As if yesterday's emuiibo update was not enough, @XorTroll has also released a new version of his popular Nintendo Switch multi-tool and title installer! Goldleaf 0.6's biggest feature highlight is, without any doubt, a complete refactor of its USB install functionality: the old and limited one has been replaced with a fully-featured PC file browser. Instead of just sending a single NSP file over USB to your console, you will now be able to see a list of all the storage devices found on the computer running Goldtree - both internal (HDDs, SSDs, etc.) and external (microSDs, USB drives, ...). From there, you will be able to browse anywhere you like and choose whichever files you want to install!

Speaking of browsing, the file manager has also received two noteworthy quality of life improvements: you can now set a folder's archive bit easily (useful if your console's microSD has been formatted as FAT32 to make the Switch's OS treat its contents as a single file) as well as bulk install all NSPs found in a directory. Both options work globally so, yes, thanks to the previously mentioned PC browsing feature, bulk USB installs are now available!

Last, but not least, amiibo dumping is here too. It uses the same format introduced with emuiibo 0.3, making it a breeze to "virtualize" your real figures to use them in games without having to carry them around!

There have also been other smaller changes, like slightly faster NSP install times, skipping a title's required FW by default unless specifically changed in the config, automatically disabling sleep mode to prevent accidental interruptions and a built-in updater. If you want to know everything included in 0.6, you can read the changelog below:

(My god, it's been 4 months!)

• NSP installs:
  • As Goldleaf's internal filesystem handling has been completely remade, installs have been internally remade. This apparently results in slightly faster installs, at least in my case.
    
    
  • Now the user won't be asked to ignore required firmware version or not, as that can be configured on the config.
    
    
  • Sleep-mode is disabled now in order to avoid to interrupt installs.
    
    
  • Now all the NSPs inside a directory can be installed in a row (see below).
• USB installs:
  • USB installs have been improved into a new feature: remote PC browser!
    
    
  • Now you can directly browse your PC, plus any drives connected to it, as a regular filesystem, same as SD card or console memory.
    
    
  • It is also worth to mention that the new USB command system seems to be way, WAY more stable than any previous USB system in Goldleaf!
    
    
  • Anyway, always keep in mind that it might freeze or cause bugs with folders with tons of files.
• File systems:
  • Presenting the new, remade USB system: remote PC browsing!
    • Instead of a simple connection, it's a whole filesystem implementation over USB.
      
      
    • Browse your PC (Windows-only with Goldtree) directly from Goldleaf! Any extra drive inserted browsable by the PC will be browsable here.
      
      
    • Since USB drives' support (fsp-usb service in Atmosphere) is still being worked on, you can use this system with drives inserted in your PC in order to browse or install files from there.
  • Two simple, QoL features have been added to filesystems (to directories in this case): the option to install all NSPs within the directory, and the option to set the archive bit on it.
• UI
  • For now on, Goldleaf main color will continue to be golden, but the "secondary" color along with gold is going to be blue.
    
    
  • Therefore, both the icon and the main themes have been changed.
• Goldleaf auto-updating:
  • Now Goldleaf supports updating itself, since https was supported on dkP. (this means direct access to GitHub for version checking and asset downloading)
    
    
  • Nevertheless, now Goldleaf's NSP is a forwarder, what means that just by updating the NRO you will target Goldleaf from HOME menu as always.
    
    
  • You can even upgrade the installed version if you want to!
    
    
  • As you may suppose, this requires internet connection
• Amiibo dumping support
  • A new option has been added to the main menu, which adds support to dump real amiibos to be used with emuiibo.
    
    
  • Obviously, emuiibo 0.3 format is used. Please ensure you're also using the latest emuiibo version!

I know, it's been a while! Go grab it while it's hot!

EDIT: A bug has been found which affects USB NSP installs with a file size of 4 GB or higher. @XorTroll will work on a fix in 0.6.1 but he's unable to work on it now. As such, users with FAT32 cards are advised to keep using the old version until the fix is released.

EDIT 2: Goldleaf 0.6.1 has been released, which fixes the aforementioned bug as well as a few other minor issues and crashes.

EDIT 3: Goldleaf 0.7 has been released and it focuses on improvements and bug fixes over the previous versions. A few new features have also been included, like local account unlinking.

Source
GBAtemp thread

 

[Clapmaster]

I'm getting install errors with some nsps saying that sigpatches are missing or my firmware is too low. These nsps installed with no problems with Goldleaf 0.5. I'm on firmware 8.1.0

 

[weatMod]

seriosuly? what the fuck? you know you can FTP over wireless as well right? comms don't make a difference to applications if it's wired or wireless.. that really was a stupid and ignorant comment to make.

the only stupid and more confusing comment is Goldleaf talking about USB installs - when most people are going to be thinking you can plug in a USB stick or HDD and install from that, just like you can with SX OS.

Installing from a PC via a USB cable should more accurately be referred to as USB server install.

"the only stupid and more confusing comment is Goldleaf talking about USB installs - when most people are going to be thinking you can plug in a USB stick or HDD and install from that, just like you can with SX OS."

yes that was exactly my point

"Installing from a PC via a USB cable should more accurately be referred to as USB server install"

wait is that what it means? you mean this new goldleaf can do that , i though tit was just wireless transfer from a PC where the USB drive was plugged into the PC , you are saying you plug the PC into the USB port on the switch and install from your PC not wirelessly?
this whole thing is just really poorly explained

 

[gizmomelb]

I mean. Not really? That mangles the word server to mean something else entirely.

not at all.. a device or application which serves files or applications to client devices or applications via a network is called a server.

pretty much the dictionary definition.

--------------------- MERGED ---------------------------

"the only stupid and more confusing comment is Goldleaf talking about USB installs - when most people are going to be thinking you can plug in a USB stick or HDD and install from that, just like you can with SX OS."

yes that was exactly my point

ok my apologies for misunderstanding what you were trying to convey.

"Installing from a PC via a USB cable should more accurately be referred to as USB server install"

wait is that what it means? you mean this new goldleaf can do that , i though tit was just wireless transfer from a PC where the USB drive was plugged into the PC , you are saying you plug the PC into the USB port on the switch and install from your PC not wirelessly?

installing NSP / XCI files stored on a PC (whether the files are on the main HDD or on external USB storage connected to the PC) to the switch via a USB cable has been around for quite a while now.

Even Goldleaf has been able to install from a PC with USB C cable with the GOLDTREE.EXE on the PC - see this video which is a month old -


There are other USB host or server programs for PC, *nix and Mac (NUT and NS-USBLOADER being the main ones) and other Switch based NSP installers which all support installing direct over USB.

Now something which doesn't appear to have been explained is WHY would you want to install from USB on your PC? Well your SD card can be FAT32 formatted and you can still install files larger than 4GB from the PC hard drive! You install DIRECT to the Switch, it's not COPYING the file then installing (two step process) - it's just install direct from the PC as a 1 step process.

eg:

this whole thing is just really poorly explained

that is absolutely correct.

 

[SOLSTAR]

it just crashes here, pvrevious version worked flawlessly

 

[goncalodoom]

I'm getting install errors with some nsps saying that sigpatches are missing or my firmware is too low. These nsps installed with no problems with Goldleaf 0.5. I'm on firmware 8.1.0

Same issue here.

 

[blawar]

-snip-

Yeah I didn't understand that one either. I think they are just trying to encourage him not to abandon it despite all of the issues by puffing him up with empty platitudes.

edit: on some level, I get it. how many active switch homebrew developers are there besides me? So I can understand lying to him to try to encourage him to write more stuff. I personally believe his work is more harmful to the scene than helpful, and wish I could pay him to not write software.

edi2: just to clarify before anyone gives me shit. Goldleaf 0.6 is a security nightmare, and now the nintendo switch is officially a malware vector to infect your PC due to extremely poor decision decisions (yet again) by xortroll. Not only that, it is literally a backdoor for third parties to gain unauthorized access to your computer, even if your drives are encrypted. Really only an idiot would run this software.

 

[wurstpistole]

Not only that, it is literally a backdoor for third parties to gain unauthorized access to your computer, even if your drives are encrypted. Really only an idiot would run this software.

Please elaborate how this works

 

[blawar]

Please elaborate how this works

Say I know you are running goldtree,I could craft a application that scans / steals your bitcoin wallet, I could write a malicious payload to inject malware into your boot-up config so it runs when you reboot your PC, I could steal unencrypted passwords, browser history, dick pics, pretty much steal anything on your PC that the user has access to. Could do ransom ware where it encrypts your personal files then demands payment for the decryption key.

A malicious user does not even need physical access to the computer: they could simply put the payload in a homebrew app, then when the user runs the homebrew app it steals or infects the PC when it is ran (assuming USB cable is connected).

Law enforcement could have near full access to your machine, even if your drives are encrypted.

The possibilities of exploits are near limitless.

 

[The Real Jdbye]

Yess, finally Goldleaf is competitive with Tinfoil. I have been waiting for the USB installation to be improved, having to physically be present to manually install multiple games over USB is just not very useful. I hope this also fixes all the constant crashing related to the USB feature.

 

[blawar]

-snip-

you miss the glaring difference: what can malicious software do on your switch? nothing. what can it to do your pc? everything. tinfoil doesn’t have access to your entire pc, only the nsp directory, and it is read only. the other difference is that gold tree doesn’t expose you to hat malicious homebrew, it exposes your entire pc to malcom iou’s attacker’s even without connecting a switch.

--------------------- MERGED ---------------------------

Yess, finally Goldleaf is competitive with Tinfoil. I have been waiting for the USB installation to be improved, having to physically be present to manually install multiple games over USB is just not very useful. I hope this also fixes all the constant crashing related to the USB feature.

goldleaf is not competitive with tinfoil, but this release is a good start he realized what i had been saying all along, having to select files on the pc app is cancer. he is beginning to emulate more tinfoil concepts

 

[Ev1l0rd]

Say I know you are running goldtree,I could craft a application that scans / steals your bitcoin wallet, I could write a malicious payload to inject malware into your boot-up config so it runs when you reboot your PC, I could steal unencrypted passwords, browser history, dick pics, pretty much steal anything on your PC that the user has access to. Could do ransom ware where it encrypts your personal files then demands payment for the decryption key.

And guess whose tools are closed source and I now hold another reason not to use.

Here's a hint; if you're gonna describe methods to fuck over users, maybe just MAYBE it's not smart to do that if your biggest thing you're known for is closed source and as a result could do anything since nobody can verify you're not pulling scummy shit on it.

 

[blawar]

And guess whose tools are closed source and I now hold another reason not to use.

Here's a hint; if you're gonna describe methods to fuck over users, maybe just MAYBE it's not smart to do that if your biggest thing you're known for is closed source and as a result could do anything since nobody can verify you're not pulling scummy shit on it.

I am not sure if you are intentionally conflating these two things: it is impossible for tinfoil (runs on switch) to exploit your PC, goldtree is a walk in the park to exploit your PC. Nut is open source, go read what it does. Exploiting your PC is a huge deal.

 

[Ev1l0rd]

I am not sure if you are intentionally conflating these two things: it is impossible for tinfoil (runs on switch) to exploit your PC, goldtree is a walk in the park to exploit your PC. Nut is open source, go read what it does. Exploiting your PC is a huge deal.

The method you just described just needs Goldtree genius. It doesn't need Goldleaf (in fact what you just described would be in its own homebrew program).

The point I'm making is that you're damaging your own trust since nobody knows what the fuck Tinfoils code is (since guess what: it aint FOSS) so we can't be assured that any future versions might not contain this very method you just described to (as you say for example) steal bitcoin wallets if someone happens to connect their Switch to a PC running Goldleaf while having your tool open.

 

[FMCore]

you miss the glaring difference: what can malicious software do on your switch? nothing.

It can brick your switch, so there's that.

 

[blawar]

The method you just described just needs Goldtree genius. It doesn't need Goldleaf (in fact what you just described would be in its own homebrew program).

The point I'm making is that you're damaging your own trust since nobody knows what the fuck Tinfoils code is (since guess what: it aint FOSS) so we can't be assured that any future versions might not contain this very method you just described to (as you say for example) steal bitcoin wallets if someone happens to connect their Switch to a PC running Goldleaf while having your tool open.

The method I describe cannot be performed by tinfoil, because tinfoil does not have read/write access to your PC. Outside of goldtree, the worst a homebrew app can really do is brick you. And there have been zero reports of tinfoil bricking anyone. Goldtree exposing your PC to malicious actors is a whole new ballgame, some real serious damage can be caused by this.

I think you know the difference here, and are intentionally trying to spread fud to confuse users who do not understand just hwo fucked up what goldleaf / goldtree is doing.

Succinctly put: tinfoil is not a security threat to your PC, goldleaf is.

 

[toxic9]

tinfoil is closed source... most of software we use on our pc's are closed sorce... and people just don't care. So don't complain about that. Blawar never wanted to brick anyone. His apps are always a step ahead over the others. We should be happy there are people on the scene making apps for us to try.
I just don't like to see pushing down other people's apps. One thing for sure, goldleaf's releases are always full of bugs. They should be more tested before (not so) stable releases.

 

[Phenj]

Error-code 2168-0001 (0x2a8)
When running the latest Goldleaf version, using latest atmosphere

 

[Ev1l0rd]

The method I describe cannot be performed by tinfoil, because tinfoil does not have read/write access to your PC. Outside of goldtree, the worst a homebrew app can really do is brick you. And there have been zero reports of tinfoil bricking anyone. Goldtree exposing your PC to malicious actors is a whole new ballgame, some real serious damage can be caused by this.

I think you know the difference here, and are intentionally trying to spread fud to confuse users who do not understand just hwo fucked up what goldleaf / goldtree is doing.

Succinctly put: tinfoil is not a security threat to your PC, goldleaf is.

You really dont get how this shit works and what you just described did you?

Goldtree is a PC tool that allows browsing the filesystem, correct. What you described is that if a tool that isn't Goldleaf (the intended tool to use this for) would interact using the Goldtree API with the PC and the risk/damage it could do to it.

I don't give a crud about whether it's an actual safety risk or not (could entirely be, although I'd like to point out that you'd have to explicitly connect your Switch to your computer to do anything dangerous to it since if I'm correct Goldtree handles USB installs), but the matter of fact is that you are describing a method of attacking/damaging a computer, whilst also operating a closed tool program that's been known to fuck with software just because you couldn't agree with the authors.

tinfoil is closed source... most of software we use on our pc's are closed sorce... and people just don't care. So don't complain about that. Blawar never wanted to brick anyone. His apps are always a step ahead over the others. We should be happy there are people on the scene making apps for us to try.
I just don't like to see pushing down other people's apps. One thing for sure, goldleaf's releases are always full of bugs. They should be more tested before (not so) stable releases.

I can't speak for everyone, but I use Arch Linux and am using Mozilla Firefox to send this message, so for all intents and purposes "most apps" I use are FOSS.

Even so "everyone does it" is not an argument. If a lot of people would decide that lighting themselves on fire is a smart idea, well guess we should light ourselves on fire since everyone does it.

In addition, especially when tampering with the security of a system (which anything involving Homebrew does and something that installs tickets/titles certainly does), I prefer to be aware of exactly what I'm running and installing and will actively discourage the use of anything that is not open source (also fueled by a long long history of homebrew devs who go closed source behaving like whiny crybabies or pulling dumb shit.)

 

[blawar]

You really dont get how this shit works and what you just described did you?

Goldtree is a PC tool that allows browsing the filesystem, correct. What you described is that if a tool that isn't Goldleaf (the intended tool to use this for) would interact using the Goldtree API with the PC and the risk/damage it could do to it.

I don't give a crud about whether it's an actual safety risk or not (could entirely be, although I'd like to point out that you'd have to explicitly connect your Switch to your computer to do anything dangerous to it since if I'm correct Goldtree handles USB installs), but the matter of fact is that you are describing a method of attacking/damaging a computer, whilst also operating a closed tool program that's been known to fuck with software just because you couldn't agree with the authors.

You are incorrect, you do not need to connect your switch to the PC to exploit this. This is why it is such a huge vulnerability. You may not care about the huge security vulnerability in goldleaf/goldtree, but I am sure a significant portion of the user base does.

 

[Ev1l0rd]

You are incorrect, you do not need to connect your switch to the PC to exploit this. This is why it is such a huge vulnerability. You may not care about the huge security vulnerability in goldleaf/goldtree, but I am sure a significant portion of the user base does.

Do explain. As far as I can see, Goldtree is a tool purely designed for connecting your Switch over USB to browse files on your PC. It does not prove network installations. Ergo, the only possible attack point is over USB (not a network) and the most likely place to find a user who runs Goldtree is a user who has a Switch, since it would be dumb otherwise.