Hacking How does SX OS Emunand work?

  • Thread starter Deleted User
  • Start date
  • Views 93,701
  • Replies 214
  • Likes 110

Philourer

Well-Known Member
Newcomer
Joined
Jun 17, 2016
Messages
57
Trophies
0
Age
36
XP
224
Country
United States
It's just a single nand that's been split at the 4GB mark. I chose a 10GB emunand, so nand00 and nand01 are each 4GB and nand02 is 2GB.

I copied back Switch #3's emunand and it booted fine. I then copied Switch #3's emunand to Switch #1 and...I think I messed something up, so I'm going to redo it. Switch #1 booted into emunand, but in 6.0.1 and with all the files I expected to be on Switch #1. If I get the same results I'm going to completely redo emunand choosing different sizes this time to minimize the chance of errors. I have plans later today, hopefully I can get a quick update in before I go.

Edit: Did the quick re-copy, Switch #1 should have #3's emunand on it, which is on 5.1.0. However it booted into emunand with 6.0.1. I then joined nand00, 01, and 02 into one large 10GB bin nand.bin file and tried to open with HacDiskMount, no-go (should note that directly trying to open nand00.bin has same error). I will try again tonight and see if I messed something up. Here's my plan:

I will choose each emunand to be a different size, this will help keep me from accidentally getting them mixed up (already backing up in dedicated folders for each Switch, but still). I will then do a factory restore on each emunand, in case it's somehow still linked and that's causing the weird issues (it almost makes sense that a 5.1.0 Switch would have issues reading a partition from 6.0.1, but a 6.0.1 Switch could see a 5.1.0 partition).

That's all I can think of for now.
 
Last edited by Philourer,
  • Like
Reactions: thaikhoa

garyopa

Admin @ MaxConsole
Member
Joined
Apr 25, 2009
Messages
777
Trophies
0
Location
Tropical Island
Website
www.O-P-A.biz
XP
9,477
Country
Canada
@Philourer - You can not take 'nand' or 'emunand' from one Switch and use it on another one, as the nand's and also emunand's are encrypted with unique keys from the Switch itself, so swapping them to another switch will just result in lockup with blue or red or black screens.
 

Philourer

Well-Known Member
Newcomer
Joined
Jun 17, 2016
Messages
57
Trophies
0
Age
36
XP
224
Country
United States
@Philourer - You can not take 'nand' or 'emunand' from one Switch and use it on another one, as the nand's and also emunand's are encrypted with unique keys from the Switch itself, so swapping them to another switch will just result in lockup with blue or red or black screens.

I know that nand can't be swapped, but emunand possibly could (it could just use its own keys, no reason it'd have to use the sysnand's). I'll test some more later. Don't expect it to work, but would like to understand it a bit more.
 

garyopa

Admin @ MaxConsole
Member
Joined
Apr 25, 2009
Messages
777
Trophies
0
Location
Tropical Island
Website
www.O-P-A.biz
XP
9,477
Country
Canada
I know that nand can't be swapped, but emunand possibly could (it could just use its own keys, no reason it'd have to use the sysnand's). I'll test some more later. Don't expect it to work, but would like to understand it a bit more.

it uses the same keys, currently there no way to change keys, or certs unlike the 3ds.
 

bundat

¿
Member
Joined
Jul 25, 2018
Messages
456
Trophies
0
XP
481
Country
Antarctica
I'd assume using a different Switch's emuNAND is comparable to restoring a different Switch's NAND backup (i.e. it doesn't work).

Whatever checks the console unique NAND stuff (like PRODINFO) hasn't been patched out in their emuNAND implementation (there should be no reason for them to... and I don't think it's just a simple check, it seems to involve encryption with console-specific keys... I wish I understood the exact details of how it works but I don't...)

... but if this was something they can patch out, maybe this would be promising for bricked Switches with corrupted NAND/PRODINFO? Since they'd be able to boot back into Horizon via emuNAND.

I wish I understood better how the console-specific stuff (like PRODINFO) is checked/how it works, to know if this is even possible (I mean, with the amount of access FG grants, they should be able to patch ANYTHING out).
 

Philourer

Well-Known Member
Newcomer
Joined
Jun 17, 2016
Messages
57
Trophies
0
Age
36
XP
224
Country
United States
Ok, so here's what I did.

Created 5GB emunand on both Switch #1 and Switch #3. I then did a factory reset within emunand, rebooted, had to complete setup again. I then copied each Switch's emunand to my PC.

I first tried restoring Switch #1's emunand to both Switch #1 and Switch #3. Switch #1 would boot into emunand just fine, with the new profile I made for it, and running 6.0.1. Switch #3 would either poweroff, or occasionally crash on a purple screen, requiring a hard poweroff.

Next, I restored Switch #3's emunand to both Switch #1 and Switch #3. This time, both Switches booted into emunand fine. Both Switches had the new profile created on that specific Switch (i.e. the new profile made for Switch #1 was present on Switch #1, and the new profile made for Switch #3 was present on Switch #3). Also, Switch #1 was on 6.0.1, and Switch #3 was on 5.1.0.

I did verify that the file copy procedure worked (created a test text file, copied to each Switch, disconnected, rebooted, reconnected, text file still existed on the nand).

So...I have NO idea how emunand works.
 
Last edited by Philourer,

finn112

New Member
Newbie
Joined
Oct 13, 2018
Messages
1
Trophies
0
Age
44
XP
114
Country
United States
I have 2 question’s:
I currently have 2 switches. One is pristine and on current Nintendo FW. No modding / no messing w/ that one.

My 2nd one is on FW 2.0.1. I have it fully backed up and autorcm’d with SX OS. If my intention is for this switch to always live offline, do I have any reason to use emunand and then update w/ choidujour vs. just updating the original w/ choidujour?

2nd Q: if I want to update this 2nd switch, where can I find this PKI (PIK??) file that enables me to avoid updating the cartridge FW? I can’t seem to find it anywhere.


Sent from my iPad using Tapatalk
 

Halm

Active Member
Newcomer
Joined
Jun 27, 2018
Messages
41
Trophies
0
Age
45
XP
357
Country
Singapore
@Philourer so the #3 emunand on #1, what was emunand FW? Did it say 5.1 as per when you made the #3 emunand or did the same thing happened like last time and it somehow got to 6.0.1 by itself?
 
D

Deleted User

Guest
OP
I thought it resized the NAND which ninty can detect and bans your console.
This telemetry has existed a couple updates ago
 

Trender

Active Member
Newcomer
Joined
Jan 3, 2017
Messages
38
Trophies
0
Age
26
XP
123
Country
For someone without an IQ as high as yours, would you say EmuNAND is "safe" to use for now? I'm already on the latest firmware on OFW, and just got my SX Dongle/Jig. In the midst of creating the NAND Backups and Boot backups now.

So I guess I'm asking, if I wanted to access things like the Homebrew Store (which would require internet access), RetroNX, and various other Homebrew apps, is that something EmuNAND would help me do with less risk?

Or is the better way just to go airplane mode and remove all networks and keep both OFW/CFW offline?
Hey man, me too.
1) So can I hmm nand backyp my synand.
2) Use 1 sd for sysnand and 2 sd for emunand and factory reset it
3) Play legit & online stuff on sysnand (3 & 4 switch) 4) Change sd and go to emunand to play backups?(stealth and airplane mode to dont get banned)?
 

sim3001

Member
Newcomer
Joined
May 28, 2016
Messages
21
Trophies
0
XP
431
Country
United States
Hey man, me too.
1) So can I hmm nand backyp my synand.
2) Use 1 sd for sysnand and 2 sd for emunand and factory reset it
3) Play legit & online stuff on sysnand (3 & 4 switch) 4) Change sd and go to emunand to play backups?(stealth and airplane mode to dont get banned)?
Been doing this since EmuNAND came out and not banned
 

Trender

Active Member
Newcomer
Joined
Jan 3, 2017
Messages
38
Trophies
0
Age
26
XP
123
Country
You should do factory restore settings on sysnand. It will remove all ticketblob, error logs and also completely unlink from emunand.
Alright thanks, also I've read that using NSP have a much higher ban risk of getting banned. Does that also apply to the use of xci but with the nsp updates?
 

thaikhoa

Well-Known Member
Member
Joined
Sep 16, 2008
Messages
2,236
Trophies
1
XP
2,590
Country
Australia
Alright thanks, also I've read that using NSP have a much higher ban risk of getting banned. Does that also apply to the use of xci but with the nsp updates?

You will only take real risk of ban when playing pirated content while connecting to the Internet and with strange error logs without any protection like sx stealth mode or 90dns. Those logs should be deleted before connecting to the Internet.

Yes after installing NSP, it will leave a sign on the system known as common tickets. Rumor says Nintendo will detect those fake tickets and ban the system regardlessly but it's unlikely in my best experiences.

SX users could be banned easily because when connecting to the Internet in stealth mode but for some reasons the OS was crashed > SX os doesn't have any ability to delete error logs so after a crash the system reboot to official firmware with wifi on ... Booom the system could be banned soon.
> 90dns should be setup in all wifi settings.
Or > setup """emunand"""
 
Last edited by thaikhoa,
  • Like
Reactions: Trender

Trender

Active Member
Newcomer
Joined
Jan 3, 2017
Messages
38
Trophies
0
Age
26
XP
123
Country
You will only take real risk of ban when playing pirated content while connecting to the Internet and with strange error logs without any protection like sx stealth mode or 90dns. Those logs should be deleted before connecting to the Internet.

Yes after installing NSP, it will leave a sign on the system known as common tickets. Rumor says Nintendo will detect those fake tickets and ban the system regardlessly but it's unlikely in my best experiences.

SX users could be banned easily because when connecting to the Internet in stealth mode but for some reasons the OS was crashed > SX os doesn't have any ability to delete error logs so after a crash the system reboot to official firmware with wifi on ... Booom the system could be banned soon.
> 90dns should be setup in all wifi settings.
Or > setup """emunand"""
oh ye ive just got sx and im using 90dns on both ofw and sx cuz I still feel scary of playing my legit games even tho im using emunand for the pirating stuff. And another microsd when going ofw.
And yes I was planning to install the .nsp game updates on emunand only with 90dns and stealth mode
 
  • Like
Reactions: thaikhoa

yd-76

New Member
Newbie
Joined
Oct 27, 2018
Messages
1
Trophies
0
Age
50
XP
115
Country
France
Hello everyone,

I wish to inject my emunand "nand00.bin,..." into a clean nand backup i made before hacking my switch.
I have injected "nand00.bin" in my backup with HacDiskMount, and restore the switch with this backup.....(boot0/1 were not touch, my FW and my backup FW are 5.1.0)
But... SX OS is unable to boot in CFW with Emunand.


Did I miss something?
Are Emunand files stored on some specific sectors?
 
Last edited by yd-76,

sim3001

Member
Newcomer
Joined
May 28, 2016
Messages
21
Trophies
0
XP
431
Country
United States
I’m on sysnand and emunand on 6.0.1 what’s the best way to update sysnand and emunand? I head boot0 overwrites and messes up emunand loading. Is it still possible to backup boot0 and restore after sysnand update ?
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
    K3Nv2 @ K3Nv2: Sorry for accidentally bending over