Hacking Question A few questions about NAND backup

Gammazeth

Well-Known Member
OP
Newcomer
Joined
Jul 9, 2019
Messages
95
Trophies
0
Age
21
XP
365
Country
France
Hi everyone, today I decided to make another NAND backup using this time NxNandManager (since I don't have enough space on my SD card and I don't have enough space on my PC to store the contents of my SD card to spare momentarily some space). So I mounted my eMMC RAWNAND using TegraRCMGui and began to backup the whole thing, and it saved a single file named (rawnand which is probably corresponding to the rawnand made by Hekate right?). Tho if I remember correctly, on the Hekate backup I made, there was also the BOOT0 and BOOT1 and maybe the user informations (I'm not too sure about that). Now let's imagine the worst-case scenario, I bricked my switch and I'm only able to enter RCM mode, what is needed to get it to the same point before the brick? I need the Rawnand but I guess I also need the BOOT0 and BOOT1 right? And what about user informations? And do I need to have a decrypted NAND? Some elements on the backup are encrypted and I need the keys for those, are those the biskeys? And how to decrypt an already made rawnand?
Thanks in advance for answering my questions!
 

Draxzelex

Well-Known Member
Member
Joined
Aug 6, 2017
Messages
17,094
Trophies
1
Age
27
Location
New York City
XP
11,412
Country
United States
Hi everyone, today I decided to make another NAND backup using this time NxNandManager (since I don't have enough space on my SD card and I don't have enough space on my PC to store the contents of my SD card to spare momentarily some space). So I mounted my eMMC RAWNAND using TegraRCMGui and began to backup the whole thing, and it saved a single file named (rawnand which is probably corresponding to the rawnand made by Hekate right?). Tho if I remember correctly, on the Hekate backup I made, there was also the BOOT0 and BOOT1 and maybe the user informations (I'm not too sure about that). Now let's imagine the worst-case scenario, I bricked my switch and I'm only able to enter RCM mode, what is needed to get it to the same point before the brick? I need the Rawnand but I guess I also need the BOOT0 and BOOT1 right? And what about user informations? And do I need to have a decrypted NAND? Some elements on the backup are encrypted and I need the keys for those, are those the biskeys? And how to decrypt an already made rawnand?
Thanks in advance for answering my questions!
A complete NAND dump comprises of BOOT0, BOOT1, and the eMMC raw GPP. Biskeys are use with hacdiskmount.
 

Gammazeth

Well-Known Member
OP
Newcomer
Joined
Jul 9, 2019
Messages
95
Trophies
0
Age
21
XP
365
Country
France
What can basically do hacdiskmount?

--------------------- MERGED ---------------------------

And the "eMMC Raw GPP" is basically the file named rawnand right?
 

Draxzelex

Well-Known Member
Member
Joined
Aug 6, 2017
Messages
17,094
Trophies
1
Age
27
Location
New York City
XP
11,412
Country
United States
What can basically do hacdiskmount?

--------------------- MERGED ---------------------------

And the "eMMC Raw GPP" is basically the file named rawnand right?
Hacdiskmount does what it says in the name. It "mounts" the "Hac" (which is another name for the Switch) as a "disk" drive allowing for exploration of the eMMC. And the eMMC raw GPP is your rawnand.
 

Gammazeth

Well-Known Member
OP
Newcomer
Joined
Jul 9, 2019
Messages
95
Trophies
0
Age
21
XP
365
Country
France
So for example if my NAND backup gets corrupted, I could, in theory, fix it? In which case is it useful?
 

Gammazeth

Well-Known Member
OP
Newcomer
Joined
Jul 9, 2019
Messages
95
Trophies
0
Age
21
XP
365
Country
France
OK so if I don't want to play around with my NAND backup hacdiskmount is basically "useless" for me right?
 

Draxzelex

Well-Known Member
Member
Joined
Aug 6, 2017
Messages
17,094
Trophies
1
Age
27
Location
New York City
XP
11,412
Country
United States
OK so if I don't want to play around with my NAND backup hacdiskmount is basically "useless" for me right?
Well there is one edge case but its more of a last resort and there is no guarantee it will work. ChoiDujour was originally made with the intent to update firmware versions but can also be used to regenerate most of the NAND. The key word here is most. The only part it cannot regenerate is PRODINFO. Once you use ChoiDujour to regen the NAND, then you use hacdiskmount to flash it. This is only if you do not have a NAND backup and your console is bricked but it is an option that exists.
 

Gammazeth

Well-Known Member
OP
Newcomer
Joined
Jul 9, 2019
Messages
95
Trophies
0
Age
21
XP
365
Country
France
OK and what keys do I need? How do I dump them with Tegra Rcm Smash? And how to get the prodinfo if that scenario happens, do I need to have it backed up previously? And if so, how could I backup only prodinfo?
 

Draxzelex

Well-Known Member
Member
Joined
Aug 6, 2017
Messages
17,094
Trophies
1
Age
27
Location
New York City
XP
11,412
Country
United States
OK and what keys do I need? How do I dump them with Tegra Rcm Smash? And how to get the prodinfo if that scenario happens, do I need to have it backed up previously? And if so, how could I backup only prodinfo?
Aptly enough, you dump your biskeys with biskeydump (its a payload). And you don't need a separate dump of PRODINFO because PRODINFO is already dumped when you dump the entire eMMC raw GPP. More specifically, it is a part of eMMC SYS. And just to be extra clear, the eMMC is made up of SYS and USER.
 
General chit-chat
Help Users
  • No one is chatting at the moment.
    Psionic Roshambo @ Psionic Roshambo: Lol Uncle Mario help me I'm stuck!