Hacking Process of the eMMC backup and restore in Hekate? Are backups en-, or decrypted?

T

tomsek68

Well-Known Member
OP
Newcomer
Level 2
Joined
May 19, 2018
Messages
46
Trophies
0
Age
22
XP
233
Country
Hungary
I have a patched switch, which is bricked. I mixed up a few eMMCs during a repair, and one burned an eFuse in this patched switch. I was able to bring the others back to life (since they were unpatched), but not this one. I am literally pulling my hair out.

So, let the fun begin:
I made a NAND backup with a different switch (Hekate, not raw backup). Later, I tried to recreate the eMMC content with the higher firmware that the 12 burnt fuses required. Flashed it (with an unpatched switch), but no charm.

Today I have installed an Sx Core chip in it (because it allows running payloads). Restored the original backup with hekate, but it won't boot. Neither with Atmosphére. I was hoping for that the CFW would skip the fuse check (maybe won't work on patched SoCs?)

Also: 0% of the USB features work in any payload.

So... I fear that my backups are "decrypted". (this would be bad, since another switch was used for the backup process - different bis keys would turn the backup into garbage)
But if they are decrypted, the restore would encrypt it, right? That needs the BIS keys again - which i was not able to retrieve from this console. It just hangs when i try to dump them. Tried to restore with the exact switch the backup was made with, but no success either.

Any ideas?

And again, sorry for my broken english. It may have to do something with sleeping only every other day....
 
scandal_uk

scandal_uk

Not Really There
Member
Level 5
Joined
Oct 3, 2005
Messages
322
Trophies
0
Location
UK
XP
580
Country
United Kingdom
It’s a shame you reflashed that eMMC because CFW wouldn’t have been affected by the fuse count. However, it is what it is - you really need those keys, can you get them to display on-screen in Lockpick_RCM?

Edit: does it even work with SX Core??
 
Last edited by scandal_uk,
T

tomsek68

Well-Known Member
OP
Newcomer
Level 2
Joined
May 19, 2018
Messages
46
Trophies
0
Age
22
XP
233
Country
Hungary
It wont boot with Sx Core either. (Sx logo comes in, boot menu is operational, can boot payloads too) I know, it was a huge mistake to reflash it.
But the question remains: Are the backups decrypted or bit-to-bit perfect from the eMMC?

Also: Low battery and charging icon comes in. IIRC this only happens when using the right eMMC (with the switch specific data on it).

It only boots to Nintendo logo. Sometimes right after rewriting the BOOT0/BOOT1 the SEPT logo comes in. One time, ive seen the Atmosphére logo - but it hanged after that.

With SX Core it shows the low battery/charging screens when the battery is depleted, otherwise it hangs after the Nintendo logo.

EDIT:
Tried Lockpick RCM again. When I start the process, it flashes some info, along with Press Power or Vol +/- to reboot to Sept..., but it goes blank immediately without pressing anything. It just halts.
lprcm.jpg


EDIT2:
Biskeydump throws an error. "Keyblob decrypted using current SBK & TSEC keys NOT VALID!" Is the TSEC key sensitive data? If not, I'll post a pic of the biskeydump final screen.

SBK key is FFFFFFFFFFFFFFFFFFFF... So... Noting...
Where is the SBK key stored?
 
Last edited by tomsek68,
Draxzelex

Draxzelex

Well-Known Member
Member
Level 23
Joined
Aug 6, 2017
Messages
19,023
Trophies
2
Age
29
Location
New York City
XP
13,426
Country
United States
tomsek68 said:
It wont boot with Sx Core either. (Sx logo comes in, boot menu is operational, can boot payloads too) I know, it was a huge mistake to reflash it.
But the question remains: Are the backups decrypted or bit-to-bit perfect from the eMMC?

Also: Low battery and charging icon comes in. IIRC this only happens when using the right eMMC (with the switch specific data on it).

It only boots to Nintendo logo. Sometimes right after rewriting the BOOT0/BOOT1 the SEPT logo comes in. One time, ive seen the Atmosphére logo - but it hanged after that.

With SX Core it shows the low battery/charging screens when the battery is depleted, otherwise it hangs after the Nintendo logo.

EDIT:
Tried Lockpick RCM again. When I start the process, it flashes some info, along with Press Power or Vol +/- to reboot to Sept..., but it goes blank immediately without pressing anything. It just halts.
View attachment 216756

EDIT2:
Biskeydump throws an error. "Keyblob decrypted using current SBK & TSEC keys NOT VALID!" Is the TSEC key sensitive data? If not, I'll post a pic of the biskeydump final screen.

SBK key is FFFFFFFFFFFFFFFFFFFF... So... Noting...
Where is the SBK key stored?
Click to expand...
Lockpick_RCM was updated so give it another shot.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Emulation Homebrew  duckstation for Switch

Can you trade in a banned switch for an unbanned one?

Why is Atmosphere so dominant?

Hacking Misc Tutorial  Eiyuden Chronicle Hundred Heroes save editing

Hacking  Weird findings from that DQ trilogy switch port

Migswitch backups without certificate files

Help a noob with if I need to update CFW to 18.0 or not

Emulation Misc  Is a totk memory editor possible? If so why has no one made one yet?

General chit-chat
Help Users
  • Veho @ Veho:
    It's not a Nintendo / iQue official product, it's a 3rd party custom.
     +1
  • Veho @ Veho:
    Nothing special about it other than it's more comfortable than the Lite
    for people with beefy hands.
     +1
  • Jayro @ Jayro:
    I have yaoi anime hands, very lorge but slender.
  • Jayro @ Jayro:
    I'm Slenderman.
  • Veho @ Veho:
    I have hands.
  • Veho @ Veho:
    king-shark-hand.gif
    +1
  • BakerMan @ BakerMan:
    imagine not having hands, cringe
     +1
  • AncientBoi @ AncientBoi:
    ESPECIALLY for things I do to myself :sad:.. :tpi::rofl2: Or others :shy::blush::evil:
     +1
  • The Real Jdbye @ The Real Jdbye:
    @SylverReZ if you could find a v5 DS ML you would have the best of both worlds since the v5 units had the same backlight brightness levels as the DS Lite unlockable with flashme
  • The Real Jdbye @ The Real Jdbye:
    but that's a long shot
  • The Real Jdbye @ The Real Jdbye:
    i think only the red mario kart edition phat was v5
  • BigOnYa @ BigOnYa:
    A woman with no arms and no legs was sitting on a beach. A man comes along and the woman says, "I've never been hugged before." So the man feels bad and hugs her. She says "Well i've also never been kissed before." So he gives her a kiss on the cheek. She says "Well I've also never been fucked before." So the man picks her up, and throws her in the ocean and says "Now you're fucked."
     +2
  • AncientBoi @ AncientBoi:
    :O:ohnoes::lol::rofl::rofl2:
  • BakerMan @ BakerMan:
    lmao
  • BakerMan @ BakerMan:
    anyways, we need to re-normalize physical media

    if i didn't want my games to be permanent, then i'd rent them
     +1
  • BigOnYa @ BigOnYa:
    Agreed, that why I try to buy all my games on disc, Xbox anyways. Switch games (which I pirate tbh) don't matter much, I stay offline 24/7 anyways.
  • AncientBoi @ AncientBoi:
    I don't pirate them, I Use Them :mellow:. Like I do @BigOnYa 's couch :tpi::evil::rofl2:
     +1
  • cearp @ cearp:
    @BakerMan - you can still "own" digital media, arguably easier and better than physical since you can make copies and backups, as much as you like.

    The issue is DRM
  • cearp @ cearp:
    You can buy drm free games / music / ebooks, and if you keep backups of your data (like documents and family photos etc), then you shouldn't lose the game. but with a disk, your toddler could put it in the toaster and there goes your $60

    :rofl2:
  • cearp @ cearp:
    still, I agree physical media is nice to have. just pointing out the issue is drm
  • rqkaiju2 @ rqkaiju2:
    i like physical media because it actually feels like you own it. thats why i plan on burning music to cds
  • cearp @ cearp:
    It's nice to not have to have a lot of physical things though, saves space
     +1
  • AncientBoi @ AncientBoi:
    Nor clothes 🤮 . Saves on time, soap, water and money having to wash them. :D
  • SylverReZ @ SylverReZ:
    @rqkaiju2, Physical media is a great source for archiving your data, none of that cloud storage shiz.
     +1
  • AncientBoi @ AncientBoi:
    [squeezes @SylverReZ onto a physical media, then archives you in my old stuff box] :tpi::rofl2::tpi:
     +1
    AncientBoi @ AncientBoi: [squeezes @SylverReZ onto a physical media, then archives you in my old stuff box]... +1