Hacking [RCM Payload] Hekate - CTCaer mod

[PatchTuesday]

Is there any risk of brick of always stay in Hekate/CFW mode + sleep mode?
Always use the jig and have to enter RCM is boring.

No risk of using sleep mode.Nobody reported anything bad happening anyway from what I've read

--------------------- MERGED ---------------------------

hey CTCaer - quick question - would formatting the system that has run DevMenu and SX OS clear any logs or anything on the console so it looks clean to Nintendo? I have a NAND backup I did with some games and its 8GB (from before i ran any cfw or anything). Wondering if I can somehow cleanly redo the process by formatting and removing SX OS...etc.

If you restore your nandbackup that was made before SX OS, it will be like it was never there to begin with

 

[cicciopas]

Autoboot is a really good feature. Thank's a lot for your work

 

[sirAnger]

Autoboot is a really good feature. Thank's a lot for your work

You can't just show off a sweet bootlogo like that without sharing it!

 

[cicciopas]

You can't just show off a bootlogo like that without sharing it!

... shared

 

[Asia81]

It's possible to clear logs while in hekate, without booting the system?
I noticed sys-ftpd is not working if we boot with the clear logs option.

[CFW + FTP + Clear Log]
kip1=modules/sys-ftpd.kip
kip1=modules/newfirm/loader.kip
kip1=modules/newfirm/sm.kip
kip1=modules/nx-dreport.kip

My full ini file:

{------------ Stock -----------}
[Stock]
[Stock + Clear Log]
kip1=modules/nx-dreport.kip
{ }

{------ Custom Firmwares ------}
{IP: 192.168.1.10 / Port: 5000}
{ }
[CFW + FTP]
kip1=modules/sys-ftpd.kip
kip1=modules/newfirm/loader.kip
kip1=modules/newfirm/sm.kip
[CFW + FTP + Clear Log]
kip1=modules/sys-ftpd.kip
kip1=modules/newfirm/loader.kip
kip1=modules/newfirm/sm.kip
kip1=modules/nx-dreport.kip
{ }

{--------- LayeredFS ----------}
{IP: 192.168.1.10 / Port: 5000}
{ }
[LayeredFS + FTP]
kip1=modules/sys-ftpd.kip
kip1=modules/newfirm/loader.kip
kip1=modules/newfirm/sm.kip
kip1=modules/newfirm/fs_mitm.kip
atmosphere=1
[LayeredFS + FTP + Clear Log]
kip1=modules/sys-ftpd.kip
kip1=modules/nx-dreport.kip
kip1=modules/newfirm/loader.kip
kip1=modules/newfirm/sm.kip
kip1=modules/newfirm/fs_mitm.kip
atmosphere=1
{ }

 

[bkifft]

For some strange reason I can't seem to backup the BOOT partitions, while the raw dump went through without any problem.

I've tried different SD cards, always keep getting a yellow write error and a red error 1 (forgot to note down the exact wording, will add it later), resulting in corrupted BOOT0/BOOT1 files i need to clean up with checkdisk afterwards.



Any pointers as to what else I could try?

 

[Canna]

Just thought id make my first post useful....

If like me you had 14 bin files, or had you nand back up split into pieces
And wanted to join them here is the program i used to merge them into 1 rawnand.bin

file-joiner 2.4.1

by igorware com



Hope this helps.

i checked with hacdiskmount

[22:23:46:087321] [info] Loaded primary GPT, checking secondary from offset 31268535808

[22:23:46:087321] [info] Secondary GPT is okay

[22:23:46:087321] [info] Using primary GPT as backup GPT is identical

seems good merge

 

[Drakia]

Just thought id make my first post useful....

If like me you had 14 bin files, or had you nand back up split into pieces
And wanted to join them here is the program i used to merge them into 1 rawnand.bin

file-joiner 2.4.1

by igorware com



Hope this helps.

i checked with hacdiskmount

[22:23:46:087321] [info] Loaded primary GPT, checking secondary from offset 31268535808

[22:23:46:087321] [info] Secondary GPT is okay

[22:23:46:087321] [info] Using primary GPT as backup GPT is identical

seems good merge

Right below the .bin file on the GitHub releases page is a joiner script archive with scripts for Windows/Linux/OSX... (Those scripts have been there for every release of Hekate that CTCaer has put out)

 

[TheLastOfUs]

No risk of using sleep mode.Nobody reported anything bad happening anyway from what I've read

--------------------- MERGED ---------------------------


If you restore your nandbackup that was made before SX OS, it will be like it was never there to begin with

Hey, yeah this wouldn't work for me. My nand is from v2.3.....so I need to recreate it WITHOUT restoring rawnand. THats why im wondering if I just clear logs....remove SX OS and FORMAT the system and then redo the procedure - if it will be like "clean NAND" ?

 

[CTCaer]

... shared

Thanks, this is a fine bootlogo

It's possible to clear logs while in hekate, without booting the system?
I noticed sys-ftpd is not working if we boot with the clear logs option.

[CFW + FTP + Clear Log]
kip1=modules/sys-ftpd.kip
kip1=modules/newfirm/loader.kip
kip1=modules/newfirm/sm.kip
kip1=modules/nx-dreport.kip

My full ini file:

{------------ Stock -----------}
[Stock]
[Stock + Clear Log]
kip1=modules/nx-dreport.kip
{ }

{------ Custom Firmwares ------}
{IP: 192.168.1.10 / Port: 5000}
{ }
[CFW + FTP]
kip1=modules/sys-ftpd.kip
kip1=modules/newfirm/loader.kip
kip1=modules/newfirm/sm.kip
[CFW + FTP + Clear Log]
kip1=modules/sys-ftpd.kip
kip1=modules/newfirm/loader.kip
kip1=modules/newfirm/sm.kip
kip1=modules/nx-dreport.kip
{ }

{--------- LayeredFS ----------}
{IP: 192.168.1.10 / Port: 5000}
{ }
[LayeredFS + FTP]
kip1=modules/sys-ftpd.kip
kip1=modules/newfirm/loader.kip
kip1=modules/newfirm/sm.kip
kip1=modules/newfirm/fs_mitm.kip
atmosphere=1
[LayeredFS + FTP + Clear Log]
kip1=modules/sys-ftpd.kip
kip1=modules/nx-dreport.kip
kip1=modules/newfirm/loader.kip
kip1=modules/newfirm/sm.kip
kip1=modules/newfirm/fs_mitm.kip
atmosphere=1
{ }

There's probably a incompatibility when ndreport and ftpd run together.
You can't clear logs from hekate because it needs horizon's services to clear them.

For some strange reason I can't seem to backup the BOOT partitions, while the raw dump went through without any problem.

I've tried different SD cards, always keep getting a yellow write error and a red error 1 (forgot to note down the exact wording, will add it later), resulting in corrupted BOOT0/BOOT1 files i need to clean up with checkdisk afterwards.



Any pointers as to what else I could try?

Note down the errors.

Hey, yeah this wouldn't work for me. My nand is from v2.3.....so I need to recreate it WITHOUT restoring rawnand. THats why im wondering if I just clear logs....remove SX OS and FORMAT the system and then redo the procedure - if it will be like "clean NAND" ?

Nope, a format keeps the errors and statistics. And other things.

The v2.3 backup is from hekate v2.3 or horizon 2.3.0?

 

[TheLastOfUs]

Thanks, this is a fine bootlogo


There's probably a incompatibility when ndreport and ftpd run together.
You can't clear logs from hekate because it needs horizon's services to clear them.


Note down the errors.


Nope, a format keeps the errors and statistics. And other things.

The v2.3 backup is from hekate v2.3 or horizon 2.3.0?

hekate 2.3

 

[Tempest228]

OK, I fucked up somewhere. Battery is fully charged, but this and horizon think it's depleted. Any help is appreciated.

 

[Canna]

OK, I fucked up somewhere. Battery is fully charged, but this and horizon think it's depleted. Any help is appreciated.

Maybe Try the battery option in hekate ?

Fix battery de-sync:
This fixes the low battery monitor missconfiguration at PMIC max77160, produces by linux builds.
The fix is instant and you can just boot into Horizon OS after that.

 

[bkifft]

Note down the errors.

Sure, just hoped it was a common problem
in yellow small: "Error: Write - low level disk I/O!"
In red: "Fatal error (1) when writing to SD card Press any key to try again..."

On consecutive runs I get "Error (2) creating file" in red, as the BOOT0/1 are created, yet corrupt on the FS level and need to be cleaned with a filesystem repair tool like scandisk or fsck)

Happens for BOOT0 as well as BOOT1, SDHC and SDXC cards (dont have any pure SD in micro).

 

[CTCaer]

hekate 2.3

That does not mean that the backup is completely unreliable.
It's just that you can't cross check it.

So, you just make a new backup. Restore the old one made in v2.3, and if it doesn't work, you restore the new backup and go back to start.
And just to clarify something:
The factory reset is not a real format. It clears specific files, just enough to seem that the console is like a new.
But many things are left there and can create a history log.

Sure, just hoped it was a common problem
in yellow small: "Error: Write - low level disk I/O!"
In red: "Fatal error (1) when writing to SD card Press any key to try again..."

On consecutive runs I get "Error (2) creating file" in red, as the BOOT0/1 are created, yet corrupt on the FS level and need to be cleaned with a filesystem repair tool like scandisk or fsck)

Happens for BOOT0 as well as BOOT1, SDHC and SDXC cards (dont have any pure SD in micro).

Nope this is not common. There weren't a case before that could backup rawnand and not the other 2 physical partitions.
You can try to write some files (smaller than 2mb and total 8mb or more) inside, so these sectors will be handled by a PC and then try to backup again.

(The error(2) happens when the fail is at creating a file. Before writing data to that file. So with the 2nd error text, we know that the first happens at writing file metadata)

 

[bkifft]

Nope this is not common. There weren't a case before that could backup rawnand and not the other 2 physical partitions.
You can try to write some files (smaller than 2mb and total 8mb or more) inside, so these sectors will be handled by a PC and then try to backup again.

(The error(2) happens when the fail is at creating a file. Before writing data to that file. So with the 2nd error text, we know that the first happens at writing file metadata)

Solved it by snagging a no name 4GB card from a friend, worked and verified both files on the first try.In retrospect could as well have been an exfat problem, as this card was in fat.

Just in case, the cards I tried before wee both samsung evo plus, 32gb sdhc and 126 sdxc, both on exfat, both formated on linux.

Thanks for the support.

 

[CTCaer]

Solved it by snagging a no name 4GB card from a friend, worked and verified both files on the first try.In retrospect could as well have been an exfat problem, as this card was in fat.

Just in case, the cards I tried before wee both samsung evo plus, 32gb sdhc and 126 sdxc, both on exfat, both formated on linux.

Thanks for the support.

Maybe that's a problem with formatting in linux.
I always format my cards in windows (because FAT32, exFAT and NTFS are microsoft filesystems).

And all my cards except the lakka one are formatted in exFAT and working great.

 

[bkifft]

Maybe that's a problem with formatting in linux.
I always format my cards in windows (because FAT32, exFAT and NTFS are microsoft filesystems).

And all my cards except the lakka one are formatted in exFAT and working great.

True, could be related to mkfs.exfat on linux. Do you handle BOOT and raw dumping differently, though? Different blocksizes or something? Or has the eMMC dedicated timeouts for the special partitions?

 

[CTCaer]

Only the buffer size is different. But ultimately this does not matter because every write or read is 512 bytes under the hood.

 

[TheLastOfUs]

That does not mean that the backup is completely unreliable.
It's just that you can't cross check it.

So, you just make a new backup. Restore the old one made in v2.3, and if it doesn't work, you restore the new backup and go back to start.
And just to clarify something:
The factory reset is not a real format. It clears specific files, just enough to seem that the console is like a new.
But many things are left there and can create a history log.

One last thing - if one restores a clean NAND - does it mean Nintendo can never tell our system was hacked, etc or ran CFW at all if one restores rawnand from 2.3 before any CFW/hacking took place?

Thanks! A lot of confusion with that.

 

[CTCaer]

If you never went online, Nintendo knows nothing about your console.
Otherwise they know many things about your console.
If they know you run unofficial stuff though? Depends on what you run and how careful you were.

 

[juggernaut911]

@CTCaer - I wanted to check my Switch battery health so I check out the "print battery info" option in Hekate 3.2 and it says my battery health is at 80%. I hardly use my Switch, it collected dust for about a year as well. Is there any room for error in the battery info print? I see it posts cycle counts but mine appears as a percent, am I misunderstanding?

Thanks for the tool!

 

[CTCaer]

@CTCaer - I wanted to check my Switch battery health so I check out the "print battery info" option in Hekate 3.2 and it says my battery health is at 80%. I hardly use my Switch, it collected dust for about a year as well. Is there any room for error in the battery info print? I see it posts cycle counts but mine appears as a percent, am I misunderstanding?

Thanks for the tool!

Having a device with lithium battery at storage degrades the battery if it falls at lower 10-15% for a long period of time.
But because it's mostly unused it will show you a correct percent (or in mAh further below) after doing 2 full charge cycles (0-100% x2).

If that's the case this percent will go up. For example mine after a year and a half of usage it was showing 93%. But this was because my battery had more than 2 months to do a 0% (because of the hekate dev and constant charging in RCM).
So after a full charge cycle went up to 98%.

The cycles count is useless though. Because horizon does not save it and restore it. So it's always low after a power off.
Every 100% is one full charge cycle. But as you can see it is always 1 or 2 cycles (100%-299%).
(I'll remove in next version btw).

Anyway, when you store a device for months, make sure that the battery is at 40-50%.
(With switch, it's important to power off through hekate)