Hacking Question what is the best scenario for brand new unpatched switch with firmware 4.1.0?

[Reecey]

I wouldn't update sysNAND with ChoiDujourNX (since it's a homebrew).
If you want to play online with it either way, these would (have) be(en) the best steps:

1. NAND backup of your clean 4.1.0 FW
2. Update the official way (through system settings after setting up internet connection) to 8.1.0
3. Only if you want to prevent your fuse state (which is not needed imho):
   - Have a Jig and put it in as soon as the update starts
   - While it's going to reboot, hold VOL+ to get into RCM
   - Use hekate, enable AutoRCM and boot stock sysNAND
4. Link your user profile to a Nintendo account if not already done
5. Put in 90DNS as primary and secondary in your internet connection
   
6. Reboot to RCM and use hekate to make another NAND dump
7. Copy your SD content to a temporary folder on your computer
8. Boot to RCM and fire up SX OS while holding VOL+ to get into SX OS boot menu
9. Create hidden partition based emuNAND from there
10. create sd:\emuMMC\emummc.ini on your SD card and paste the code I put at the end of this post
11. Copy back everything to the SD from your computer
    
12. Boot into CFW emuMMC from hekate (without changing any emuMMC settings there ... don't hit "migrate" or anything ... the emummc.ini already handles everything nicely
13. Reboot into stock sysNAND using hekate (your default payload for now! )
14. Remove 90DNS by setting DNS to automatic again
15. Have fun online on stock sysNAND and use everything else on CFW emuMMC

[emummc]
enabled = 1
sector = 0x2
nintendo_path = Emutendo

He doesn't need to update his ofw to the latest firmware at all, please don't tell him that! The point of having the "hidden partition" on the sd card is so he can keep his official nand on the lowest firmware and keep it as a stealthy option completely hidden away from Nintendo. Having the "hidden partition" on his sd card acts like his official nand, the closest he will ever get to this, while keeping his emunand on the latest firmware, thats the point of it just as if hes using the real systemnand, its used for this kind of new setup so he can have his official systemnand untouched and it's also a preferred option and the best option for a brand new unit like his. This is why I am giving him my advice because I have done the same with my second switch on firmware 4.1.0 for over 8 months now no issues.

 

[Reecey]

@Goldenman66
I was just thinking I presume you have bought an sxos license or using an sxpro, not the free version?

 

[Goldenman66]

@Goldenman66
I was just thinking I presume you have bought an sxos license or using an sxpro, not the free version?

No I didn’t bought it till now i used the free version as you advised a general version 2.5.3

 

[RHOPKINS13]

You have the holy grail, an unpatched Switch on 4.1.0. Whatever anybody tells you, I would not update your sysNAND at all, even if you avoid burning fuses, it will be too easy to accidentally burn them later.

You have access to a tetherless exploit. Your best situation now (in my opinion) is to create two emuNANDs, one that you strictly use with legit purchases for playing online, and one that you strictly use for all your other purposes.

I believe you already know this, and are just having problems getting your emuds set up.

Yes, there is always a slight ban risk of using emuNAND, because you can't possibly use emuNAND and be in a fully "clean" state. That being said, I think Atmosphere does a lot more to mitigate that risk than SX OS, and I highly recommend you stick with it, even if it's harder for you to set up.

It's possible to use more than one emuNAND on a single microSD card, but in my opinion it's not worth the headache and the amount of storage that takes, you're better off having two separate microSD cards.


You haven't told us what all you've done to try to set up emuNAND. You made a clean NAND backup, did you backup BOOT0 and BOOT1? Did you create a new backup on your PC using copy /b BOOT0+BOOT1+rawnand.bin emummc.bin ? Did you try to set it up manually or using something built-in with Hekate or SX OS?

I'm assuming you're using sector=0x2 in your emummc config, but did you verify that's the correct value to use in your case?

 

[Goldenman66]

You have the holy grail, an unpatched Switch on 4.1.0. Whatever anybody tells you, I would not update your sysNAND at all, even if you avoid burning fuses, it will be too easy to accidentally burn them later.

You have access to a tetherless exploit. Your best situation now (in my opinion) is to create two emuNANDs, one that you strictly use with legit purchases for playing online, and one that you strictly use for all your other purposes.

I believe you already know this, and are just having problems getting your emuds set up.

Yes, there is always a slight ban risk of using emuNAND, because you can't possibly use emuNAND and be in a fully "clean" state. That being said, I think Atmosphere does a lot more to mitigate that risk than SX OS, and I highly recommend you stick with it, even if it's harder for you to set up.

It's possible to use more than one emuNAND on a single microSD card, but in my opinion it's not worth the headache and the amount of storage that takes, you're better off having two separate microSD cards.


You haven't told us what all you've done to try to set up emuNAND. You made a clean NAND backup, did you backup BOOT0 and BOOT1? Did you create a new backup on your PC using copy /b BOOT0+BOOT1+rawnand.bin emummc.bin ? Did you try to set it up manually or using something built-in with Hekate or SX OS?

I'm assuming you're using sector=0x2 in your emummc config, but did you verify that's the correct value to use in your case?

@RHOPKINS13 i tried atmosphere and sxos and never get emunand work. With atmosphere when i press to launch emunand switch reboot again to hekate and with sxos emunand is always disabled and can’t enabled. I made a clean NAND backup, backed up BOOT0 and BOOT1, I don’t know how to create a new backup on PC using copy /b BOOT0+BOOT1+rawnand.bin emummc.bin, I use rcmloader to enter rcm and inject payload

 

[lordelan]

He doesn't need to update his ofw to the latest firmware at all, please don't tell him that! The point of having the "hidden partition" on the sd card is so he can keep his official nand on the lowest firmware and keep it as a stealthy option completely hidden away from Nintendo. Having the "hidden partition" on his sd card acts like his official nand, the closest he will ever get to this, while keeping his emunand on the latest firmware, thats the point of it just as if hes using the real systemnand, its used for this kind of new setup so he can have his official systemnand untouched and it's also a preferred option and the best option for a brand new unit like his. This is why I am giving him my advice because I have done the same with my second switch on firmware 4.1.0 for over 8 months now no issues.

What's the point in staying on 4.1.0? It's even past the cartridge driver update so going back to it if no fuses are burnt is possible without any problems. And even if he accidentally burns fuses, we would always be able to boot into 4.1.0 nonetheless with hekate.
Honestly who is working on that coldboothax? Nobody we know of. All capable ppl are "just" working on new Atmo updates, hekate updates or RetroArch. I don't think it'll ever come.
Why the struggle to deal with even two emuNANDs?

--------------------- MERGED ---------------------------

I really don't know your method. When I play online, I play with a pure nand, completely unassisted by any cfw or bootloaders. I don't even use autorcm. When I want to do homebrew, I use a jig and payload. I'm just waiting for linux/lakka/android to be able to reboot to payload, which will significantly reduce how often I use a jig/external payload push. It seems @lordelan has more experience using both emunand and emummc. He has a hybrid situation it looks like. I'm reluctant about using emunand/emummc online. Personally I would stay with FAT32.

Right now I have one emuNAND/emuMMC that I created with SX OS and am using with either Atmos or SX OS (depending on which payload I use) but it's the same emuNAND while my sysNAND is for online play. And I've got Ubuntu on the same SD and it works but I'm going to nuke it in order to have Android take its place soon when Tariq finishes his investigations.

As a side note: never ever use exFAT on the Nintendo Switch if you're using any CFW related stuff. Stay on FAT32 with 32 k cluster size.

 

[Lacius]

What's the point in staying on 4.1.0? It's even past the cartridge driver update so going back to it if no fuses are burnt is possible without any problems. And even if he accidentally burns fuses, we would always be able to boot into 4.1.0 nonetheless with hekate.
Honestly who is working on that coldboothax? Nobody we know of. All capable ppl are "just" working on new Atmo updates, hekate updates or RetroArch. I don't think it'll ever come.
Why the struggle to deal with even two emuNANDs?

--------------------- MERGED ---------------------------


Right now I have one emuNAND/emuMMC that I created with SX OS and am using with either Atmos or SX OS (depending on which payload I use) but it's the same emuNAND while my sysNAND is for online play. And I've got Ubuntu on the same SD and it works but I'm going to nuke it in order to have Android take its place soon when Tariq finishes his investigations.

As a side note: never ever use exFAT on the Nintendo Switch if you're using any CFW related stuff. Stay on FAT32 with 32 k cluster size.

It's worth staying on 4.1.0 if one wants to use the warmboot browser exploit (Deja Vu). If one doesn't care about using Deja Vu, there's no real reason to stay on 4.1.0, and there probably won't be any reason to downgrade to 4.1.0.

An untethered coldboot exploit will probably never be released on anything above 3.0.2.

 

[lordelan]

It's worth staying on 4.1.0 if one wants to use the warmboot browser exploit (Deja Vu). If one doesn't care about using Deja Vu, there's no real reason to stay on 4.1.0, and there probably won't be any reason to downgrade to 4.1.0.

An untethered coldboot exploit will probably never be released on anything above 3.0.2.

Correct. But Deja Vu should work even if too many fuses burnt iirc.
So even someone with a fuse state of 8.1.0 could restore a 4.1.0 backup, boot into it with hekate and use Deja Vu. Although there's absolutely no point to do so on an unpatched unit.

 

[Reecey]

No I didn’t bought it till now i used the free version as you advised a general version 2.5.3

If you now have a license I don’t understand why it’s not booting into your emunand even if it’s fat32 partitioned it should still boot emunand on 4.1.0. Have you tried also what I said start from scratch flash your 4.1.0 firmware to exfat then create emunand again? I wrote some details down for you earlier on. Have you at least tried deleting emunand and set it back up again delete your sd card use mini partition tool format it primary fat32, cluster 32k put your sxos files back on setup emunand again, try that.

 

[WiseFool]

I wouldn't update sysNAND with ChoiDujourNX (since it's a homebrew).
If you want to play online with it either way, these would (have) be(en) the best steps:

1. NAND backup of your clean 4.1.0 FW
2. Update the official way (through system settings after setting up internet connection) to 8.1.0
3. Only if you want to prevent your fuse state (which is not needed imho):
   - Have a Jig and put it in as soon as the update starts
   - While it's going to reboot, hold VOL+ to get into RCM
   - Use hekate, enable AutoRCM and boot stock sysNAND
4. Link your user profile to a Nintendo account if not already done
5. Put in 90DNS as primary and secondary in your internet connection
   
6. Reboot to RCM and use hekate to make another NAND dump
7. Copy your SD content to a temporary folder on your computer
8. Boot to RCM and fire up SX OS while holding VOL+ to get into SX OS boot menu
9. Create hidden partition based emuNAND from there
10. create sd:\emuMMC\emummc.ini on your SD card and paste the code I put at the end of this post
11. Copy back everything to the SD from your computer
    
12. Boot into CFW emuMMC from hekate (without changing any emuMMC settings there ... don't hit "migrate" or anything ... the emummc.ini already handles everything nicely
13. Reboot into stock sysNAND using hekate (your default payload for now! )
14. Remove 90DNS by setting DNS to automatic again
15. Have fun online on stock sysNAND and use everything else on CFW emuMMC

[emummc]
enabled = 1
sector = 0x2
nintendo_path = Emutendo

So basically in this method, I will have autorcm always on. Be able to boot into sysnand for online legit play and boot into emummc for hbm. Also, I'll be preserving the fuses on my ofw.

Correct me if I'm wrong please. I'm going to follow this guide to setup atmosphere emummc.

Sent from my POCO F1 using Tapatalk

 

[Lacius]

Correct. But Deja Vu should work even if too many fuses burnt iirc.
So even someone with a fuse state of 8.1.0 could restore a 4.1.0 backup, boot into it with hekate and use Deja Vu. Although there's absolutely no point to do so on an unpatched unit.

As you said, that would be pointless. Deja Vu effectively requires a low fuse count.

 

[RHOPKINS13]

@RHOPKINS13 i tried atmosphere and sxos and never get emunand work. With atmosphere when i press to launch emunand switch reboot again to hekate and with sxos emunand is always disabled and can’t enabled. I made a clean NAND backup, backed up BOOT0 and BOOT1, I don’t know how to create a new backup on PC using copy /b BOOT0+BOOT1+rawnand.bin emummc.bin, I use rcmloader to enter rcm and inject payload

It sounds like you're trying to boot emuNAND without having it actually set up. That's your issue, emuNAND is not something you can simply launch without having your SD card properly set up first.

Check out this tutorial here:
https://gbatemp.net/threads/emummc-setup-win-linux-quadboot.541152/

You can skip the "Quadboot" stuff, you just want to go through the "Pre-Setup" and "Setting Up emuMMC" steps.

You only need to go through the "Pre-Setup" once, but once you have your emummc.bin file, I would go through "Setting Up emuMMC" twice, with two separate microSD cards. That way you can use one for NSPs, homebrew, and other stuff, while the other one you'll use strictly with legit cartridges and games for online play.

If you do everything correctly, you'll be able to do something most people here can't: boot into emuNAND without the need for an RCM jig or a payload pusher. That's pretty awesome, I'm actually a little jealous. Take advantage of what you can do!

Once you're fully setup, on your emuMMC for NSPs and homebrew usage, I'd setup Incognito and 90DNS as soon as possible. That should help prevent you from getting banned.

 

[Goldenman66]

If you now have a license I don’t understand why it’s not booting into your emunand even if it’s fat32 partitioned it should still boot emunand on 4.1.0. Have you tried also what I said start from scratch flash your 4.1.0 firmware to exfat then create emunand again? I wrote some details down for you earlier on. Have you at least tried deleting emunand and set it back up again delete your sd card use mini partition tool format it primary fat32, cluster 32k put your sxos files back on setup emunand again, try that.

No I didn’t try it. Is it safe to use cfw and ChoiDujournx?

--------------------- MERGED ---------------------------

It sounds like you're trying to boot emuNAND without having it actually set up. That's your issue, emuNAND is not something you can simply launch without having your SD card properly set up first.

Check out this tutorial here:
https://gbatemp.net/threads/emummc-setup-win-linux-quadboot.541152/

You can skip the "Quadboot" stuff, you just want to go through the "Pre-Setup" and "Setting Up emuMMC" steps.

You only need to go through the "Pre-Setup" once, but once you have your emummc.bin file, I would go through "Setting Up emuMMC" twice, with two separate microSD cards. That way you can use one for NSPs, homebrew, and other stuff, while the other one you'll use strictly with legit cartridges and games for online play.

If you do everything correctly, you'll be able to do something most people here can't: boot into emuNAND without the need for an RCM jig or a payload pusher. That's pretty awesome, I'm actually a little jealous. Take advantage of what you can do!

Once you're fully setup, on your emuMMC for NSPs and homebrew usage, I'd setup Incognito and 90DNS as soon as possible. That should help prevent you from getting banned.

I’ll try it and send you the results

 

[Reecey]

I cannot understand why he can’t boot emunand on sxos after setting it up? I had a brand new unit on 4.1.0 the same as his all I did was format my sd card fat32 mini partition tool used the general build 2.5.3 first back up full nand then booted cfw, flashed cfw with ChoiDujournx to 4.1.0 firmware files exfat then in sxos main menu I setup emunand with hidden partition put all my files back on my sd card that booted straight into emunand then I updated through the sxos menu to 2.8beta then used ChoiDujournx to flash the 8.1.0 firmware exfat and that was it I cannot see why he can’t boot into emunand and it’s locked as disabled.

 

[Goldenman66]

I cannot understand why he can’t boot emunand on sxos after setting it up? I had a brand new unit on 4.1.0 the same as his all I did was format my sd card fat32 mini partition tool used the general build 2.5.3 first back up full nand then booted cfw, flashed cfw with ChoiDujournx to 4.1.0 firmware files exfat then in sxos main menu I setup emunand with hidden partition put all my files back on my sd card that booted straight into emunand then I updated through the sxos menu to 2.8beta then used ChoiDujournx to flash the 8.1.0 firmware exfat and that was it I cannot see why he can’t boot into emunand and it’s locked as disabled.

Difference between us that I didn’t booted into cfw and didn’t flash 4.1.0 exfat. I’m afraid that with booting cfw there is a risk of being banned and Sysnand will not be clear anymore

 

[Reecey]

You will be fine sxos stealth will be on automatically in cfw don’t turn it off. Grab your 4.1.0 firmware files same site you got the 8.1.0 files from boot up cfw and ChoiDujournx in the homebrew tab album and run 4.1.0 exfat then go back setup emunand hidden partition.

Edit: forgot make sure you put your ini file on the route of your sd card when flashing someone else pasted you it in another comment. Just copy & paste .ini

 

[lordelan]

So basically in this method, I will have autorcm always on. Be able to boot into sysnand for online legit play and boot into emummc for hbm. Also, I'll be preserving the fuses on my ofw.

Correct me if I'm wrong please. I'm going to follow this guide to setup atmosphere emummc.

Sent from my POCO F1 using Tapatalk

Correct.

 

[Goldenman66]

@RHOPKINS13 i'm trying it with no success, when i'm using command dd it give me "0Error writing file: 87 The parameter is incorrect" and i can't solve this issue? i'm very disappointed it seems i'm doing something wrong i can't setup emunand by any way i don't know what is my mistake.

 

[Goldenman66]

You will be fine sxos stealth will be on automatically in cfw don’t turn it off. Grab your 4.1.0 firmware files same site you got the 8.1.0 files from boot up cfw and ChoiDujournx in the homebrew tab album and run 4.1.0 exfat then go back setup emunand hidden partition.

Edit: forgot make sure you put your ini file on the route of your sd card when flashing someone else pasted you it in another comment. Just copy & paste .ini

After creating emunand using sxos hidden partition, i can’t open sd card second partition to put license.dat file and ini file is this normal? I sent I screenshot from card partition in previous comment and i’m using windows 10

 

[RHOPKINS13]

@RHOPKINS13 i'm trying it with no success, when i'm using command dd it give me "0Error writing file: 87 The parameter is incorrect" and i can't solve this issue? i'm very disappointed it seems i'm doing something wrong i can't setup emunand by any way i don't know what is my mistake.

Actually, I seem to remember running into the same issue. Make sure that you're running it from an "elevated" command prompt with administrative privileges. I seem to remember my error having something to do with the way I was typing the command in. I could be wrong, but I "think" what I did to work around it was mount the emuMMC partition with a drive letter, and then pass that drive letter to dd rather than \\?\Device\HarddiskVolumeXX.

I did mine slightly differently because just as a matter of preference I like having my emuMMC partition at the beginning of the card instead of the end, but that requires deleting the partition afterwards and is a little advanced.

If I can find a spare microSD card laying around, I might try playing with that dd command some more just to verify what I did to get around that error message.

You're really close to having Atmosphere + emuMMC, don't give up yet!