Search results
-
B
Hacking Hardware Picofly - a HWFLY switch modchip
Did you mean checking to prevent patches? Then excuse me, I did not immediately understand what you mean.- ByteFun
- Post #499
- Forum: Nintendo Switch
-
B
Hacking Hardware Picofly - a HWFLY switch modchip
Have you seen the code? There is a large data segment with high entropy. Specifying an identifier and simply comparing it is too stupid a defense.- ByteFun
- Post #497
- Forum: Nintendo Switch
-
B
Hacking Hardware Picofly - a HWFLY switch modchip
0x1F80 * 0x200 = 0x3F0000 Maybe it's not a block number, but an address? (1F80)- ByteFun
- Post #490
- Forum: Nintendo Switch
-
B
Hacking Hardware Picofly - a HWFLY switch modchip
Writing programs in C is not enough. You need to understand how to work with the controller and be able to write working code. Unfortunately, I'm not that good at this. In addition, you will have to debug it, A LOT OF DEBUGING, and not only software, but also hardware- ByteFun
- Post #468
- Forum: Nintendo Switch
-
B
Hacking Hardware Picofly - a HWFLY switch modchip
- ByteFun
- Post #458
- Forum: Nintendo Switch
-
B
Hacking Hardware Picofly - a HWFLY switch modchip
I also studied this firmware before. There is a presentation of how the switch glitching. As I understand it, the success flag is a request to read a specific address from memory. The FPGA is just for eMMC r/w and mosfet control based on pulse width and offset relative to something that are...- ByteFun
- Post #454
- Forum: Nintendo Switch
-
B
Hacking Hardware Picofly - a HWFLY switch modchip
Are you sure? I haven't compared yet. Where are such conclusions from? I'm just wondering how you came to this.- ByteFun
- Post #346
- Forum: Nintendo Switch
-
B
Hacking Hardware Picofly - a HWFLY switch modchip
It's not a problem to brute force the ID. The ID is already there. Problem with decryption algorithm. Is it a standard, known algorithm or proprietary?- ByteFun
- Post #344
- Forum: Nintendo Switch
-
B
Hacking Hardware Picofly - a HWFLY switch modchip
The first thing the startup code does is initialize the hardware, copy the contents of flash memory into RAM, and start the main function. We get the identifier of the flash memory. The chip voltage rises and the clock frequency rises to 333 MHz. In this mode, we can no longer work with flash...- ByteFun
- Post #342
- Forum: Nintendo Switch
-
B
Hacking Hardware Picofly - a HWFLY switch modchip
Do you think it's so easy to replace the bootloader? The main code is encrypted, as is the bootloader code. I think you can put your bootloader in emmc через hekate? Will the chip load a custom bootloader in the switch?- ByteFun
- Post #231
- Forum: Nintendo Switch
-
B
Hacking Hardware Picofly - a HWFLY switch modchip
Well. I successfully connected the debugger. The container is not checked for integrity, but any modification of the firmware will reset the chip into firmware download mode. Perhaps there are some checks during the execution of the firmware. But after doing something, I was able to start...- ByteFun
- Post #205
- Forum: Nintendo Switch
-
B
Hacking Hardware Picofly - a HWFLY switch modchip
This is the goal. I mean, you can't just patch one place by changing the ID. But, is it possible to make the get ID function return the same set of bytes? Sounds like a dirty patch, but can work as a temporary security bypass solution )) 1674203370 The encrypted firmware is located at 1000297C...- ByteFun
- Post #204
- Forum: Nintendo Switch
-
B
Hacking Hardware Picofly - a HWFLY switch modchip
No No! You need encrypt 2nd stage firmware with new key (generated with unique Flash ID) 1674125195 I'm still trying to enable debugging. I'm sure it's possible to patch the firmware and allow the debugger to connect, but I don't know how. This is my first arm debugging experience, never had...- ByteFun
- Post #193
- Forum: Nintendo Switch
-
B
Hacking Hardware Picofly - a HWFLY switch modchip
I know what Swd is, I asked how they turned it off? openocd is unable to connect to the target.- ByteFun
- Post #190
- Forum: Nintendo Switch
-
B
Hacking Hardware Picofly - a HWFLY switch modchip
What about SWD disabling in firmware. How to enable debugging? 1674110606 I found xref to encrypted data and, maybe, decryptor code. But i cant connect to target via swd port )- ByteFun
- Post #187
- Forum: Nintendo Switch
-
B
Hacking SWITCH NOOB PARADISE - Ask questions here
Hello! I need to patch code in system module. Main executable file already decrypted and loaded in IDA Pro, i know which bytes and at which offset I need to replace. How can I do this without packaging and replacing the package in the firmware? I saw in the atmosphere support for IPS patches...- ByteFun
- Post #25,876
- Forum: Nintendo Switch
-
B
Hardware Debugging faulty BCM4356 / orange screen / boot loop
Hello! Any news about flashing new BCM IC? I have switch with new BCM without working bluetooth- ByteFun
- Post #140
- Forum: Nintendo Switch
-
-
-
-
-
-
-
-
@
Sicklyboy:
Lazy day for me. Was gonna go grocery shopping but it's raining so I don't feel like going out. Listened to music and messed with server stuff instead -
-
-
-
@
Sicklyboy:
I feel like school, back when I was actually in school, was more entertaining though, because of how much I get to interact with people, hang out with friends, and other stuff like that. All I get to talk to at work is my boring coworkers lol
-
-
-
-
-
-
-
-
-
-
-
-
-
@
Psionic Roshambo:
https://m.youtube.com/watch?v=3xQO7neBmy0&pp=ygUXU2hvd2VyIHNjZW5lIEhhbGYgYmFrZWQ%3D