Homebrew Question (sxcore v2) tinfoil incognito cal0 brick restore

[laramie]

I'm sorry, I'm a complete noob. Can you give some directions as to how to do that?

just look up switch 5.1.0 universal exfat and it'll come with a guide. I don't want to link it in case it's not legal but google will help.

--------------------- MERGED ---------------------------

I don't care much for prodinfo, I just want to delete the partition tinfoil created on my nand

idk of anything to partition the nand... as far as I know if you do that there's no fix. the 5.1.0 thing I mentioned does flash over your nand so it may be your best option. I know it does work bc I had to use this method when bricking my day one switch with no nand backup.

 

[duckbill007]

5.1.0 wont help without bis keys. So, first of all get that keys.

 

[Rebeca]

I found I'm able to run Hekate on this switch as it's a v1 and therefore get the biskeys, but I can't run memloader to inject 5.1.0. Any way around that?

 

[DragarX]

I found I'm able to run Hekate on this switch as it's a v1 and therefore get the biskeys, but I can't run memloader to inject 5.1.0. Any way around that?

Put the files on your sd card, run this pay load and copy the files from sd to nand.
https://github.com/suchmememanyskill/TegraExplorer

 

[Jerriel]

still waiting for biskeys for mariko switch still dead

Sent from my CPH1819 using Tapatalk

 

[Rebeca]

Got the keys with lockpick rcm but they seem to be corrupted or at the very least incomplete. Opening Prodinfo in a hex editor revealed the 5th byte, which, according to some info I got here, should be 07 is 0B, which I believe is Incognito's handiwork.

 

[ZachyCatGames]

Got the keys with lockpick rcm but they seem to be corrupted or at the very least incomplete. Opening Prodinfo in a hex editor revealed the 5th byte, which, according to some info I got here, should be 07 is 0B, which I believe is Incognito's handiwork.

0x04 is the cal0 revision.
Its value depends on when your device was manufactured, it's bumped anytime Nintendo makes a change to cal0s format.

 

[Rebeca]

Used blawar's script to recover cal0 and recovered the nand with the new prodinfo. Switch's alive again.

 

[Wvrd182]

still waiting for biskeys for mariko switch still dead

Sent from my CPH1819 using Tapatalk

Hey man. I'm facing the same issue as you now. Let me know how it goes. I'll also share my findings as well.

In summary:
Stuck on joycon icon when booting
I'm on Mariko with sxos (hw modded)
Installed Incognito while I'm on sysnand.
I'm able to enter sxos recovery but unable to load any payload from there
Tegrasmashrcm, incognito RCM, hekete doesn't load


I do have a prodinfo backup though. Figuring how can I push that

 

[Draxzelex]

Hey man. I'm facing the same issue as you now. Let me know how it goes. I'll also share my findings as well.

In summary:
Stuck on joycon icon when booting
I'm on Mariko with sxos (hw modded)
Installed Incognito while I'm on sysnand.
I'm able to enter sxos recovery but unable to load any payload from there
Tegrasmashrcm, incognito RCM, hekete doesn't load


I do have a prodinfo backup though. Figuring how can I push that

Do you not have a NAND backup?

 

[cai_miao]

I do have a prodinfo backup though. Figuring how can I push that

Backup your current nand, use HacDiskMount or NxNandManager with your keys and replace the PRODINFO partition with your backup, then restore it

(FOR ADVANCED USER: if you understand every single step with partition swapping and wish to save some time, backup system partition only would do same trick)

 

[Wvrd182]

Backup your current nand, use HacDiskMount or NxNandManager with your keys and replace the PRODINFO partition with your backup, then restore it

(FOR ADVANCED USER: if you understand every single step with partition swapping and wish to save some time, backup system partition only would do same trick)

Im waiting for lockpick to support mariko before im able to extract out my keys to use with nxnandmanager. Guess thats the only way for me to recover it.

Thanks for the advise.

 

[Jerriel]

Hello just saw3 the lockpick RCM suport for mariko does lockpick extract biskeys

 

[cai_miao]

Hello just saw3 the lockpick RCM suport for mariko does lockpick extract biskeys

yes you have to flash spacecraft-nx to your modchip, then use lockpick_rcm to extract the keys correctly.
using stock firmware of gateway modchip does not have ability to extract exact key.

 

[Wvrd182]

yes you have to flash spacecraft-nx to your modchip, then use lockpick_rcm to extract the keys correctly.
using stock firmware of gateway modchip does not have ability to extract exact key.

I verified this. Kept on stuck at 43 keys on stock gateway modchip, and not being able to get full keys. Gotta find that usb flex debug cable for me to flash spacecraft-nx.

 

[Jerriel]

really hoping there is a more better way to do this

 

[Jerriel]

please give updates if anybody has an answer kk

 

[HollowGrams]

please give updates if anybody has an answer kk

I'm not 100% but. Pretty sure there is way now. Lockpick 1.90 and you might have to flash spacecraftnx fw to core/lite.

https://github.com/shchmue/Lockpick_RCM/releases

https://github.com/Spacecraft-NX/firmware/releases/tag/0.1.0

 

[Jerriel]

just to be clear once i get the biskeys using lockpick , using extract_cal0_backup.py script from blawar, All i need to do there is to drag the locked prodinfo file then the password once its unlock ill replace the prodinfo on the nand backup and restore it using hacdisckmount. can anybody confirm if this is the correct way

 

[cai_miao]

just to be clear once i get the biskeys using lockpick , using extract_cal0_backup.py script from blawar, All i need to do there is to drag the locked prodinfo file then the password once its unlock ill replace the prodinfo on the nand backup and restore it using hacdisckmount. can anybody confirm if this is the correct way

not familiar with incognito v2
when you managed to get your real prodinfo, just replace it with hacdiskmount