Hacking SWITCH NOOB PARADISE - Ask questions here

[Frogslayer]

You'd have to remove the SD card.

I have tried that. The switch will not turn on.

 

[Frogslayer]

You'd have to remove the SD card.

I have tried that but the switch won’t even turn on without the sd card and a payload.

 

[CharlesHoy]

CFW? SD card format? Firmware? Installer? Where you got the patches from? It couldn't hurt to be a little more specific.

If you're downloading the patches from the GitHub page, that is your issue. Multiple people report issues with those patches and I don't understand why everyone uses them. The only place everyone should be downloading their patches from is this thread on GBATemp.

Well like I said, reboot_to_payload.bin is only used when you use the Restart function or have the console crash while in CFW so I don't think that will help you. But I noticed users told you to download some patches but they linked you the wrong place which is probably why you're still having issues. Only ever download patches from this thread on GBATemp.

Someone made a guide on how to set custom images in the homebrew menu which may not be exactly what you're looking for but its a start. There are also custom homebrew menu themes made by other users that you can download online.

Keep in mind that even if you remove the account, if you still accidentally go online with emuMMC while running CFW/homebrew, you will still risk getting your entire console banned.

Atmosphere latest, latest update, fat32, tinfoil, patches from here

 

[Basileus]

Hello there,

So i did a bit of research to try to understand the entire process to use an exploit on switch, but i'd prefer to have a bit of confirmation before trying to dive in

> Currently running a switch /w the serial XAJ7004652337 ; and in version 13.0 ; most checker websites are telling me it's an orange region switch, is there any finding / database of users with similar serials reporting their experience by any chance?

> From what i understood CVE-2018-6242 AKA Fusee Glee is the most common exploit even if this one is an untethered exploit or is there a new / better exploit available? Since this one seems to be a total system takeover since code execution is done before the bootloader

> Just want to confirm also, it is apparently not recommended to run a homemade RCM jig since you can short the switch pretty easily? Should I just order one from amazon and wait 5 days?

Thanks in advance :-)

 

[Draxzelex]

I have tried that but the switch won’t even turn on without the sd card and a payload.

Sounds like you have AutoRCM enabled. You can try disabling it with Hekate.

Atmosphere latest, latest update, fat32, tinfoil, patches from here

I've heard people having issues when using the title installer DZ to install the update so I highly recommend using another title installer instead. The one I personally use and recommend is TinWoo Installer.

Hello there,

So i did a bit of research to try to understand the entire process to use an exploit on switch, but i'd prefer to have a bit of confirmation before trying to dive in

> Currently running a switch /w the serial XAJ7004652337 ; and in version 13.0 ; most checker websites are telling me it's an orange region switch, is there any finding / database of users with similar serials reporting their experience by any chance?

> From what i understood CVE-2018-6242 AKA Fusee Glee is the most common exploit even if this one is an untethered exploit or is there a new / better exploit available? Since this one seems to be a total system takeover since code execution is done before the bootloader

> Just want to confirm also, it is apparently not recommended to run a homemade RCM jig since you can short the switch pretty easily? Should I just order one from amazon and wait 5 days?

Thanks in advance :-)

• This thread on GBATemp is the source of all information on serial numbers. If anyone has reported any similar serial numbers, it will be found here
• The only other currently available exploit is Deja Vu which only works up to firmware 4.1 and it is an exploit launched via the hidden web browser
• I don't know who or why would anyone recommend that since homemade jigs were the norm until they were mass produced. No one has ever reported shorting a console with a jig, whether homemade or otherwise. Lastly, you can just use a homemade RCM jig to boot into RCM once then enable AutoRCM so you never have to use any other jig. Given everything I just said, I highly recommend you to save some money and just use a homemade jig. You can consult this thread for a list of ideas other users came up with

 

[Basileus]

Hello, so I tried what you said, used the setup with a paper clip and was able to get into RCM mode /w the switch and found a test payload (fusee-test.bin) on a different forum ; payload was successfully injected but my switch screen stayed black, so I'd assume my switch is patched and currently can't be exploited?

Thanks in advance :-)

Edit :
Followed a specific thread to verify if the switch is patched or not, and seems like it is ; based on the paylaod test :

 

[Draxzelex]

Hello, so I tried what you said, used the setup with a paper clip and was able to get into RCM mode /w the switch and found a test payload (fusee-test.bin) on a different forum ; payload was successfully injected but my switch screen stayed black, so I'd assume my switch is patched and currently can't be exploited?

Thanks in advance :-)
View attachment 285510

Edit :
Followed a specific thread to verify if the switch is patched or not, and seems like it is ; based on the paylaod test :
View attachment 285515

Yes, unfortunately your console is patched which you can tell due to the 0x0000 byte request. Your only options are soldering a modchip inside or getting a guaranteed unpatched Switch.

 

[Basileus]

Awesome, thanks for the quick answer i'll start looking for solutions. :-)

 

[microchipman]

I highly recommend using TinWoo Installer instead. Its what I personally use and I never had any issues while using it.

• emuMMC isn't designed to provide protection; its just a copy of your sysMMC on an SD card. However if one were to use CFW & homebrew exclusively in emuMMC but never go online, sysMMC will remain untouched and Nintendo will not notice
• emuMMC is designed to run higher firmware versions without updating the actual firmware of your console. Outside of that, it can act as a brick shield
• You don't need to make the partition as big as possible since you can just install games to the SD card
• Read the second bullet point
• There is a limit to how far games can be dowgraded which is determined by the SDK they were built with. Suffice to say that this will not work forever and you will need to update to play newer games.

Is it partition or file based emuMMC?

https://gbatemp.net/threads/running-atmosphere-on-patched-sx-core-switch.574083/

That is because Tesla doesn't support firmware 13.1. This is also why you should never be in a rush to update because CFW/homebrew actually work worse on higher firmware versions.

Unfortunately, this sounds like your SD card reader might be broken/faulty. This is a hardware issue so aside from replacing or trying to fix the SD card reader, there isn't much you can do.

@Draxzelex - Thank you so much! I got it ALL going last night, thank-you!

On a side note, one last question. I upgraded my Sysmmc firmware (From a Cart last night) to 11.0.1, I then used tagraexplorer.bin to copy that firmware and installed it with Daylight on my emmuMMC without any hitches. I want to apply the itotaljustice signature patches. It seems to me, you have to be using the "right" firmware and atmosphere together for the signatures to work. For example, if I am on firmware 11.0.1, it seems to me I would want to use atmosphere 0.19.0, and et those specific signature patches if I want the signatures to work. It looks like they have signatures for firmware 13.1.0 and AMS 1.2.4. Since I am already on AMS 1.2.4, Do you think it would be safe to do the following:

• Boot into normal Sysmmc firmware and upgrade to 13.1.0
• RCM, inject tegraexplorer.bin and backup the correct Sysmmc 13.1.0 firmware
• Inject Hekate, load Atmosphere CFW, and install the updated firmware with Daylight
• Apple the Newest itotaljustice signature packages for FW 13.1.0 and AMS 1.2.4
• Are there any negative effects for homebrew when going to newest firmware
• Does this seem reasonable? Any better way?

 

[Draxzelex]

@Draxzelex - Thank you so much! I got it ALL going last night, thank-you!

On a side note, one last question. I upgraded my Sysmmc firmware (From a Cart last night) to 11.0.1, I then used tagraexplorer.bin to copy that firmware and installed it with Daylight on my emmuMMC without any hitches. I want to apply the itotaljustice signature patches. It seems to me, you have to be using the "right" firmware and atmosphere together for the signatures to work. For example, if I am on firmware 11.0.1, it seems to me I would want to use atmosphere 0.19.0, and et those specific signature patches if I want the signatures to work. It looks like they have signatures for firmware 13.1.0 and AMS 1.2.4. Since I am already on AMS 1.2.4, Do you think it would be safe to do the following:

• Boot into normal Sysmmc firmware and upgrade to 13.1.0
• RCM, inject tegraexplorer.bin and backup the correct Sysmmc 13.1.0 firmware
• Inject Hekate, load Atmosphere CFW, and install the updated firmware with Daylight
• Apple the Newest itotaljustice signature packages for FW 13.1.0 and AMS 1.2.4
• Are there any negative effects for homebrew when going to newest firmware
• Does this seem reasonable? Any better way?

No, patches are backwards compatible; they should work on all firmware & CFW versions. If they aren't working, then either you did something wrong or you didn't download the latest patches. That GitHub has notoriously given many users issues so I don't understand why everyone uses them. This thread is the only place where you should download patches from.

 

[Nutzerlos]

I highly recommend using TinWoo Installer instead. Its what I personally use and I never had any issues while using it.

• emuMMC isn't designed to provide protection; its just a copy of your sysMMC on an SD card. However if one were to use CFW & homebrew exclusively in emuMMC but never go online, sysMMC will remain untouched and Nintendo will not notice
• emuMMC is designed to run higher firmware versions without updating the actual firmware of your console. Outside of that, it can act as a brick shield
• You don't need to make the partition as big as possible since you can just install games to the SD card
• Read the second bullet point
• There is a limit to how far games can be dowgraded which is determined by the SDK they were built with. Suffice to say that this will not work forever and you will need to update to play newer games.

Is it partition or file based emuMMC?

https://gbatemp.net/threads/running-atmosphere-on-patched-sx-core-switch.574083/

That is because Tesla doesn't support firmware 13.1. This is also why you should never be in a rush to update because CFW/homebrew actually work worse on higher firmware versions.

Unfortunately, this sounds like your SD card reader might be broken/faulty. This is a hardware issue so aside from replacing or trying to fix the SD card reader, there isn't much you can do.

Now my Switch is running Hekate but cant boot into ATM, "Failed to apply nosigchk !"
What im done:
I dont install Spacecraft because i cant opend it up, one tiny screw´s head is broken and i dont have the ball to drill.
I formatted the SD-Card then i have done an "Clean Up Methode" and "Create new EmuNand" (I used an old Boot.dat, the Link to sx portal dont work for me)

1. Can it be that the newest Signpatches are incompatble to 10.1.0?

2. Is it possible to update the EmuNand through Hekate?

3. if is not, can you give me the correct Signpatches and in which order i should update to 13.0/1.0? (to prevent that i messed up again)

4. How can i setup the SX Core to inject the Hekate Payload automatically without going into menu and launch it?

Attachment to show how my root from the sd looks like, i can make more if needed.

 

[Keddari]

So, I recently charged and booted my hacked Switch after not using it for a fairly long time (AutoRCM made that super fun), and I'd like to make sure I'm current.

My Switch is currently running 9.2.0|AMS 0.10.4|E with a 64GB SD card. I've read that BDSP will require 11.0, and I recently bought a 400GB card to use instead. AFAIK, it is still unbanned and used exclusively offline as I have a Lite that I main. My primary goal for the hacked Switch would be PkHex. I have some game progress that I'd prefer to keep, but if that complicates everything, well...sacrifices must be made.

I am *positive* I am over-thinking this entire process, but...

• What is the best/correct method to update?
• Should I even worry about updating?
• What do I need to do to switch SD cards?
• Do I need to go card->card, or can I go card->PC->card?
• Is there anything I'm overlooking?

I really don't get why this intimidates me so much. I was pretty much fearless when it came to soldering in the modchip to my original Xbox or jailbreaking my phones. Thank you for your patience and taking time to read!

 

[Draxzelex]

Now my Switch is running Hekate but cant boot into ATM, "Failed to apply nosigchk !"
What im done:
I dont install Spacecraft because i cant opend it up, one tiny screw´s head is broken and i dont have the ball to drill.
I formatted the SD-Card then i have done an "Clean Up Methode" and "Create new EmuNand" (I used an old Boot.dat, the Link to sx portal dont work for me)

1. Can it be that the newest Signpatches are incompatble to 10.1.0?

2. Is it possible to update the EmuNand through Hekate?

3. if is not, can you give me the correct Signpatches and in which order i should update to 13.0/1.0? (to prevent that i messed up again)

4. How can i setup the SX Core to inject the Hekate Payload automatically without going into menu and launch it?

Attachment to show how my root from the sd looks like, i can make more if needed.

1. No, you're just getting the patches from the wrong place. Only ever download patches from this thread. Every other place has issues or incomplete patches
2. By update, do you mean the firmware? If so, Hekate has no capabilities for updating firmware
3. Read the first point
4. Unfortunately this is impossible on the SX Core because the Core requires TX's specific signed boot.dat in order to function

So, I recently charged and booted my hacked Switch after not using it for a fairly long time (AutoRCM made that super fun), and I'd like to make sure I'm current.

My Switch is currently running 9.2.0|AMS 0.10.4|E with a 64GB SD card. I've read that BDSP will require 11.0, and I recently bought a 400GB card to use instead. AFAIK, it is still unbanned and used exclusively offline as I have a Lite that I main. My primary goal for the hacked Switch would be PkHex. I have some game progress that I'd prefer to keep, but if that complicates everything, well...sacrifices must be made.

I am *positive* I am over-thinking this entire process, but...

• What is the best/correct method to update?
• Should I even worry about updating?
• What do I need to do to switch SD cards?
• Do I need to go card->card, or can I go card->PC->card?
• Is there anything I'm overlooking?

I really don't get why this intimidates me so much. I was pretty much fearless when it came to soldering in the modchip to my original Xbox or jailbreaking my phones. Thank you for your patience and taking time to read!

• You can use the homebrew application Daybreak to update your firmware. It comes bundled with Atmosphere nowadays
• Well if you want to play newer games, updating your firmware is an inevitability. Games can be downgraded but they can only go so low since they cannot be downgraded past the SDK they were built with
• You can use Hekate to backup your emuMMC then restore it with Hekate as well. Everything else can be copy and pasted directly onto the new SD card
• Either method is fine
• There are firmware versions which update your cartridge slot. This prevents the cartridge slot from being used on firmware versions lower than the current firmware version. This only matters if you want to downgrade in case a better exploit is discovered on lower firmware versions such as untethered coldboot. If this doesn't interest you, make sure nogc is disabled

 

[Nutzerlos]

1. No, you're just getting the patches from the wrong place. Only ever download patches from this thread. Every other place has issues or incomplete patches
2. By update, do you mean the firmware? If so, Hekate has no capabilities for updating firmware
3. Read the first point
4. Unfortunately this is impossible on the SX Core because the Core requires TX's specific signed boot.dat in order to function

• You can use the homebrew application Daybreak to update your firmware. It comes bundled with Atmosphere nowadays
• Well if you want to play newer games, updating your firmware is an inevitability. Games can be downgraded but they can only go so low since they cannot be downgraded past the SDK they were built with
• You can use Hekate to backup your emuMMC then restore it with Hekate as well. Everything else can be copy and pasted directly onto the new SD card
• Either method is fine
• There are firmware versions which update your cartridge slot. This prevents the cartridge slot from being used on firmware versions lower than the current firmware version. This only matters if you want to downgrade in case a better exploit is discovered on lower firmware versions such as untethered coldboot. If this doesn't interest you, make sure nogc is disabled

I used the signpatches you linked, but only did it in the wrong folder, so it works now. Update via Firmware-Downloader and restart?

 

[Natural]

That's odd @Draxzelex...

I'm on 13.1.0 |AMS 1.2.1|S and Tesla is running fine on my machine

Without the 420000000007E51A folder under contents from nx-ovlloader.zip? Maybe it's the version of Atmosphere I'm using that was causing the problem...

 

[microchipman]

No, patches are backwards compatible; they should work on all firmware & CFW versions. If they aren't working, then either you did something wrong or you didn't download the latest patches. That GitHub has notoriously given many users issues so I don't understand why everyone uses them. This thread is the only place where you should download patches from.

Excellent, things I am learning! Thank-you @Draxzelex. I will try the patches from there.

 

[theultikirby]

So I have a Day 1 Switch hacked w/ Atmosphere; I want to do some testing with Splatoon 2 gear data. I have hacked the gear a few times to help me get the abilities I need cause the amount of time it would take to get everything in S2 is unrealistic for me. For testing purposes only. Nothing else is on this system.

The system is/will remain offline. Problem is that on my Day One Switch S2 save is still on version 5.4.0 verses 5.5.0. How am I able to update/sideload to 5.5.0 w/out connecting online and being banned at all? I never connect online anyways w/ this Switch. I do everything on my other non-hacked RB Switch and I don't want to be banned there either.

 

[microchipman]

No, patches are backwards compatible; they should work on all firmware & CFW versions. If they aren't working, then either you did something wrong or you didn't download the latest patches. That GitHub has notoriously given many users issues so I don't understand why everyone uses them. This thread is the only place where you should download patches from.

@Draxzelex, once again your guidance KICKS ASS! I applied the patches from that page and BOOM everything is working perfectly! First time. I thought I was doing something wrong, apparently not! Thanks again!! ha ha ha!

 

[microchipman]

No, patches are backwards compatible; they should work on all firmware & CFW versions. If they aren't working, then either you did something wrong or you didn't download the latest patches. That GitHub has notoriously given many users issues so I don't understand why everyone uses them. This thread is the only place where you should download patches from.

Okay, sorry last question for awhile. First, TinWoo is awesome. Good Suggestion. Next, What is the best way to get my Save Game Data from Ryujinx to my Modded switch for my games? Is there a tutorial for this? I know there are save managers now, but I have never used one.

 

[ShadowbannedAllstar]

So I've got a super clueless noob question here: what is the best way to patch/apply updates to a game?

I've got a game and an update for that game, and they are both .nsp files. I just am not sure of how to use the update on the game. There is probably a very simple answer that will make me feel like an idiot once I see it, but for now I have no idea how to do it. Any help is very appreciated.