[Dorison Hugo] let us know about a project he just completed that not only mods Nintendo with more Nintendo, but highlights some of the challenges that come from having to work with and around existing hardware. The project is a Gamecube Dock for the Nintendo Switch, complete with working Gamecube controller ports. It looks like a Gamecube with a big slice out of it, into which the Nintendo Switch docks seamlessly. Not only that, but thanks to an embedded adapter, original Gamecube controllers can plug into the ports and work with the Switch. The original orange LED on the top of the Gamecube even lights up when the Switch is docked. It was made mostly with parts left over from other mods.
The interesting parts of this project are not just the attention to detail in the whole build, but the process [Dorison] used to get everything just right. Integrating existing hardware means accepting design constraints that are out of one’s control, such as the size and shape of circuit boards, length of wires, and often inconvenient locations of plugs and connectors. On top of it all, [Dorison] wanted this mod to be non-destructive and reversible with regards to the Nintendo Switch dock itself.
To accomplish that, the dock was modeled in CAD and 3D printed. The rest of the mods were all done using the 3D printed dock as a stand-in for the real unit. Since the finished unit won’t be painted or post-processed in any way, any scratches on both the expensive dock and the Gamecube case must be avoided. There’s a lot of under-cutting and patient sanding to get the cuts right as a result. The video (embedded below) steps through every part of the process. The final screws holding everything together had to go in at an odd angle, but in the end everything fit.
Polyglots, in computing terms, are files have multiple valid meanings. We’ve seen some amazing examples of polyglot files in releases of The International Journal of PoC||GTFO. One example: a PDF that is also a ZIP, HTML file, and BPG image.
[Vi Grey] was inspired by PoC||GTFO’s release of a PDF/ZIP/NES ROM hybrid file for issue 0x14. Using a different method, [Vi] created a file which is both an NES ROM and ZIP, where the full contents of the ZIP are stored in the NES ROM.
When PoC||GTFO created their NES ROM polyglot, they stuck most the information outside the bounds of the NES ROM. While the file is valid, you’d lose the ZIP archive if it was burnt to a cartridge.
[Vi]’s polyglot is different. Rip it from a real NES cartridge and you get a ZIP file. Unzip it, and you get the source. Compile that source, and you get a valid ZIP file containing the source. Burn that to a cartridge and… hopefully you grok the recursion at this point.
The source and scripts to mangle the polyglot together are up on Github.
Handheld game consoles have a hard life, and even the most well-built models can sometimes fail. The Nintendo 3DS XL, for example, can fail at its hinge, which is what happened to the one owned by [Mark]. Would he fix the hinge? No, he had a far simpler if a little less flexible solution, a 3D-printed bracket that clips over the whole device.
Sometimes the best pieces of work are also the simplest ones, and this one certainly fits that bill on both counts. When your console dies, you want it fixed, and though this doesn’t extend as far as providing a working hinge action it should allow you to play without further damaging anything. It’s not impossible to imagine that it could be made to incorporate a flexible zig-zag section to produce a closeable hinge, but if your Nintendo is broken you’ll care little for such niceties. The project can be downloaded from its Thingiverse page.
What’s the smallest controller you’ve ever used? [BitBuilt] forum user [Madmorda] picked up a cool little GameCube controller keychain with semi-working buttons at her local GameStop. As makers are wont to do, she figured she could turn it into a working controller and — well — the rest is history.
This miniaturized controller’s original buttons were essentially one piece of plastic and all the buttons would depress at once — same goes for the D-pad. Likewise, the original joystick and C-stick lacked springs and wouldn’t return to a neutral position after fidgeting with them. To get the ball rolling, [Madmorda] picked up a GC+ board — a custom GameCube controller board — just small enough to fit this project, eleven hard tact switches for the various buttons, and two squishy tact switches to replicate the original controller’s L and R button semi-analog, semi-digital functionality.
Over the years, Nintendo has had little trouble printing money with their various gaming systems. While they’ve had the odd misstep here and there since the original Nintendo Entertainment System was released in 1983, overall business has been good. But even for the company that essentially brought home video games to the mainstream, this last year has been pretty huge. The release of the Nintendo Switch has rocketed the Japanese gaming giant back into the limelight in a way they haven’t enjoyed in a number of years, and now they’re looking to keep that momentum going into 2018 with a killer new gaming accessory: a cardboard box.
Well, it doesn’t have to be a box, necessarily. But no matter which way you fold it, it’s definitely a piece of cardboard. Maybe a few bits of string here and there. This is the world of “Nintendo Labo”, a recently announced program which promises to let Switch owners create physical objects which they can interact with via specially designed software for the console.
The Labo creations demonstrated in the bombastic announcement video make clever use of the very unique Switch hardware. The removable Joy-Con controllers are generally still used as input devices, albeit in less traditional ways. Twisting and tilting the cardboard creations, which take varied forms such as a fishing rod or motorcycle handlebars, relays input to the appropriate game thanks to the accelerometers and gyroscopes they contain.
Many of the more complex contraptions rely on a less-known feature of the controller: the IR depth camera. By pointing the controller’s camera inside of the devices, the motion of internal components, likely helped along by IR-reflective tape, can be tracked in three dimensions. In the video, the internal construction of some of the devices looks downright intimidating.
Which leads into the natural question: “Who exactly is this for?”
Clearly some of the gadgets, not to mention the folded cardboard construction, are aimed at children, an age group Nintendo has never been ashamed to appeal to. But some of the more advanced devices and overall concept seems like it would play better with creative teens and adults looking to push the Switch in new directions.
Will users be empowered to create their own hardware, and by extension, associated software? Will hackers and makers be able to 3D print new input devices for the Switch using this platform? This is definitely something we’ll be keeping a close eye on as it gets closer to release in April.
The Nintendo VS. System was a coin-op arcade system based on the Nintendo Entertainment System (NES) hardware. By being so closely related to the home console, it made it easy to port games back and forth between the two. Being an arcade system, there was significant financial incentive to pirate the boards and games, and many years later such a pirate board landed on the desk of [kevtris], who decided to reverse engineer it for our viewing pleasure.
The board in question runs Super Mario Brothers, and rather than using actual Nintendo hardware it instead relies on a standard MOS 6502 to recreate all the functions of the of the original CPU. A Z80 is pressed into service to emulate the original audio hardware, too. With much of the functionality recreated in TTL logic chips, the board is power hungry, drawing a ridiculous 3 amps when powered up. We wonder as to the fire safety of such machines all crammed into a hot, sweaty arcade of yesteryear.
[kevtris] does a great job of reverse engineering the system, even providing a full PDF schematic for the bootleg board. An old SEGA controller is hand-wired into the board to provide both game controls and act as a coin switch to allow the game to be played.
We’d love to hear the story of how these machines actually came to be, and the design process involved, but for now that may remain one for the ages. Arcade piracy was something the big companies fought against for years, with varying success – and we’ve seen arcade DRM hacked before.
There’s a natural order to the world of game console hacking: every time a manufacturer releases a new game console they work in security measures that prevent the end user from running anything but commercially released games, and in turn every hacker worth his or her salt tries to break through. The end goal, despite what the manufacturers may have you believe, is not to run “bootleg” games, but rather to enable what is colloquially referred to as “homebrew”. That is to say, enabling the novel concept of actually running software of your choice on the hardware you paid for.
At 34C3, noted console hackers [Plutoo], [Derrek], and [Naehrwert] have demonstrated unsigned code running on Nintendo’s latest and greatest and while they are keeping the actual exploit to themselves for now, they’ve promised that a platform for launching homebrew is coming shortly for those who are on firmware version 3.0.0. From the sound of it, after 9 months on the market, Switch owners will finally have complete access to the hardware they purchased.
The key to running the team’s own code was through a WebKit exploit that was already months old by the time the Switch was released. Loading up an arbitrary webpage was the tricky part, as the Switch generally uses its web browser for accessing official sources (like the online game store). But hidden away in the help menus of Tetris, the developers helpfully put a link to their website which the Switch will dutifully open if you select it. From there it’s just a matter of network redirection to get the Switch loading a webpage from your computer rather than the Internet.
But as the more security-minded of our readers may have guessed already, that just gets you into the browser’s sandbox. The team now had to figure out a way to break out and get full control of the hardware. Through a series of clever hacks the team was able to learn more about the Switch’s internal layout and operating system, slowly working their way up the ladder.
A particularly interesting hack was used to get around a part of the Switch’s OS that is designed to check which services code is allowed to access. It turns out that if code doesn’t provide this function with its own process ID (PID), the system defaults to PID 0 because the variable is not initialized. In other words, if you don’t ask the operating system which functions you have access to, you will get access to them all. This is a classic programming mistake, and a developer at Nintendo HQ is likely getting a very stern talking to right about now.
But not everything was so easy. When trying to get access to the boot loader, the team sniffed the eMMC bus and timed the commands to determine when it was checking the encryption keys. They were then able to assemble a “glitcher” which fiddled with the CPU’s power using FPGA controlled MOFSETs during this critical time in an attempt to confuse the system.
The rabbit hole is pretty deep on this one, so we’d recommend you set aside an hour to watch the entire presentation to see the long road it took to go from a browser bug to running their first complete demo. It’s as much a testament to the skill of [Plutoo], [Derrek], and [Naehrwert] as it is the lengths at which Nintendo went to keep people out.