that's exactly what i was asking myself. how the fuck did he do that? how does he communicate with the emmc (no level shifter)
firmware.bin is the raw dump. Flash firmware.uf2, do a
picotool save --allWe don't need to decompile it if we can make it run. At that point someone could just reverse engineer it, as long as it's functioning (or use it as-is). Otherwise, you're just trying to reimplement the FPGA's functionality from scratch, and we don't have the bitstream or its source. If someone with one of these chips shares their dump AND their serial (also called unique ID) then we can move forward with this. Otherwise, there's nothing to be done, someone would have to determine exactly how the HWFLY FPGA works and write an RP2040 sketch that does the same thing.
A level shifter is not needed, the eMMC is 3.3v tolerant.
We don't need to decompile it to make it run if there's a way to spoof the unique ID at the bootloader level.
Won't work, it's not a check, it's decrypting the binary.
it's impossible, we 100% need Mansi's IDindeed, but have fun brute forcing that
No, it doesn't. "Pikofly" includes the functionality of the FPGA bitstream, this is just the MCU firmware.
I was joking. I mean what you gonna do? Have an RP2040 to glitch an RP2040 just to glitch your Switch?
OHHH I SEE
I was joking. I mean what you gonna do? Have an RP2040 to glitch an RP2040 just to glitch your Switch?
OHHH I SEE
Ohhhh. You mean we could use another RP2040 to glitch the original RP2040!
By god it's Glitch-ception!!!!but then what glitches the Pi that glitches the Pi?
A couple chunks of Uranium should do itbut then what glitches the Pi that glitches the Pi?
If nobody else can help I will open mine up and measure later today.
