Hacking [RCM Payload] Hekate - CTCaer mod

  • Thread starter CTCaer
  • Start date
  • Views 1,077,493
  • Replies 3,243
  • Likes 128
Q

Quiggy

Member
Newcomer
Level 3
Joined
May 25, 2018
Messages
18
Trophies
0
Age
35
XP
295
Country
Germany
Is there anything we can do to support you with the 3.0.1 support? I have a console with this firmware and everything is prepared ... :D
 
CTCaer

CTCaer

Developer
OP
Developer
Level 11
Joined
Mar 22, 2008
Messages
1,154
Trophies
0
XP
3,008
Country
Greece
Quiggy said:
Is there anything we can do to support you with the 3.0.1 support? I have a console with this firmware and everything is prepared ... :D
Click to expand...
Thanks. I have the required files for 3.0.1/.2 but I have problems with IDA pro, where it crashes on me after the an update.
I don't have time to reinstall it and migrate all my settings, workspaces, plugins, etc for now.
 
H

Hodorian

Well-Known Member
Newcomer
Level 3
Joined
May 23, 2018
Messages
59
Trophies
0
Age
31
XP
350
Country
Germany
Using version 1.6.
Started a dump on fat32 but it failed on a (16 gB) card.
Then i formatted the card on exFat on a pc.
Then formatted a second time on the switch.

Now if i start the dump, it stucks on 0%.
 
  • Like
Reactions: chronoss
CTCaer

CTCaer

Developer
OP
Developer
Level 11
Joined
Mar 22, 2008
Messages
1,154
Trophies
0
XP
3,008
Country
Greece
Hodorian said:
Using version 1.6.
Started a dump on fat32 but it failed on a (16 gB) card.
Then i formatted the card on exFat on a pc.
Then formatted a second time on the switch.

Now if i start the dump, it stucks on 0%.
Click to expand...
No error on both times? Can't help without the yellow one.
 
H

Hodorian

Well-Known Member
Newcomer
Level 3
Joined
May 23, 2018
Messages
59
Trophies
0
Age
31
XP
350
Country
Germany
CTCaer said:
No error on both times? Can't help without the yellow one.
Click to expand...
the first one was an writing error. and with the 0% stuck, nothing happens.(same error with version 1.5)

there was only a 0kb big bin file on the sd card. no partial.idx file.

i try to check the sd card and try again later.
 
CTCaer

CTCaer

Developer
OP
Developer
Level 11
Joined
Mar 22, 2008
Messages
1,154
Trophies
0
XP
3,008
Country
Greece
Format it with FAT32 or exFAT in windows. Make sure the cluster size is 32KB.

Btw, there are 45 different errors that can happen on that time, so make sure you write it down on your next try.
 
coned_miro

coned_miro

Well-Known Member
Newcomer
Level 2
Joined
Nov 28, 2016
Messages
47
Trophies
0
Age
35
XP
211
Country
United States
CTCaer said:
Thanks. I have the required files for 3.0.1/.2 but I have problems with IDA pro, where it crashes on me after the an update.
I don't have time to reinstall it and migrate all my settings, workspaces, plugins, etc for now.
Click to expand...

Are you saying the files are ready ,you just can't compile? Bummer.
 
D

dapharsyde

Member
Newcomer
Level 5
Joined
May 20, 2018
Messages
5
Trophies
0
Age
47
XP
642
Country
United States
coned_miro said:
Are you saying the files are ready ,you just can't compile? Bummer.
Click to expand...

No, I get the feeling that CTCaer has the required files dumped from the 3.0.1 and 3.0.2 firmwares, but he still needs to load them into IDA pro so he can run a debug trace and figure out the correct offsets to add to the secmon_patch. Unfortunately, his installation of IDA Pro is no longer functional, so he can't do this for us.

If by chance CTCaer is willing to teach us how to fish, we can install IDA Pro and do it ourselves, but that would probably be a lot to ask.
 
  • Like
Reactions: CTCaer
CTCaer

CTCaer

Developer
OP
Developer
Level 11
Joined
Mar 22, 2008
Messages
1,154
Trophies
0
XP
3,008
Country
Greece
coned_miro said:
Are you saying the files are ready ,you just can't compile? Bummer.
Click to expand...
You misunderstood.

To develop the patches, I need to reverse engineer nintendo's code first. It's the opposite of compiling. And then I can compile a new hekate version.
Anyway, I can't do that with damn IDA pro crashing on me.


On the other hand, I've implemented a 16px font (original text is 8px).
But it breaks all long text, because now the limit is 45 characters (from 90).
It will take a while because I have to fix:
2b0hw8.jpg



----------------------


dapharsyde said:
No, I get the feeling that CTCaer has the required files dumped from the 3.0.1 and 3.0.2 firmwares, but he still needs to load them into IDA pro so he can run a debug trace and figure out the correct offsets to add to the secmon_patch. Unfortunately, his installation of IDA Pro is no longer functional, so he can't do this for us.

If by chance CTCaer is willing to teach us how to fish, we can install IDA Pro and do it ourselves, but that would probably be a lot to ask.
Click to expand...
That's absolutely correct.

Maybe, I'll do a new installation in a VM. But still, I don't want to find the correct variables all over again..
 
  • Like
Reactions: :-infern:, hippy dave, metaljay and 3 others
H

Hodorian

Well-Known Member
Newcomer
Level 3
Joined
May 23, 2018
Messages
59
Trophies
0
Age
31
XP
350
Country
Germany
CTCaer said:
Format it with FAT32 or exFAT in windows. Make sure the cluster size is 32KB....
Click to expand...

Thanks, now it works perfectly. I formatted in slow mode with exFat and 32kB.

I don't know why it stucked on 0%. Maybe the cluster size was different as i formatted the sd with the switch.
 
D

dapharsyde

Member
Newcomer
Level 5
Joined
May 20, 2018
Messages
5
Trophies
0
Age
47
XP
642
Country
United States
CTCaer said:
That's absolutely correct.

Maybe, I'll do a new installation in a VM. But still, I don't want to find the correct variables all over again..
Click to expand...

By any chance is there a writeup on how to find these variables and offsets? It's been ages since I worked in IDA Pro but I'm a little curious how this stuff works, if you're willing to push me in the right direction. I have dump files from my 4.1.0 switch and my 3.0.2 switch. If I had the instructions available, I could try them out with my 4.1.0 dump files and see if I arrive at the same offsets that have already been committed to the source code. If I'm successful there, I assume I could then do the same with my 3.0.2 files.
 
CTCaer

CTCaer

Developer
OP
Developer
Level 11
Joined
Mar 22, 2008
Messages
1,154
Trophies
0
XP
3,008
Country
Greece
Hodorian said:
Thanks, now it works perfectly. I formatted in slow mode with exFat and 32kB.

I don't know why it stucked on 0%. Maybe the cluster size was different as i formatted the sd with the switch.
Click to expand...
Slow mode writes zeroes all over the created partition.
If this fixed it, it means that your sd card had bad sectors, which now are either corrected or marked for avoidance.
If it's the latter, you can normally check by doing a chkdsk Z: (If you run chkdsk /f /r /x Z: it will try to correct them also).
But anyway, now it's fixed.

Too bad you didn't write down the yellow error. I wanted to know what error FatFS spits for a bad sector. :/


dapharsyde said:
By any chance is there a writeup on how to find these variables and offsets? It's been ages since I worked in IDA Pro but I'm a little curious how this stuff works, if you're willing to push me in the right direction. I have dump files from my 4.1.0 switch and my 3.0.2 switch. If I had the instructions available, I could try them out with my 4.1.0 dump files and see if I arrive at the same offsets that have already been committed to the source code. If I'm successful there, I assume I could then do the same with my 3.0.2 files.
Click to expand...
You need the secure engine binary from package1.
The only one I've done before was for 1.0.0. And Switchbrew helped a lot.
 
cicciopas

cicciopas

Member
Newcomer
Level 2
Joined
May 26, 2018
Messages
24
Trophies
0
Age
50
XP
150
Country
Italy
CTCaer said:
Thanks. I have the required files for 3.0.1/.2 but I have problems with IDA pro, where it crashes on me after the an update.
I don't have time to reinstall it and migrate all my settings, workspaces, plugins, etc for now.
Click to expand...

Hi CTCaer, if you are able to start the CFW on version 3.0.x, please try to release a working version as soon as possible. We are many around the world blocked on 3.0.x firmware without the ability to access the homebrew launcher.
The most we can get is the pink screen.
The temptation to update is so great but we are always hoping to receive the HBL by staying on a low firmware.
If you can help us we would be infinitely grateful.
I write from Italy and I specifically registered for this request.
Keep it up and greetings. :)
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Emulation Homebrew  duckstation for Switch

Can you trade in a banned switch for an unbanned one?

Why is Atmosphere so dominant?

Hacking Misc Tutorial  Eiyuden Chronicle Hundred Heroes save editing

Hacking  Weird findings from that DQ trilogy switch port

Migswitch backups without certificate files

Help a noob with if I need to update CFW to 18.0 or not

Emulation Misc  Is a totk memory editor possible? If so why has no one made one yet?

General chit-chat
Help Users
    Bunjolio @ Bunjolio: a