Hacking RELEASE CTCaer Hekate that can automatically patch FS KIP1

[mezz0]

Question, would a memory patch of the ES service to handle fake tickets to do backup loading/installs be prohibited from being posted on GBATemp? I'm not talking about posting a patched nintendo binary, just something like the memory offsets and patch values.

I see "es" mentioned a lot; does that stand for exosphere ?

 

[tomGER]

still no solution for 3.01...?

This works on all firmwares

 

[loler55]

If he's using the same signature patches that ReiNX uses (which are the only public ones outside of SX OS), then his package only works on the same firmwares as ReiNX which is 4.X and 5.X. Like I said, the only other CFW to support signature patching is SX OS but that needs an activated license and is closed source.

many people here belive it donst work on 3.01...
i try to install a random nsp loadrunner
can i only install my own nsp????????

This works on all firmwares

https://github.com/tumGER/SDFilesSwitch and https://github.com/tumGER/SDFilesSwitch/blob/SigPatchOwO/Compiled/hekate_ipl.ini/
thanks for answer @tomGER i use your cfg your sd files from your git with the nosigpatch
first thanks for your good work ive read your tutorial more as 10 times
plz can you help out?

i dont need this file?? FS510-exfat_nocmac_nosigchk.kip1
when i have it + in config i get only a blackscreen--
ive tryed to rename it to FS301-exfat_nocmac_nosigchk.kip1
or FS510-exfat_nosigchk.kip1 or FS301-exfat_nosigchk.kip1

but only blackscreen

without it i cant install anything via tinfoil
ive tryed oldlayerfs with sig
new layerfs with sig
cfw with sig


hekate_ctcaer_3.2.bin

--------------------- MERGED ---------------------------

My dudes, it's literally just one freaking line that needs to be added.

1. Download https://github.com/tumGER/SDFilesSwitch
2. Place it on the root of your SD
3. Open the "hekate_ipl.ini" on your root with a text editor
4. Copy this https://github.com/tumGER/SDFilesSwitch/blob/SigPatchOwO/Compiled/hekate_ipl.ini/
   
5. Replace the text you saw when opening the hekate_ipl.ini with the one you just copied (CTRL+A, CTRL+V for those who are confused what I mean with replacing the text)
6. Launch the payload by rajkosto with your fusee gelee launcher of choice (TegraRcmSmash, WEB CFW Launcher or whatever one you're using)
7. Success, enjoy your life

exactly this ive followed

its feels like im the only one there will try this on 3.01 oder depper....

i have no idea what i can do to get it working

 

[Drakia]

i have no idea what i can do to get it working

This is not for piracy, it doesn't patch ticket installation checks.

I see "es" mentioned a lot; does that stand for exosphere ?

The "ES" patches mentioned are "ETicket Services" patches. They are the patches required to install non-legitimate NSPs/tickets. At the moment, all packs that have contained them have been removed, as they are the full ES file. Eventually there will be a patch-based method that will allow these to be distributed to people

 

[loler55]

Ive tryed a second xci and error but Wow a new Icon appear but cant Launch

 

[SaffronXL]

Working great for me, thanks Raj, Tom, and everyone else!

 

[kramer987]

hit me up on discord @kramer987 if having issues. I'm more than happy to help.

but tomgers instructions are more than adequate. I can help walk you through if necessary.

 

[Aeny]

Can confirm that it doesn't work on my 3.0.2 switch. I've tried the nogc flag but my gamecard is still happily detected afterwards.

 

[rajkosto]

that's because those patches are a no-op on < 4.0.0 as there's no firmware update to protect against

 

[Aeny]

that's because those patches are a no-op on < 4.0.0 as there's no firmware update to protect against

Fair enough, it would be nice of people to stop screaming that everything works everywhere then, Thanks for the confirmation.

 

[Subtle Demise]

Yes keep attaching FS510-exfat_nocmac_nosigchk.kip1 to random threads please, people.

Ok, will do! Thanks for the advice!

why dont you follow your own advice instead of attaching copyrighted content ?

For one thing, a several kilobyte file that's only part of a much larger construct should hardly qualify as copyrighted, if at all. We're setting a dangerous precedent. "This project needs taken down because it uses a piece of a piece of a piece of piece..." "This file shares 16 bytes with my file! It's infringing my rights!"

All the people getting errors installing tickets are trying to use forged/fake/unsigned tickets.
The only reason to support those is for piracy (and you dont need them for piracy either, if you just arent super braindead like all the piracy NSP generators are). Therefore, they are not supported (having fake tickets installed into your system is really stupid w.r.t. bannability and being able to run your system normally without patches anyway).

Your own backed up nsps and nsps with common tickets obviously work.
Piracy is not supported by any reputable project.

Reputable by whose standards? MultiMan isn't reputable? For that matter, none of the PS3 CFWs are either? What about USBLoader GX, WiiFlow, et al? Nintendont is irreputable because it doesn't have idiotic piracy checks like Devolution? HDLoader on PS2? Luma3DS isn't reputable either? Or the homebrew that allows launching of NDS ROMs from the 3DS SD card?

As for signature patches being exclusive to piracy: what if for some reason there existed a romhack that would only work when applied as a patch for an .xci file. Now SXOS users would be able to play it, but no one else would because the signature would be broken, and a free .xci loader would not be reputable.

 

[rajkosto]

For one thing, a several kilobyte file that's only part of a much larger construct should hardly qualify as copyrighted, if at all. We're setting a dangerous precedent. "This project needs taken down because it uses a piece of a piece of a piece of piece..." "This file shares 16 bytes with my file! It's infringing my rights!"

Actually yes. This is why you aren't allowed to share master keys even though they are only 16 bytes of seemingly random data.

As for signature patches being exclusive to piracy: what if for some reason there existed a romhack that would only work when applied as a patch for an .xci file. Now SXOS users would be able to play it, but no one else would because the signature would be broken, and a free .xci loader would not be reputable.

I am ok with supporting unsigned NCAs, there are uses for those other than piracy (and is what i have added to this hekate fork/now mainline). The same cannot be said for unsigned tickets though.

USBLoader GX, WiiFlow, et al? Nintendont is irreputable because it doesn't have idiotic piracy checks like Devolution? HDLoader on PS2? Luma3DS isn't reputable either? Or the homebrew that allows launching of NDS ROMs from the 3DS SD card?

This is all software made from scratch/with homebrew toolchains, so it is legal to share publically. It is not the purpose of the software that makes it illegal (however if you are in the USA you might be breaking the law by USING it), it is what it contains. And packs containing pre-patched copyrighted nintendo binaries are not legal (not even TX breaks this rule, they include code to patch the binaries, not pre-patched ones).

 

[Subtle Demise]

why dont you follow your own advice instead of attaching copyrighted content ?

Oh, also: Not everyone is aware that file is copyrighted, and most, me included, would assume it's some kind of homebrew thing. Maybe there's a nicer way to inform people? Also screaming about it at every opportunity and making a big show out of havong ot removed is just going to get the Streisand Effect going, and people are going to propagate the file out of spite (not that I would ever do something so petty).

 

[Ian095]

Oh, also: Not everyone is aware that file is copyrighted, and most, me included, would assume it's some kind of homebrew thing. Maybe there's a nicer way to inform people? Also screaming about it at every opportunity and making a big show out of havong ot removed is just going to get the Streisand Effect going, and people are going to propagate the file out of spite (not that I would ever do something so petty).

I think arguing about this a week later is pretty pointless I see your point and what is said lead me, myself to be misinformed about what this does but I mean really there's not much point in arguing.

 

[rajkosto]

There's specifically no reason to attach pre-patched FS.kip1 to this thread since the entire point of the feature i added is to allow it to be dynamically patched !

 

[Subtle Demise]

Actually yes. This is why you aren't allowed to share master keys even though they are only 16 bytes of seemingly random data.

I'm not alone in thinking that shouldn't be allowed either.

And packs containing pre-patched copyrighted nintendo binaries are not legal.

But why? The Nintendo Switch firmware files are distributed for free to all Nintendo Switches through the System Update function. Now, actually extracting this file and patching it is breaking the DMCA and/or international treaties, along with Nintendo's terms of use (opinion varies from court to court aboit whether these are actually legally enforcable), but if the pre-patched file originates where none of the above apply, it's not really illegal then is it?

I think arguing about this a week later is pretty pointless I see your point and what is said lead me, myself to be misinformed about what this does but I mean really there's not much point in arguing.

I didn't know it was a week old, I just saw it yesterday, and seeing it again made me want to reply to it. I know there's no point in arguing, but I'm just sick of politicians, celebrities, and especially corporations having more rights than everyone else.

Anyway, I guess I'm done here before I get into trouble over it.

--------------------- MERGED ---------------------------

There's specifically no reason to attach pre-patched FS.kip1 to this thread since the entire point of the feature i added is to allow it to be dynamically patched !

I get that now, I was just kind of frustrated at the idea of miniscule things being illegal somehow.

 

[rajkosto]

But why? The Nintendo Switch firmware files are distributed for free to all Nintendo Switches through the System Update function. Now, actually extracting this file and patching it is breaking the DMCA and/or international treaties, along with Nintendo's terms of use (opinion varies from court to court aboit whether these are actually legally enforcable), but if the pre-patched file originates where none of the above apply, it's not really illegal then is it?.

They do not distribute this freely to just any computer. They only distribute it (in pieces, each piece separately encrypted) to switches running Horizon OS and presenting the correct client certificate. It is not the same as PS3 full firmware files which you can just get from sony's website (although, even if something is available for free on the publisher's website, does not give you the right to redistribute it in a modified form ! This is why we cant distribute the memory training code from the Pixel-C firmwares, even though the Pixel-C firmwares are free to download)

 

[huma_dawii]

OMG I lost my sigpatches, cant make it work, what should I delete from my SD card to start over new?

 

[shchmue]

this method only depends on the hekate config ini as in the OP the rest depends on the payload

 

[ZiggyDeer]

Used it a couple of times, and sat on it for a couple of days. Now it says it can't init my SD card, even though the CTCaer fork does it fine.

EDIT: Also it takes significantly longer to load after injection.