Homebrew RELEASE Noexs Remote Debugger

Deleted member 474010 · Jan 3, 2019

I'm on Atmosphere 0.8.2 with Firmware 6.2.0, and I'm using this tool on Super Smash Bros Ultimate v1.2.1

The first search works fine, but the next search always throws this exception at around 28-47%:

me.mdbell.noexs.core.ConnectionException: Result{mod=1, desc=106}
at me.mdbell.noexs.core.Debugger.readmem(Debugger.java:274)
at me.mdbell.noexs.ui.services.MemorySearchService$SearchTask.createDump(MemorySearchService.java:373)
at me.mdbell.noexs.ui.services.MemorySearchService$SearchTask.refineSearch(MemorySearchService.java:211)
at me.mdbell.noexs.ui.services.MemorySearchService$SearchTask.call(MemorySearchService.java:187)
at me.mdbell.noexs.ui.services.MemorySearchService$SearchTask.call(MemorySearchService.java:172)
at javafx.graphics/javafx.concurrent.Task$TaskCallable.call(Unknown Source)
at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
at javafx.graphics/javafx.concurrent.Service.lambda$executeTask$6(Unknown Source)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at javafx.graphics/javafx.concurrent.Service.lambda$executeTask$7(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)

Keep in mind I'm using this HekateIPL Config:

[config]
autoboot=0
bootwait=5
customlogo=1
verification=2
[Noexs]
kip1=modules/nsdebugger/loader.kip
kip1=modules/newfirm/sm.kip
kip1=noexs.kip1
fullsvcperm=1
kip1patch=nosigchk
atmosphere=1
debugmode=1
fullsvcperm=1

I'm searching for an 8 bit value.
I'm also on the Latest version of Hekate.
I cannot downgrade to 5.1 as I have burned fuses.
I'm also using 90DNS to connect online without going to Nintendo Servers.

Deathwing Zero said:
*EDIT AGAIN*

Soft hang occurs even without going into sleep mode. Not too sure what it is. I left the game paused while the java client froze and ate 45% of my RAM (I have 8gb) because I had 4 items in the watchlist with update checked and then detatched Noexs (once the client unfroze) and the game resumed automatically so it must be detatching correctly. Then I close the game, and this time I re-opened it immediately. It doesn't hang if I attach to process and then detatch and disconnect, then close software. Only when I do a memory dump. I can't try poking memory (with this game) because the one pointer I found to test with changes with each boot, so I'm not sure how to proceed. Anyway, I'm done testing for tonight. Tomorrow I'll try a different game and Hekate/Kosmos and see what happens.

Have you tried Checking Auto Resume in the search area? That got the game unpaused for me while doing dumps with the process attached. However, I'm getting the same exception as you on searches and from looking back earlier in this thread, it might be due to us being on Firmware 6.2.0.

Deathwing Zero · Jan 3, 2019

ReclaimerShawn said:
Have you tried Checking Auto Resume in the search area? That got the game unpaused for me while doing dumps with the process attached. However, I'm getting the same exception as you on searches and from looking back earlier in this thread, it might be due to us being on Firmware 6.2.0.

That's not what I'm talking about. I mean when you open a game it goes to a black screen with the Nintendo logo in the top left, and the Switch logo in the bottom right and it stays there. Regardless of whether or not Noexs is connected or how I terminate the connection. The auto resume button is a sort of hacky way to get games that always re-pause even if you click resume to work again. I think Super Mario Odyssey was one of them. That said, if for some reason it IS freezing it -which it doesn't seem to be, since the screen is animated- that may fix it. That'll be my first test. Thanks for the idea.

*EDIT*
Did not work. Another weird thing.. the module "main" was at the END of RAM this time, with the heap being at the start. I've seen that before but not very often.

*Another more different edit*
The weird problem with another game being unable to start without rebooting the console also happened with Hyrule Warriors, so at the least it's not a game-dependant issue. That said the pointers I had found previously on 5.1 still worked on 6.2 so my issue with Pokemon is a different one. I'm guessing I would need a pointer in pointer or something? Going to switch to Hekate now and do some testing there.

*Last Edit*
The hang is still happening using Hekate with the Kosmos package. Not too sure what else I can test. I doubt ReiNX would be any different. If you're curious this is the process I use to get this to happen.

1. Launch Game
2. Load save (if applicable)
3. Connect Noexs client (jar file)
4. Refresh PIDs
5. Scroll to bottom and click the highest process (It's always the game for me) then click Attach to process.
6. Dump ram by doing a known value search (doesn't matter what) and wait for it to finish.
7. Go to tools tab and click detatch from process.
8. Click disconnect button and close Noexs client.
9. Press home button, then press X button and choose to close software.
9a. (Optional) Press power button to put console in sleep mode.
9b. (If put to sleep) Wake console by pressing power button
10. Launch any game you have, cart or digital.

Switch will then just sit forever on the loading screen.

This does _NOT_ happen when poking memory, it seems the memory dump is required.

{-------- Noexs -------}
[Noexs]
kip1=modules/required/loader.kip
kip1=modules/required/pm.kip
kip1=modules/required/sm.kip
kip1=modules/required/fs_mitm.kip
kip1=modules/noexs/noexs.kip1
secmon=modules/required/exosphere.bin
kip1patch=nosigchk
atmosphere=1
debugmode=1
{ }

Deleted member 474010 · Jan 5, 2019

-snip-

matt123337 · Jan 11, 2019

Deathwing Zero said:
That's not what I'm talking about. I mean when you open a game it goes to a black screen with the Nintendo logo in the top left, and the Switch logo in the bottom right and it stays there. Regardless of whether or not Noexs is connected or how I terminate the connection. The auto resume button is a sort of hacky way to get games that always re-pause even if you click resume to work again. I think Super Mario Odyssey was one of them. That said, if for some reason it IS freezing it -which it doesn't seem to be, since the screen is animated- that may fix it. That'll be my first test. Thanks for the idea.

*EDIT*
Did not work. Another weird thing.. the module "main" was at the END of RAM this time, with the heap being at the start. I've seen that before but not very often.

*Another more different edit*
The weird problem with another game being unable to start without rebooting the console also happened with Hyrule Warriors, so at the least it's not a game-dependant issue. That said the pointers I had found previously on 5.1 still worked on 6.2 so my issue with Pokemon is a different one. I'm guessing I would need a pointer in pointer or something? Going to switch to Hekate now and do some testing there.

*Last Edit*
The hang is still happening using Hekate with the Kosmos package. Not too sure what else I can test. I doubt ReiNX would be any different. If you're curious this is the process I use to get this to happen.

1. Launch Game
2. Load save (if applicable)
3. Connect Noexs client (jar file)
4. Refresh PIDs
5. Scroll to bottom and click the highest process (It's always the game for me) then click Attach to process.
6. Dump ram by doing a known value search (doesn't matter what) and wait for it to finish.
7. Go to tools tab and click detatch from process.
8. Click disconnect button and close Noexs client.
9. Press home button, then press X button and choose to close software.
9a. (Optional) Press power button to put console in sleep mode.
9b. (If put to sleep) Wake console by pressing power button
10. Launch any game you have, cart or digital.

Switch will then just sit forever on the loading screen.

This does _NOT_ happen when poking memory, it seems the memory dump is required.

{-------- Noexs -------}
[Noexs]
kip1=modules/required/loader.kip
kip1=modules/required/pm.kip
kip1=modules/required/sm.kip
kip1=modules/required/fs_mitm.kip
kip1=modules/noexs/noexs.kip1
secmon=modules/required/exosphere.bin
kip1patch=nosigchk
atmosphere=1
debugmode=1
{ }

The hang you're experience is most likely Noexes not detatching from the process, or atmosphere is also attached and not detaching before it closes (the game sends a closed event and it halts until it's handled). I'll have to look into it. As for main moving around... That's perfectly normal, ASLR randomly assigns addresses, it's the whole point of it lol.

@ReclaimerShawn That error is a known issue, it's because the game has deallocated the memory region between dumps and Noexes is trying to read it... I'll try to fix it up by next release, whenever that is.

Deleted member 474010 · Jan 12, 2019

matt123337 said:
@ReclaimerShawn That error is a known issue, it's because the game has deallocated the memory region between dumps and Noexes is trying to read it... I'll try to fix it up by next release, whenever that is.

Thanks for the response. Could I request a few things for the next update? Could you add SX OS Cheat Support as well? What I mean by this is either an automatic cheat maker based on the SX format or just displaying values relative to where they are in MAIN, BASE, or HEAP. For instance, let's say Address 0x00CFFFFFFF is address 0x005FFFFFFF relative to HEAP. Could you allow that to be rendered as both the actual address and HEAP+0x005FFFFFFF? I don't know if that's what the parse function is for in your tool, but that always threw exceptions for me. SX OS also has an FTP Server on port 5000. I dunno if the port has proper permissions or framework for this, but could you possibly make the tool able to access that port to hook processes? I know I've put up a tall order, but I really love your tool and would love to be able to use it. As of right now, I have to use Atmosphere to load this tool's KIP on 5.1.0 and use outdated games as the firmware cannot support those updates, making modern cheats pretty hard to create. Making it able to use for SX OS on 6.2 would modernize it and make it easier for the end user. I'd be willing to beta test anything you might need to contribute.

matt123337 · Jan 12, 2019

ReclaimerShawn said:
Thanks for the response. Could I request a few things for the next update? Could you add SX OS Cheat Support as well? What I mean by this is either an automatic cheat maker based on the SX format or just displaying values relative to where they are in MAIN, BASE, or HEAP. For instance, let's say Address 0x00CFFFFFFF is address 0x005FFFFFFF relative to HEAP. Could you allow that to be rendered as both the actual address and HEAP+0x005FFFFFFF? I don't know if that's what the parse function is for in your tool, but that always threw exceptions for me. SX OS also has an FTP Server on port 5000. I dunno if the port has proper permissions or framework for this, but could you possibly make the tool able to access that port to hook processes? I know I've put up a tall order, but I really love your tool and would love to be able to use it. I'd be willing to beta test anything you might need.

Addresses can already be relative to main and heap,just they need to be lower case, as for base... Why? ASLR moves memory around all the time, so locating data relative to that would make no sense.

And unfortunately I don't see Noexs ever working with SXOS, as it's impossible to use without loading the kip, FTP works very very differently.

Re the cheat creation: I was hoping on integrating some sort of cheat creation at some point, but I'd rather not use anything SX related (I don't really want to come off as supporting piracy, and they have a history of doing pretty scummy things, even before the switch scene). I was hoping there would be some sort of community developed code handler by now, but it appears no one has stepped up (yet). I've floated the idea myself, but it would have to be a seperate sysmodule, and I'd like to be able to talk to it like any other service, and perhaps wrap communication with it from within Noexes. Anyways it's something to think about.

Deleted member 474010 · Jan 12, 2019

matt123337 said:
Addresses can already be relative to main and heap,just they need to be lower case, as for base... Why? ASLR moves memory around all the time, so locating data relative to that would make no sense.

And unfortunately I don't see Noexs ever working with SXOS, as it's impossible to use without loading the kip, FTP works very very differently.

Re the cheat creation: I was hoping on integrating some sort of cheat creation at some point, but I'd rather not use anything SX related (I don't really want to come off as supporting piracy, and they have a history of doing pretty scummy things, even before the switch scene). I was hoping there would be some sort of community developed code handler by now, but it appears no one has stepped up (yet). I've floated the idea myself, but it would have to be a seperate sysmodule, and I'd like to be able to talk to it like any other service, and perhaps wrap communication with it from within Noexes. Anyways it's something to think about.

Yeah, I suppose you're right about BASE, but I guess some games could have static base addresses in theory (I'm not used to the memory format of the Switch, though, although I've messed around with RAM related stuff on most other Nintendo Consoles. Correct me if I'm wrong. I'm used to BASE meaning a static address in memory, so educate me on the matter if you want.) I can see why you'd be apprehensive about SXOS: it'd make their software more popular. I like the OS personally, but that's just my opinion. I have heard about a couple of things TX has done though... Everyone also seems to be raving about getting emulators to work with the Switch, so I wouldn't expect an alternative code handler to come out soon (I also heard ReiNX is adapting some of SX's code, so their cheat handler might end up being ported to other CFWs instead.) Sad thing is, you would probably have to do it for anything to truly come out. To some it'd be reinventing the wheel, which might be another reason people aren't working on it.

matt123337 · Jan 12, 2019

ReclaimerShawn said:
Yeah, I suppose you're right about BASE, but I guess some games could have static base addresses in theory (I'm not used to the memory format of the Switch, though, although I've messed around with RAM related stuff on most other Nintendo Consoles. Correct me if I'm wrong. I'm used to BASE meaning a static address in memory, so educate me on the matter if you want.) I can see why you'd be apprehensive about SXOS: it'd make their software more popular. I like the OS personally, but that's just my opinion. I have heard about a couple of things TX has done though... Everyone also seems to be raving about getting emulators to work with the Switch, so I wouldn't expect an alternative code handler to come out soon (I also heard ReiNX is adapting some of SX's code, so their cheat handler might end up being ported to other CFWs instead.) Sad thing is, you would probably have to do it for anything to truly come out. To some it'd be reinventing the wheel, which might be another reason people aren't working on it.

Rei isn't adding in SX code lol, just emulating their services so some of their crapware loads. And no due to how ASLR works everything has different memory layouts all the time, it requires a patch to the loader sysmodule to disable iirc.

Deathwing Zero · Jan 12, 2019

matt123337 said:
The hang you're experience is most likely Noexes not detatching from the process, or atmosphere is also attached and not detaching before it closes (the game sends a closed event and it halts until it's handled). I'll have to look into it. As for main moving around... That's perfectly normal, ASLR randomly assigns addresses, it's the whole point of it lol.

I had a feeling the hang was because of Noexs, I didn't try ReiNX though. I didn't think it would work with it so I didn't bother. I was just trying to get as much information for you as I could for when you start working on it again. As for ASLR, yeah, I know that, it's just weird that it's at the END of the memory. In regards to crashes of the client, out of the 15 or so searches that I did, it only ever crashed once, and that was on the initial search. Never crashed on any resumed searches.

Stoned · Jan 24, 2019

@matt123337

Any Updates when you Continue your Work?

MikeTheKnight2016 · Jan 24, 2019

It's been a while since I've used this and I don't have it installed anymore

When you look at memory addresses on the computer, does it show it like SX OS does in the

Code:

* MAIN - memory addresses/pointers relative to the game's NSO executable
* HEAP - memory addresses/pointers relative to the start of the game's heap
* BASE - memory addresses/pointers that are neither part of MAIN/HEAP

format? Or does it show in the 'standard' offset format like if you view with a standard hex editor?

matt123337 · Jan 25, 2019

MikeTheKnight2016 said:
It's been a while since I've used this and I don't have it installed anymore

When you look at memory addresses on the computer, does it show it like SX OS does in the

Code:

* MAIN - memory addresses/pointers relative to the game's NSO executable * HEAP - memory addresses/pointers relative to the start of the game's heap * BASE - memory addresses/pointers that are neither part of MAIN/HEAP

format? Or does it show in the 'standard' offset format like if you view with a standard hex editor?

It doesn't show addresses relative to any other address rn, and I'm pretty hesistent to do so. Having them relative to main is okay I guess, but having them relative to heap would imply that the heap will always be allocated in the same way (it won't), and the same for addresses relative to the base address. I already have a ton of people asking me questions about why their pointers don't work and 95% of the time it's because of ASLR and SXOS's format.

Oh but you should be able to use addresses in a fairly similar format within the watchlist, something like "[main+13371337]" should work totally fine.

Stoned said:
@matt123337

Any Updates when you Continue your Work?

Still working on some stuff IRL right now, was hoping to have already had some more work done (like USB, and updating to newest java version).

That reminds me though... I am totally down for help with Noexes, so if anyone is interested feel free to hit me up (or make pull requests on GitHub, I at least can make the time to review code)!

chusski · Feb 8, 2019

noexs work with sx os ?

Deleted member 474010 · Feb 10, 2019

chusski said:
noexs work with sx os ?

Asked that a while back. At the moment, no. Best thing you could do is wait for Rei to get his CFW up to 7.0.0 and then use some of the SX OS tools via that.

Deleted member 474010 · Feb 10, 2019

matt123337 said:
It doesn't show addresses relative to any other address rn, and I'm pretty hesistent to do so. Having them relative to main is okay I guess, but having them relative to heap would imply that the heap will always be allocated in the same way (it won't), and the same for addresses relative to the base address.

Having values relative to HEAP could be useful. A lot of values on Mario Kart 8 Deluxe that I've looked at (such as the coin counter) are static HEAP addresses. The same is to be said with Pokemon Let's GO, and considering I've seen important values that were static both in this game and older pokemon games, it's likely you could see static HEAPs again on the newest version of Pokemon to come out. You could place a warning somewhere in the tool to say that HEAPs often aren't static, but include it there for convenience. Also, I hope you get your real-life stuff sorted out.

iCONicCON · Feb 11, 2019

eco95 said:
@matt123337

First of all, thank you so much for making this wonderful cheat engine.

I have a big trouble with this game, Makai Senki Disgaea Refine, on Noexs Remote Debugger.

Every time a character starts talking, the process is forced to stop. Then, I have to press "run game" to continue.

This is very ignoring, because during the cut scene, the characters talks so much, I have to keep pressing "run game" to continue.

Moreover, in this game, when loading a save or saving, the process also stops. Then, I have to click on "run game" to continue.

Please help me out~ Hope you can find time to look into this issue.

Thank you so so so much in advance! keep up your excellent work!

I'm trying to hack unplayable characters in disgaea 5 on the switch using Noexs. I was just wondering if you knew how or knew someone that could help me out.

iCONicCON · Feb 11, 2019

matt123337 said:
No. They all do searching on the console itself and I specifically designed Noexes to have the smallest footprint console sided possible (Also by doing other operations client sided it's possible to do more demanding things, like pointer searches). From my own experience though games tend to have much of what you want in one memory region, so you can always search just that region instead of all of ram.

how can i copy all of the data from an unplayable character in disgaea 5 to a newly created players data? I'm having trouble operating this program so any help would be appreciated.

Famicon · Feb 11, 2019

Is USB support for this out yet? I refuse to have my Switch online at all as I might get banned

iCONicCON · Feb 11, 2019

Famicon said:
Is USB support for this out yet? I refuse to have my Switch online at all as I might get banned

I cant post links because I am a new member but you could search up "90 DNS server for cfw switch". just remember if you connect to a new wifi, you will have to set up 90 DNS on that wifi as well.

--------------------- MERGED ---------------------------

iCONicCON said:
I cant post links because I am a new member but you could search up "90 DNS server for cfw switch". just remember if you connect to a new wifi, you will have to set up 90 DNS on that wifi as well.

i just tried usb for Noexs v1.1.2 and it was unable

iCONicCON · Feb 11, 2019

matt123337 said:
Odd. What firmware are you on?

Oh good idea! I'll add that to the next version. For now you can use the expression text box on the tools tab to resolve the into an address, then copy/paste it to the memory viewwr.

I need help with Noexs. Cant figure out how to copy data and paste into a new location

Homebrew RELEASE Noexs Remote Debugger

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

New Member

New Member

Well-Known Member

New Member

New Member

Similar threads

Popular threads in this forum