DOCSLIB.ORG

Master Thesis Master's Programme in Network Forensics, 60 Credits

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Master Thesis Master's Programme in Network Forensics, 60 Credits Master Thesis Master's Programme in Network Forensics, 60 credits Forensic Analysis of the Nintendo Switch Digital Forensics, 15 credits Halmstad 2020-06-06 Jelle van den Berg, Filip Lagerholm HALMSTAD UNIVERSITY Forensic Analysis of the Nintendo Switch Master Thesis Network Forensics June 2020 Authors Filip Lagerholm Jelle van den Berg Supervisor Ross Friel Examiner Stefan Axelsson i This page has intentionally been left blank ii Abstract In this thesis, we did a forensic analysis of a Nintendo Switch gaming console. It is both a portable and a stationary device, which makes it so that it could contain valuable information about the usage of the console at home and elsewhere. Multiple methods of data extraction were used, including using an exploit to obtain storage memory, extracting the contents of the SD card and capturing network traffic. The findings from the analysis of these data sources were compared to the information on the user interface. Any information that could not be found on the user interface was reported. The main findings of memory analysis were a detailed log file of user interactions, JSON files with personal information such as email addresses, and crash logs with information about the state of the console during the crash. The SD card mainly contains screenshots with embedded timestamps, and the network capture does not contain any forensically relevant information. The combination of these different types of information could make the Nintendo Switch a useful source of evidence during an investigation. Keywords: Nintendo Switch, forensic analysis, hardware vulnerability, network capture. iii This page has intentionally been left blank iv Table of Contents Introduction ............................................................................................................................................ 1 Background ......................................................................................................................................... 1 Purpose ............................................................................................................................................... 1 Problem ............................................................................................................................................... 2 Problematization ................................................................................................................................. 2 Limitations ........................................................................................................................................... 2 Literature Review .................................................................................................................................... 5 Related work ....................................................................................................................................... 5 Ways of extracting data ....................................................................................................................... 5 Manual extraction ........................................................................................................................... 5 Logical extraction ............................................................................................................................ 5 Hex Dumping / JTAG (Joint Test Action Group) ............................................................................... 6 Chip-off ............................................................................................................................................ 6 Micro read ....................................................................................................................................... 6 Fusée Gelée vulnerability .................................................................................................................... 6 Method .................................................................................................................................................... 7 Tools, software and hardware used .................................................................................................... 8 To be analysed ................................................................................................................................. 8 To perform the experiments ........................................................................................................... 8 For analysing the results .................................................................................................................. 9 Experiments ...................................................................................................................................... 10 1 – Network capture.......................................................................................................................... 10 Method .......................................................................................................................................... 11 Recording the data ........................................................................................................................ 11 Analysing the data ......................................................................................................................... 12 2 – NAND dump ................................................................................................................................. 12 Method .......................................................................................................................................... 12 Extracting the data ........................................................................................................................ 12 Analysing the data ......................................................................................................................... 14 Results ................................................................................................................................................... 15 Experiment 1 – Network capture ...................................................................................................... 15 Experiment 2 – NAND dump ............................................................................................................. 16 NAND ............................................................................................................................................. 16 0000000000000001 ...................................................................................................................... 17 8000000000000010 ...................................................................................................................... 17 v 80000000000000A1 & A2 ............................................................................................................. 18 80000000000000D1 ...................................................................................................................... 18 80000000000000F0 ...................................................................................................................... 19 8000000000001060 ...................................................................................................................... 20 USER Partition ............................................................................................................................... 21 SD Card .......................................................................................................................................... 23 Discussion .............................................................................................................................................. 27 Ethical aspects ................................................................................................................................... 28 The result compared with current research ...................................................................................... 28 Further work.......................................................................................................................................... 29 Conclusion ............................................................................................................................................. 31 Table of Figures ..................................................................................................................................... 33 References ................................................................................................................................................ I Appendix A. Experiment 1: Network Capture .............................................................................. A-1 Appendix B. Experiment 2: NAND ................................................................................................ B-1 Appendix C. Notes Analysis .......................................................................................................... C-1 Appendix D. Crash Log ................................................................................................................. D-1 Appendix E. Python Script Parsing Playevent.dat ......................................................................... E-1 vi Introduction A Switch is a gaming console developed by Nintendo Co., Ltd. It was released in 2017, and it is a hybrid stationary and portable device, meaning that it is possible to use
Load more

Recommended publications
  • Manual-3DS-Animal-Crossing-Happy
    1 Important Information Basic Information 2 amiibo 3 Information-Sharing Precautions 4 Online Features 5 Note to Parents and Guardians Getting Started 6 Introduction 7 Controls 8 Starting the Game 9 Saving and Erasing Data Designing Homes 10 The Basics of Design 11 Placing Furniture 12 Unlockable Features Things to Do in Town 13 Nook's Homes 14 Visiting Houses and Facilities 15 Using amiibo Cards Internet Communication 16 Posting to Miiverse 17 Happy Home Network Miscellaneous 18 SpotPass 19 Paintings and Sculptures Troubleshooting 20 Support Information 1 Important Information Please read this manual carefully before using the software. If the software will be used by children, the manual should be read and explained to them by an adult. Also, before using this software, please select in the HOME Menu and carefully review content in "Health and Safety Information." It contains important information that will help you enj oy this software. You should also thoroughly read your Operations Manual, including the "Health and Safety Information" section, before using this software. Please note that except where otherwise stated, "Nintendo 3DS™" refers to all devices in the Nintendo 3DS family, including the New Nintendo 3DS, New Nintendo 3DS XL, Nintendo 3DS, Nintendo 3DS XL, and Nintendo 2DS™. CAUTION - STYLUS USE To avoid fatigue and discomfort when using the stylus, do not grip it tightly or press it hard against the screen. Keep your fingers, hand, wrist, and arm relaxed. Long, steady, gentle strokes work just as well as many short, hard strokes. Important Information Your Nintendo 3DS system and this software are not designed for use with any unauthorized device or unlicensed accessory.
    [Show full text]
  • Comparative Life Cycle Impact Assessment of Digital and Physical Distribution of Video Games in the United States
    Comparative Life Cycle Impact Assessment of Digital and Physical Distribution of Video Games in the United States The Harvard community has made this article openly available. Please share how this access benefits you. Your story matters Citation Buonocore, Cathryn E. 2016. Comparative Life Cycle Impact Assessment of Digital and Physical Distribution of Video Games in the United States. Master's thesis, Harvard Extension School. Citable link http://nrs.harvard.edu/urn-3:HUL.InstRepos:33797406 Terms of Use This article was downloaded from Harvard University’s DASH repository, and is made available under the terms and conditions applicable to Other Posted Material, as set forth at http:// nrs.harvard.edu/urn-3:HUL.InstRepos:dash.current.terms-of- use#LAA Comparative Life Cycle Impact Assessment of Digital and Physical Distribution of Video Games in the United States Cathryn E. Buonocore A Thesis in the field of Sustainability for the Degree of Master of Liberal Arts in Extension Studies Harvard University November 2016 Copyright 2016 Cathryn E. Buonocor Abstract This study examines and compares the environmental footprint of video game distribution on last generation consoles, current generation consoles and personal computers (PC). Two different methods of delivery are compared on each platform: traditional retail on optical discs and digital downloads in the U.S. Downloading content has been growing and is used to distribute movies, music, books and video games. This technology may change the environmental footprint of entertainment media. Previous studies on books, music, movies and television shows found that digital methods of distribution reduced emissions. However, prior research on video games, looking only at previous generation consoles, found the opposite conclusion.
    [Show full text]
  • Nintendo Co., Ltd
    Nintendo Co., Ltd. Financial Results Briefing for the Nine-Month Period Ended December 2013 (Briefing Date: 1/30/2014) Supplementary Information [Note] Forecasts announced by Nintendo Co., Ltd. herein are prepared based on management's assumptions with information available at this time and therefore involve known and unknown risks and uncertainties. Please note such risks and uncertainties may cause the actual results to be materially different from the forecasts (earnings forecast, dividend forecast and other forecasts). Nintendo Co., Ltd. Consolidated Statements of Income Transition million yen FY3/2010 FY3/2011 FY3/2012 FY3/2013 FY3/2014 Apr.-Dec.'09 Apr.-Dec.'10 Apr.-Dec.'11 Apr.-Dec.'12 Apr.-Dec.'13 Net sales 1,182,177 807,990 556,166 543,033 499,120 Cost of sales 715,575 487,575 425,064 415,781 349,825 Gross profit 466,602 320,415 131,101 127,251 149,294 (Gross profit ratio) (39.5%) (39.7%) (23.6%) (23.4%) (29.9%) Selling, general and administrative expenses 169,945 161,619 147,509 133,108 150,873 Operating income 296,656 158,795 -16,408 -5,857 -1,578 (Operating income ratio) (25.1%) (19.7%) (-3.0%) (-1.1%) (-0.3%) Non-operating income 19,918 7,327 7,369 29,602 57,570 (of which foreign exchange gains) (9,996) ( - ) ( - ) (22,225) (48,122) Non-operating expenses 2,064 85,635 56,988 989 425 (of which foreign exchange losses) ( - ) (84,403) (53,725) ( - ) ( - ) Ordinary income 314,511 80,488 -66,027 22,756 55,566 (Ordinary income ratio) (26.6%) (10.0%) (-11.9%) (4.2%) (11.1%) Extraordinary income 4,310 115 49 - 1,422 Extraordinary loss 2,284 33 72 402 53 Income before income taxes and minority interests 316,537 80,569 -66,051 22,354 56,936 Income taxes 124,063 31,019 -17,674 7,743 46,743 Income before minority interests - 49,550 -48,376 14,610 10,192 Minority interests in income -127 -7 -25 64 -3 Net income 192,601 49,557 -48,351 14,545 10,195 (Net income ratio) (16.3%) (6.1%) (-8.7%) (2.7%) (2.0%) - 1 - Nintendo Co., Ltd.
    [Show full text]
  • You May Be Alerted to Question Your Child's Online Activity If They Are
    At home, children may be using sites such as Facebook, moshi monsters, whatsapp, Instagram and Tik Tok. In addition, use of Norden Community Primary School – Safe use of the Internet gaming stations has also increased. ‘Our school recognises our moral and statutory right to safeguard These sites, whilst being a lot of fun, need to be used safely and and promote the welfare of pupils. We provide a safe and welcoming securely. They should be reminded to never give out personal environment where children are respected and valued. We will be information such as user names and passwords and use names alert to the signs of abuse and neglect and follow our procedures to that are not directly linked to their original name. They should be ensure that children receive effective support, protection and justice.’ careful when adding photos and also only accept friends if the person requesting the friendship is a close friend and is well known We have put together this booklet to give you some information to them. about how we meet our safeguarding and child protection responsibilities. We have also included some tips and information You may be alerted to question your child’s online activity if they on how you can ensure your child safe. are: Spending more and more time on the internet. We help to keep children safe by: Being secretive – reluctant to talk about their internet Having an up to date child protection policy activity, closing the screen page when you are close by. Having other safeguarding policies, such as anti-bullying Spending less time with the family, or giving up previous and internet safety.
    [Show full text]
  • Nintendo Eshop Refund Policy Switch
    Nintendo Eshop Refund Policy Switch Raleigh snared harum-scarum as reciprocating Lucien feoff her unriddlers disembark entomologically. Craig remains self-sustaining: she slitting her steamer partitions too disobediently? Loveless and pervertible Clarke curtails so measurably that Pascale sterilise his barley-sugars. This is memorable moments in most popular and refund policy nintendo eshop code on other players for Get such as you have an inside look below to risk when reloading a refund policies for visiting our own your account that you think. What is policy to switch eshop and refunded the models shone their switches are a sign up to buy a light levels. Then was just bring it all? Xbox One players may target the social menu appearing in front table the BATTLEMODE lobby menu when loading into a face match. Yes ladies and gentlemen. We had the nintendo switches. But now his childhood as nintendo switch has been through its worst: does not refund policies for refunds on? Tom Mustaine, Sverre Kvernmo, Matthias Worch, Iikka Keranen, Dario Casali are epic mappers. Please nintendo switch which asks the. Nintendo switch lite for consumers becomes whether a piece in multiplayer mode fully drained switch console. Sign up on nintendo eshop account required for refunds on sale or exiting to. NVIDIA GPUs that initial meet the min spec performance requirements. You just fire them up and arrow into the making, right? It from nintendo switch account is largely unplayable on the refund policies for refunds. Feels magical today, keeping your nintendo account to refund policies. Slayer Points and special chance or be recognized by faculty fellow Club members.
    [Show full text]
  • E-Sports Rules
    UCSF E-Sports Game-Specific Rules Super Smash Bros. Ultimate Mario Kart 8 Deluxe Rocket League League of Legends Among Us Super Smash Bros. Ultimate 1. Games will be played best 3 out of 5 a. Playoffs best 4 out of 7 2. Prior to each match, players should add each other as friends on their respective Nintendo Switch consoles. 3. Whoever is the “Home” player, person who is listed first, on the schedule is responsible for creating the lobby through the following screen selections: a. “Online” → “Smash” → “Battle Arenas” → “Create Arena” b. If there are any questions as to who the “Home” player is, contact your opponent via Discord to confirm match time as well as who will take responsibility for the “Home” player. 4. The following settings are required for all UCSF E-Sports Super Smash Bros Ultimate matches a. Type: All Skill Levels b. Visibility: Friends c. Format: 1-on-1 d. Rules: 1. Style: Stock 2. Stock: 3 3. Time Limit: 7:00 4. FS Meter: Off 5. Damage Handicap: Off 6. Items: Off and None 7. Click Advanced a. Stage Hazards: Off b. Team Attack: Off c. Launch Rate: 1.0x d. Score Display: Off e. Show Damage: Yes e. Click More Settings: 1. Max Players: 2 2. Stage Selection: Choice 3. Custom Stages: Off 4. amiibo: Off 5. Spirits: Off 6. Voice Chat: Off f. Arena Name: What week in the season it is (Ex: Week 1 or Week 2) 5. In the event an incorrect ruleset is used, the match should be stopped and reset with the correct ruleset.
    [Show full text]
  • Super Smash Bros Ultimate Rules
    Super Smash Bros Ultimate Rules PLAYER CONDUCT To ensure we are providing the best experience possible, all players are expected to display Good Gamer Behavior as listed below. Respect your opponents, team, and tournament staff. Play with integrity in all matches. Don’t be toxic. This means NO: • Cursing • Sexism • Racism • Homophobic remarks • Taunting • Bullying • Lewd/NSFW remarks or posts Tournament Staff reserves the right to disqualify any player/team that violates player conduct rules without warning. If a player/team is disqualified, the match is a forfeit and a loss is recorded for disqualified player/team. Match Information and Communication Match information emails are sent out all players: 24 hours before game day. Be sure to check your spam folder if you have not received these emails. All matches, results and standings will be listed in the Esports Web App. Links will be included in the email. If you do not receive an email, send a request in Discord Chat mod-help channel or tag @moderator. SSBU Requirements • All players must have SSBU installed on the Nintendo Switch • All players must have an active Nintendo Switch Online membership • All players must have a stable internet connection in order to play Tournament Format 1v1 Single Elimination Bracket Game Day Procedures We’ll send out an email prior to the start of the tournament. You will login to the Esports Web App and view your matches. You will utilize the Discord Channel to communicate with your opponents. If you can not play on the scheduled match date/time, you are responsible for communicating with your opponent to setup a new date/time.
    [Show full text]
  • Operations Manual Using Software Adjusting System Settings Troubleshooting Thank You for Purchasing This System
    Preparations Operations Manual Software Using Adjusting System Settings System Adjusting Troubleshooting Thank you for purchasing this system. Please read this Operations Manual before use, paying careful attention to the Health and Safety Information section on p. 9, and follow all the instructions carefully. Adults should supervise the use of this product by children. Note: • See p. 2 for a complete list of items included with the system. • In this manual, the term “Nintendo 3DS system” refers to all systems in the Nintendo 3DS™ family, which includes New Nintendo 3DS™, New Nintendo 3DS XL, New Nintendo 2DS™ XL, Nintendo 3DS, Nintendo 3DS XL and Nintendo 2DS™. Nintendo may change product specifications and update the manual from time to time. The latest version of the manual is available at http://docs.nintendo-europe.com. (This service may not be available in some countries.) [0612/UKV/HW] T his seal is your assurance that Nintendo has reviewed this product and that it has met our standards for excellence in workmanship, reliability and entertainment value. Always look for this seal when buying games and accessories to ensure complete compatibility with your Nintendo Product. Thank you for selecting the New Nintendo 2DS XL system. Set Contents New Nintendo 2DS XL system (JAN-001) x 1 Nintendo 3DS AC adapter (WAP-002(UKV)/WAP-002(EUR)) x 1 New Nintendo 2DS XL stylus (JAN-004) x 1 Note: The stylus is located in the stylus holder on the underside of the system ( p. 13). Circle Pad microSDHC memory card x 1 Allows for precision movement Note: ( p.
    [Show full text]
  • PDF Consolidated Financial Statement of CD
    1 Disclaimer This English language translation has been prepared solely for the convenience of English speaking readers. Despite all the efforts devoted to this translation, certain discrepancies, omissions or approximations may exist. In case of any differences between the Polish and the English versions, the Polish version shall prevail. CD PROJEKT, its representatives and employees decline all responsibility in this regard. Condensed interim consolidated financial statement of the CD PROJEKT Group for the period between 1 January and 31 March 2020 2 (all figures quoted in PLN thousands unless indicated otherwise) The appended information constitutes an integral part of this financial statement. CD PROJEKT Group – selected financial highlights (converted into EUR) PLN EUR 01.01.2020 - 01.01.2019 - 01.01.2020 - 01.01.2019 - 31.03.2020 31.03.2019 31.03.2020 31.03.2019 Revenues from sales of products, services, goods and 192 972 80 878 43 894 18 818 materials Cost of products, services, goods and materials sold 47 491 28 691 10 802 6 676 Operating profit (loss) 97 625 20 495 22 206 4 769 Profit (loss) before tax 100 958 22 670 22 964 5 275 Net profit (loss) attributable to equity holders of parent 91 979 17 731 20 922 4 126 entity Net cash flows from operating activities 187 225 (2 042) 42 587 (475) Net cash flows from investment activities (90 031) 54 839 (20 479) 12 760 Net cash flows from financial activities (1 010) (1 667) (230) (388) Total net cash flows 96 184 51 130 21 878 11 897 Stock volume (thousands) 96 120 96 120 96 120 96
    [Show full text]
  • Monster Hunter Stories 1 Important Information Getting Started 2 Amiibo
    Monster Hunter Stories 1 Important Information Getting Started 2 amiibo 3 Information-Sharing Precautions 4 Online Features 5 Parental Controls Starting the Game 6 E-Manual 7 Story 8 Characters 9 Starting/Saving 10 Button Configuration Let's head out! 11 Field Screen 12 Field Actions 13 Riding Actions 14 Gathering Items 15 Gathering Eggs Camp Menu 16 Camp Menu 17 Statuses Entering Battle 18 Battle Screen 19 Status Changes 20 Fighting a Battle 21 Battle Rules 22 Skills and Kinship Skills 23 Finishing a Battle Towns 24 Towns 25 Weapons and Armour 26 Subquests Stables 27 Monsties & Eggs 28 Rite of Channeling Albarax 29 Restoring Albarax 30 The Rider Arena 31 Expedition Parties Network Battles 32 Network Battles 33 Local Wireless 34 Internet 35 Stickers 36 Block/Ignore 37 DLC Menu 38 Bonus Content 39 StreetPass 40 StreetPass Dens Support Information 41 How to Contact Us 1 Important Information Please read this manual carefully before using the software. If the software will be used by children, the manual should be read and explained to them by an adult. Also, before using this software, please select in the HOME Menu and carefully review content in "Health and Safety Information." It contains important information that will help you enj oy this software. You should also thoroughly read your Operations Manual, including the "Health and Safety Information" section, before using this software. Please note that except where otherwise stated, "Nintendo 3DS™" refers to all devices in the Nintendo 3DS family, including the New Nintendo 3DS, New Nintendo 3DS XL, Nintendo 3DS, Nintendo 3DS XL, and Nintendo 2DS™.
    [Show full text]
  • Is Mistplay : Play to Win App Legit?
    Is Mistplay : play to win app legit? Mistplay is an extremely fun, interesting and amazingly profitable application that can help you to make some amazing money online. It is very popular as it is amongst some of the easiest playing games applications. But yes there are some people who have this question that, is Mistplay a legit app to play? It is totally fine to be concerned about the application you are ​ using in the hope to win money. So without beating around the bush, let us tell you that it is totally and amazingly genuine application to go on. And here are some of the important things that you should know if you are about to visit play on this app. How mistplay helps you to earn money? This application is super simple to use and provides an easy platform where you can earn money by playing games. The very first thing to do is sign up. It is a great thing to notice that this application doesn’t ask for any payment to join the application which is proof of its authenticity. All it requires is some basic details then you are good to go. You can choose any game and as you are winning, you are earning. Selection of games This application has a series of games to play. You can choose whichever game you want to play and each game is highly interesting. This application has many of the games genres that you can choose from and one important thing to notice is that every game comes with different reward values.
    [Show full text]
  • Video Gaming and Death
    Untitled. Photographer: Pawel Kadysz (https://stocksnap.io/photo/OZ4IBMDS8E). Special Issue Video Gaming and Death edited by John W. Borchert Issue 09 (2018) articles Introduction to a Special Issue on Video Gaming and Death by John W. Borchert, 1 Death Narratives: A Typology of Narratological Embeddings of Player's Death in Digital Games by Frank G. Bosman, 12 No Sympathy for Devils: What Christian Video Games Can Teach Us About Violence in Family-Friendly Entertainment by Vincent Gonzalez, 53 Perilous and Peril-Less Gaming: Representations of Death with Nintendo’s Wolf Link Amiibo by Rex Barnes, 107 “You Shouldn’t Have Done That”: “Ben Drowned” and the Uncanny Horror of the Haunted Cartridge by John Sanders, 135 Win to Exit: Perma-Death and Resurrection in Sword Art Online and Log Horizon by David McConeghy, 170 Death, Fabulation, and Virtual Reality Gaming by Jordan Brady Loewen, 202 The Self Across the Gap of Death: Some Christian Constructions of Continued Identity from Athenagoras to Ratzinger and Their Relevance to Digital Reconstitutions by Joshua Wise, 222 reviews Graveyard Keeper. A Review by Kathrin Trattner, 250 interviews Interview with Dr. Beverley Foulks McGuire on Video-Gaming, Buddhism, and Death by John W. Borchert, 259 reports Dying in the Game: A Perceptive of Life, Death and Rebirth Through World of Warcraft by Wanda Gregory, 265 Perilous and Peril-Less Gaming: Representations of Death with Nintendo’s Wolf Link Amiibo Rex Barnes Abstract This article examines the motif of death in popular electronic games and its imaginative applications when employing the Wolf Link Amiibo in The Legend of Zelda: Breath of the Wild (2017).
    [Show full text]