Recent content by Rikikoo

  1. R

    Homebrew RELEASE Switch Safety - XCI & NSP Verification Tool

    Checking the name of an NCA against its hash is not useful, people can "spoof" that trivially. Instead he can indeed verify the signature of the NCA, and the pfs0 hash table/romfs hash tree.
  2. R

    Homebrew Bounty 2018 Month 1: Switch Tools and Utilities

    pythac pythac is a python3 library for parsing/extracting/building various file formats of the Nintendo Switch, with a special focus put on building. What it can do: Parse formats, allowing you to easily access properties without worrying about the nitty gritty. Transparently mount files...
  3. R

    Hacking R.I.P. Public CDNSP Cert. as Nintendo Getting Better

    That doesn't mean a thing, a tls cert isn't tied to a specific firmware version. 6.0 could've introduced a cryptographic "challenge" (what dauth really is), or a hardcoded value the server expects to see in a request, etc. Could be anything, but nothing that can't be replicated on desktop. Or...
  4. R

    Hacking CDNSP is dead

    By the way CDNSP can still download sysupdates. And you can still access VersionList: import json from CDNSP import make_request r = make_request('GET', 'https://tagaya.hac.lp1.eshop.nintendo.net/tagaya/hac_versionlist') print(json.dumps(r.json(), indent=4))
  5. R

    Hacking CDNSP is dead

    Since nobody apparently posted this, here's what the server answers: Headers: {'Server': 'AkamaiGHost', 'Mime-Version': '1.0', 'Content-Type': 'text/html', 'Content-Length': '176', 'Expires': '<stubbed out date>', 'Date': '<stubbed out date>', 'Connection': 'keep-alive'} Content...
  6. R

    Hacking RELEASE CertNXtractionPack - Get your Switch cert from a NAND dump!

    Well I assume inputted keys are correct, so I don't need to check hashes. Although come to think of it, one could probably use the built-in INI-file parser.
  7. R

    Hacking RELEASE CertNXtractionPack - Get your Switch cert from a NAND dump!

    About those keys, using a dict would be much clearer imo. Something like: keys = {} with open('keys.txt', 'r') as f: for l in f: if '=' not in l: raise ValueError('Malformatted key file') n, k = l.replace('\n', '').split('=') keys[n.strip()] =...
  8. R

    Hacking NSP file viewer (to verify complete) in Windows?

    An XCI is really not the same as an NSP. The underlying file structure is an HFS0, when NSP is just a PFS0. And even if you mounted the XCI and only cared about the NCA's inside, they aren't the identical since they don't use the same encryption scheme. Besides, data downloaded from the CDN...
  9. R

    Hacking NSP file viewer (to verify complete) in Windows?

    Sounds like you need the Crypto module (run "pip install pycryptodome" in cmd (add "py -m" if you didn't install Python to PATH). On top of my head, it's the only module you'll need to download.
  10. R

    Hacking NSP file viewer (to verify complete) in Windows?

    https://github.com/Rikikooo/pyswitch/blob/master/Examples/verify_nsp.py Something a little more advanced that uses a lib I've been working on.
  11. R

    Hacking BigBlueBox Says All the Other NSPS Are Wrong

    Common sense. What do you think makes more sense from a security standpoint, checking a plaintext file, or verifying an RSA signature, that can't be crafted by anyone but Nintendo?
  12. R

    Hacking BigBlueBox Says All the Other NSPS Are Wrong

    The only thing these "correct" NSPs contain that the usual repacker doesn't generate are sdk xmls, and a few duplicate jpgs. BBB calling everything else incorrect is just them stroking their scene ego. Quite obviously the Switch doesn't check for those, since they aren't actually installed at...
  13. R

    Hacking COMPLETED CDNSP - Download & repack your games, updates, and DLC's to NSP!

    I'm not sure it will work on the modded things (ie cdnsp_next, or bob gui), but on my original script it does (I did change the argument to LTST for latest version, though). If you can't get it to work, PM me and I'll send you my thing.
  14. R

    Hacking RELEASE ShogunTool - Get game information from Title IDs!

    Alternatively, the CNMT contains the sizes of the files it links to.
  15. R

    Hacking RELEASE ShogunTool - Get game information from Title IDs!

    Yes, but it's basically a (simplified) reimplementation of @SimonMKWii DAuther. I recommend you look at its source. Note that I never cleaned it up, so it's quite messy. [EDIT] Also I've scraped Shogun using it but I'm not sure I'm allowed to post the results here, so I won't.
See more