Toggle sidebar

Hacking Firmware status

  • Thread starter Thread starter PolloDiablo
  • Start date Start date
  • Views Views 507,112
  • Replies Replies 493
  • Likes Likes 99
masterzed said:
hi all, iam on fw 2.3 can i update to 3,01 or is it better to stay? i
Click to expand...

Lacius said:
A method of launching CFW through the browser on 4.1.0 exists privately, but it is unlikely to be released anytime soon for various reasons. In other words, systems on 3.0.1 and higher will probably require a jig and/or AutoRCM to launch CFW for a very long time. An untethered software exploit for launching CFW on 1.0.0-3.0.0 also exists privately, but it's likely to be released far sooner.

Buying a cheap jig or making one out of a paperclip isn't very difficult. If you're content with your device being tethered on each coldboot, you also only need a jig one time to install AutoRCM.

If you're content with using AutoRCM, you can also upgrade to 5.1.0 without burning any efuses and preserving a downgrade path back to 3.0.1.
Click to expand...
I should also add that if you update to 5.1 with the intention of returning to 3.0.1, you will lose the ability to play cartridges on firmwares below 4.0
 
@Nah3DS It might be worth updating OP to let users know if they have a Switch with a 4.1 firmware and their serial number is XAJ40043XXXXXX or higher that it is no longer vulnerable to Fusee Gelee aka the bootrom exploit so it is highly recommended for these users to not update in order to keep their Switches as hackable as possible
 
Last edited by Draxzelex,
  • Like
Reactions: PolloDiablo
Draxzelex said:
@Nah3DS It might be worth updating OP to let users know if they have a Switch with a 4.1 firmware and their serial number is XAJ4004XXXXXXX or higher that it is no longer vulnerable to Fusee Gelee aka the bootrom exploit so it is highly recommended for these users to not update in order to keep their Switches as hackable as possible
Click to expand...
Yes Draxzelex, I was waiting for confirmation on a way to differentiate these new units.

So XAJ4004 is the limit. What about XAW? (iirc those are the american ones)
 
Nah3DS said:
Yes Draxzelex, I was waiting for confirmation on a way to differentiate these new units.

So XAJ4004 is the limit. What about XAW? (iirc those are the american ones)
Click to expand...
That's the issue, we only have reports so far from users in China meaning they bought Japanese Switch units. Nobody else has reported any Switch units with the exploit patched with other serial numbers or in regions outside Asia, at the very least. I'll keep monitoring the situation myself but I just thought it might be a good idea to get the word out especially in the pinned threads. I don't know how well the serial numbers compare region to region, but it may be identified in a similar fashion so everyone, not just those in Asia, can take extra caution when buying a new Switch or updating regardless of their region.
 
Draxzelex said:
That's the issue, we only have reports so far from users in China meaning they bought Japanese Switch units. Nobody else has reported any Switch units with the exploit patched with other serial numbers or in regions outside Asia, at the very least. I'll keep monitoring the situation myself but I just thought it might be a good idea to get the word out especially in the pinned threads. I don't know how well the serial numbers compare region to region, but it may be identified in a similar fashion so everyone, not just those in Asia, can take extra caution when buying a new Switch or updating regardless of their region.
Click to expand...
Thanks for the help Draxzelex.
I did a quick update to the OP. I believe Deja Vu still works on these units... let me know if the wording is ok to you.
 
  • Like
Reactions: Draxzelex
Nah3DS said:
Thanks for the help Draxzelex.
I did a quick update to the OP. I believe Deja Vu still works on these units... let me know if the wording is ok to you.
Click to expand...
Looking good. Also, this is somewhat related and is totally up to you but you can swap out using the word softmod when you're referring to Deja Vu and say something such as loading a webpage or similar to the way you load the exploit for the PS4. Again, you don't have to but it might be a nice distinction for some people to understand better the differences between the exploits. Regardless, everything is looking good!
 
Draxzelex said:
That's the issue, we only have reports so far from users in China meaning they bought Japanese Switch units. Nobody else has reported any Switch units with the exploit patched with other serial numbers or in regions outside Asia, at the very least. I'll keep monitoring the situation myself but I just thought it might be a good idea to get the word out especially in the pinned threads. I don't know how well the serial numbers compare region to region, but it may be identified in a similar fashion so everyone, not just those in Asia, can take extra caution when buying a new Switch or updating regardless of their region.
Click to expand...
from that thread, now we have one from west too, XAWX006, we need the exact cut off for west too
 
  • Like
Reactions: PolloDiablo and Draxzelex
Bought one too days ago, just arrived:
Firmware: 4.0.1
Serial: XAJ70031

I still do not have an USB C cable nor TX, so I can't say if I can launch the payload, but since it's on 4.0.1 should be good.
 
Draxzelex said:
Looking good. Also, this is somewhat related and is totally up to you but you can swap out using the word softmod when you're referring to Deja Vu and say something such as loading a webpage or similar to the way you load the exploit for the PS4. Again, you don't have to but it might be a nice distinction for some people to understand better the differences between the exploits. Regardless, everything is looking good!
Click to expand...
I will do a new chart when we have more info about these new Switch units.
If I need any help, I will send you a pm. [emoji6]
 
  • Like
Reactions: Draxzelex
Draxzelex said:
@Nah3DS It might be worth updating OP to let users know if they have a Switch with a 4.1 firmware and their serial number is XAJ4004XXXXXXX or higher that it is no longer vulnerable to Fusee Gelee aka the bootrom exploit so it is highly recommended for these users to not update in order to keep their Switches as hackable as possible
Click to expand...

Not sure how accurate that is. That serial has been in the wild since at least March

Edit:

I have a XAJ4004XXXXXXX unit that I have no problem getting into RCM and running Hekate 3.2
 
Last edited by mr_saturn,
mr_saturn said:
Not sure how accurate that is. That serial has been in the wild since at least March

Edit:

I have a XAJ4004XXXXXXX unit that I have no problem getting into RCM and running Hekate 3.2
Click to expand...
Yeah it turns out that you need an XAJX40043 for it to be patched. Sorry I didn't update the original post but the information is still being gathered and this is the preliminary data based on the user reports.
 
Draxzelex said:
Yeah it turns out that you need an XAJX40043 for it to be patched. Sorry I didn't update the original post but the information is still being gathered and this is the preliminary data based on the user reports.
Click to expand...

I have XAJX40044, I hope this isn't an elaborate scheme to get me to post my full serial # :ph34r:
 
  • Like
Reactions: Draxzelex
Hi guys. I just purchased a 2nd Switch and my S/N starts with XAW100857XXXXX
FW: 4.1.0

Since I have my other Switch with TX OS. I figured I'll sit tight before installing any CFW or setup the new Switch.

So I used TegraRcmGUI 2.0 to see if the software detected the Switch and it did. It says "RCM DETECTED" but no text on the Switch Screen. I don't have an SD Card installed in the Switch. I just took it out of the box to check the OFW under "Maintnance Mode" and to see if TegraRcmGUI would detect it...

Does this mean that the Switch is patch free and be able to handle CFW on it whenever I'm ready to install?

I'm pretty sure the Switch is not patched because of the RCM being detected by TegraRcmGUI, but I rather get a second opinion...
Thx in Adv.
 
Last edited by SoCALCat,
SoCALCat said:
I'm pretty sure the Switch is not patched because of the RCM being detected by TegraRcmGUI, but I rather get a second opinion...
Thx in Adv.
Click to expand...

So I think the patches ones don't have a problem getting to recovery mode (rcm) but they are patched so you can't send payloads. So the way to test is to try and push a payload to see if it goes through. I tested mine by checking my bis keys
 
Just want to bring this to your attention

It is XAJ70043xxxx that has been patched.

It is not XAJ4004xxxx according to my knowledge.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Dusk for switch (TLoZ Twilight Princess port)

Homebrew  New Homebrew "Foil Server"?

Homebrew  Full List of N64 Recompilation Switch ports

Hacking  WiFi chip failing and can't boot. is it possible to enable Airplane Mode by editing system save files directly?

Homebrew Tutorial Translation Project  CS2SX — Write Nintendo Switch Homebrew in C#

Is it fixable

Homebrew  Sonic Unleashed Recompiled (Homebrew Port)

Hacking Emulation  Switch Prod Keys downloading from sites okay?