- Joined
- Dec 26, 2022
- Messages
- 95
- Trophies
- 0
- Location
- your router's unprotected root shell
- XP
- 170
- Country
according to the docs, picotool save all dumps the entire flash so unless someone removed it after the fact it's gotta be there
Gulikit sticks are anything but garbage, but they also don't make hall effect sticks for Joy-Cons or Switch Lite.
- Joined
- Dec 26, 2022
- Messages
- 95
- Trophies
- 0
- Location
- your router's unprotected root shell
- XP
- 170
- Country
getting a second pico in the mail today, gonna use picoprobe and try to see where it breaks. i'll update you guys probably in like 12 hours
Huh, guess they finally do. That's great to know! Dunno why anyone would call sticks from gulikit garbage though, the ones in my Steam Deck are fantastic and I wish there were a mod for the Elite Series 2 to switch to Hall effect sticks. Anyway, don't want to get too off-topic
I took one for the team and bought four of them and put two in my Erista. Keep reading the other thread…they are hot garbage so I have a set left over that I refuse to put in my Mariko. They be perfect for use in this little Franken-project. :-)Huh, guess they finally do. That's great to know! Dunno why anyone would call sticks from gulikit garbage though, the ones in my Steam Deck are fantastic and I wish there were a mod for the Elite Series 2 to switch to Hall effect sticks. Anyway, don't want to get too off-topic
You're certain those aren't fake Gulikits? I'd have returned them if they weren't better than pot sticks.
100% certain. These guys sell Gulikit on Aliexpress and are refunding everyone’s money. Was in the process of returning them but this project came up. They will work great and offset some costs. I’m still down $9.00 for the cost of 2 RP2040-zeros. Lol
- Joined
- Sep 9, 2019
- Messages
- 904
- Trophies
- 1
- Location
- Switch scene
- Website
- github.com
- XP
- 2,663
- Country
Well hey, the Switch firmware signature key is only 128 bits. That's only like double the effort. Why not brute force that instead and then we can all enjoy cold boot CFW curtesy of you?
Double the effort for a quantum computer perhapsWell hey, the Switch firmware signature key is only 128 bits. That's only like double the effort. Why not brute force that instead and then we can all enjoy cold boot CFW curtesy of you?
doubling the quantity of bits elevate to square the time needed, IS A LOT of time, by the way that's what the chip mod try to do, some "magic" altorithm to try to get the key that's why the chip at first start "training" the console.Well hey, the Switch firmware signature key is only 128 bits. That's only like double the effort. Why not brute force that instead and then we can all enjoy cold boot CFW curtesy of you?
- Joined
- Sep 9, 2019
- Messages
- 904
- Trophies
- 1
- Location
- Switch scene
- Website
- github.com
- XP
- 2,663
- Country
There is no math black magic involved. The CPU is simply glitched to make a check that would fail, pass. The bootrom then loads the modified code despite the checks not passing in reality. But neither code nor CPU know the check didn't pass because the voltage was too low at the time it checked.
AFAIK this
The way I understand HWFLY / SX Core is that the FPGA is merely responsible for finding the correct timing for the glitch. I think it determines that by analysing the data going to/from the NAND chip to/from the CPU.
The code for the microcontroller is open source already anyway and the quick glance I gave it basically confirmed my understanding. So the "hard part" that nobody open-sources to this day is the FPGA logic.
Though I may be wrong..
If I'm (kinda) right though, I wonder if a microcontroller like the Pico really can reliably time this voltage drop. Sure MCs are pretty fast, but FPGAs are just faster and more precise.
Personally, I'd love to get into this kind of stuff, I just don't have the money for the hardware and Switches to throw away. Tegra Dev Kits are available to the public but they're expensive as hell lmao.
takes a while to bruteforce a 128 bit key 
https://crypto.stackexchange.com/qu...g-would-it-take-to-brute-force-an-aes-128-key
https://crypto.stackexchange.com/qu...g-would-it-take-to-brute-force-an-aes-128-key
It also depends on what encryption algorithm was used.takes a while to bruteforce a 128 bit key
Basically with 128bit there are 2^128 possible combinations, so the longest time needed would be 2^18 * (time one test needs, depends on the algorithm and other security measures)
- Joined
- Dec 26, 2022
- Messages
- 95
- Trophies
- 0
- Location
- your router's unprotected root shell
- XP
- 170
- Country
you're right that fpgas are faster and more precise but afaik the pico's programmable io should be fast enough, at least that's what was being said in the thread
Last edited by saladus,
and you are bald, I will not give the firmware)))
Similar threads
- No one is chatting at the moment.
-
-
@
Sonic Angel Knight:
Or, I also heard that if you use flash memory, it can act as more "RAM" at least windows tell me when I stick a flash drive into it. -
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@
K3Nv2:
I can think of the design teams process another joystick and no audio or a joystick and mono audio -
-
-
-
-
-
-
-
