Homebrew WIP nxdumptool - Nintendo Switch Dump Tool

DarkMatterCore

Finding my light.
OP
Developer
Joined
May 30, 2009
Messages
1,292
Trophies
1
Age
28
Location
Madrid, Spain
Website
github.com
XP
2,602
Country
Spain
Quoting myself from another thread:

Error 0x32002 means "permission denied". It also pops up in my application when trying to get an IStorage interface with a previously opened gamecard handle under FW < 4.0.0. I'm looking into it right now.

Which method are you guys using to load NRO binaries? I'm not aware if there's a Hekate version that's compatible with 3.0.X, but it may have something to do with that.

I'm on 5.0.2, using the Hekate mod made by @CTCaer. I never had the chance to use PegaSwitch since I got late to the party.

I've been trying to get around this in the last few hours by porting a privilege escalation procedure used by @Ac_K in this PegaSwitch script to libNX, but I couldn't get it to work.

I'll try to fix this in the next days, but for the time being, I'd like to know if the application works under FW < 4.0.0 using Hekate.

Nonetheless, I want to thank @SAKyle and @MonMonz for doing many tests for me. I really appreciate it.
______________________

I just released v1.0.2 to fix a silly bug in the file splitting code I hadn't noticed before. It should now be able to generate dumps identical to the dumps released by BBB (except for the additional 0xFF padding they don't have).

On a second note, I'm pretty much sure the cartridge contents are encrypted, but the IStorage interface returns a decrypted buffer. Do any of you know what kind of crypto is in place? It's probably a lot for me, but I want to aim to 1:1 dumps whenever possible.

Testers for type 0x02 gamecards and/or pull requests are still welcome.
 
  • Like
Reactions: SAKyle and MonMonz

DarkMatterCore

Finding my light.
OP
Developer
Joined
May 30, 2009
Messages
1,292
Trophies
1
Age
28
Location
Madrid, Spain
Website
github.com
XP
2,602
Country
Spain
Would love to see a way to create a nsp out of an cartridge with a valid ticket.
But I don't think this will happen any time soon (or ever).

Creating the NSP, maybe. But the fact that it must have both a valid ticket and a valid cert makes things difficult. I assume they also use some kind of crypto I'm not aware of.
 

PatrickD85

Well-Known Member
Member
Joined
Jul 4, 2012
Messages
918
Trophies
1
Age
38
Location
in front of a screen...
Website
www.nintendoreporters.com
XP
2,064
Country
Netherlands
@AnalogMan
Sure no problem but that will probably be somewhere weekend that I can test it. A bit on the go as we speak.
And I still have to transfer my personal XCIs to a HDD, I want to also looking into trimming soon ... even 400GB SDXC get full eventually ;)
Will report back soon!
 

DarkMatterCore

Finding my light.
OP
Developer
Joined
May 30, 2009
Messages
1,292
Trophies
1
Age
28
Location
Madrid, Spain
Website
github.com
XP
2,602
Country
Spain
@AnalogMan
Sure no problem but that will probably be somewhere weekend that I can test it. A bit on the go as we speak.
And I still have to transfer my personal XCIs to a HDD, I want to also looking into trimming soon ... even 400GB SDXC get full eventually ;)
Will report back soon!

Thanks for your help, really! If it isnt't too much to ask, make sure to take a screenshot while you're creating the XCI dump (without cert). You'll need the XCI dump size from that screenshot to perform the CRC32 calculation because BBB dumps are not 0xFF padded.
 
Last edited by DarkMatterCore,

Hking0036

Well-Known Member
Member
Joined
Sep 15, 2015
Messages
498
Trophies
0
XP
1,341
Country
United States
Thanks for your help, really! If it isnt't too much to ask, make sure to take a screenshot while you're creating the XCI dump (without cert). You'll need the XCI dump size from that screenshot to perform the CRC32 calculation because BBB dumps are not 0xFF padded.
Hey, just wanted to drop in and say that they do come padded, but the majority of dumps flying around right now have that clipped off. You can re-pad them using XCI-Cutter, though.
The fastest way to compare hashes would just to be to go look them up from a database, however.

Thanks for the work!
 
Last edited by Hking0036,
  • Like
Reactions: DarkMatterCore

DarkMatterCore

Finding my light.
OP
Developer
Joined
May 30, 2009
Messages
1,292
Trophies
1
Age
28
Location
Madrid, Spain
Website
github.com
XP
2,602
Country
Spain
Hey, just wanted to drop in and say that they do come padded, but the majority of dumps flying around right now have that clipped off. You can re-pad them using XCI-Cutter, though.
The fastest way to compare hashes would just to be to go look them up from a database, however.

Thanks for the work!

Good to know, thanks. I'll add that to the first post.

What I really meant is that the 0xFF padding they have doesn't take up the whole cartridge size (e.g. 7.44 GiB vs 8 GiB for Super Mario Odyssey).
 

Hking0036

Well-Known Member
Member
Joined
Sep 15, 2015
Messages
498
Trophies
0
XP
1,341
Country
United States
Good to know, thanks. I'll add that to the first post.

What I really meant is that the 0xFF padding they have doesn't take up the whole cartridge size (e.g. 7.44 GiB vs 8 GiB for Super Mario Odyssey).
Correct me if I'm wrong, but I believe the ROM size for the carts is in GB and not GiB so it would be correct for the final dump to come out to around that.
 

PatrickD85

Well-Known Member
Member
Joined
Jul 4, 2012
Messages
918
Trophies
1
Age
38
Location
in front of a screen...
Website
www.nintendoreporters.com
XP
2,064
Country
Netherlands
Thanks for your help, really! If it isnt't too much to ask, make sure to take a screenshot while you're creating the XCI dump (without cert). You'll need the XCI dump size from that screenshot to perform the CRC32 calculation because BBB dumps are not 0xFF padded.

No problem if I can help in any way ... sure.
In a quick search I did not find the BBB release on usenet. (not asking for it btw as I am not into the nsw scene releases)
But basically what you guys need is a check if the CRC equals; 0B37BC97 ? (online database notes that as the imgcrc)
 

Hking0036

Well-Known Member
Member
Joined
Sep 15, 2015
Messages
498
Trophies
0
XP
1,341
Country
United States
No problem if I can help in any way ... sure.
In a quick search I did not find the BBB release on usenet. (not asking for it btw as I am not into the nsw scene releases)
But basically what you guys need is a check if the CRC equals; 0B37BC97 ? (online database notes that as the imgcrc)
Yes, you need to check and make sure that the crc of the game matches that. If not, then it's not a good dump (or it includes your cert, which you can blank out).
 

DarkMatterCore

Finding my light.
OP
Developer
Joined
May 30, 2009
Messages
1,292
Trophies
1
Age
28
Location
Madrid, Spain
Website
github.com
XP
2,602
Country
Spain
Correct me if I'm wrong, but I believe the ROM size for the carts is in GB and not GiB so it would be correct for the final dump to come out to around that.

It's expressed in GiB. There's a byte in the gamecard header that indicates the storage size. The dump size is incomplete because the application only dumps the range covered by the two IStorage interfaces available for every gamecard, which are concatenated in the dump process (but their combined size never takes up all that space).

Historically speaking, this is a pretty common thing with ROM images.

Is the current release the one you need tested with type 2 game cards? I could test and get you the CRC in the next hour or so..

Yes, it is. Thanks a lot, I really appreciate it.

No problem if I can help in any way ... sure.
In a quick search I did not find the BBB release on usenet. (not asking for it btw as I am not into the nsw scene releases)
But basically what you guys need is a check if the CRC equals; 0B37BC97 ? (online database notes that as the imgcrc)

You're right. Just make sure you calculate the CRC32 hash over the XCI dump size displayed on that screen and not over the whole file. Worked fine for me using Super Mario Odyssey.

I'll just probably make the additional padding a configurable option.
 
  • Like
Reactions: Hking0036

cubex

Member
Newcomer
Joined
Jun 23, 2007
Messages
17
Trophies
0
XP
207
Country
Canada
I dumped my copy of Minecraft (0100D71004694000) this morning, my CRC32 ended up being 753F2AD5 vs 262EC0D2 for the BBB release. Also, on my dump the XCI file size is 2,048.00 MB and the cartridge size is 1,904.00 MB while both the XCI file size and cartridge size is 1,904.00 MB on the BBB release.

Z8ENAsQ.jpg

gd1fcyj.jpg

EuDuoEl.png
 
Last edited by cubex,

Drejj

Well-Known Member
Newcomer
Joined
Dec 31, 2006
Messages
55
Trophies
1
XP
491
Country
Last edited by Drejj,

Hking0036

Well-Known Member
Member
Joined
Sep 15, 2015
Messages
498
Trophies
0
XP
1,341
Country
United States
I dumped my copy of Minecraft (0100D71004694000) this morning, my CRC32 ended up being 753F2AD5 vs 262EC0D2 for the BBB release. Also, on my dump the XCI file size is 2,048.00 MB and the cartridge size is 1,904.00 MB while both the XCI file size and cartridge size is 1,904.00 MB on the BBB release.

Z8ENAsQ.jpg

gd1fcyj.jpg

EuDuoEl.png
Cut and then un-cut your file with XCI-Cutter to get a file that (hopefully) matches the Scene release, if Card2 is working! Double check that your cert is not included, as well.
 
Last edited by Hking0036,

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
    LeoTCK @ LeoTCK: yes for nearly a month i was officially a wanted fugitive, until yesterday when it ended