,220 --> 00:08:43,859 And iOS was also 236 00:08:43,860 --> 00:08:44,939 kind of like a Swiss cheese. 237 00:08:44,940 --> 00:08:46,259 So if you just looked at any kind of 238 00:08:46,260 --> 00:08:47,829 function, you would probably find 239 00:08:47,830 --> 00:08:50,099 exploitable exportable back in there. 240 00:08:50,100 --> 00:08:51,659 So we could just use one of those old 241 00:08:51,660 --> 00:08:53,909 things to break 242 00:08:53,910 --> 00:08:56,009 into the virtual we into the virtual. 243 00:08:56,010 --> 00:08:57,010 We 244 00:08:59,040 --> 00:09:00,839 just understand at which point we break 245 00:09:00,840 --> 00:09:03,029 in. Here's how the we looked like. 246 00:09:03,030 --> 00:09:05,489 So you had the starlit the security 247 00:09:05,490 --> 00:09:07,829 code processor, which would boot from 248 00:09:07,830 --> 00:09:09,869 zero. That's an environment which can 249 00:09:09,870 --> 00:09:11,459 never be changed. 250 00:09:11,460 --> 00:09:13,949 It would to run 251 00:09:13,950 --> 00:09:17,159 and verify the SHA one against 252 00:09:17,160 --> 00:09:19,649 an ash start and fuzes, 253 00:09:19,650 --> 00:09:21,329 but one would then perform a full RSA 254 00:09:21,330 --> 00:09:23,219 signature verification on Bhuto, which 255 00:09:23,220 --> 00:09:24,479 would later train lotuses. 256 00:09:24,480 --> 00:09:26,609 The system in your iOS and 257 00:09:26,610 --> 00:09:28,739 only at that point is the 258 00:09:28,740 --> 00:09:30,119 PowerPC enabled. 259 00:09:30,120 --> 00:09:31,709 Before that, the Broadway, which is the 260 00:09:31,710 --> 00:09:34,949 PowerPC arm, was pulled and reset. 261 00:09:34,950 --> 00:09:37,049 So until then, the system in your boots 262 00:09:37,050 --> 00:09:38,999 and it just from some hot reset jumps to 263 00:09:39,000 --> 00:09:40,769 the system and you then the system 264 00:09:40,770 --> 00:09:41,999 anyway, which is like your default 265 00:09:42,000 --> 00:09:44,279 homescreen arm of 266 00:09:44,280 --> 00:09:46,289 the user, maybe clicks on on some game he 267 00:09:46,290 --> 00:09:48,849 wants to play and then 268 00:09:48,850 --> 00:09:51,089 I will reload to the one required 269 00:09:51,090 --> 00:09:53,129 for that game and the Parvizi will be 270 00:09:53,130 --> 00:09:54,299 reset again. 271 00:09:54,300 --> 00:09:56,159 So all the handling is all done on the 272 00:09:56,160 --> 00:09:57,059 arm CPU. 273 00:09:57,060 --> 00:09:58,709 The power is really only running the 274 00:09:58,710 --> 00:09:59,710 games itself. 275 00:10:00,930 --> 00:10:02,999 And since we're in the virtual we 276 00:10:03,000 --> 00:10:04,679 expected this to be mostly the same, 277 00:10:06,090 --> 00:10:07,589 the only thing we didn't know is how the 278 00:10:07,590 --> 00:10:09,719 system eventually ends up running. 279 00:10:09,720 --> 00:10:12,479 We just know that it does end up running 280 00:10:12,480 --> 00:10:14,579 and they're still the hot reset happening 281 00:10:14,580 --> 00:10:16,409 if the system in your boots. 282 00:10:16,410 --> 00:10:18,509 But there's been a small change 283 00:10:18,510 --> 00:10:20,639 because if you do a game, it will 284 00:10:20,640 --> 00:10:21,749 not be put it directly. 285 00:10:21,750 --> 00:10:23,559 It will first shoot a different type of 286 00:10:23,560 --> 00:10:25,769 ferment, which then trainloads the game. 287 00:10:27,270 --> 00:10:29,489 So this is all because 288 00:10:29,490 --> 00:10:31,289 it should be working mostly the same. 289 00:10:33,110 --> 00:10:35,129 But as it turns out, if we try to get the 290 00:10:35,130 --> 00:10:37,189 popular with our old code, we 291 00:10:37,190 --> 00:10:39,529 never get code execution, so we 292 00:10:39,530 --> 00:10:41,209 use that old thing, we did find it to the 293 00:10:41,210 --> 00:10:42,619 right memory location, but nothing 294 00:10:42,620 --> 00:10:43,620 happens 295 00:10:44,700 --> 00:10:46,399 then. If you take at the binaries that 296 00:10:46,400 --> 00:10:48,909 are launched by the new virtual 297 00:10:48,910 --> 00:10:51,020 iOS, they seem to be encrypted. 298 00:10:53,340 --> 00:10:54,340 And. 299 00:10:55,150 --> 00:10:56,949 There are also two new encrypted binaries 300 00:10:56,950 --> 00:10:59,589 with which other special end loaders 301 00:10:59,590 --> 00:11:01,179 and they can be booted directly, there's 302 00:11:01,180 --> 00:11:03,519 no decryption happening in iOS 303 00:11:03,520 --> 00:11:05,079 or anything. It really fits those 304 00:11:05,080 --> 00:11:06,759 encrypted binaries to the PowerPC. 305 00:11:09,140 --> 00:11:10,819 And just a little bit of experimentation 306 00:11:10,820 --> 00:11:12,169 by trying to load those binaries, 307 00:11:12,170 --> 00:11:14,179 changing bits here and there, we figured 308 00:11:14,180 --> 00:11:16,279 out that the espresso, which 309 00:11:16,280 --> 00:11:18,739 is the PowerPC with three now, will only 310 00:11:18,740 --> 00:11:21,229 boot if you feed an encrypted 311 00:11:21,230 --> 00:11:22,879 and signed binary. 312 00:11:22,880 --> 00:11:24,109 So they add an additional layer of 313 00:11:24,110 --> 00:11:25,879 security there. You can't just take over 314 00:11:25,880 --> 00:11:27,899 the privacy. As soon as you own the arm, 315 00:11:27,900 --> 00:11:29,839 the arm processor, you still have to 316 00:11:29,840 --> 00:11:30,949 figure out a way how you can get in 317 00:11:30,950 --> 00:11:31,950 there. 318 00:11:32,770 --> 00:11:34,149 But this means that there has to be some 319 00:11:34,150 --> 00:11:35,679 kind of code running on the property that 320 00:11:35,680 --> 00:11:37,449 does all this, so there's an additional 321 00:11:37,450 --> 00:11:39,729 goodrum and additional 322 00:11:39,730 --> 00:11:42,189 Bucaram on there, because this Firmat 323 00:11:42,190 --> 00:11:43,959 for the binaries is new and the princess 324 00:11:43,960 --> 00:11:46,089 is always in another castle and we call 325 00:11:46,090 --> 00:11:47,230 them the uncomfort Imagists. 326 00:11:51,470 --> 00:11:53,509 So you just what I just mentioned checks, 327 00:11:53,510 --> 00:11:55,069 how the process works, it checks if the 328 00:11:55,070 --> 00:11:57,019 target had the system and if it is 329 00:11:57,020 --> 00:11:59,299 encrypted one from the end, if it isn't, 330 00:11:59,300 --> 00:12:00,829 it will be proxy through those new 331 00:12:00,830 --> 00:12:02,149 special encrypted titles. 332 00:12:04,870 --> 00:12:06,789 Yes, so this is how that how the chain of 333 00:12:06,790 --> 00:12:09,219 trustable actually looks like 334 00:12:09,220 --> 00:12:10,809 there's an additional step for the bajram 335 00:12:10,810 --> 00:12:11,810 in their. 336 00:12:12,480 --> 00:12:14,709 And right, so there's 337 00:12:14,710 --> 00:12:16,799 an additional step for the Buderim, 338 00:12:16,800 --> 00:12:18,179 everything has to go through their. 339 00:12:20,720 --> 00:12:22,909 But what we can do, no, we can break 340 00:12:22,910 --> 00:12:25,039 into iOS using one of those old parts, 341 00:12:25,040 --> 00:12:27,229 we still head around from the days 342 00:12:27,230 --> 00:12:28,609 and then we can just sit there, we can 343 00:12:28,610 --> 00:12:29,839 read all the memory. 344 00:12:29,840 --> 00:12:31,279 The ARM processor has access to the same 345 00:12:31,280 --> 00:12:33,019 memory as the power PC. 346 00:12:33,020 --> 00:12:34,879 So we can check what's happening while 347 00:12:34,880 --> 00:12:36,409 the Buderim is running because the arm 348 00:12:36,410 --> 00:12:38,419 will be running at the same time. 349 00:12:38,420 --> 00:12:39,829 The first thing we noticed was that the 350 00:12:39,830 --> 00:12:41,389 signature and hash of the image is 351 00:12:41,390 --> 00:12:43,549 verified before it's being decrypted, 352 00:12:43,550 --> 00:12:44,550 which makes sense. 353 00:12:46,070 --> 00:12:47,569 On top of that, the image decrypted in 354 00:12:47,570 --> 00:12:49,839 place from the beginning to the end 355 00:12:49,840 --> 00:12:51,349 have sort of memory at first, the first 356 00:12:51,350 --> 00:12:52,729 block will change into the second one, 357 00:12:52,730 --> 00:12:53,989 the third one and so on until they reach 358 00:12:53,990 --> 00:12:54,990 the last one. 359 00:12:56,420 --> 00:12:58,069 And there's a third thing that's a little 360 00:12:58,070 --> 00:12:59,929 bit odd, because just before the entry 361 00:12:59,930 --> 00:13:01,549 point of your encrypted image, an 362 00:13:01,550 --> 00:13:03,589 additional PowerPC instruction will 363 00:13:03,590 --> 00:13:05,719 appear as the very last thing before 364 00:13:05,720 --> 00:13:06,720 your code is running. 365 00:13:09,600 --> 00:13:12,089 But this means that 366 00:13:12,090 --> 00:13:15,179 if we can observe from the army, 367 00:13:15,180 --> 00:13:17,189 we can also try to see what happens if we 368 00:13:17,190 --> 00:13:19,259 try to override some kind of memory 369 00:13:19,260 --> 00:13:21,299 while the Buderim is running to trick it 370 00:13:21,300 --> 00:13:22,300 in doing something else. 371 00:13:24,240 --> 00:13:26,489 Again, the Buttram and verifies or NKE 372 00:13:26,490 --> 00:13:29,259 image decrypts the image 373 00:13:29,260 --> 00:13:31,080 and then it jumps to the decrypted image. 374 00:13:34,030 --> 00:13:36,789 So if you take a look 375 00:13:36,790 --> 00:13:38,799 at that decrypted image, for example, I 376 00:13:38,800 --> 00:13:40,989 just dumping memory, you 377 00:13:40,990 --> 00:13:43,209 will see that the very beginning turns 378 00:13:43,210 --> 00:13:44,979 back the espresso into broderie 379 00:13:44,980 --> 00:13:46,509 compatability mode. 380 00:13:46,510 --> 00:13:48,219 So the Buderim is running in full 381 00:13:48,220 --> 00:13:49,719 espersen mode. 382 00:13:49,720 --> 00:13:51,369 If you reset the power of for a hotter 383 00:13:51,370 --> 00:13:53,499 set, it will start as an espresso, 384 00:13:53,500 --> 00:13:56,079 then the boot from run and it will run 385 00:13:56,080 --> 00:13:58,209 the heat and then loader, which 386 00:13:58,210 --> 00:13:59,859 will only at that point downgrade the 387 00:13:59,860 --> 00:14:01,799 whole thing to what it used to be on the 388 00:14:01,800 --> 00:14:02,800 we. 389 00:14:04,060 --> 00:14:07,179 And decrypting an image 390 00:14:07,180 --> 00:14:09,369 takes quite some time because as isn't 391 00:14:09,370 --> 00:14:11,499 really insanely fast algorithm, and this 392 00:14:11,500 --> 00:14:12,990 is to minutos a few megabytes large. 393 00:14:15,970 --> 00:14:17,200 So what you can do is you can raise it. 394 00:14:18,590 --> 00:14:20,659 So you reset the prophecy and wait 395 00:14:20,660 --> 00:14:22,099 until the very first instruction has been 396 00:14:22,100 --> 00:14:24,019 decrypted, so you just have a very tight 397 00:14:24,020 --> 00:14:25,459 loop that's shaking. Is it still the 398 00:14:25,460 --> 00:14:26,449 same? Is still the same. 399 00:14:26,450 --> 00:14:28,909 Still the same. As soon as it changes 400 00:14:28,910 --> 00:14:30,379 you. Right. The decrypted instruction 401 00:14:30,380 --> 00:14:31,380 with your own code. 402 00:14:33,270 --> 00:14:35,069 And the very first block is never 403 00:14:35,070 --> 00:14:37,139 verified again by the room, just 404 00:14:37,140 --> 00:14:38,159 verifies the whole thing at the 405 00:14:38,160 --> 00:14:39,119 beginning. 406 00:14:39,120 --> 00:14:41,219 So this is a classic time of 407 00:14:41,220 --> 00:14:42,269 trick to time of use. 408 00:14:44,610 --> 00:14:46,709 The result is overwrite the 409 00:14:46,710 --> 00:14:48,629 first instruction, so that means you're 410 00:14:48,630 --> 00:14:50,879 an unsigned code and on top 411 00:14:50,880 --> 00:14:53,159 of that, you're still in virtual remote. 412 00:14:53,160 --> 00:14:54,509 So it should be a Broadwood, but it isn't 413 00:14:54,510 --> 00:14:56,789 yet. It's still a full espresso 414 00:14:56,790 --> 00:14:57,790 processor. 415 00:14:59,200 --> 00:15:00,249 Because the downturn is only happening, 416 00:15:00,250 --> 00:15:02,499 Nater overrode that, and 417 00:15:02,500 --> 00:15:04,569 if you're an espresso moed, you can still 418 00:15:04,570 --> 00:15:06,039 you can just bring up the two additional 419 00:15:06,040 --> 00:15:07,330 PowerPC first and use them. 420 00:15:22,000 --> 00:15:23,409 Now, what this means, this isn't even 421 00:15:23,410 --> 00:15:26,139 exploit, this is a complete design flaw 422 00:15:26,140 --> 00:15:27,879 because the boot from is running on one 423 00:15:27,880 --> 00:15:30,159 processor and it has absolutely 424 00:15:30,160 --> 00:15:32,289 no way of telling what that other 425 00:15:32,290 --> 00:15:34,179 processor that can be perfectly used as a 426 00:15:34,180 --> 00:15:35,289 glitching device is doing. 427 00:15:37,680 --> 00:15:39,629 As I mentioned, you can just reduce the 428 00:15:39,630 --> 00:15:41,759 drum to as an article to decrypt 429 00:15:41,760 --> 00:15:44,789 binaries, because all you do is 430 00:15:44,790 --> 00:15:46,409 you're on it. Wait until the last block 431 00:15:46,410 --> 00:15:47,309 is decrypted. 432 00:15:47,310 --> 00:15:49,409 Reset the whole PowerPC again and the 433 00:15:49,410 --> 00:15:50,539 injunct just a memory. 434 00:15:50,540 --> 00:15:52,679 You get your full decrypted binaries 435 00:15:52,680 --> 00:15:54,689 and implosive on a silver platter for 436 00:15:54,690 --> 00:15:55,690 you. 437 00:15:56,540 --> 00:15:58,699 So the Buderim is mostly pointless, 438 00:15:58,700 --> 00:16:00,049 it doesn't prevent you from 439 00:16:01,090 --> 00:16:03,439 enabling the course, it doesn't 440 00:16:03,440 --> 00:16:04,999 hide any kind of code you shouldn't be 441 00:16:05,000 --> 00:16:05,899 seeing. 442 00:16:05,900 --> 00:16:07,369 It's just a minor annoyance. 443 00:16:07,370 --> 00:16:09,529 It's nothing you there's 444 00:16:09,530 --> 00:16:11,330 no reason that it is there at this point 445 00:16:12,650 --> 00:16:14,719 or we can't get to human binaries, 446 00:16:14,720 --> 00:16:16,249 but we don't have them anyway at this 447 00:16:16,250 --> 00:16:17,250 point. 448 00:16:18,740 --> 00:16:20,839 Obviously, it's no fun if we stop here 449 00:16:20,840 --> 00:16:22,729 because we know there is a Buderim, so we 450 00:16:22,730 --> 00:16:23,730 want to dump that thing. 451 00:16:28,010 --> 00:16:29,299 Yeah, let's just dump it anyway. 452 00:16:31,670 --> 00:16:33,859 The problem is that rebooting is really 453 00:16:33,860 --> 00:16:35,989 annoying on you because you boot it up. 454 00:16:35,990 --> 00:16:37,129 It takes like a man. 455 00:16:37,130 --> 00:16:38,729 They are. Then you click on the virtual. 456 00:16:38,730 --> 00:16:40,339 It takes another minute and so on and so 457 00:16:40,340 --> 00:16:41,819 on and so on. 458 00:16:41,820 --> 00:16:43,289 And every time you make a single mistake, 459 00:16:43,290 --> 00:16:44,219 which is bound to happen when you're 460 00:16:44,220 --> 00:16:46,049 trying to make something, this can really 461 00:16:46,050 --> 00:16:47,429 add up a lot of time. 462 00:16:47,430 --> 00:16:48,430 So we've been 463 00:16:50,370 --> 00:16:51,779 we've been trying to build a remote agent 464 00:16:51,780 --> 00:16:54,089 from the PC, which which which 465 00:16:54,090 --> 00:16:55,379 is what we're always doing when we're 466 00:16:55,380 --> 00:16:57,479 making some kind of šemeta device. 467 00:16:57,480 --> 00:16:58,589 So what this really is, you build a 468 00:16:58,590 --> 00:17:00,419 serial park between the console and your 469 00:17:00,420 --> 00:17:02,639 computer so that you can send 470 00:17:02,640 --> 00:17:04,499 our PC commands from some Python script 471 00:17:04,500 --> 00:17:06,459 over the serial port to the console so 472 00:17:06,460 --> 00:17:07,719 you can really interactively Hector 473 00:17:07,720 --> 00:17:08,999 console directly from your computer 474 00:17:09,000 --> 00:17:10,409 without having to compile a binary and 475 00:17:10,410 --> 00:17:11,999 reboot that thing over and over and over 476 00:17:12,000 --> 00:17:13,000 again. 477 00:17:13,530 --> 00:17:15,299 This is pretty much this is really nice 478 00:17:15,300 --> 00:17:16,259 because it cuts down your whole 479 00:17:16,260 --> 00:17:17,260 development time. 480 00:17:18,930 --> 00:17:20,098 But there's a small problem because we 481 00:17:20,099 --> 00:17:21,039 can't communicate yet. 482 00:17:21,040 --> 00:17:22,889 You have no serious part on the way, we 483 00:17:22,890 --> 00:17:24,809 could just use the memory cards used to 484 00:17:24,810 --> 00:17:27,568 be just a spy of us so we could just, 485 00:17:27,569 --> 00:17:28,649 you know, just plug in some custom 486 00:17:28,650 --> 00:17:30,659 hardware. And we had a full serial port. 487 00:17:30,660 --> 00:17:31,860 But those are gone now. 488 00:17:34,350 --> 00:17:36,179 So we started with something we call old 489 00:17:36,180 --> 00:17:37,180 Serial. 490 00:17:47,560 --> 00:17:49,239 I mean, the picture pretty much shows 491 00:17:49,240 --> 00:17:51,099 what it is you can turn on and off the 492 00:17:51,100 --> 00:17:53,919 cereal, the sensabaugh, 493 00:17:53,920 --> 00:17:55,929 which is just a bunch of infrared, let's 494 00:17:55,930 --> 00:17:58,119 you can turn them on and off from from 495 00:17:58,120 --> 00:18:00,559 Archerd so you can just bang cereal 496 00:18:00,560 --> 00:18:01,560 over that power line. 497 00:18:04,690 --> 00:18:05,829 It's really slow. 498 00:18:05,830 --> 00:18:08,019 It's only an output, but 499 00:18:08,020 --> 00:18:09,039 it's good enough for you. 500 00:18:09,040 --> 00:18:10,420 Very early print debugging. 501 00:18:12,870 --> 00:18:14,969 Let's take this a step further with 502 00:18:14,970 --> 00:18:16,949 this really awesome thing called get to 503 00:18:16,950 --> 00:18:17,950 HCI. 504 00:18:19,210 --> 00:18:21,209 So this is a really, really questionable 505 00:18:21,210 --> 00:18:23,369 LGC stick, essentially 506 00:18:23,370 --> 00:18:25,919 subparts one single entity idea 507 00:18:25,920 --> 00:18:27,749 that should already be in when it's 508 00:18:27,750 --> 00:18:28,949 running and otherwise it will just 509 00:18:28,950 --> 00:18:30,029 completely fail. 510 00:18:30,030 --> 00:18:31,319 It can also only send one type of 511 00:18:31,320 --> 00:18:32,789 messages, but. 512 00:18:35,580 --> 00:18:37,440 To get bidirectional ironworking, 513 00:18:38,550 --> 00:18:39,869 you don't even need to open your console, 514 00:18:39,870 --> 00:18:42,569 you just plug it into the USB port. 515 00:18:42,570 --> 00:18:43,949 Hook it up to another FBI agent. 516 00:18:43,950 --> 00:18:45,809 Put that up to your computer and you have 517 00:18:45,810 --> 00:18:47,219 to see the console. 518 00:18:47,220 --> 00:18:48,629 But that's still slow. 519 00:18:48,630 --> 00:18:50,549 And even worse, we didn't even open up 520 00:18:50,550 --> 00:18:51,689 our console yet. 521 00:18:51,690 --> 00:18:53,460 Oh, apparently it's mostly still intact. 522 00:18:56,480 --> 00:18:58,639 So let's let's use are our final 523 00:18:58,640 --> 00:19:00,709 solution, which is the echo, 524 00:19:00,710 --> 00:19:02,509 and that's the one we're still using 525 00:19:02,510 --> 00:19:03,929 today, I'm the U.S. 526 00:19:03,930 --> 00:19:05,509 gecko as an old device that we use. 527 00:19:05,510 --> 00:19:06,559 And the way you could plug it into the 528 00:19:06,560 --> 00:19:08,749 memory card slot this time, 529 00:19:08,750 --> 00:19:10,879 we just found some random guy on the 530 00:19:10,880 --> 00:19:11,749 main board. 531 00:19:11,750 --> 00:19:13,969 And we're now banging the Wiess memory 532 00:19:13,970 --> 00:19:16,109 card protocol over those 533 00:19:16,110 --> 00:19:17,839 Jipé also that we can reduce the old 534 00:19:17,840 --> 00:19:20,419 hardware to get a really, 535 00:19:20,420 --> 00:19:21,889 really Fostoria console. 536 00:19:21,890 --> 00:19:23,419 And most importantly, the warranty is 537 00:19:23,420 --> 00:19:24,420 finally wide. 538 00:19:32,530 --> 00:19:33,739 As I mentioned, we want to dump that 539 00:19:33,740 --> 00:19:34,989 Boudreau, and this is why we did the 540 00:19:34,990 --> 00:19:36,969 whole thing with the serial consoles, and 541 00:19:36,970 --> 00:19:38,679 I also mentioned that one instructions 542 00:19:38,680 --> 00:19:40,509 that appears just before the decrypted 543 00:19:40,510 --> 00:19:41,619 code. 544 00:19:41,620 --> 00:19:43,329 And for those of you who are not familiar 545 00:19:43,330 --> 00:19:44,569 with you, see this. 546 00:19:44,570 --> 00:19:46,119 This is a move to special purpose, 547 00:19:46,120 --> 00:19:48,369 register instruction and 548 00:19:48,370 --> 00:19:49,659 a special purpose register. 549 00:19:49,660 --> 00:19:51,789 It makes a lot of sense to contain a bit 550 00:19:51,790 --> 00:19:53,619 to disable the Buderim. 551 00:19:53,620 --> 00:19:55,839 So our hypothesis is, which later turned 552 00:19:55,840 --> 00:19:57,159 out to be true, that this single 553 00:19:57,160 --> 00:19:58,959 instruction there will disable the boot 554 00:19:58,960 --> 00:19:59,960 from. 555 00:20:00,460 --> 00:20:02,079 So can we just use the same approach we 556 00:20:02,080 --> 00:20:04,149 used to get to 557 00:20:04,150 --> 00:20:06,099 get the PowerPC and Express emote? 558 00:20:06,100 --> 00:20:07,659 Can we use the same approach to dump the 559 00:20:07,660 --> 00:20:08,660 boot from. 560 00:20:09,910 --> 00:20:11,249 Turns out that that certainly doesn't 561 00:20:11,250 --> 00:20:13,949 work because no matter how hard we try, 562 00:20:13,950 --> 00:20:15,869 how hard we try to race there on the 563 00:20:15,870 --> 00:20:17,459 periphery, we will always execute the 564 00:20:17,460 --> 00:20:18,779 original instruction. 565 00:20:18,780 --> 00:20:20,459 We even wrote a very tight and assembled 566 00:20:20,460 --> 00:20:23,189 assembly loop and it still would just 567 00:20:23,190 --> 00:20:24,749 still disable the boot from where they 568 00:20:24,750 --> 00:20:26,459 were. It turns out there was absolutely 569 00:20:26,460 --> 00:20:28,709 nothing we could do at this point 570 00:20:28,710 --> 00:20:29,710 anyway, 571 00:20:31,320 --> 00:20:32,609 because in order to understand why this 572 00:20:32,610 --> 00:20:34,229 didn't work, we're going to cheat a 573 00:20:34,230 --> 00:20:36,329 little bit and explain what the 574 00:20:36,330 --> 00:20:38,009 Buderim is doing first and then how we 575 00:20:38,010 --> 00:20:39,179 managed to dump it. 576 00:20:39,180 --> 00:20:40,229 And that's Merkins part. 577 00:20:50,730 --> 00:20:52,739 OK, so I'm going to take you through a 578 00:20:52,740 --> 00:20:54,929 Buttram, walk through the Woodrum 579 00:20:54,930 --> 00:20:56,609 does some really interesting tricks with 580 00:20:56,610 --> 00:20:58,529 memory management and cash management, 581 00:20:58,530 --> 00:21:00,599 and it's almost a little piece of art 582 00:21:00,600 --> 00:21:02,009 the way it does things. 583 00:21:02,010 --> 00:21:03,509 So this is going to touch into the 584 00:21:03,510 --> 00:21:05,879 intricate details of PowerPC caches 585 00:21:05,880 --> 00:21:08,159 and PowerPC memory management. 586 00:21:08,160 --> 00:21:09,149 So hold on to the right. 587 00:21:09,150 --> 00:21:10,270 This is going to be interesting. 588 00:21:12,420 --> 00:21:14,549 So we're interested in 589 00:21:14,550 --> 00:21:16,559 looking at mostly memory management. 590 00:21:16,560 --> 00:21:18,749 So we're going to have four columns 591 00:21:18,750 --> 00:21:20,309 here. We're going to look at different 592 00:21:20,310 --> 00:21:22,559 parts of memory, different addresses, 593 00:21:22,560 --> 00:21:24,809 what the data is in REM, the physical ram 594 00:21:24,810 --> 00:21:26,879 chips, what the data is 595 00:21:26,880 --> 00:21:28,979 in the CPU is able L2 cash, which may or 596 00:21:28,980 --> 00:21:31,139 may not be the same as RAM because the 597 00:21:31,140 --> 00:21:33,059 Wii U is not a coherent system. 598 00:21:33,060 --> 00:21:35,159 So there may be times when 599 00:21:35,160 --> 00:21:37,319 these two do not match and then 600 00:21:37,320 --> 00:21:40,259 the CPU has two operating modes. 601 00:21:40,260 --> 00:21:41,939 It can operate in real mode where virtual 602 00:21:41,940 --> 00:21:43,919 addresses and correspond to physical 603 00:21:43,920 --> 00:21:45,599 addresses. So there's no address 604 00:21:45,600 --> 00:21:46,649 translation. 605 00:21:46,650 --> 00:21:48,059 Or it can operate in translated mode, 606 00:21:48,060 --> 00:21:49,619 which is when the memory management unit 607 00:21:49,620 --> 00:21:51,719 is turned on and there can 608 00:21:51,720 --> 00:21:53,879 be arbitrary mappings between 609 00:21:53,880 --> 00:21:55,559 where the addresses that the code uses 610 00:21:55,560 --> 00:21:56,970 and the addresses and physical memory. 611 00:21:58,020 --> 00:21:59,849 So let's set the stage first. 612 00:21:59,850 --> 00:22:02,069 We start up with the binary image 613 00:22:02,070 --> 00:22:03,899 or the system menu or whatever the 614 00:22:03,900 --> 00:22:06,149 uncashed images at that address, 615 00:22:06,150 --> 00:22:07,910 there is zero one three three four 616 00:22:09,180 --> 00:22:11,249 and we have often zero as the header 617 00:22:11,250 --> 00:22:13,799 for that. And also text 100 618 00:22:13,800 --> 00:22:15,959 is the start of the ciphertext. 619 00:22:15,960 --> 00:22:17,939 We're also interested in ages zero 620 00:22:17,940 --> 00:22:19,079 because that's where the PARP is the 621 00:22:19,080 --> 00:22:20,279 exception vectors are. 622 00:22:20,280 --> 00:22:22,319 It's also with the reset the vector is. 623 00:22:22,320 --> 00:22:24,329 So let's look at what happens there. 624 00:22:24,330 --> 00:22:25,979 But to start with, there's nothing really 625 00:22:25,980 --> 00:22:26,990 in that area of memory. 626 00:22:28,650 --> 00:22:31,229 So first we hard reset the PowerPC 627 00:22:31,230 --> 00:22:33,419 and it comes up in real mode like 628 00:22:33,420 --> 00:22:34,949 every other possibility. 629 00:22:34,950 --> 00:22:37,049 And the first thing that we noticed is 630 00:22:37,050 --> 00:22:38,519 that in real mode, the Parvizi is 631 00:22:38,520 --> 00:22:41,039 executing the butcher, not memory. 632 00:22:41,040 --> 00:22:43,049 The Buttram is built into the espresso 633 00:22:43,050 --> 00:22:45,359 and it overlays memory at zero. 634 00:22:45,360 --> 00:22:47,859 So whenever it fetches instructions, 635 00:22:47,860 --> 00:22:49,230 it'll do so from the buttram. 636 00:22:50,640 --> 00:22:52,589 There's no amamou set up yet, so there's 637 00:22:52,590 --> 00:22:54,329 no translated mode. The catches are off. 638 00:22:54,330 --> 00:22:55,380 So it's pretty simple. 639 00:22:56,430 --> 00:22:58,679 And you can also see how the 640 00:22:58,680 --> 00:23:00,139 system menu encrypted blob with the 641 00:23:00,140 --> 00:23:02,130 youngest blob maps to reload. 642 00:23:03,480 --> 00:23:04,799 The first thing the Buderim does is it 643 00:23:04,800 --> 00:23:06,269 clears the menu of the caches, the 644 00:23:06,270 --> 00:23:07,859 registers, you know, it wipes everything 645 00:23:07,860 --> 00:23:09,359 to get a nice, clean slate. 646 00:23:09,360 --> 00:23:10,889 Nothing interesting there. 647 00:23:10,890 --> 00:23:12,149 And then it maps itself. 648 00:23:12,150 --> 00:23:14,219 It maps the Buttram using 649 00:23:14,220 --> 00:23:16,199 a PowerPC feature called The Block 650 00:23:16,200 --> 00:23:18,659 Address. Translation The PowerPC 651 00:23:18,660 --> 00:23:20,669 has a memory management unit and it can 652 00:23:20,670 --> 00:23:22,889 either map things using the 653 00:23:22,890 --> 00:23:25,169 usual page tables, which can do complex 654 00:23:25,170 --> 00:23:26,189 mappings. 655 00:23:26,190 --> 00:23:28,049 But it has a very simple memory mapping 656 00:23:28,050 --> 00:23:30,119 feature. The blockaders translation 657 00:23:30,120 --> 00:23:31,619 is just a bunch of registers. 658 00:23:31,620 --> 00:23:33,329 Let's say, you know, take a big block of 659 00:23:33,330 --> 00:23:35,309 memory here, map it to a big block of 660 00:23:35,310 --> 00:23:36,899 memory there. It's really stupid. 661 00:23:36,900 --> 00:23:38,309 It's really easy. 662 00:23:38,310 --> 00:23:40,769 So it maps itself to translated mode with 663 00:23:40,770 --> 00:23:42,720 this feature of of the of the espresso. 664 00:23:43,800 --> 00:23:45,119 It also maps to other 665 00:23:46,170 --> 00:23:48,419 sections. It maps address to 666 00:23:48,420 --> 00:23:50,549 zero zero zero zero to that one 667 00:23:50,550 --> 00:23:52,649 sixty address there, which is in 668 00:23:52,650 --> 00:23:53,639 the middle of room. 669 00:23:53,640 --> 00:23:54,899 You know, there's nothing special about 670 00:23:54,900 --> 00:23:56,789 it. I don't know why they picked that. 671 00:23:56,790 --> 00:23:58,739 And there doesn't seem to be a reason for 672 00:23:58,740 --> 00:24:00,119 it to map this. But it does. 673 00:24:00,120 --> 00:24:01,559 We'll see in a second why. 674 00:24:01,560 --> 00:24:03,839 And it also maps E zero zero zero 675 00:24:03,840 --> 00:24:05,909 BARBELLA to the same 676 00:24:05,910 --> 00:24:08,039 location. And that's not even physical 677 00:24:08,040 --> 00:24:10,259 memory. Like that's an invalid address. 678 00:24:10,260 --> 00:24:11,189 So that makes no sense. 679 00:24:11,190 --> 00:24:12,190 But we'll see what happens 680 00:24:13,470 --> 00:24:14,939 then. It switches to translate it notes 681 00:24:14,940 --> 00:24:16,559 and it's running in translated mode, 682 00:24:16,560 --> 00:24:18,659 still running the ROM and 683 00:24:18,660 --> 00:24:19,979 this is what enables the caches. 684 00:24:21,240 --> 00:24:23,009 Now, you'll notice the really interesting 685 00:24:23,010 --> 00:24:24,450 thing here is the ultra cache 686 00:24:25,650 --> 00:24:26,759 column is now clear because that's 687 00:24:26,760 --> 00:24:29,069 initialized and empty, but in real 688 00:24:29,070 --> 00:24:31,439 mode. Certainly we get the reset vector 689 00:24:31,440 --> 00:24:32,849 instead of the Buttram. 690 00:24:32,850 --> 00:24:35,129 So we're leaking main rame 691 00:24:35,130 --> 00:24:37,379 from, you know, the actual ram 692 00:24:37,380 --> 00:24:38,969 chips to real mode. 693 00:24:38,970 --> 00:24:40,769 The reason for this is because the 694 00:24:40,770 --> 00:24:43,139 butcher from a special it only 695 00:24:43,140 --> 00:24:45,449 works when you perform uncashed memory 696 00:24:45,450 --> 00:24:47,279 accesses. So if there's a cache in the 697 00:24:47,280 --> 00:24:49,739 way you don't see the BAJRAM anymore 698 00:24:49,740 --> 00:24:51,149 and the reason why it works and translate 699 00:24:51,150 --> 00:24:52,559 that mode is because when it set up this 700 00:24:52,560 --> 00:24:54,689 bad mapping, it did so with caching 701 00:24:54,690 --> 00:24:57,389 inhibitor. There's a bit of the Ibbett 702 00:24:57,390 --> 00:24:59,289 and that forces it to keep using the key, 703 00:24:59,290 --> 00:25:01,559 bypassing the caches for the Buttram, 704 00:25:01,560 --> 00:25:02,579 but in real mode. 705 00:25:02,580 --> 00:25:03,719 Now we're back to main memory. 706 00:25:04,890 --> 00:25:07,169 It also enables a feature of the espresso 707 00:25:07,170 --> 00:25:09,659 that goes way back to the Game Cube days 708 00:25:09,660 --> 00:25:11,069 called the locked L1 cache. 709 00:25:11,070 --> 00:25:12,929 The old one Casaus thirty two kilobytes 710 00:25:12,930 --> 00:25:14,759 put it down the middle and it sets up 711 00:25:14,760 --> 00:25:16,649 sixteen kilobytes as dedicated on chip 712 00:25:16,650 --> 00:25:18,749 memory that only it can see it's 713 00:25:18,750 --> 00:25:20,219 only useful for data. 714 00:25:20,220 --> 00:25:22,199 So it now has 60 kilobytes of private 715 00:25:22,200 --> 00:25:23,159 room mapped out. 716 00:25:23,160 --> 00:25:25,290 This is a zero thing which explains that 717 00:25:27,120 --> 00:25:29,189 now the next thing it does is it sets up 718 00:25:29,190 --> 00:25:30,959 exception vectors that just infinite loop 719 00:25:30,960 --> 00:25:33,179 and memory and uses a temporary 720 00:25:33,180 --> 00:25:34,799 mapping for this. And the reason for this 721 00:25:34,800 --> 00:25:36,929 is that in case something happens 722 00:25:36,930 --> 00:25:38,879 and it ends up executing an exception 723 00:25:38,880 --> 00:25:41,129 vector and ram, it doesn't want to 724 00:25:41,130 --> 00:25:42,569 follow through and execute code from a 725 00:25:42,570 --> 00:25:43,570 random place and run. 726 00:25:44,610 --> 00:25:46,439 So it just sets up instructions that jump 727 00:25:46,440 --> 00:25:47,609 to themselves at that address. 728 00:25:47,610 --> 00:25:48,840 And it's an infinite loop. 729 00:25:50,480 --> 00:25:52,249 So now, up until this point, the buttram 730 00:25:52,250 --> 00:25:54,049 is running with no stock, no nothing, 731 00:25:54,050 --> 00:25:56,329 it's all hardcoded assembly, really 732 00:25:56,330 --> 00:25:57,259 low level stuff. 733 00:25:57,260 --> 00:25:58,969 None of it has memory that it can use 734 00:25:58,970 --> 00:26:00,919 privately. It sets up a stack. 735 00:26:00,920 --> 00:26:02,269 Copies of its data sections, gets 736 00:26:02,270 --> 00:26:04,219 prepared to run real code. 737 00:26:04,220 --> 00:26:06,469 But before this, it copies itself. 738 00:26:06,470 --> 00:26:07,999 And the reason why it does this is 739 00:26:08,000 --> 00:26:09,829 because the boogeyman now is running in 740 00:26:09,830 --> 00:26:11,119 uncashed mode, because it has to be 741 00:26:11,120 --> 00:26:13,219 uncashed, but it's a crappy, 742 00:26:13,220 --> 00:26:15,589 slow buttram that is, you know, 743 00:26:15,590 --> 00:26:17,869 very far removed from because 744 00:26:17,870 --> 00:26:19,069 you don't want to be running crypto code 745 00:26:19,070 --> 00:26:21,409 from a crappy slow memory, a terrible. 746 00:26:21,410 --> 00:26:23,599 So it makes it a copy to this 747 00:26:23,600 --> 00:26:24,799 address, you know, two zero zero zero 748 00:26:24,800 --> 00:26:26,119 zero. And you're thinking, well, that's 749 00:26:26,120 --> 00:26:28,339 going to copy the budget around, but 750 00:26:28,340 --> 00:26:30,109 it doesn't, because when it copies itself 751 00:26:30,110 --> 00:26:31,989 to that address, it mostly ends up in the 752 00:26:31,990 --> 00:26:34,069 L1 cache because the cache, 753 00:26:34,070 --> 00:26:35,839 of course, will try to cache values 754 00:26:35,840 --> 00:26:37,279 before getting them addicted to memory. 755 00:26:38,750 --> 00:26:41,869 Then it uses a really neat trick to 756 00:26:41,870 --> 00:26:43,939 flush that one cash into the L 757 00:26:43,940 --> 00:26:46,039 to cash it, basically just write a bunch 758 00:26:46,040 --> 00:26:47,929 of garbage. The other one is guaranteed 759 00:26:47,930 --> 00:26:50,149 to evict all the cash lines, send 760 00:26:50,150 --> 00:26:51,889 all that data over to be able to cash. 761 00:26:51,890 --> 00:26:54,169 But it can't just flush it with a normal 762 00:26:54,170 --> 00:26:55,699 flush instruction because then it would 763 00:26:55,700 --> 00:26:57,229 all ram and you don't want the goodrum to 764 00:26:57,230 --> 00:26:58,129 end up in RAM. 765 00:26:58,130 --> 00:27:00,319 So it's using this really hacky trick 766 00:27:00,320 --> 00:27:02,419 to keep itself from going to RAM while 767 00:27:02,420 --> 00:27:04,279 using the L2 cache as memory, which is 768 00:27:04,280 --> 00:27:05,750 not designed to be used as memory. 769 00:27:07,610 --> 00:27:09,049 And then it just jumps to this new 770 00:27:09,050 --> 00:27:10,819 location and that's what starts doing the 771 00:27:10,820 --> 00:27:12,959 main execution, it copies the 772 00:27:12,960 --> 00:27:15,289 attacks from the secret 773 00:27:15,290 --> 00:27:17,479 futures are up to the 774 00:27:17,480 --> 00:27:18,409 private memory. 775 00:27:18,410 --> 00:27:19,789 It disables those keys to make sure 776 00:27:19,790 --> 00:27:21,769 nobody ever gets access to them again. 777 00:27:21,770 --> 00:27:24,169 It will hash and decrypt the 778 00:27:24,170 --> 00:27:24,859 image. 779 00:27:24,860 --> 00:27:26,449 And the really interesting thing here is 780 00:27:26,450 --> 00:27:28,939 that it can't just 781 00:27:28,940 --> 00:27:30,379 read it because it would end up using the 782 00:27:30,380 --> 00:27:32,689 L2 cache. So it goes back to another 783 00:27:32,690 --> 00:27:34,999 feature of the Game Cube 784 00:27:35,000 --> 00:27:37,099 where it can as a DMA engine 785 00:27:37,100 --> 00:27:39,289 that can copy data straight from external 786 00:27:39,290 --> 00:27:41,449 memory into and back out of its 787 00:27:41,450 --> 00:27:43,669 locked L1 cache without 788 00:27:43,670 --> 00:27:44,899 doing anything else, without going 789 00:27:44,900 --> 00:27:46,519 through the ultra cache or anything. 790 00:27:46,520 --> 00:27:48,709 So it's moving data 791 00:27:48,710 --> 00:27:50,869 between, you know, that Red Square there 792 00:27:50,870 --> 00:27:53,029 and on the bottom right corner 793 00:27:53,030 --> 00:27:55,039 where there is a DMA buffer. 794 00:27:55,040 --> 00:27:57,259 So it it does 795 00:27:57,260 --> 00:27:58,279 that with a header. It takes that 796 00:27:58,280 --> 00:28:00,259 signature, then it hashes and decrypt the 797 00:28:00,260 --> 00:28:01,939 ciphertext. And it's doing this by ping 798 00:28:01,940 --> 00:28:04,309 pong data through the locked L1 cache, 799 00:28:04,310 --> 00:28:05,390 bypassing everything else. 800 00:28:06,940 --> 00:28:08,229 So I jumped back to the boardroom, it's 801 00:28:08,230 --> 00:28:10,309 done, you know, presumably the hashtag 802 00:28:10,310 --> 00:28:12,280 succeeded so it doesn't looks up 803 00:28:13,450 --> 00:28:14,919 and now that everything is ready, you can 804 00:28:14,920 --> 00:28:15,939 clean up. 805 00:28:15,940 --> 00:28:17,889 It jumps back to the boardroom not to 806 00:28:17,890 --> 00:28:19,119 copy. 807 00:28:19,120 --> 00:28:21,069 It wipes this section where it was 808 00:28:21,070 --> 00:28:23,410 keeping its own copy of the of the code. 809 00:28:24,670 --> 00:28:26,859 It makes sure that gets wiped in 02 to 810 00:28:26,860 --> 00:28:29,379 it wipes its data in 811 00:28:29,380 --> 00:28:31,479 one, cache it 812 00:28:31,480 --> 00:28:32,499 on maps. All of this. 813 00:28:32,500 --> 00:28:34,329 It's just undoing basically the start up 814 00:28:34,330 --> 00:28:36,579 process and finally it 815 00:28:36,580 --> 00:28:38,289 finally maps the payload. 816 00:28:38,290 --> 00:28:40,929 So up until this point, the 817 00:28:40,930 --> 00:28:42,579 ciphertext were plaintext section wasn't 818 00:28:42,580 --> 00:28:43,869 even mapped in translated mode. 819 00:28:43,870 --> 00:28:45,219 So you couldn't see it except through the 820 00:28:45,220 --> 00:28:46,509 DMA system. 821 00:28:46,510 --> 00:28:47,510 But now it's mapped 822 00:28:48,850 --> 00:28:50,319 and the next thing it does is that 823 00:28:50,320 --> 00:28:52,239 disables and invalidates the one and L2 824 00:28:52,240 --> 00:28:53,379 caches. 825 00:28:53,380 --> 00:28:55,089 So now they're are other data that used 826 00:28:55,090 --> 00:28:56,229 to be that is completely gone 827 00:28:57,940 --> 00:28:59,679 and that when it writes this special 828 00:28:59,680 --> 00:29:02,019 Bajram disable instruction, it writes 829 00:29:02,020 --> 00:29:03,579 that that makes it through to the L2 830 00:29:03,580 --> 00:29:05,529 cache and it flushes it to make sure it 831 00:29:05,530 --> 00:29:06,729 makes it up to run. 832 00:29:08,390 --> 00:29:10,909 It jumps there and the media to 833 00:29:10,910 --> 00:29:12,289 the point where it hits the construction, 834 00:29:12,290 --> 00:29:14,729 the butcher is disabled permanently 835 00:29:14,730 --> 00:29:16,429 and it starts running the the payload 836 00:29:16,430 --> 00:29:19,099 code. And this is why you can see why 837 00:29:19,100 --> 00:29:20,869 overwriting this instruction in RAM did 838 00:29:20,870 --> 00:29:22,609 not work, because even if you override 839 00:29:22,610 --> 00:29:24,229 this instruction in RAM, it's still in 840 00:29:24,230 --> 00:29:26,359 the air to catch the brainteasers, not in 841 00:29:26,360 --> 00:29:27,829 the ultimate cache, because we made that. 842 00:29:27,830 --> 00:29:29,989 So if you raise it there, you can gain 843 00:29:29,990 --> 00:29:31,849 execution. But that one instruction at 844 00:29:31,850 --> 00:29:33,469 F.C. is in the cache. 845 00:29:33,470 --> 00:29:35,239 It doesn't matter what you put in RAM, it 846 00:29:35,240 --> 00:29:36,769 still runs the disabling instruction. 847 00:29:36,770 --> 00:29:38,929 So this is really clever and it actually 848 00:29:38,930 --> 00:29:40,249 writes it and reads it and verifies it, 849 00:29:40,250 --> 00:29:41,509 makes damn sure it's in the ultimate 850 00:29:41,510 --> 00:29:42,510 cache. 851 00:29:43,820 --> 00:29:45,109 So this is a really clever trick. 852 00:29:45,110 --> 00:29:47,299 I mean, this it's kind of a horrible 853 00:29:47,300 --> 00:29:49,249 hack, but in a way, it's really cute 854 00:29:49,250 --> 00:29:50,389 execution. 855 00:29:50,390 --> 00:29:51,859 It keeps the ROM isolated, 856 00:29:53,000 --> 00:29:54,000 but there's a whole 857 00:29:56,240 --> 00:29:58,549 the PowerPC has to external reset lines 858 00:29:58,550 --> 00:30:00,409 when it's called reset, which does a full 859 00:30:00,410 --> 00:30:02,209 hard reset that the chip runs the Buderim 860 00:30:02,210 --> 00:30:04,309 again. You know, it's like starting from 861 00:30:04,310 --> 00:30:06,439 scratch. The other one is this reset, 862 00:30:06,440 --> 00:30:07,489 which is a soft reset. 863 00:30:07,490 --> 00:30:08,989 Basically, this is really just an 864 00:30:08,990 --> 00:30:10,279 unmistakable interrupt. 865 00:30:10,280 --> 00:30:12,199 It just makes it Parvizi take an 866 00:30:12,200 --> 00:30:14,749 exception to its reset vector. 867 00:30:14,750 --> 00:30:16,099 But it doesn't really clear anything. 868 00:30:16,100 --> 00:30:17,150 It doesn't re-enable anything. 869 00:30:18,320 --> 00:30:19,429 Both of these are controlled by the 870 00:30:19,430 --> 00:30:21,799 Starbuck. They're just bits and register. 871 00:30:21,800 --> 00:30:24,109 We can turn on and off to bootstrap 872 00:30:24,110 --> 00:30:25,999 the part B, C, there's separate bits. 873 00:30:27,500 --> 00:30:29,179 So we come to the reset. 874 00:30:29,180 --> 00:30:31,429 What happens if we assert as reset, 875 00:30:31,430 --> 00:30:33,859 if we reset the PowerPC the espresso 876 00:30:33,860 --> 00:30:35,029 while the BAJRAM is running? 877 00:30:36,440 --> 00:30:38,419 Well, if you just pick a random point, 878 00:30:38,420 --> 00:30:39,409 let's say when it's hashing and 879 00:30:39,410 --> 00:30:41,779 decrypting the ciphertext, we 880 00:30:41,780 --> 00:30:43,819 sort of reset whenever it takes an 881 00:30:43,820 --> 00:30:44,269 exception. 882 00:30:44,270 --> 00:30:45,769 Whenever you get an interrupt or in this 883 00:30:45,770 --> 00:30:47,899 case, a soft reset, it switches back to 884 00:30:47,900 --> 00:30:49,849 real mode. But it's got this annoying 885 00:30:49,850 --> 00:30:51,889 infinite loop instruction there. 886 00:30:51,890 --> 00:30:52,899 So all that's going to happen is it's 887 00:30:52,900 --> 00:30:55,099 going to get stopping an infinite loop. 888 00:30:55,100 --> 00:30:57,649 Even if we change REM, we 889 00:30:57,650 --> 00:30:59,749 jump to our own hoshko, to our own 890 00:30:59,750 --> 00:31:01,159 dumper, whatever. 891 00:31:01,160 --> 00:31:02,539 It's still in the cache. 892 00:31:02,540 --> 00:31:03,889 So we have the same problem. 893 00:31:03,890 --> 00:31:04,909 It's still going to get stuck in an 894 00:31:04,910 --> 00:31:06,219 infinite loop no matter what we do to 895 00:31:06,220 --> 00:31:07,220 run. 896 00:31:08,510 --> 00:31:10,020 But what happens if we wait a little bit? 897 00:31:11,540 --> 00:31:12,889 So at some point, the goodrum is 898 00:31:12,890 --> 00:31:14,839 disabling and validating and enabling the 899 00:31:14,840 --> 00:31:15,939 one Enel to catch us. 900 00:31:15,940 --> 00:31:18,169 So at this point, the L2 cash 901 00:31:18,170 --> 00:31:19,170 is empty. 902 00:31:20,330 --> 00:31:22,549 If we change RAM to jump to our dumper 903 00:31:22,550 --> 00:31:24,409 code, suddenly that's visible in real 904 00:31:24,410 --> 00:31:25,939 mode now because the cache doesn't have 905 00:31:25,940 --> 00:31:27,619 the data anymore. 906 00:31:27,620 --> 00:31:29,209 Then we assert, as we said, 907 00:31:30,230 --> 00:31:32,389 and then the part B C jumps to our code. 908 00:31:32,390 --> 00:31:34,099 And since the Buderim is still mapped, we 909 00:31:34,100 --> 00:31:35,119 can just read it. 910 00:31:49,060 --> 00:31:51,189 So this happened eight days after 911 00:31:51,190 --> 00:31:53,139 the release, by the way, unfortunately, 912 00:31:53,140 --> 00:31:55,449 it's too late to get the keys other 913 00:31:55,450 --> 00:31:57,579 European release just to make sure I'm on 914 00:31:57,580 --> 00:31:59,049 the same page. But it's too late to get 915 00:31:59,050 --> 00:32:00,249 the keys because the OTP is already 916 00:32:00,250 --> 00:32:03,069 disabled. The lotto one is already wiped. 917 00:32:03,070 --> 00:32:04,569 Keys are gone. We want the keys. 918 00:32:06,220 --> 00:32:07,839 So let's look at the other recent line. 919 00:32:07,840 --> 00:32:08,829 It's called Reset. 920 00:32:08,830 --> 00:32:10,949 It resets the whole espresso, it restarts 921 00:32:10,950 --> 00:32:12,729 Buttram execution. 922 00:32:12,730 --> 00:32:13,959 It's reset this level sensitive. 923 00:32:13,960 --> 00:32:16,059 So you bring it low to get, you 924 00:32:16,060 --> 00:32:17,409 know, start resetting the part. 925 00:32:17,410 --> 00:32:19,539 See, it does whatever it needs 926 00:32:19,540 --> 00:32:21,969 to clear, you know, create internal state 927 00:32:21,970 --> 00:32:24,039 registers, all that fun, top level 928 00:32:24,040 --> 00:32:26,169 design stuff that I know nothing about. 929 00:32:26,170 --> 00:32:27,909 And then you release it to begin 930 00:32:27,910 --> 00:32:30,159 execution the 931 00:32:30,160 --> 00:32:32,469 data sheet for the PowerPC 750 S.L, 932 00:32:32,470 --> 00:32:34,299 which is really close to the Broadway 933 00:32:34,300 --> 00:32:36,489 used on the we and presumably close 934 00:32:36,490 --> 00:32:38,889 enough to your espresso, says that 935 00:32:38,890 --> 00:32:41,799 that must be held low for at least 255 936 00:32:41,800 --> 00:32:42,969 bust cycles. 937 00:32:44,530 --> 00:32:46,630 What happens if we try narrower pulses? 938 00:32:48,700 --> 00:32:51,579 So the Starbuck runs out the clock rate 939 00:32:51,580 --> 00:32:53,259 coincidentally, and it can control its 940 00:32:53,260 --> 00:32:54,639 reset with single cycle accuracy? 941 00:32:54,640 --> 00:32:56,709 Because we are not on our nine one 942 00:32:56,710 --> 00:32:59,499 cycle, you can make a little timing loop. 943 00:32:59,500 --> 00:33:01,689 So we fill all the round with jump start 944 00:33:01,690 --> 00:33:03,069 dumping code just to make sure that if 945 00:33:03,070 --> 00:33:05,289 anything weird happens, hopefully 946 00:33:05,290 --> 00:33:07,899 it goes to where we want to 947 00:33:07,900 --> 00:33:09,279 remember we're doing this python thing 948 00:33:09,280 --> 00:33:11,289 from a PC. We don't want to be timing 949 00:33:11,290 --> 00:33:12,609 reset from a Python script. 950 00:33:12,610 --> 00:33:14,709 So we upload a little snippet of code 951 00:33:14,710 --> 00:33:17,259 to do a really accurate cycle level 952 00:33:17,260 --> 00:33:18,639 reset timing and say, well, interrupts 953 00:33:18,640 --> 00:33:19,640 all that fun stuff. 954 00:33:20,590 --> 00:33:22,989 Then we start the PowerPC normally 955 00:33:22,990 --> 00:33:24,399 just to make sure it's into the same 956 00:33:24,400 --> 00:33:26,499 state and then we reset 957 00:33:26,500 --> 00:33:28,449 it right in the middle of the Buttram 958 00:33:28,450 --> 00:33:30,339 doesn't actually matter that much where 959 00:33:31,570 --> 00:33:33,249 we try different widths for use. 960 00:33:33,250 --> 00:33:34,599 Let's see what happens. 961 00:33:34,600 --> 00:33:36,459 And we hope that some at some point 962 00:33:36,460 --> 00:33:38,529 something will blow up, it'll screw 963 00:33:38,530 --> 00:33:40,599 up and it'll end up jumping some more in 964 00:33:40,600 --> 00:33:41,829 Rowman run our code 965 00:33:43,000 --> 00:33:44,229 and then something will happen, 966 00:33:44,230 --> 00:33:46,270 hopefully, and then we get profit. 967 00:33:54,650 --> 00:33:56,599 So what happened? 968 00:33:56,600 --> 00:33:58,789 Well, the Barbaresi crashes, if we 969 00:33:58,790 --> 00:34:01,459 do a very short period 970 00:34:01,460 --> 00:34:02,869 for a very long period that restarts 971 00:34:02,870 --> 00:34:05,059 normally, if around the middle 972 00:34:05,060 --> 00:34:06,889 it just fails and deadlocks. 973 00:34:06,890 --> 00:34:08,479 But for one of two specific person 974 00:34:08,480 --> 00:34:10,488 widths, really weird stuff happens. 975 00:34:10,489 --> 00:34:12,468 And what's vary from unit to unit, it's 976 00:34:12,469 --> 00:34:13,469 an analog thing. 977 00:34:14,719 --> 00:34:16,279 It seems to be running our code because 978 00:34:16,280 --> 00:34:18,019 we got some response from our dumper. 979 00:34:18,020 --> 00:34:20,299 But let's let's look at a cat version 980 00:34:20,300 --> 00:34:21,300 of the PowerPC. 981 00:34:41,870 --> 00:34:43,488 So it's running, it's running, but 982 00:34:43,489 --> 00:34:44,999 something's screwed up real bad, it's 983 00:34:45,000 --> 00:34:46,968 skipping instructions sometimes it 984 00:34:46,969 --> 00:34:48,349 doesn't issue, writes the memory like 985 00:34:48,350 --> 00:34:49,849 we're dumping stuff and there's stuff 986 00:34:49,850 --> 00:34:50,629 missing in the dump. 987 00:34:50,630 --> 00:34:51,829 And it's like they have to search for 988 00:34:51,830 --> 00:34:53,689 offsets. And some of the values are 989 00:34:53,690 --> 00:34:55,698 weird. It looks like some functional 990 00:34:55,699 --> 00:34:57,889 units in the core are totally fucked up. 991 00:34:57,890 --> 00:34:59,269 I have no idea what's going on, but it's 992 00:34:59,270 --> 00:35:00,489 really fun. It's running our code. 993 00:35:01,700 --> 00:35:02,700 But drugs is good enough 994 00:35:04,970 --> 00:35:06,649 because all we have to do is read each 995 00:35:06,650 --> 00:35:08,089 key word and write it to memory four 996 00:35:08,090 --> 00:35:09,169 times and cross our fingers. 997 00:35:09,170 --> 00:35:10,219 And then you're going to have that one. 998 00:35:10,220 --> 00:35:11,299 That one. That one. 999 00:35:11,300 --> 00:35:12,300 That one. 1000 00:35:12,860 --> 00:35:13,860 And we have keys. 1001 00:35:22,770 --> 00:35:25,019 So that was 11 days after the 1002 00:35:25,020 --> 00:35:26,969 release, and that's a hash that we posted 1003 00:35:26,970 --> 00:35:29,099 as a hash of linked file, which 1004 00:35:29,100 --> 00:35:30,779 has the hash of the keys, because we must 1005 00:35:30,780 --> 00:35:31,780 go deeper. 1006 00:35:32,970 --> 00:35:34,799 So this person was found in virtually no 1007 00:35:34,800 --> 00:35:37,109 time for the Starbucks and we unmowed 1008 00:35:37,110 --> 00:35:39,239 that we started Cats' Boonsboro, which 1009 00:35:39,240 --> 00:35:41,729 is this Boutcher on that? Boutte's the we 1010 00:35:41,730 --> 00:35:43,079 the virtual he doesn't have a zero 1011 00:35:43,080 --> 00:35:44,879 because it runs from Weemote. 1012 00:35:44,880 --> 00:35:45,779 How does we unmowed? 1013 00:35:45,780 --> 00:35:47,189 But we have no idea. 1014 00:35:47,190 --> 00:35:49,529 We can't find out from Virgil Weemote 1015 00:35:49,530 --> 00:35:50,530 or Canwe 1016 00:35:51,900 --> 00:35:53,789 so on the web browser was mapped to that 1017 00:35:53,790 --> 00:35:56,099 address. It gets disabled by Boota. 1018 00:35:56,100 --> 00:35:58,049 Not good one for some reason by writing 1019 00:35:58,050 --> 00:36:00,209 to a register, not register is 1020 00:36:00,210 --> 00:36:01,649 not clear. Only you can, you can 1021 00:36:01,650 --> 00:36:03,149 re-enable that register. 1022 00:36:03,150 --> 00:36:04,589 Probably see where this is going. 1023 00:36:04,590 --> 00:36:05,999 It still exists in V Weemote for 1024 00:36:06,000 --> 00:36:08,009 compatibility you know, because I was two 1025 00:36:08,010 --> 00:36:09,839 years old and all that stuff. 1026 00:36:09,840 --> 00:36:11,099 What happens if you said the enabled. 1027 00:36:11,100 --> 00:36:12,100 But again 1028 00:36:14,030 --> 00:36:15,329 I wildwoods zero. 1029 00:36:15,330 --> 00:36:17,370 It does not look like the Web zero. 1030 00:36:18,720 --> 00:36:20,849 I don't even know what the hell they were 1031 00:36:20,850 --> 00:36:21,850 thinking. 1032 00:36:23,100 --> 00:36:25,199 This is just ridiculous. 1033 00:36:26,280 --> 00:36:28,499 It just shows up. 1034 00:36:28,500 --> 00:36:30,719 And we found this out 14 days because we 1035 00:36:30,720 --> 00:36:32,369 didn't think they'd be that stupid. 1036 00:36:32,370 --> 00:36:34,170 So that's the house we posted. 1037 00:36:35,400 --> 00:36:37,289 The we you, Butros, much more interesting 1038 00:36:37,290 --> 00:36:39,149 than the wee one. It does real signature 1039 00:36:39,150 --> 00:36:40,949 checks. It supports booting a recovery 1040 00:36:40,950 --> 00:36:42,489 image because the WI was notoriously 1041 00:36:42,490 --> 00:36:44,309 breakable and they just throw away 1042 00:36:44,310 --> 00:36:45,779 motherboards and put new ones in when 1043 00:36:45,780 --> 00:36:46,949 they break them. There were no recovery 1044 00:36:46,950 --> 00:36:49,139 mechanism, but unfortunately, 1045 00:36:49,140 --> 00:36:51,109 we haven't found an exploitable bug in 1046 00:36:51,110 --> 00:36:52,110 Boonsboro, 1047 00:36:53,280 --> 00:36:55,259 at least yet. So this is all we have for 1048 00:36:55,260 --> 00:36:56,260 every weemote. 1049 00:36:56,970 --> 00:36:59,279 Now, let's look at Wii U mode 1050 00:36:59,280 --> 00:37:01,469 and about hand it over to comics or that. 1051 00:37:11,440 --> 00:37:14,139 According to the paper that just got 1052 00:37:14,140 --> 00:37:16,269 pulled up, it doesn't seem 1053 00:37:16,270 --> 00:37:17,699 we're getting the full hour here and 1054 00:37:17,700 --> 00:37:18,999 let's try to hurry here. 1055 00:37:20,290 --> 00:37:22,779 So how to postpone 1056 00:37:22,780 --> 00:37:25,689 we human soul for a virtual we mode? 1057 00:37:25,690 --> 00:37:27,369 There was a lot of reference to go on. 1058 00:37:27,370 --> 00:37:29,469 There was all the old software and 1059 00:37:29,470 --> 00:37:31,479 we could see how it changed. 1060 00:37:31,480 --> 00:37:33,789 There's the there's the hardware, 1061 00:37:33,790 --> 00:37:34,779 all of that. 1062 00:37:34,780 --> 00:37:36,879 But that was 1063 00:37:36,880 --> 00:37:39,069 only able to go so far. 1064 00:37:39,070 --> 00:37:41,379 So in order to open 1065 00:37:41,380 --> 00:37:43,509 a new mode, we had to do it 1066 00:37:43,510 --> 00:37:45,099 just like any other console. 1067 00:37:45,100 --> 00:37:47,199 That is by treating it as a 1068 00:37:47,200 --> 00:37:48,200 black box. 1069 00:37:51,490 --> 00:37:53,889 So how how do you have 1070 00:37:53,890 --> 00:37:55,569 any embedded device? 1071 00:37:55,570 --> 00:37:57,729 Well, any large 1072 00:37:57,730 --> 00:37:59,259 embedded device with the user interface, 1073 00:37:59,260 --> 00:38:01,359 that's vaguely modern? Well, you go after 1074 00:38:01,360 --> 00:38:03,939 the Web browser because 1075 00:38:03,940 --> 00:38:04,940 just about. 1076 00:38:11,580 --> 00:38:13,739 You know, just about just about 1077 00:38:13,740 --> 00:38:15,829 everything uses Web kit, Web kit is 1078 00:38:15,830 --> 00:38:18,219 legal, they have to provide the source. 1079 00:38:18,220 --> 00:38:19,860 You can go get the source. 1080 00:38:21,960 --> 00:38:24,089 It's not like we care very much usually 1081 00:38:24,090 --> 00:38:25,529 about what's actually in the source. 1082 00:38:25,530 --> 00:38:27,869 It's usually almost identical to the 1083 00:38:27,870 --> 00:38:28,859 some version of this van. 1084 00:38:28,860 --> 00:38:30,779 But we can look at the changelog and see, 1085 00:38:30,780 --> 00:38:32,489 well, how old is this? 1086 00:38:32,490 --> 00:38:34,619 And because Web kit 1087 00:38:34,620 --> 00:38:37,259 has vulnerabilities fixed constantly. 1088 00:38:37,260 --> 00:38:39,509 So if it's old and four embedded 1089 00:38:39,510 --> 00:38:40,559 devices often is, 1090 00:38:41,790 --> 00:38:43,480 we have a huge menu to select from. 1091 00:38:44,760 --> 00:38:47,099 So the last changelog 1092 00:38:47,100 --> 00:38:49,169 entry from the open source version of 1093 00:38:49,170 --> 00:38:50,170 Web kit. 1094 00:38:51,270 --> 00:38:53,399 As for the release that was 1095 00:38:53,400 --> 00:38:56,519 current last year at the end of 2012 1096 00:38:56,520 --> 00:38:58,919 is from 2011 1097 00:39:00,840 --> 00:39:03,089 October. So it's a year out of date 1098 00:39:05,800 --> 00:39:07,109 theory. There should be a lot of 1099 00:39:07,110 --> 00:39:08,110 vulnerabilities. 1100 00:39:09,480 --> 00:39:11,489 So how do we actually find these old 1101 00:39:11,490 --> 00:39:13,139 bugs? A lot of them are reported, but 1102 00:39:13,140 --> 00:39:15,360 they're also kept secret, 1103 00:39:16,740 --> 00:39:17,909 in fact. 1104 00:39:17,910 --> 00:39:20,099 Well, with some other projects, once 1105 00:39:20,100 --> 00:39:22,349 the bugs are old enough, 1106 00:39:22,350 --> 00:39:24,179 they get protected. 1107 00:39:24,180 --> 00:39:26,279 The public can view them. 1108 00:39:26,280 --> 00:39:28,339 Web kit, that doesn't seem to happen. 1109 00:39:28,340 --> 00:39:30,479 It's still all those old bugs are still 1110 00:39:30,480 --> 00:39:31,480 restricted. 1111 00:39:32,250 --> 00:39:34,709 But the bug numbers are mentioned 1112 00:39:34,710 --> 00:39:35,790 in Svenne comments 1113 00:39:37,650 --> 00:39:40,199 with unit tests for what used to crash. 1114 00:39:48,240 --> 00:39:49,739 Oh, what do I do? 1115 00:39:49,740 --> 00:39:51,730 I prefer to be oh, 1116 00:39:53,840 --> 00:39:54,929 no, you know, 1117 00:39:57,560 --> 00:40:00,069 OK, so all we have to do is 1118 00:40:00,070 --> 00:40:02,349 grab the SUV and log for bugs 1119 00:40:02,350 --> 00:40:04,179 and we try to view all these bugs and the 1120 00:40:04,180 --> 00:40:05,709 bug tracker and which ones are we not 1121 00:40:05,710 --> 00:40:06,819 authorized to see? Those are the 1122 00:40:06,820 --> 00:40:07,820 interesting ones, 1123 00:40:09,540 --> 00:40:11,259 not a new idea. A lot of people are doing 1124 00:40:11,260 --> 00:40:13,359 this, but it's the first time I've 1125 00:40:13,360 --> 00:40:14,360 done it. 1126 00:40:15,700 --> 00:40:18,349 So tuned in to credit they did recently. 1127 00:40:18,350 --> 00:40:19,930 A few months ago, they updated Web 1128 00:40:21,910 --> 00:40:24,370 to a version as of late 2012. 1129 00:40:25,750 --> 00:40:27,819 So now it's now it's well, it's about 1130 00:40:27,820 --> 00:40:29,739 the same amount of data as it used to be. 1131 00:40:32,040 --> 00:40:34,779 Now, that doesn't mean that exploitation 1132 00:40:34,780 --> 00:40:37,329 is necessarily easy, because 1133 00:40:37,330 --> 00:40:39,429 we don't have there are a lot 1134 00:40:39,430 --> 00:40:40,599 of things we don't have. We don't have 1135 00:40:40,600 --> 00:40:42,459 crash logs, for one thing, some with some 1136 00:40:42,460 --> 00:40:44,559 platforms. In fact, a surprising number 1137 00:40:44,560 --> 00:40:46,659 does give you the cross leg and 1138 00:40:46,660 --> 00:40:48,249 then you can sort of see what's going on. 1139 00:40:48,250 --> 00:40:49,250 We don't have that 1140 00:40:50,740 --> 00:40:52,989 structure and vegetable layout. 1141 00:40:52,990 --> 00:40:54,639 We don't really know anything about the 1142 00:40:54,640 --> 00:40:55,149 compiler. 1143 00:40:55,150 --> 00:40:56,589 We might be able to find out. 1144 00:40:56,590 --> 00:40:58,659 And there's some amount that you can get 1145 00:40:58,660 --> 00:41:00,339 from the source code, but it's still 1146 00:41:00,340 --> 00:41:01,719 limited. Like if you have a use after 1147 00:41:01,720 --> 00:41:02,949 free, you're often going to want to 1148 00:41:02,950 --> 00:41:05,199 overlap the one V table 1149 00:41:05,200 --> 00:41:07,389 with another and like the wrong function 1150 00:41:07,390 --> 00:41:09,249 will be called. But we don't really know 1151 00:41:09,250 --> 00:41:10,749 what's going to happen there. 1152 00:41:10,750 --> 00:41:11,949 We don't know about the allocator. 1153 00:41:11,950 --> 00:41:13,300 So for use after free. 1154 00:41:16,010 --> 00:41:18,389 That the behavior of the heap depends 1155 00:41:18,390 --> 00:41:20,219 on the precise algorithms used by the 1156 00:41:20,220 --> 00:41:22,469 allocator, but we don't know about 1157 00:41:22,470 --> 00:41:23,470 that. 1158 00:41:23,910 --> 00:41:26,039 So although it's certainly possible, 1159 00:41:26,040 --> 00:41:27,040 I mean, once 1160 00:41:28,230 --> 00:41:30,479 once they used an old 1161 00:41:30,480 --> 00:41:32,309 Web conversion, they pretty much Nintendo 1162 00:41:32,310 --> 00:41:33,869 pretty much guaranteed that we were going 1163 00:41:33,870 --> 00:41:35,399 to get code execution this way 1164 00:41:35,400 --> 00:41:37,679 eventually. And you could consider 1165 00:41:37,680 --> 00:41:38,940 this a serious 1166 00:41:40,410 --> 00:41:41,729 flaw. 1167 00:41:41,730 --> 00:41:43,979 I mean, a serious 1168 00:41:43,980 --> 00:41:46,469 lapse in security, even if Web kid 1169 00:41:46,470 --> 00:41:47,459 is going to be vulnerabilities 1170 00:41:47,460 --> 00:41:49,739 eventually. But by making it easy to find 1171 00:41:49,740 --> 00:41:51,509 old vulnerabilities, you're pretty much 1172 00:41:51,510 --> 00:41:53,729 guaranteeing that code execution 1173 00:41:53,730 --> 00:41:54,730 is going to be achieved 1174 00:41:57,120 --> 00:41:58,109 pretty soon. 1175 00:41:58,110 --> 00:42:00,299 Now in a good, well designed security 1176 00:42:00,300 --> 00:42:01,919 system, whether the Wii U counts is 1177 00:42:01,920 --> 00:42:04,499 debatable, but there's many 1178 00:42:04,500 --> 00:42:06,149 layers of security and just compromising 1179 00:42:06,150 --> 00:42:07,889 the Web browser isn't going to give you 1180 00:42:07,890 --> 00:42:09,479 that much, but still going to give you 1181 00:42:09,480 --> 00:42:11,759 infinitely more than just poking 1182 00:42:11,760 --> 00:42:13,169 at the user interface. 1183 00:42:13,170 --> 00:42:15,299 So you really should try to make this as 1184 00:42:15,300 --> 00:42:16,769 hard as possible. 1185 00:42:16,770 --> 00:42:17,770 And they didn't. 1186 00:42:18,900 --> 00:42:20,519 But anyway, I was saying 1187 00:42:21,690 --> 00:42:24,089 there are many bugs to choose from and 1188 00:42:24,090 --> 00:42:26,219 there are plenty of hard use after fees 1189 00:42:26,220 --> 00:42:27,149 and overflows and all this. 1190 00:42:27,150 --> 00:42:29,159 But I found a nice heap overflow that let 1191 00:42:29,160 --> 00:42:31,589 me override a pointer to 1192 00:42:31,590 --> 00:42:33,539 an array buffer view or something and 1193 00:42:33,540 --> 00:42:35,669 then let me specify an arbitrary address 1194 00:42:35,670 --> 00:42:37,319 and I could dump memory. 1195 00:42:37,320 --> 00:42:39,479 And then we got to look at 1196 00:42:39,480 --> 00:42:41,789 the Cafe OS and IDA 1197 00:42:41,790 --> 00:42:44,279 and Giant database found because Ida 1198 00:42:44,280 --> 00:42:45,510 has giant database files 1199 00:42:46,590 --> 00:42:48,179 and allemande. 1200 00:42:48,180 --> 00:42:49,889 It was a dump of all the modules loaded 1201 00:42:49,890 --> 00:42:51,030 into memory at the time. 1202 00:42:52,050 --> 00:42:54,359 So how is it compared to the old WI 1203 00:42:54,360 --> 00:42:56,429 OS? Well, this has been partially covered 1204 00:42:56,430 --> 00:42:58,619 earlier, as I said, 1205 00:42:58,620 --> 00:43:00,209 no longer running on bare metal on the 1206 00:43:00,210 --> 00:43:01,409 PowerPC. 1207 00:43:01,410 --> 00:43:03,659 This is it's running under a kernel. 1208 00:43:03,660 --> 00:43:06,239 This is necessary for one thing, for 1209 00:43:06,240 --> 00:43:08,219 processor isolation that we can actually 1210 00:43:08,220 --> 00:43:10,109 run multiple things, multiple 1211 00:43:10,110 --> 00:43:11,579 applications like you can run the Web 1212 00:43:11,580 --> 00:43:13,859 browser while a game is on. 1213 00:43:15,390 --> 00:43:17,579 Another reason to do this is that there 1214 00:43:17,580 --> 00:43:19,799 is kernel enforced, no execute or 1215 00:43:19,800 --> 00:43:21,209 data execution prevention. 1216 00:43:22,800 --> 00:43:24,569 So on the we everything was just read, 1217 00:43:24,570 --> 00:43:26,730 write, execute on the we, you 1218 00:43:27,900 --> 00:43:30,509 not only is 1219 00:43:30,510 --> 00:43:32,699 non code not executable, 1220 00:43:32,700 --> 00:43:34,949 you can jump to it, but the kernel 1221 00:43:34,950 --> 00:43:36,359 enforces that. So you can't just say, 1222 00:43:36,360 --> 00:43:37,799 hey, here's some memory, I want to 1223 00:43:37,800 --> 00:43:39,479 protect it. Proteaceae. 1224 00:43:39,480 --> 00:43:40,559 No, it won't let you do that 1225 00:43:42,120 --> 00:43:44,009 with a special exception for the Web 1226 00:43:44,010 --> 00:43:45,010 browser. 1227 00:43:49,480 --> 00:43:52,119 This interesting policy 1228 00:43:52,120 --> 00:43:54,090 is shared with the iPhone, 1229 00:43:55,720 --> 00:43:57,999 it is this way because Web browsers 1230 00:43:58,000 --> 00:44:00,489 need git's to run fast and 1231 00:44:00,490 --> 00:44:01,869 for you need to run code. 1232 00:44:01,870 --> 00:44:03,249 And so there needs to be a way to do 1233 00:44:03,250 --> 00:44:04,250 that. 1234 00:44:04,570 --> 00:44:07,209 But it's somewhat paradoxical. 1235 00:44:07,210 --> 00:44:09,459 So downsides 1236 00:44:09,460 --> 00:44:11,259 or missing things? 1237 00:44:11,260 --> 00:44:13,609 No, ASALA, it's 2012 1238 00:44:13,610 --> 00:44:15,499 was when he was released and there's no 1239 00:44:15,500 --> 00:44:16,500 asala. 1240 00:44:17,750 --> 00:44:20,619 There are also lots of bugs 1241 00:44:20,620 --> 00:44:22,299 on a cursory examination. 1242 00:44:22,300 --> 00:44:24,429 It seems to be there are a lot there 1243 00:44:24,430 --> 00:44:26,229 turned out to be a lot of bugs in various 1244 00:44:26,230 --> 00:44:27,729 levels. The operating system, they this 1245 00:44:27,730 --> 00:44:29,769 isn't exactly a security measure like 1246 00:44:29,770 --> 00:44:31,809 some kind of mitigation, but it means 1247 00:44:31,810 --> 00:44:33,879 that it wasn't carefully audited 1248 00:44:33,880 --> 00:44:36,099 and that could be considered very 1249 00:44:36,100 --> 00:44:37,509 important mitigation. 1250 00:44:37,510 --> 00:44:39,669 So in general, this reminds 1251 00:44:39,670 --> 00:44:42,189 me of like last generation 1252 00:44:42,190 --> 00:44:44,439 of consoles, like the Wii U is in some 1253 00:44:44,440 --> 00:44:46,719 other ways, like the PS3 also 1254 00:44:46,720 --> 00:44:49,239 had no execute and it had 1255 00:44:49,240 --> 00:44:50,119 no arsala. 1256 00:44:50,120 --> 00:44:52,239 But I think 1257 00:44:52,240 --> 00:44:54,189 that the newer ones are better on that. 1258 00:44:54,190 --> 00:44:56,259 So unfortunately not 1259 00:44:56,260 --> 00:44:58,629 this one. So another interesting 1260 00:44:58,630 --> 00:45:00,999 feature, not exactly a security measure, 1261 00:45:01,000 --> 00:45:03,219 but as 1262 00:45:03,220 --> 00:45:05,319 previously mentioned, the 1263 00:45:05,320 --> 00:45:07,539 Cafe OS uses dynamic linking 1264 00:45:07,540 --> 00:45:08,540 for everything 1265 00:45:09,700 --> 00:45:11,829 that we use to static, linking up 1266 00:45:11,830 --> 00:45:13,899 everything, the whole SDK into every 1267 00:45:13,900 --> 00:45:15,610 game, plug it into memory. 1268 00:45:16,780 --> 00:45:18,579 This feels more like a real system. 1269 00:45:18,580 --> 00:45:20,919 In fact, it almost uses lf the 1270 00:45:20,920 --> 00:45:23,020 the the binaries look like elfs, 1271 00:45:24,490 --> 00:45:26,109 except there are some gratuitous 1272 00:45:26,110 --> 00:45:28,569 differences, like the sections 1273 00:45:28,570 --> 00:45:30,309 are compressed with some custom thing in 1274 00:45:30,310 --> 00:45:31,849 the simple tables are all different and 1275 00:45:31,850 --> 00:45:33,849 it's changed to be sort of more like the 1276 00:45:33,850 --> 00:45:35,979 windows linking model for some reason. 1277 00:45:35,980 --> 00:45:38,079 And it's all different, but 1278 00:45:38,080 --> 00:45:39,189 it's close enough. 1279 00:45:39,190 --> 00:45:40,510 So I guess they get credit for that. 1280 00:45:44,500 --> 00:45:46,629 So the benefits are function, 1281 00:45:46,630 --> 00:45:48,999 names are visible for reverse 1282 00:45:49,000 --> 00:45:51,219 engineering with the weed, there is some 1283 00:45:51,220 --> 00:45:52,719 leaks of function names and some weird 1284 00:45:52,720 --> 00:45:54,429 cases, like some symbol map going onto a 1285 00:45:54,430 --> 00:45:56,529 disk once and but 1286 00:45:56,530 --> 00:45:58,179 those were closed and those were out of 1287 00:45:58,180 --> 00:45:59,079 date for the week. 1288 00:45:59,080 --> 00:46:00,459 There just always going to be function 1289 00:46:00,460 --> 00:46:02,499 names visible, always useful whenever you 1290 00:46:02,500 --> 00:46:04,989 need them, separated, 1291 00:46:04,990 --> 00:46:06,709 functionally separated by library. 1292 00:46:06,710 --> 00:46:08,799 So you can sort of see what does what 1293 00:46:08,800 --> 00:46:11,259 and if this is a bit of a historical 1294 00:46:11,260 --> 00:46:14,049 note. But I'll be quick lib 1295 00:46:14,050 --> 00:46:16,629 for the way there was eventually 1296 00:46:16,630 --> 00:46:17,529 a port of Linux. 1297 00:46:17,530 --> 00:46:19,779 But since that didn't run very 1298 00:46:19,780 --> 00:46:21,609 well, since there wasn't very much memory 1299 00:46:21,610 --> 00:46:23,799 on the weekend, most people 1300 00:46:23,800 --> 00:46:25,989 just use Libonati, which is a custom 1301 00:46:25,990 --> 00:46:28,059 library, which sort of did the same thing 1302 00:46:28,060 --> 00:46:30,099 as the STK. But unfortunately, it didn't 1303 00:46:30,100 --> 00:46:32,319 only do the same thing as the K, 1304 00:46:32,320 --> 00:46:34,479 it meant many of the functions were just 1305 00:46:34,480 --> 00:46:36,189 lifted straight from the SDK, like 1306 00:46:36,190 --> 00:46:38,289 manually translated from assembly to C, 1307 00:46:39,460 --> 00:46:40,839 and there are eventually worries that 1308 00:46:40,840 --> 00:46:42,579 this would be a copyright violation. 1309 00:46:44,440 --> 00:46:46,509 It's hard because you have these random 1310 00:46:46,510 --> 00:46:47,439 register rights. 1311 00:46:47,440 --> 00:46:48,669 You can try to figure out what they can 1312 00:46:48,670 --> 00:46:51,009 do, what they actually do, and maybe 1313 00:46:51,010 --> 00:46:52,599 have some nice functionality or you can 1314 00:46:52,600 --> 00:46:53,859 just copy them and there are a lot of 1315 00:46:53,860 --> 00:46:55,089 them anyway. 1316 00:46:55,090 --> 00:46:57,010 This avoids the need for that 1317 00:46:59,110 --> 00:47:00,219 anyway. 1318 00:47:00,220 --> 00:47:02,289 So while 1319 00:47:02,290 --> 00:47:04,749 Marken was doing all the stuff with 1320 00:47:04,750 --> 00:47:06,099 reset that he mentioned, 1321 00:47:07,420 --> 00:47:09,070 because once he got the keys, 1322 00:47:10,510 --> 00:47:12,789 it was possible the keys he dumped 1323 00:47:12,790 --> 00:47:14,649 included both the virtual we in the new 1324 00:47:14,650 --> 00:47:16,119 mode keys for the PowerPC. 1325 00:47:19,960 --> 00:47:22,269 So since it was pretty 1326 00:47:22,270 --> 00:47:24,549 easy to end up reading data 1327 00:47:24,550 --> 00:47:26,649 from the file system, that meant that I 1328 00:47:26,650 --> 00:47:27,999 would have been able to use that 1329 00:47:28,000 --> 00:47:30,159 potentially to get 1330 00:47:30,160 --> 00:47:33,129 to decrypt the PowerPC kernel 1331 00:47:33,130 --> 00:47:35,379 and be able to see what's in it 1332 00:47:35,380 --> 00:47:37,659 and find vulnerabilities, white box 1333 00:47:37,660 --> 00:47:38,660 or than black box. 1334 00:47:39,790 --> 00:47:41,199 But I didn't know this was going to 1335 00:47:41,200 --> 00:47:43,110 succeed if it hadn't been done. 1336 00:47:44,440 --> 00:47:46,599 So I decided 1337 00:47:46,600 --> 00:47:48,669 to try to dump it 1338 00:47:48,670 --> 00:47:50,290 with a blind exploitation. 1339 00:47:52,120 --> 00:47:54,339 So, you know, pretty basic stuff. 1340 00:47:54,340 --> 00:47:56,229 I tried to pass a bunch of test calls, 1341 00:47:56,230 --> 00:47:58,089 the take addresses and do something with 1342 00:47:58,090 --> 00:47:59,409 them. Memory addresses. 1343 00:47:59,410 --> 00:48:01,479 I tried to pass invalid addresses and see 1344 00:48:01,480 --> 00:48:02,480 what they do. 1345 00:48:04,610 --> 00:48:06,249 Most of them, they just returned errors 1346 00:48:06,250 --> 00:48:07,759 or did something predictable. 1347 00:48:07,760 --> 00:48:08,989 One of them froze 1348 00:48:10,760 --> 00:48:12,739 some Andres's works that were not 1349 00:48:12,740 --> 00:48:15,259 accessible normally and 1350 00:48:15,260 --> 00:48:17,419 basically it was a 1351 00:48:17,420 --> 00:48:19,219 straight read from the colonel, took the 1352 00:48:19,220 --> 00:48:21,169 pointer and read it without doing any 1353 00:48:21,170 --> 00:48:23,269 kind of check, printed it to a 1354 00:48:23,270 --> 00:48:25,279 log. You could get the log with some 1355 00:48:25,280 --> 00:48:26,449 other way to do it. 1356 00:48:27,590 --> 00:48:29,809 So I printed one bite at a time, 1357 00:48:29,810 --> 00:48:32,059 check the log, and very slowly dumped 1358 00:48:32,060 --> 00:48:34,399 whatever kind of data from Colonel Space 1359 00:48:34,400 --> 00:48:35,899 than I wanted. 1360 00:48:35,900 --> 00:48:37,699 But data and context, 1361 00:48:39,560 --> 00:48:41,779 no matter where I tried and I 1362 00:48:41,780 --> 00:48:43,130 could not get any text. 1363 00:48:46,750 --> 00:48:48,399 And there's a reason for that. 1364 00:48:48,400 --> 00:48:49,809 As previously mentioned, there's both 1365 00:48:49,810 --> 00:48:51,549 stables and blockaders translation, but 1366 00:48:51,550 --> 00:48:52,550 interestingly, 1367 00:48:54,250 --> 00:48:56,319 the bat registers are completely separate 1368 00:48:56,320 --> 00:48:58,179 for instruction and data. 1369 00:48:58,180 --> 00:48:59,739 They're just separate registers. 1370 00:48:59,740 --> 00:49:01,479 This is use of one thing. 1371 00:49:01,480 --> 00:49:03,429 It's usually used to implement or execute 1372 00:49:03,430 --> 00:49:05,739 for these memory because 1373 00:49:05,740 --> 00:49:07,749 you can just put it in a data bat, but 1374 00:49:07,750 --> 00:49:10,179 not an instruction bat, and then 1375 00:49:10,180 --> 00:49:11,709 it'll only be able to read it with the 1376 00:49:11,710 --> 00:49:12,729 data fetch. 1377 00:49:12,730 --> 00:49:14,559 But the colonel did the opposite. 1378 00:49:14,560 --> 00:49:16,779 It only mapped it in instruction based 1379 00:49:16,780 --> 00:49:17,739 not on a date about. 1380 00:49:17,740 --> 00:49:20,349 So if you try to read from this memory 1381 00:49:20,350 --> 00:49:21,969 with some load instruction, it won't do 1382 00:49:21,970 --> 00:49:22,929 anything. 1383 00:49:22,930 --> 00:49:24,399 That means you can't have any data in 1384 00:49:24,400 --> 00:49:27,279 text, which a lot of 1385 00:49:27,280 --> 00:49:29,529 other systems use for various things. 1386 00:49:29,530 --> 00:49:31,599 But it means that it's pretty interesting 1387 00:49:31,600 --> 00:49:33,009 security measure because you can still 1388 00:49:33,010 --> 00:49:34,960 run it fine. You just can't dump it 1389 00:49:36,790 --> 00:49:38,709 on. The one thing is that I'm not quite 1390 00:49:38,710 --> 00:49:40,509 sure whether it was intended as security 1391 00:49:40,510 --> 00:49:41,859 or just because they were running out of 1392 00:49:41,860 --> 00:49:43,809 bat registers, but. 1393 00:49:45,720 --> 00:49:47,849 Well, that wasn't enough, though, it was 1394 00:49:47,850 --> 00:49:50,009 nice, but eventually I was able to 1395 00:49:50,010 --> 00:49:51,719 find a way to write data and then I was 1396 00:49:51,720 --> 00:49:53,909 able to do some DMA thing to dump 1397 00:49:53,910 --> 00:49:56,159 the the kernel 1398 00:49:56,160 --> 00:49:58,779 and get all this nice stuff 1399 00:49:58,780 --> 00:49:59,949 in order. 1400 00:49:59,950 --> 00:50:02,459 This was useful for a few hours, I think 1401 00:50:02,460 --> 00:50:04,379 about that. And then Markand showed up on 1402 00:50:04,380 --> 00:50:06,809 Aracy saying, oh, I got the key and 1403 00:50:06,810 --> 00:50:09,029 then the whole thing became useless, but 1404 00:50:09,030 --> 00:50:10,589 well it was fun. 1405 00:50:13,200 --> 00:50:15,419 All right. So quickly about iOS, which 1406 00:50:15,420 --> 00:50:16,919 as you mentioned, is running on the arm 1407 00:50:16,920 --> 00:50:19,379 processor, which incidentally 1408 00:50:19,380 --> 00:50:21,299 makes it automatically five times easier 1409 00:50:21,300 --> 00:50:23,669 to reverse engineer because x rays works 1410 00:50:23,670 --> 00:50:24,659 on ARM. 1411 00:50:24,660 --> 00:50:26,099 I'm not sure whether that's a good thing 1412 00:50:26,100 --> 00:50:27,100 or a bad thing. 1413 00:50:28,950 --> 00:50:31,229 So I tried to blindly 1414 00:50:31,230 --> 00:50:32,619 exploit the IO as usual. 1415 00:50:32,620 --> 00:50:34,589 And I always exposes like it did on the 1416 00:50:34,590 --> 00:50:36,809 we as sort of active 1417 00:50:36,810 --> 00:50:39,239 Unix like interface with like IO 1418 00:50:39,240 --> 00:50:41,399 control calls and something like 1419 00:50:41,400 --> 00:50:43,619 that. Um, I 1420 00:50:43,620 --> 00:50:44,789 managed to do something. 1421 00:50:44,790 --> 00:50:46,889 I got some romp fun 1422 00:50:46,890 --> 00:50:48,179 stuff. From there. 1423 00:50:48,180 --> 00:50:49,739 I tried to exploit a different module 1424 00:50:49,740 --> 00:50:52,169 that was only accessible from that 1425 00:50:52,170 --> 00:50:53,639 from within iOS. 1426 00:50:55,440 --> 00:50:58,079 And then I did some 1427 00:50:58,080 --> 00:50:59,969 random call to some 1428 00:51:01,140 --> 00:51:04,289 IO control in the crypto module 1429 00:51:04,290 --> 00:51:05,999 and then we wouldn't turn on. 1430 00:51:08,040 --> 00:51:09,040 You know, 1431 00:51:10,470 --> 00:51:12,689 I wasn't expecting that it was 1432 00:51:12,690 --> 00:51:14,759 stay away from like NAND 1433 00:51:14,760 --> 00:51:16,919 writing any kind of that, but 1434 00:51:16,920 --> 00:51:18,569 just oops. 1435 00:51:18,570 --> 00:51:19,670 Giesbrecht sorry. 1436 00:51:22,560 --> 00:51:24,659 So I had to sit out 1437 00:51:24,660 --> 00:51:26,010 for a while, but 1438 00:51:27,060 --> 00:51:28,919 still I borrowed someone else's WiiU and 1439 00:51:28,920 --> 00:51:31,109 promised very much not to try 1440 00:51:31,110 --> 00:51:32,159 anything like that again. 1441 00:51:35,740 --> 00:51:37,959 But eventually I 1442 00:51:37,960 --> 00:51:41,199 was able to exploit the colonel 1443 00:51:41,200 --> 00:51:43,359 and once we got code running 1444 00:51:43,360 --> 00:51:45,009 in the Iowas colonel, we were able to 1445 00:51:45,010 --> 00:51:47,139 dump the OTP or almost all of 1446 00:51:47,140 --> 00:51:48,999 it, which contains a bunch of different 1447 00:51:49,000 --> 00:51:51,009 things, including the common key, which 1448 00:51:51,010 --> 00:51:53,049 is the key needed to decrypt what you can 1449 00:51:53,050 --> 00:51:54,099 download from the Internet 1450 00:51:55,180 --> 00:51:57,309 into what goes 1451 00:51:57,310 --> 00:51:58,809 on the file system. 1452 00:51:58,810 --> 00:52:01,719 So now there's no need to like 1453 00:52:01,720 --> 00:52:03,159 anything on the PowerPC or anything. 1454 00:52:03,160 --> 00:52:04,359 It's not separately encrypted. 1455 00:52:04,360 --> 00:52:05,469 You can just download it 1456 00:52:07,120 --> 00:52:09,489 and also the virtual WI because 1457 00:52:09,490 --> 00:52:11,379 all the updating and downloading for the 1458 00:52:11,380 --> 00:52:13,629 virtual we actually happens and we human 1459 00:52:13,630 --> 00:52:15,729 and the Starbuck 1460 00:52:15,730 --> 00:52:17,289 and Kasky. 1461 00:52:17,290 --> 00:52:19,419 So that's pretty 1462 00:52:19,420 --> 00:52:21,789 much everything except for one 1463 00:52:21,790 --> 00:52:22,790 thing. 1464 00:52:34,140 --> 00:52:36,209 So there's one thing missing here, 1465 00:52:36,210 --> 00:52:38,279 so we mentioned that the OTP, we want to 1466 00:52:38,280 --> 00:52:40,139 donate most of the OTP, but not all. 1467 00:52:40,140 --> 00:52:41,759 There is a booth, one encryption key used 1468 00:52:41,760 --> 00:52:43,589 by Booth Zero to decrypt booth, one 1469 00:52:43,590 --> 00:52:45,989 that's disabled permanently separately 1470 00:52:45,990 --> 00:52:47,219 early in the booth process. 1471 00:52:48,450 --> 00:52:50,759 And there's no way to get it back. 1472 00:52:50,760 --> 00:52:52,649 We haven't found a way to get this key 1473 00:52:52,650 --> 00:52:54,299 yet. So we're trying some really cool 1474 00:52:54,300 --> 00:52:56,579 stuff, some side channel attacks. 1475 00:52:56,580 --> 00:52:57,629 Expect to hear from us if we are 1476 00:52:57,630 --> 00:52:59,729 successful, but so far we don't 1477 00:52:59,730 --> 00:53:00,730 have it. 1478 00:53:01,560 --> 00:53:03,449 What about other approaches we don't care 1479 00:53:03,450 --> 00:53:04,469 about? We use software. 1480 00:53:04,470 --> 00:53:06,329 All we want is access to the hardware for 1481 00:53:06,330 --> 00:53:07,409 homebrew. 1482 00:53:07,410 --> 00:53:08,759 So the question is, can we escape the 1483 00:53:08,760 --> 00:53:10,679 virtual sandbox and go back and enable 1484 00:53:10,680 --> 00:53:12,570 WiiU hardware so we can use it? 1485 00:53:13,920 --> 00:53:15,899 So this takes us to cafe to Week Cafe to 1486 00:53:15,900 --> 00:53:18,329 we as the name of the we use Tarbuck code 1487 00:53:18,330 --> 00:53:20,459 that switches to virtual remote. 1488 00:53:20,460 --> 00:53:21,929 It contains interesting low level code. 1489 00:53:21,930 --> 00:53:24,299 It's really cool because it doesn't 1490 00:53:24,300 --> 00:53:26,699 have iOS, it doesn't have a kernel, it's 1491 00:53:26,700 --> 00:53:28,529 just low level code. 1492 00:53:28,530 --> 00:53:30,089 It has all the modules it needs. 1493 00:53:30,090 --> 00:53:32,519 It's, you know, very dense and useful 1494 00:53:32,520 --> 00:53:34,619 information and code to reverse engineer 1495 00:53:34,620 --> 00:53:35,939 instead of a bunch of, like, system 1496 00:53:35,940 --> 00:53:37,649 called crap that we don't care about. 1497 00:53:37,650 --> 00:53:39,299 It tells us what we have to undo to go 1498 00:53:39,300 --> 00:53:41,399 from virtual we mode to you mode. 1499 00:53:41,400 --> 00:53:43,949 And now that we have the keys, the 1500 00:53:43,950 --> 00:53:46,049 We, You and Kasky and the Tucumán key, 1501 00:53:46,050 --> 00:53:47,540 we can just download it and decrypted. 1502 00:53:48,840 --> 00:53:50,519 But Nintendo had a holiday gift for us 1503 00:53:50,520 --> 00:53:52,679 last year when we did 1504 00:53:52,680 --> 00:53:54,719 this and gave it to me as an elf 1505 00:53:54,720 --> 00:53:56,849 executable of course 1506 00:53:56,850 --> 00:53:57,839 run file on it. 1507 00:53:57,840 --> 00:53:59,579 It's an executable, statically linked, 1508 00:53:59,580 --> 00:54:00,630 not stripped. 1509 00:54:06,390 --> 00:54:08,429 This is the only unstrapped binary that 1510 00:54:08,430 --> 00:54:10,439 I've found other than the Cafe OS 1511 00:54:10,440 --> 00:54:11,440 blinking stuff. 1512 00:54:12,310 --> 00:54:13,799 So, yeah, they left the symbols and they 1513 00:54:13,800 --> 00:54:15,809 left full dwarf debugging information, 1514 00:54:15,810 --> 00:54:17,280 including all the structures. 1515 00:54:23,940 --> 00:54:25,419 Plenty of strings, apparently, they call 1516 00:54:25,420 --> 00:54:27,629 them the thing that does the system 1517 00:54:27,630 --> 00:54:29,729 control and security stuff is called 1518 00:54:29,730 --> 00:54:32,429 MCP or someone like stron over there. 1519 00:54:32,430 --> 00:54:34,589 There's the Setu W section, which is 1520 00:54:34,590 --> 00:54:36,420 the capital. We main 1521 00:54:37,440 --> 00:54:38,999 the main file, the main object file 1522 00:54:39,000 --> 00:54:40,619 there. And there's a bunch of really cool 1523 00:54:40,620 --> 00:54:42,719 symbols, MCP hardware set, 1524 00:54:42,720 --> 00:54:45,089 HP compatibility mode said Ganpat mode 1525 00:54:45,090 --> 00:54:47,669 set mem one Campath mode sets Seasprite, 1526 00:54:47,670 --> 00:54:49,559 which is a really interesting register 1527 00:54:49,560 --> 00:54:51,659 launch. We ionis finalized Kafe, 1528 00:54:51,660 --> 00:54:53,009 which is the kind of the last thing that 1529 00:54:53,010 --> 00:54:55,169 happens before we we mode and 1530 00:54:55,170 --> 00:54:57,389 set espresso pll config GPO, 1531 00:54:57,390 --> 00:54:59,249 which is what presumably switches the 1532 00:54:59,250 --> 00:55:01,349 espresso frequency 1533 00:55:01,350 --> 00:55:04,079 multiplier and does the espresso speed 1534 00:55:04,080 --> 00:55:05,550 also. Apparently they use cygwin. 1535 00:55:09,730 --> 00:55:11,889 Unfortunately, this was a mixed bag. 1536 00:55:11,890 --> 00:55:13,629 The sandbox is a little bit leaky, we can 1537 00:55:13,630 --> 00:55:15,249 partially reconfigure the bus to a new 1538 00:55:15,250 --> 00:55:16,250 mode. 1539 00:55:16,660 --> 00:55:18,129 We can have enable the extra eight 1540 00:55:18,130 --> 00:55:19,179 megabytes of men one. 1541 00:55:19,180 --> 00:55:21,249 But it kind of breaks Starbuck at the 1542 00:55:21,250 --> 00:55:23,199 same time because the bus is messed up. 1543 00:55:23,200 --> 00:55:24,280 So it's not really useful. 1544 00:55:25,450 --> 00:55:26,949 It shows that it's there. But, you know, 1545 00:55:26,950 --> 00:55:29,229 it's not actually usable by homebrew. 1546 00:55:29,230 --> 00:55:30,549 And we can mess with some Gio's. 1547 00:55:30,550 --> 00:55:32,469 We can like change the fan speed and some 1548 00:55:32,470 --> 00:55:34,179 other miscellaneous crap. 1549 00:55:34,180 --> 00:55:35,649 But unfortunately, that's not enough. 1550 00:55:35,650 --> 00:55:37,329 Most of the new cool hardware, the new 1551 00:55:37,330 --> 00:55:39,399 GPU, separate USB controllers 1552 00:55:39,400 --> 00:55:40,869 that you talk to, the game pad, all that 1553 00:55:40,870 --> 00:55:43,059 fun stuff, that's all gated 1554 00:55:43,060 --> 00:55:44,889 and powered off and the registers that 1555 00:55:44,890 --> 00:55:47,019 you need to turn that back on seem to be 1556 00:55:47,020 --> 00:55:49,270 locked off by something called Seasprite, 1557 00:55:50,350 --> 00:55:52,059 which is one shot and cannot be reset as 1558 00:55:52,060 --> 00:55:53,799 far as we can tell. 1559 00:55:53,800 --> 00:55:55,149 So I actually tried flipping every bit 1560 00:55:55,150 --> 00:55:56,679 and every register in the whole area to 1561 00:55:56,680 --> 00:55:58,599 hope that something would let me, you 1562 00:55:58,600 --> 00:55:59,889 know, it would turn on in, let me change 1563 00:55:59,890 --> 00:56:01,899 things, but no dice. 1564 00:56:01,900 --> 00:56:03,549 So we tried, but unfortunately, that 1565 00:56:03,550 --> 00:56:05,349 won't work. It would be possible for 1566 00:56:05,350 --> 00:56:07,209 Nintendo to enable the homebrew sandbox 1567 00:56:07,210 --> 00:56:09,279 that, you know, turns off the Wii. 1568 00:56:09,280 --> 00:56:11,439 You say filesystem and security 1569 00:56:11,440 --> 00:56:14,529 and keys, but let's just use the hardware 1570 00:56:14,530 --> 00:56:15,829 while keeping their DRM safe. 1571 00:56:15,830 --> 00:56:17,619 This is kind of like other OS and it 1572 00:56:17,620 --> 00:56:19,149 would be better than other OS because 1573 00:56:19,150 --> 00:56:21,429 other OS depended on a 1574 00:56:21,430 --> 00:56:22,929 hypervisor, which is of course riddled 1575 00:56:22,930 --> 00:56:25,209 with bugs while this useless hardware 1576 00:56:25,210 --> 00:56:27,909 lockout's, which are fairly solid. 1577 00:56:27,910 --> 00:56:29,949 Unfortunately, Nintendo is not interested 1578 00:56:29,950 --> 00:56:32,079 in this as far as we 1579 00:56:32,080 --> 00:56:33,080 know anyway. 1580 00:56:34,150 --> 00:56:37,119 So we have a little bit of an epilog. 1581 00:56:37,120 --> 00:56:38,739 I wrote a blog post about this. 1582 00:56:40,780 --> 00:56:42,379 And so, you know, at this point we've 1583 00:56:42,380 --> 00:56:44,619 broken most of the security, but we 1584 00:56:44,620 --> 00:56:46,509 would remain at work to develop the open 1585 00:56:46,510 --> 00:56:48,579 frameworks. We need to write an SDK 1586 00:56:48,580 --> 00:56:50,260 or report Linux or something like that. 1587 00:56:51,430 --> 00:56:52,569 And we thought we were going to do this. 1588 00:56:52,570 --> 00:56:54,549 And then we kind of sat on it like maybe 1589 00:56:54,550 --> 00:56:55,570 tomorrow, maybe tomorrow. 1590 00:56:56,590 --> 00:56:58,509 No one seemed to be really interested in 1591 00:56:58,510 --> 00:56:59,510 it. 1592 00:56:59,680 --> 00:57:00,699 And the thing is, there's an internal 1593 00:57:00,700 --> 00:57:02,199 clash between the homebrew community and 1594 00:57:02,200 --> 00:57:03,729 those interested in pirating games. 1595 00:57:03,730 --> 00:57:05,019 Back in the day when the consoles were 1596 00:57:05,020 --> 00:57:06,339 simple, you just ran your own code and 1597 00:57:06,340 --> 00:57:07,629 started talking registers and it was all 1598 00:57:07,630 --> 00:57:08,889 good fun. 1599 00:57:08,890 --> 00:57:10,839 These days, you need a lot more code to 1600 00:57:10,840 --> 00:57:12,159 do. Interesting stuff. 1601 00:57:12,160 --> 00:57:14,199 Meanwhile, piracy, as you know, you patch 1602 00:57:14,200 --> 00:57:16,329 the function to load code from disk 1603 00:57:16,330 --> 00:57:18,309 and send it somewhere else and you can 1604 00:57:18,310 --> 00:57:20,379 pirate games. So piracy almost gets 1605 00:57:20,380 --> 00:57:22,449 easier with complex OS is gets 1606 00:57:22,450 --> 00:57:23,450 harder. 1607 00:57:24,910 --> 00:57:26,499 And this is kind of the conclusion that 1608 00:57:26,500 --> 00:57:28,569 we reached that it's possible that 1609 00:57:28,570 --> 00:57:29,859 it's the you know, the return on 1610 00:57:29,860 --> 00:57:31,599 investment isn't really worth it anymore 1611 00:57:31,600 --> 00:57:33,819 on on homebrew because it takes a lot 1612 00:57:33,820 --> 00:57:34,839 of work. 1613 00:57:34,840 --> 00:57:36,609 And meanwhile, you get to watch, you 1614 00:57:36,610 --> 00:57:38,659 know, people download games the moment to 1615 00:57:38,660 --> 00:57:40,599 get the code execution because, you know, 1616 00:57:40,600 --> 00:57:42,159 someone figures I don't look, you know, 1617 00:57:42,160 --> 00:57:42,999 DVD read. 1618 00:57:43,000 --> 00:57:44,859 How about I redirect that to flash read 1619 00:57:44,860 --> 00:57:46,629 or to USB Reed or something like that? 1620 00:57:46,630 --> 00:57:47,869 It's usually pretty stupid. 1621 00:57:47,870 --> 00:57:49,929 The PS3 loading stuff is like a 1622 00:57:49,930 --> 00:57:51,550 few bytes short function. 1623 00:57:52,720 --> 00:57:54,819 So, you know, with with the 1624 00:57:54,820 --> 00:57:56,109 Wii is really cool because everyone has a 1625 00:57:56,110 --> 00:57:58,839 Wii and it's got to be the TV. 1626 00:57:58,840 --> 00:58:00,609 Whether we you, you know, people have 1627 00:58:00,610 --> 00:58:02,709 smart TVs, the steam box 1628 00:58:02,710 --> 00:58:04,029 is coming out. There's a lot of more 1629 00:58:04,030 --> 00:58:05,709 open, easy to use devices that you can 1630 00:58:05,710 --> 00:58:07,209 hack. So this is kind of the question, 1631 00:58:07,210 --> 00:58:09,399 right? Is it worth to continue with this? 1632 00:58:09,400 --> 00:58:10,400 I don't know. 1633 00:58:12,160 --> 00:58:14,349 But what I do know is that we we 1634 00:58:14,350 --> 00:58:16,899 set out a challenge to tell people that, 1635 00:58:16,900 --> 00:58:19,269 you know, we wanted to gauge interest 1636 00:58:19,270 --> 00:58:21,099 and see if they could put Linux through 1637 00:58:21,100 --> 00:58:23,199 that three core espresso, which 1638 00:58:23,200 --> 00:58:25,869 we could enable with that really trivial 1639 00:58:25,870 --> 00:58:27,219 design flaw. 1640 00:58:27,220 --> 00:58:29,289 And that's for forty six pages 1641 00:58:29,290 --> 00:58:30,489 on this forum thread. 1642 00:58:31,870 --> 00:58:33,299 I mean, they're trying and they give 1643 00:58:33,300 --> 00:58:35,469 given a lot of credit for trying, but you 1644 00:58:35,470 --> 00:58:36,489 know that they don't have the kind of 1645 00:58:36,490 --> 00:58:38,589 people to to really pull this off 1646 00:58:38,590 --> 00:58:40,329 in a reasonable amount of time. 1647 00:58:40,330 --> 00:58:41,709 I haven't we haven't really seen, you 1648 00:58:41,710 --> 00:58:43,959 know, some part developer 1649 00:58:43,960 --> 00:58:45,639 or some, you know, old school homebred 1650 00:58:45,640 --> 00:58:47,379 say, you know, well, I'll I'll do this. 1651 00:58:47,380 --> 00:58:48,489 I'll I'll get this working. 1652 00:58:48,490 --> 00:58:50,559 And and, you know, I really want 1653 00:58:50,560 --> 00:58:51,750 to have with you homebrew. 1654 00:58:52,870 --> 00:58:53,969 So this is where we are today. 1655 00:58:55,240 --> 00:58:56,240 Thank you very much.