Thanks for the guide. I am currently on 7.01, and I can get as far as replacing the 800..10 file and then running REINX, but it just sits on the switch logo indefinitely, I presume because the donor profile is from 6.0? Thankfully I backed up my original file, so just replacing that was enough to unbrick my switch rather than having to restore my full nand backup.

Have you attempted to upgrade any of the consoles to 7.X, does this work do you know?

Also, would anyone be willing to provide a donor save from a 7.x console to try?

I assume I could downgrade and then try, but would much rather avoid that step if I can!

 

Could you possibly do me a huge favour then and dump your current 7.01 8000..10 file?

I’ve been doing some digging and know how to extract the save using hactool. Can even set a custom icon.

I’m hoping to find a way to manually apply the flag without having to use a donor profile!

 

I haven't upgraded any of my switches past 6.2 yet.
bootmonster or deadf1sh, would you be willing to upload your 8000..10 file from 7.0.1 here for users starting on 7+ firmwares? The file is only 7MB so you can upload it by just adding the .txt extension. (Which, of course, everyone would need to be removed before usage.)

I can test your 7.0 file on one of my 6.2 switches to see if it works on the older firmware or not.
Originally, this was supposedly only working on 6.1.0, but I have successfully used the same file on both 6.0.0 and 6.2.0.
If anyone can test on a firmware lower than 6.0 that would also be helpful, so that we can confirm instructions for those to whom that would apply. (Is it necessary to match the save file to a firmware range, or is a newer file backward compatible?)

PS To whomever moderates this forum, since the OP has not been involved in this discussion for a long while, would it be helpful if I created a new thread with the above instructions and the attached save file, in order to make the information more accessible? I would also be willing to update the first post of such a thread as needed.

 

I have tried to use the 7.01 file but still I am getting the freeze on the Switch logo when running ReinX unfortunately. Either something has changed between 6.x and 7.x, or I am doing something wrong.

What version of ReinX was it that you were using t1op?

I may have to downgrade after all and go from there.

Some further info I have been able to establish;

I have been able to extract both my original save (top) and the donor profile (bottom), and there are some extra files that exist in the folders for the online one. I'm hoping profiles.dat may be the key to how a profile is flagged, and that the other files aren't required. The cache file doesn't exist in the 7.01 donor profile incidentally so that file at least isn't required.



You can extract the save easily with libhac / hactoolnet using the following command if anyone is curious

hactoolnet.exe -t save 8000000000000010 --outdir <output folder name>

You can also use the tool to resign the save, which if I can get working hopefully should avoid at the very least the reinx step. This requires a dump of your keys from lockpick.

Another thing you can do with the tool is replace files then resign, so hopefully just a change to profiles.dat is enough to flag the profile as being an online one.

To that end, I have a second switch which is not hacked, I am going to reset it to factory and add some user accounts, dump the nand, then connect each of them to nintendo online accounts, then dump the nand again and compare the profiles.dat files between both. I know I could use hacdiskmount for this step but feel safer dumping the nand to do this step.

Hopefully if we work out what needs to be changed homebrew could be developed to do so, or even something developers could add to checkpoint!

 

So good news, I have been able to get the 7.01 donor profile to work. I haven't tested it but suspect the 6.0 file would likely work as well.

The 800..10 files is just a save file, so running it through hactoolnet and resigning it just works, no faffing with ReiNX.

You need to dump your keys using lockpick or another method, then place the prod.keys file in with hactoolnet.

To resign the save I used

hactoolnet.exe -k prod.keys -t save 8000000000000010 --sign

Then just replaced the file using hacdiskmount

ReiNX must have been resigning the save data on first run for whatever reason, though this is a better method and works on 7.01.

 

Dump your biskeys with biskeydump.bin or lockpick_rcm. (from the implant console)

You can get a donor 8000000000000010 four different ways... (from a donor console)

#1. grab the zip earlier in this thread with donor account and pull the file from \UES\save.
#2. use HacDiskMount on donor nand backup and pull it from \System\save
#3. use HacDiskMount on donor console and pull it from \System\save
#4. use Goldleaf on donor console to copy it from \System\save to your sdcard

Resign 8000000000000010; (prod.keys from the implant console)
hactoolnet.exe -k prod.keys -t save 8000000000000010 --sign

Use one of the methods above (#2, #3, or #4) to put it on your device. (to the implant console)

Tools for the job;
hactoolnet:
https://github.com/Thealexbarney/LibHac/releases

Goldleaf:
https://github.com/XorTroll/Goldleaf/releases

Lockpick_RCM
https://github.com/shchmue/Lockpick_RCM/releases

memloader, biskeydump, and HacDiskMount
https://switchtools.sshnuke.net/

The basics of how to use memloader, biskeydump, and HacDiskMount and can be found here;
Don't follow the guide, just look at how the various apps/payloads are used.
https://guide.sdsetup.com/usingcfw/manualchoiupgrade

 

Should work on any version.

 

Going to give goldleaf a go and see what happens, I'm using the latest commits from github.

Edit: can't even see the file in there, very strange

 

Works like a charm on 8.0.1, thanks, guys!

 

I have a second switch (with 8.0.1, for online and eshop games) as donor.