Tutorial
Updated
Edit OFW clean Switch save data from NAND backup/restoring via Fusee Gelee payloads
#BLACKLIVESMATTER
UPDATE: I am currently still not banned utilizing this method as of 1/16/2022!
THIS METHOD CURRENTLY WORKS WITH POKEMON SWORD AND SHIELD USING PKHEX AS WELL AS ANIMAL CROSSING: NEW HORIZONS USING NHSE
THANKS TO @Kaphotics FOR BOTH EDITORS
Hello! This tutorial will share how I managed to successfully edit my games' save data from OFW NAND and play them without any issue after restoring. When I initially began searching for info on how to do this, it wasn't as readily available as it could've been. Because of that, the process was not very easy to figure out; however, I hope this tutorial can be a useful "all-in-one" reference for anyone looking to do the same! If anything is unclear or missing, always feel free to reply below or send me a PM. Enjoy!
What you'll need:
Following this guide got me into the Switch hacking scene in the first place. I was curious and found it during a Google search, and I found it to be very helpful! It outlines how to boot your Switch into RCM mode, how to find out if your Switch can use the Fusee Gelee exploit for payloads, how to prepare your microSD card, and how to create a NAND backup (Safety Precautions page)! My advice is to follow this guide to the point where a NAND backup is created on your microSD card, as that's the point where this tutorial will begin. The backup process does take time. Always remember to hold the volume down button when injecting the hekate payload as well.
Something very important to ensure you include during this initial setup is the sept folder on your microSD card. It is included in the Kosmos Defaults ZIP build, and you must include everything within the sd folder from the ZIP build you download. This helps guarantee that you have the appropriate and correct prod.keys for successful save data signing. You likely cannot do this guide correctly without the sept folder on your microSD card.
Once a rawnand.bin (~30gb) has been created in the root\backup\XXxXXXXX folder of your microSD card utilizing hekate, you will also want to run the Lockpick_RCM payload via TegraRcmGUI in order to obtain all the console-specific keys you'll need. This will create a prod.keys file within the root\switch folder of your microSD card. Once you've successfully gotten your rawnand.bin NAND backup and prod.keys console keys file, you can proceed to your computer.
Take your microSD card from the Switch and insert it into your computer (or utilize memloader as mentioned above in the What you'll need section). CREATE A BACKUP OF YOUR RAWNAND.BIN AND BOOT0 AND BOOT1 FILES SOMEWHERE SAFE (you should have the two boot files if you followed the sdsetup guide mentioned at the start of this section). I cannot stress this enough. If something goes wrong, these will be what saves your system from becoming a brick.
Open HacDiskMount and select File > Open file, and then get to the rawnand.bin in the root\backup\XXxXXXXX folder and Open. Scroll all the way down until you find the USER partition and open it via double-click. At this point, you will need the specified BIS Key X indicated in the top-left corner of the Operations on USER window. For example: mine needed BIS Key 3, the Crypto (Upper) and Tweak (Lower) keys. To get those, go to the root of your microSD card, then the switch folder, and prod.keys should be located there. Right-click prod.keys and Open with Notepad. Locate the necessary key (in my case this was bis_key_03), and copy the first 32 characters, then paste them into the Crypto (Upper) field back in HacDiskMount (spaces will automatically populate every two characters), and then do the same thing for Tweak (Lower) except copy and paste the remaining 32 characters. Once done, press the Test button to make sure you've copied correctly, and then Save so you don't have to copy and paste every time later on.
Under the Virtual drive section of the Operations on USER window, click on the Install button to get the appropriate driver for mounting NAND backups. Once it's finished installing the driver, press Mount. After about 10 seconds or so, you can find your NAND has been mounted as drive A: on your computer. Its files can now be explored! Navigate to the A:\save folder. All of the files listed here are your games' save data files. They aren't easily discernible, so some trial and error is required for locating the right game save you want to edit. Here's a guide on a pretty great method for extracting all the data at once. I used this and then figured out Let's Go only has a file called savedata.bin, and FFX has ffx_00X files and a GameSettings file where X is the save slot in the game. Every game probably has its own distinguishing characteristics, so you might have to get creative in order to find out which save file is the game you want to edit for.
Once you know exactly which file in A:\save is the one of the game you want to edit, this is where hactoolnet comes in. I currently have individual hactoolnet folders for EVERY game whose saves I edit. You can come up with your own system, but to keep it organized, I have a main hactoolnet folder, and within that, folders of all the games I edit such as FFX hactoolnet and LGE hactoolnet. Then within each of those folders (FFX hactool for example), my setup looks as follows:
Notice the out and sav folders, the extract.bat and inject.bat, and the prod.keys files. These are all required for this to work properly if you follow my method. Everything else should come with the hactoolnet download in the What you'll need section. The extract.bat and inject.bat files will be edited via Notepad. To create them from scratch, right click in your hactoolnet folder window and go to New > Text Document and rename it appropriately. The files will contain the following:
extract.bat:
For this example, my FFX save data file in A:\save is 0000000000000019, so my script would be:
inject.bat:
To maintain the example, the FFX save data I want to edit is specifically the ffx_002 file WITHIN the 0000000000000019 save data file found in the NAND backup, so the script I use would be:
prod.keys:
This is just your prod.keys file from earlier. Copy and paste it here from your microSD card root\switch folder.
Once this has been set up, we can run a test to make sure it works properly. Go back to A:\save and copy the save data file of the game you want to edit. Paste it in the sav folder in our hactoolnet setup. I also recommend making a backup somewhere safe just in case you wreck the save data. After that, run the extract.bat file. This will execute the script we wrote which extracts an editable save file from the save data in the sav folder, and then place it in the out folder. The resulting command prompt window should look similar to this to indicate success (sensitive data removed):
Ignore the "Failed" signals at the very top, because as long as your CMAC Signature and Header Hash are both (GOOD), that should be indicative of a successful extract.
After you get a successful extraction, head into the out folder. There you will now see a folder with the same name as the save data file we took from the NAND's A:\save folder. For me, the folder was 0000000000000019. When I go into that folder, I can see my ffx_002, ffx_001, and GameSettings files. These are the editable save files at this point. If a save editor exists for your game, you'll want to open these files with that program now and make your changes. I will stick to editing just my ffx_002 file in this instance as that's what's outlined in my inject.bat script.
Once I'm finished making my changes, I overwrite the ffx_002 file and save it. I am now ready to inject it back into the 0000000000000019 file in the sav folder. To do so, all I have to do at this point is run the inject.bat file. This will replace the ffx_002 file inside the 0000000000000019 file and sign the save correctly. Again, the resulting command prompt window should look similar to this to indicate success:
Again, you can ignore the "Failed" signals. If you see Replaced file /savefile and Successfully signed save file, then those are very good signs! All that's left to do is get it back into the NAND and then restore.
In order to successfully inject and sign save data correctly for a game like Animal Crossing: New Horizons, you must use the repack function as opposed to the replacefile function. The extract.bat is the same, but here is the appropriate inject.bat:
Where you replace "xx" with your own appropriate save file name. Special thanks to this post as well as this one, both by @Max89, for the information!
Once the inject.bat is finished, you'll be able to go into the sav folder and see your save data file still there; only this time, it's been injected with your edited save file! Copy the save data file (in my example it's the 0000000000000019 file) and go back to the NAND's A:\save folder. Once there paste and overwrite the save data file. After that's finished, go back to HacDiskMount and click Unmount, and close the Operations on USER window. Click File > Close, and then go to root\backup\XXxXXXXX on your microSD card. Move the rawnand.bin file into the restore folder.
Eject your microSD card from your computer, insert it back into your Switch, and go back to TegraRcmGUI if your Switch isn't still running the hekate payload. Inject the hekate payload while holding the volume down button on the Switch, but skip this step if hekate is still up and running on your Switch from when you made the NAND backup.
Go to Tools > Restore > Restore eMMC RAW GPP to restore the NAND we pasted our edited and signed save data file into. This, like the NAND backup process, will take some time to complete. Once it's done, though, you're all set! Start the game whose save data file(s) you edited, and see the results of your hard work!
Some notes:
As you can probably tell, this process isn't simple by any means. Due to this, and the amount of time it takes to just make a NAND backup and then restore it, I recommend you make a list of edits you'd like to do beforehand in order to make the most of this process each time you do it. To make future save edits, you will have to make another NAND backup again and repeat this process. With my 128gb microSD card, it takes roughly 30 minutes to make a backup, and roughly 30 minutes to restore a backup.
Thanks for checking out my tutorial! Let me know if it's helpful, and if anyone has anything they'd like to add to the tutorial, please send a PM my way or make a reply here with your recommendation!
Here are nearly all the resources I found while figuring all of this out for myself:
FAQ:
UPDATE: I am currently still not banned utilizing this method as of 1/16/2022!
THIS METHOD CURRENTLY WORKS WITH POKEMON SWORD AND SHIELD USING PKHEX AS WELL AS ANIMAL CROSSING: NEW HORIZONS USING NHSE
THANKS TO @Kaphotics FOR BOTH EDITORS
Hello! This tutorial will share how I managed to successfully edit my games' save data from OFW NAND and play them without any issue after restoring. When I initially began searching for info on how to do this, it wasn't as readily available as it could've been. Because of that, the process was not very easy to figure out; however, I hope this tutorial can be a useful "all-in-one" reference for anyone looking to do the same! If anything is unclear or missing, always feel free to reply below or send me a PM. Enjoy!
What you'll need:
- A Nintendo Switch system that has not been physically patched for the Fusee Gelee exploit (firmware version won't matter)
- Preferably a microSD card large enough to fit an entire NAND backup onto (I use a 128gb card) to save a TON of time
- A way to connect your Switch to your computer (I have a USB-C MacBook charging cable)
- A method of booting the Switch into RCM mode (I use a bent paperclip) which user @Technicmaster0 has a great list of here
- A Fusee Gelee payload exploit program like TegraRcmGUI (fusee-launcher for macOS/Linux)
- Lockpick_RCM for your Switch's console keys
- hekate for NAND backup and restoring
- HacDiskMount found here for mounting NAND backups
- hactoolnet found here for extracting/injecting editable save data (WARNING: hactoolnet v0.7.0 is BROKEN and will not consistently resign)
- A save editor(s) for the game(s) of your choice
- OPTIONAL: I don't use this myself, but if you prefer, you can use memloader to read the microSD card while your Switch is connected instead of taking the card out and inserting it into your computer (found here with a tutorial here)
Following this guide got me into the Switch hacking scene in the first place. I was curious and found it during a Google search, and I found it to be very helpful! It outlines how to boot your Switch into RCM mode, how to find out if your Switch can use the Fusee Gelee exploit for payloads, how to prepare your microSD card, and how to create a NAND backup (Safety Precautions page)! My advice is to follow this guide to the point where a NAND backup is created on your microSD card, as that's the point where this tutorial will begin. The backup process does take time. Always remember to hold the volume down button when injecting the hekate payload as well.
Something very important to ensure you include during this initial setup is the sept folder on your microSD card. It is included in the Kosmos Defaults ZIP build, and you must include everything within the sd folder from the ZIP build you download. This helps guarantee that you have the appropriate and correct prod.keys for successful save data signing. You likely cannot do this guide correctly without the sept folder on your microSD card.
Once a rawnand.bin (~30gb) has been created in the root\backup\XXxXXXXX folder of your microSD card utilizing hekate, you will also want to run the Lockpick_RCM payload via TegraRcmGUI in order to obtain all the console-specific keys you'll need. This will create a prod.keys file within the root\switch folder of your microSD card. Once you've successfully gotten your rawnand.bin NAND backup and prod.keys console keys file, you can proceed to your computer.
Take your microSD card from the Switch and insert it into your computer (or utilize memloader as mentioned above in the What you'll need section). CREATE A BACKUP OF YOUR RAWNAND.BIN AND BOOT0 AND BOOT1 FILES SOMEWHERE SAFE (you should have the two boot files if you followed the sdsetup guide mentioned at the start of this section). I cannot stress this enough. If something goes wrong, these will be what saves your system from becoming a brick.
Open HacDiskMount and select File > Open file, and then get to the rawnand.bin in the root\backup\XXxXXXXX folder and Open. Scroll all the way down until you find the USER partition and open it via double-click. At this point, you will need the specified BIS Key X indicated in the top-left corner of the Operations on USER window. For example: mine needed BIS Key 3, the Crypto (Upper) and Tweak (Lower) keys. To get those, go to the root of your microSD card, then the switch folder, and prod.keys should be located there. Right-click prod.keys and Open with Notepad. Locate the necessary key (in my case this was bis_key_03), and copy the first 32 characters, then paste them into the Crypto (Upper) field back in HacDiskMount (spaces will automatically populate every two characters), and then do the same thing for Tweak (Lower) except copy and paste the remaining 32 characters. Once done, press the Test button to make sure you've copied correctly, and then Save so you don't have to copy and paste every time later on.
Under the Virtual drive section of the Operations on USER window, click on the Install button to get the appropriate driver for mounting NAND backups. Once it's finished installing the driver, press Mount. After about 10 seconds or so, you can find your NAND has been mounted as drive A: on your computer. Its files can now be explored! Navigate to the A:\save folder. All of the files listed here are your games' save data files. They aren't easily discernible, so some trial and error is required for locating the right game save you want to edit. Here's a guide on a pretty great method for extracting all the data at once. I used this and then figured out Let's Go only has a file called savedata.bin, and FFX has ffx_00X files and a GameSettings file where X is the save slot in the game. Every game probably has its own distinguishing characteristics, so you might have to get creative in order to find out which save file is the game you want to edit for.
Once you know exactly which file in A:\save is the one of the game you want to edit, this is where hactoolnet comes in. I currently have individual hactoolnet folders for EVERY game whose saves I edit. You can come up with your own system, but to keep it organized, I have a main hactoolnet folder, and within that, folders of all the games I edit such as FFX hactoolnet and LGE hactoolnet. Then within each of those folders (FFX hactool for example), my setup looks as follows:
Notice the out and sav folders, the extract.bat and inject.bat, and the prod.keys files. These are all required for this to work properly if you follow my method. Everything else should come with the hactoolnet download in the What you'll need section. The extract.bat and inject.bat files will be edited via Notepad. To create them from scratch, right click in your hactoolnet folder window and go to New > Text Document and rename it appropriately. The files will contain the following:
extract.bat:
Code:
hactoolnet.exe -k prod.keys -t save sav/savefilename --outdir out/savefilename
pauseFor this example, my FFX save data file in A:\save is 0000000000000019, so my script would be:
Code:
hactoolnet.exe -k prod.keys -t save sav/0000000000000019 --outdir out/0000000000000019
pauseinject.bat:
Code:
hactoolnet.exe -k prod.keys -t save sav/savefilename --replacefile /savefile out/savefilename/savefile
pauseTo maintain the example, the FFX save data I want to edit is specifically the ffx_002 file WITHIN the 0000000000000019 save data file found in the NAND backup, so the script I use would be:
Code:
hactoolnet.exe -k prod.keys -t save sav/0000000000000019 --replacefile /ffx_002 out/0000000000000019/ffx_002
pauseprod.keys:
This is just your prod.keys file from earlier. Copy and paste it here from your microSD card root\switch folder.
Once this has been set up, we can run a test to make sure it works properly. Go back to A:\save and copy the save data file of the game you want to edit. Paste it in the sav folder in our hactoolnet setup. I also recommend making a backup somewhere safe just in case you wreck the save data. After that, run the extract.bat file. This will execute the script we wrote which extracts an editable save file from the save data in the sav folder, and then place it in the out folder. The resulting command prompt window should look similar to this to indicate success (sensitive data removed):
...\Desktop\Switch\hactoolnet\FFX hactoolnet>hactoolnet.exe -k prod.keys -t save sav/0000000000000019 --outdir out/0000000000000019
Failed to match key eticket_rsa_kek_source
Failed to match key eticket_rsa_kekek_source
Failed to match key rsa_oaep_kek_generation_source
Failed to match key rsa_private_kek_generation_source
Failed to match key ssl_rsa_kek_source_x
Failed to match key ssl_rsa_kek_source_y
/ffx_002
/ffx_001
/GameSettings
Savefile:
CMAC Signature (GOOD):
Title ID:
User ID:
Save ID:
Save Type:
Owner ID:
Timestamp:
Save Data Size:
Journal Size:
Free Space:
Header Hash (GOOD):
Number of Files:
Magic:
Version:
Salt Seed:
Level 0:
Data Offset:
Data Size:
Hash Offset:
Hash BlockSize:
Level 1:
Data Offset:
Data Size:
Hash Offset:
Hash BlockSize:
Level 2:
Data Offset:
Data Size:
Hash Offset:
Hash BlockSize:
Level 3:
Data Offset:
Data Size:
Hash Offset:
Hash BlockSize:
...\Desktop\Switch\hactoolnet\FFX hactoolnet>pause
Press any key to continue . . .
Failed to match key eticket_rsa_kek_source
Failed to match key eticket_rsa_kekek_source
Failed to match key rsa_oaep_kek_generation_source
Failed to match key rsa_private_kek_generation_source
Failed to match key ssl_rsa_kek_source_x
Failed to match key ssl_rsa_kek_source_y
/ffx_002
/ffx_001
/GameSettings
Savefile:
CMAC Signature (GOOD):
Title ID:
User ID:
Save ID:
Save Type:
Owner ID:
Timestamp:
Save Data Size:
Journal Size:
Free Space:
Header Hash (GOOD):
Number of Files:
Magic:
Version:
Salt Seed:
Level 0:
Data Offset:
Data Size:
Hash Offset:
Hash BlockSize:
Level 1:
Data Offset:
Data Size:
Hash Offset:
Hash BlockSize:
Level 2:
Data Offset:
Data Size:
Hash Offset:
Hash BlockSize:
Level 3:
Data Offset:
Data Size:
Hash Offset:
Hash BlockSize:
...\Desktop\Switch\hactoolnet\FFX hactoolnet>pause
Press any key to continue . . .
After you get a successful extraction, head into the out folder. There you will now see a folder with the same name as the save data file we took from the NAND's A:\save folder. For me, the folder was 0000000000000019. When I go into that folder, I can see my ffx_002, ffx_001, and GameSettings files. These are the editable save files at this point. If a save editor exists for your game, you'll want to open these files with that program now and make your changes. I will stick to editing just my ffx_002 file in this instance as that's what's outlined in my inject.bat script.
Once I'm finished making my changes, I overwrite the ffx_002 file and save it. I am now ready to inject it back into the 0000000000000019 file in the sav folder. To do so, all I have to do at this point is run the inject.bat file. This will replace the ffx_002 file inside the 0000000000000019 file and sign the save correctly. Again, the resulting command prompt window should look similar to this to indicate success:
...\Desktop\Switch\hactoolnet\FFX hactoolnet>hactoolnet.exe -k prod.keys -t save sav/0000000000000019 --replacefile /ffx_002 out/0000000000000019/ffx_002
Failed to match key eticket_rsa_kek_source
Failed to match key eticket_rsa_kekek_source
Failed to match key rsa_oaep_kek_generation_source
Failed to match key rsa_private_kek_generation_source
Failed to match key ssl_rsa_kek_source_x
Failed to match key ssl_rsa_kek_source_y
Replaced file /ffx_002
Successfully signed save file
...\Desktop\Switch\hactoolnet\FFX hactoolnet>pause
Press any key to continue . . .
Failed to match key eticket_rsa_kek_source
Failed to match key eticket_rsa_kekek_source
Failed to match key rsa_oaep_kek_generation_source
Failed to match key rsa_private_kek_generation_source
Failed to match key ssl_rsa_kek_source_x
Failed to match key ssl_rsa_kek_source_y
Replaced file /ffx_002
Successfully signed save file
...\Desktop\Switch\hactoolnet\FFX hactoolnet>pause
Press any key to continue . . .
In order to successfully inject and sign save data correctly for a game like Animal Crossing: New Horizons, you must use the repack function as opposed to the replacefile function. The extract.bat is the same, but here is the appropriate inject.bat:
Code:
hactoolnet.exe -k prod.keys -t save sav/00000000000000xx --repack out/00000000000000xx
pauseOnce the inject.bat is finished, you'll be able to go into the sav folder and see your save data file still there; only this time, it's been injected with your edited save file! Copy the save data file (in my example it's the 0000000000000019 file) and go back to the NAND's A:\save folder. Once there paste and overwrite the save data file. After that's finished, go back to HacDiskMount and click Unmount, and close the Operations on USER window. Click File > Close, and then go to root\backup\XXxXXXXX on your microSD card. Move the rawnand.bin file into the restore folder.
Eject your microSD card from your computer, insert it back into your Switch, and go back to TegraRcmGUI if your Switch isn't still running the hekate payload. Inject the hekate payload while holding the volume down button on the Switch, but skip this step if hekate is still up and running on your Switch from when you made the NAND backup.
Go to Tools > Restore > Restore eMMC RAW GPP to restore the NAND we pasted our edited and signed save data file into. This, like the NAND backup process, will take some time to complete. Once it's done, though, you're all set! Start the game whose save data file(s) you edited, and see the results of your hard work!
Some notes:
As you can probably tell, this process isn't simple by any means. Due to this, and the amount of time it takes to just make a NAND backup and then restore it, I recommend you make a list of edits you'd like to do beforehand in order to make the most of this process each time you do it. To make future save edits, you will have to make another NAND backup again and repeat this process. With my 128gb microSD card, it takes roughly 30 minutes to make a backup, and roughly 30 minutes to restore a backup.
Thanks for checking out my tutorial! Let me know if it's helpful, and if anyone has anything they'd like to add to the tutorial, please send a PM my way or make a reply here with your recommendation!
Here are nearly all the resources I found while figuring all of this out for myself:
NAND and boots backup tutorial: https://switch.homebrew.guide/hacking/fuseegelee/safetyprecautions
Info on save file extracting: https://gbatemp.net/threads/safest-...witch-to-a-hacked-switch.536619/#post-8603706
Info on key loading: https://gbatemp.net/threads/anyone-...data-extracting-pls-help.534451/#post-8568492
Info on extraction & injection process: https://gbatemp.net/threads/libhac-hactoolnet-v0-1-3.521599/#post-8431352
Info on signing save data: https://github.com/Thealexbarney/LibHac/issues/19
NAND and boots restore tutorial: https://nh-server.github.io/switch-guide/extras/nandrestore/
Info on key files: https://github.com/Thealexbarney/LibHac/blob/master/KEYS.md
Info on save file extracting: https://gbatemp.net/threads/safest-...witch-to-a-hacked-switch.536619/#post-8603706
Info on key loading: https://gbatemp.net/threads/anyone-...data-extracting-pls-help.534451/#post-8568492
Info on extraction & injection process: https://gbatemp.net/threads/libhac-hactoolnet-v0-1-3.521599/#post-8431352
Info on signing save data: https://github.com/Thealexbarney/LibHac/issues/19
NAND and boots restore tutorial: https://nh-server.github.io/switch-guide/extras/nandrestore/
Info on key files: https://github.com/Thealexbarney/LibHac/blob/master/KEYS.md
FAQ:
Unfortunately, you need a Switch specifically susceptible to the Fusee Gelee exploit. Until a new exploit is discovered on newer consoles, this can only be done on consoles manufactured prior to Nintendo's hardware patching. Refer above in this guide to What you'll need.
You can, however, use the official save file transfer service Nintendo implemented in a firmware update to move save data from older, exploitable consoles to newer ones.
You can, however, use the official save file transfer service Nintendo implemented in a firmware update to move save data from older, exploitable consoles to newer ones.
Of course! I am myself taking a risk by doing this, but I understand that the risk is spectacularly low with this specific method. As long as you aren't making outrageous edits, you should be fine. That is the entire reason I drummed up this tutorial is to provide a ridiculously safe method outside the realm of CFW. Do NOT do this if you are uncomfortable with the process or its potential consequences.
Absolutely. But using CFW is naturally riskier than this method. If you have a safe way of doing so and are comfortable, more power to you! I personally do not wish to dabble in CFW on my main, clean Switch.
Yes! As long as the clean Switch is exploitable via Fusee Gelee, you can put save files onto its NAND from a CFW Switch, and, of course, vice versa. Just make sure you've played the game on the receiving console so there is save data to replace.
Sure! Make sure the console you're injecting the external save into has played the game at least once so you have something to replace. Crossing user profiles does not matter.
If your microSD card is not large enough to have your entire NAND on it, it was probably broken up into many bin files. To create your single NAND file with them, go to this releases page for hekate and find and download the latest joiner_scripts_for_windows_linux_macos.zip file. Make sure to move the appropriate bat file to your folder with all your NAND bin files. If you have 15 bin files, run the join_15_2GBparts_windows.bat file. If 30, run the join_30_1GBparts_windows.bat file.
Likely because you forgot to include the sept folder when generating your prod.keys console file. Refer above early on to The process.
Don't be concerned. In more recent releases of hactoolnet, the dll files were embedded, so you won't see them in your hactoolnet folder.
Yes, but it's slightly riskier since there's not a backup every time. When you have TegraRcmGUI open with your Switch connected in RCM mode, go to the Tools tab and select "eMMC rawNAND (DANGEROUS)" from the drop down menu, and click the USB icon button to the left. This will allow you to then use HacDiskMount normally as stated above under The process. This directly mounts and edits the NAND without a backup, so please do this at your own risk and only if you know exactly what you're doing.
I have only tried this on Windows, so I really don't know. Sorry!
Last edited by kimbra,
