Front-page Hacking RELEASE  Updated

Nereba Exploit: Reboot to Fusée Gelée payload from stock firmware.

nintendo-switch-homebrew-launcher.jpg

Stuckpixel of the ReSwitched team recently released his exploit "Nereba".

This exploit will enable Nintendo Switch owners with early units that have held off updating, still on the original 1.0.0 firmware to reboot into a Fusée Gelée payload without any dongle, USB connections to a external device or jig directly from stock untouched firmware. In addition support for 2.x and 3.x firmware is also planned in the future, opening up the exploit to significantly more consoles.

The implementation takes advantage of the nspwn exploit, that users of the original 3.0.0 homebrew implementation will be familiar with. Used in conjunction with this, users will be able to boot any Fusee Gelee payload from the micro SD card, placed in the nereba folder on the root of the SD card. After running the script from the Switch web applet, users can reboot into any payload by launching the album applet from the home menu.

Download:

https://github.com/pixel-stuck/nereba/releases
 
Last edited by RattletraPM, , Reason: Center image to follow news formatting
  • Like
Reactions: BrandonSWITCH, kite21, Reynardine and 70 others
Click to expand...
T

tjok3000

Well-Known Member
Newcomer
Level 2
Joined
Oct 3, 2016
Messages
57
Trophies
0
Age
55
XP
215
Country
Belgium
Is for a switch with firmware 1.0.0, the Nereba exploit with help from pc on wifi, and with atmosphere with emu for higher firmware as for now the best option?
Or i'm curious are there also other developments going on for 1.0.0?
 
S

snoofly

Well-Known Member
Member
Level 10
Joined
Aug 18, 2015
Messages
1,012
Trophies
0
Age
54
XP
2,133
Country
United Kingdom
tjok3000 said:
Is for a switch with firmware 1.0.0, the Nereba exploit with help from pc on wifi, and with atmosphere with emu for higher firmware as for now the best option?
Or i'm curious are there also other developments going on for 1.0.0?
Click to expand...
On my 1.0.0 I boot into stock 1.0 OFW then run fake news to access Pegascape DNS in order to run nereba to load SX OS payload (or Atmosphere whatever) into emunand on 8.1.
It sounds long winded but really only takes a few seconds.
So as long as the Pegascape DNS is up you've basically got a method to boot to 8.1 emunand direct from OFW.
I host Pegascape locally as well and use my PC as second DNS entry in case Pega is down but it never has been.
Outside of a modchip/trinket, I think this is the only way to enable CFW from Stock OFW without need of a PC or other cables/dongles etc.
 
  • Like
Reactions: tjok3000
T

tjok3000

Well-Known Member
Newcomer
Level 2
Joined
Oct 3, 2016
Messages
57
Trophies
0
Age
55
XP
215
Country
Belgium
That sounds like a very nice solution. So the only thing is a wifi to internet or a pc as a backuphost to Pegascape is needed I understand.

Do you know if Pegascape is also hostable on for example an android phone?
For my ps4 i got some sort of a Pegascape, but I can trigger it with an old android phone.
 
S

snoofly

Well-Known Member
Member
Level 10
Joined
Aug 18, 2015
Messages
1,012
Trophies
0
Age
54
XP
2,133
Country
United Kingdom
Sorry, I'm not sure, I expect so but I've never tried it.
I use a ESP8266 for my PS4 and I think you can go that route also with Pegascape so I expect you can also use an Android phone as well
but https://gbatemp.net/threads/pegaswi...witch-4-1-using-esp8266-chip-possible.542740/ maybe a place to enquire?
I guess 99.99% of time the Pega DNS is available and you can hotspot to it thru your phone if you have no wifi so it's not something I looked into.
 
  • Like
Reactions: tjok3000
T

tjok3000

Well-Known Member
Newcomer
Level 2
Joined
Oct 3, 2016
Messages
57
Trophies
0
Age
55
XP
215
Country
Belgium
I don't have that chip, maybe I get one. It looks like a cool thing to try with that ESp8266 chip!
A hotspot with the phone is also a nice solution if I want to enable when away from home.
 
S

snoofly

Well-Known Member
Member
Level 10
Joined
Aug 18, 2015
Messages
1,012
Trophies
0
Age
54
XP
2,133
Country
United Kingdom
tjok3000 said:
I don't have that chip, maybe I get one. It looks like a cool thing to try with that ESp8266 chip!
A hotspot with the phone is also a nice solution if I want to enable when away from home.
Click to expand...
Yeah, I tried the hotspot and connected the switch to that and it worked fine, that was my only concern - if I had no wifi.
And sure, get a couple of ESP8266s - they're handy little things. I have one hanging off my 5.05 ps4 with Leeful exploit flashed to it
https://gbatemp.net/threads/release...st-and-esp-devices.534441/page-5#post-8743282
 
M

modern

Member
Newcomer
Level 1
Joined
Jul 4, 2018
Messages
7
Trophies
0
Age
34
XP
109
Country
Brazil
I read thru the thread and am a bit confused.... is this a semi cold boot exploit?

I have a switch without any burnt fuses so I can go back to 1.0.0 I used puyo to hack my switch so redo that with this exploit. Then I reupgrade with Choidoujour to 8.1.0? Without auto rcm wouldn’t switch burn fuses? Do I use that emu thing to have 1.0.0 stock and Cfw 81.0?

Edit so I read back 5 posts and seems I need to run pegaswitch each time so seems for now using a pc to drop payload is easier for now
 
Last edited by modern,
S

snoofly

Well-Known Member
Member
Level 10
Joined
Aug 18, 2015
Messages
1,012
Trophies
0
Age
54
XP
2,133
Country
United Kingdom
modern said:
I read thru the thread and am a bit confused.... is this a semi cold boot exploit?

I have a switch without any burnt fuses so I can go back to 1.0.0 I used puyo to hack my switch so redo that with this exploit. Then I reupgrade with Choidoujour to 8.1.0? Without auto rcm wouldn’t switch burn fuses? Do I use that emu thing to have 1.0.0 stock and Cfw 81.0?

Edit so I read back 5 posts and seems I need to run pegaswitch each time so seems for now using a pc to drop payload is easier for now
Click to expand...
you do mostly what you said but create an emunand and upgrade that via choi to 8.1.
You don’t touch your sys firm at all, that stays at 1.0 for the purpose of launching nereba via pegascape
and you don’t need rcm as you’ll always only boot to 1.0 so you won’t burn anything
You don’t need pc cables or dongles, just wifi or hotspot

of course all this assumes you are sure you haven’t burnt any fuses at all else you won’t be able to boot to stock 1.0 so double check that
 
Last edited by snoofly,
renegade2k82

renegade2k82

Well-Known Member
Member
Level 3
Joined
Oct 1, 2016
Messages
102
Trophies
0
XP
256
Country
United States
When i click the nebra icon from pegascape i always get a error and tells me to shut down.so how do i fix this?i have the pegafolder and the files from the pegascape site.
 
renegade2k82

renegade2k82

Well-Known Member
Member
Level 3
Joined
Oct 1, 2016
Messages
102
Trophies
0
XP
256
Country
United States
Also i got past the error screen by renaming the latest hekate payload nereba.bin and put it in the nereba folder but i was able to boot to hekate from pegascape once now everytime i try to do that when my switch reboots the screen just flickers black.
 
BaamAlex

BaamAlex

UDE GA NARU ZE!
Member
Level 16
Joined
Jul 23, 2018
Messages
6,051
Trophies
1
Age
29
Location
Lampukistan
Website
hmpg.net
XP
6,161
Country
Germany
renegade2k82 said:
Also i got past the error screen by renaming the latest hekate payload nereba.bin and put it in the nereba folder but i was able to boot to hekate from pegascape once now everytime i try to do that when my switch reboots the screen just flickers black.
Click to expand...
Why don't you use fusee gelee? Much more convenient :)
 
S

snoofly

Well-Known Member
Member
Level 10
Joined
Aug 18, 2015
Messages
1,012
Trophies
0
Age
54
XP
2,133
Country
United Kingdom
BaamAlex said:
Why don't you use fusee gelee? Much more convenient :)
Click to expand...
For 1.0 users, nereba provides an untethered payload injection.
Unless things have changed and I’m out of the loop I thought best you could do for untethered with FG is a trinket, failing that you’re lugging a dongle or cable around for a reboot
 
renegade2k82

renegade2k82

Well-Known Member
Member
Level 3
Joined
Oct 1, 2016
Messages
102
Trophies
0
XP
256
Country
United States
yeah i got it working now i just used a older version of hekate and have 2 separate sd cards 1 fat32 to load into pegascape and inject the payload and the other exfat one to swap out to in hekate to load my emummc with latest firmware.i defiantly rather swap sd cards then have to be tethered or have to use a jig and carry that stuff around.like snoofly said its much more convenient with 1.0 compared to fusee gelee.
 
S

snoofly

Well-Known Member
Member
Level 10
Joined
Aug 18, 2015
Messages
1,012
Trophies
0
Age
54
XP
2,133
Country
United Kingdom
renegade2k82 said:
yeah i got it working now i just used a older version of hekate and have 2 separate sd cards 1 fat32 to load into pegascape and inject the payload and the other exfat one to swap out to in hekate to load my emummc with latest firmware.i defiantly rather swap sd cards then have to be tethered or have to use a jig and carry that stuff around.like snoofly said its much more convenient with 1.0 compared to fusee gelee.
Click to expand...
Glad you got it working but not sure why you need to swap sd cards.
I’m running the pega/nereba/emummc setup on my 1.0 switch with just the one fat32 sd card.
I’d be very wary swapping in and out sd cards, that microsd socket is very flimsy and broke on one of mine.
 
P

petspeed

Well-Known Member
Member
Level 9
Joined
Nov 13, 2009
Messages
1,128
Trophies
1
Age
49
XP
1,733
Country
Denmark
renegade2k82 said:
yeah i got it working now i just used a older version of hekate and have 2 separate sd cards 1 fat32 to load into pegascape and inject the payload and the other exfat one to swap out to in hekate to load my emummc with latest firmware.i defiantly rather swap sd cards then have to be tethered or have to use a jig and carry that stuff around.like snoofly said its much more convenient with 1.0 compared to fusee gelee.
Click to expand...
Firmware 1.0.0 doesn't support exfat. If you reformat your exfat SD card to FAT32 I bet it will work fine with just one SD card.
 
  • Like
Reactions: snoofly and Deleted User
G

gbadl

Well-Known Member
Member
Level 5
Joined
Sep 13, 2009
Messages
198
Trophies
1
XP
553
Country
Hopefully researched can use this to figure out if something can be modified in patches OFW up to current versions.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

The MIG Switch Thread

Kingdom Come Deliverance Nswitch MOD

Homebrew Tutorial  Building Pagascape from source to running Self Hosted mode on Windows and MSYS

mig switch not working/updating??

Hacking Homebrew Tutorial  Portable PegaScape (Win32)

Hacking Misc  Getting the MIG Switch to load an XCI dump without its original Initial Data

Fusee.bin with the new Pre-release of Atmoshere 1.7.0

DBI language error

General chit-chat
Help Users
  • sp3off @ sp3off:
    ouch @K3Nv2 hope nothing's too bad !
  • RedColoredStars @ RedColoredStars:
    xda a good site. My go to site for phone shit. :)
  • K3Nv2 @ K3Nv2:
    Females have burnt me worse
  • ZeroT21 @ ZeroT21:
    females don't exist
  • SylverReZ @ SylverReZ:
    @ZeroT21, Tamales exist.
     +1
  • RedColoredStars @ RedColoredStars:
    Setting FF to max performance on my gpu made it slower. lol. Tried it on Edge too just to see, and it made Edge slower too. lol
  • RedColoredStars @ RedColoredStars:
    Thanks for trying. :)
     +1
  • RedColoredStars @ RedColoredStars:
    ill just use edge and watch nintendo videos on firefox. lolol.
  • K3Nv2 @ K3Nv2:
    The everything beagle cup noodles are actually pretty decent
  • RedColoredStars @ RedColoredStars:
    beagle? :P
  • RedColoredStars @ RedColoredStars:
    dog noodles. mmmmmm.
  • ZeroT21 @ ZeroT21:
    monkey brains
  • RedColoredStars @ RedColoredStars:
    The cream cheese flavoring in the bagel cups scares me
  • K3Nv2 @ K3Nv2:
    https://gbatemp.net/members/k3nv2.329811/#profile-post-163032
  • RedColoredStars @ RedColoredStars:
    Did you try the breakfast one they make?
  • sp3off @ sp3off:
    A good salmon Poké bowl with some cream cheese is decadent
  • K3Nv2 @ K3Nv2:
    It's really not bad you just think of cold cream cheese
  • ZeroT21 @ ZeroT21:
    being lactose intolerant is a sin
  • RedColoredStars @ RedColoredStars:
    I dont like cream cheese. Thats why. Haha. The breakfast noodle cup sounds fantastic though.
  • K3Nv2 @ K3Nv2:
    I beat grilled cream cheese would be top notch
  • sp3off @ sp3off:
    @ZeroT21 tons of ingredients contains lactose more or less sadly. Makes them tummy aches and farts-o-lantern rocket launches
     +1
  • K3Nv2 @ K3Nv2:
    My only gripe too many poppy seeds a cop may taze me
  • RedColoredStars @ RedColoredStars:
    "Start your day with Cup Noodles Breakfast! This limited time flavor blends ramen with your favorite breakfast flavors, including pancakes, maple syrup, sausage, and eggs."
  • K3Nv2 @ K3Nv2:
    If our Walmart has them yours probably does
  • ZeroT21 @ ZeroT21:
    I came to like french Camembert
    ZeroT21 @ ZeroT21: I came to like french Camembert