Now that OTP-less A9LH installation is possible, I want to add an alternate override to 3DSafe in case the user never dumped their OTP. I can write the leftover SHA to a file by simply writing 32 bytes from 0x1000A040. I can then load this file back into memory and use memcmp to check if the contents of the file matches the SHA in memory.
The question I have is whether the SHA in memory is console specific, or whether it's possible for two consoles to have the same SHA? Also, is the SHA in the same location no matter what device the user is running on?
The question I have is whether the SHA in memory is console specific, or whether it's possible for two consoles to have the same SHA? Also, is the SHA in the same location no matter what device the user is running on?