Hacking Question How does the SX Core work?

lowikian

Member
OP
Newcomer
Joined
Aug 1, 2021
Messages
11
Trophies
0
XP
39
Country
Germany
In theory since there is already a open source firmware, could we not just make some files to build a pcb
 

Arakon

Well-Known Member
Member
Joined
Apr 24, 2008
Messages
360
Trophies
0
XP
447
Country
Gambia, The
The "open source firmware" is just what runs once the chip did its glitching thing. What is not known is HOW it glitches the console into running that firmware.
 
Last edited by Arakon,

CompSciOrBust

E tier homebrew dev
Member
Joined
Sep 9, 2019
Messages
513
Trophies
0
XP
1,476
Country
United Kingdom
The "open source firmware" is just what runs once the chip did its glitching thing. What is not known is HOW it glitches the console into running that firmware.
It's a fault injection attack that glitches the BCT check in the X1's boot rom. TX write a custom bct generated with the tools intended for Jetson development board, writes it to the nand, then rapidly drops and increases the voltage to the CPU just long enough so it skips over a branch but short enough that it doesn't crash the console. The Xbox 360 RGH worked in a similar way. Nvidia has mitigations in other parts of the boot rom for this type of attack but forgot it in the most important part, which is the BCT check.
 

Seelenamt

Member
Newcomer
Joined
Feb 9, 2017
Messages
9
Trophies
0
XP
34
Country
United States
The bitstream on the FPGA is the issue.
Once we figure this out, we can produce DIY clones.
If you have one on hand, hook a LA to it and look what it does, maybe you can reverse it.
Surely if it were as simple as just hooking a logic analyzer up to one someone would've already done it (and publicly posted the results), right?


[very nice explanation]
What I don't understand (at least based on this explanation) is the why there doesn't appear to be a DIY project available.

Is the custom boot configuration table console-specific? Does generating it require some unknown information? Is it some sort of timing issue with the voltage spikes or injection? Are people who know how to work with FPGAs just that rare? Is everyone just afraid that Nintendo will C&D, DMCA, or SLAPP their project out of existence (because of some of nintendo's IP is present, or because nintendo is not afraid of legal threats on dubious grounds)?

Don't get it twisted; I hardly know what I'm talking about here and I haven't been keeping up much; but I don't understand how there aren't DIY ones yet unless there is some specific information TX (and the new clones) had/have that the general public still does not.

It still burns my ass that I didn't get an SX Core while it was available- and the clones are overpriced and apparently poor quality. like ffs I would be using stuff like homebrew tools and emulators for games that I no shit legally own and have dumped myself.
Of course, everyone says that though.
 
Last edited by Seelenamt,

CompSciOrBust

E tier homebrew dev
Member
Joined
Sep 9, 2019
Messages
513
Trophies
0
XP
1,476
Country
United Kingdom
Surely if it were as simple as just hooking a logic analyzer up to one someone would've already done it (and publicly posted the results), right?
I know someone who was trying to get the FPGA code. Apparently it's not as easy as just connecting a logic analyser. I have only a very basic understanding of electrical engineering though so I don't know why. Apparently the hwfly people just made their own FPGA firmware instead of trying to copy TX's.

What I don't understand (at least based on this explanation) is the why there doesn't appear to be a DIY project available.

Is the custom boot configuration table console-specific? Does generating it require some unknown information? Is it some sort of timing issue with the voltage spikes or injection? Are people who know how to work with FPGAs just that rare? Is everyone just afraid that Nintendo will C&D, DMCA, or SLAPP their project out of existence (because of some of nintendo's IP is present, or because nintendo is not afraid of legal threats on dubious grounds)?

Don't get it twisted; I hardly know what I'm talking about here and I haven't been keeping up much; but I don't understand how there aren't DIY ones yet unless there is some specific information TX (and the new clones) had/have that the general public still does not.

It still burns my ass that I didn't get an SX Core while it was available- and the clones are overpriced and apparently poor quality. like ffs I would be using stuff like homebrew tools and emulators for games that I no shit legally own and have dumped myself.
Of course, everyone says that though.
The files to produce your own hardware are floating about on the internet but without the FPGA firmware it's completely useless.
If / when that is made public we'll probably see cheaper clones available.

Slightly off topic but I've been told that the reason the original chips were priced the way were was to to make any attempts to clone them unprofitable as undercutting TX wouldn't make any money and if given the choice between a clone and the original at the same price why not get the original? Of course the supply of TX chips drying up makes it profitable to clone and then sell at a higher price point.
 
  • Like
Reactions: FR0ZN

MasterJ360

Well-Known Member
Member
Joined
Jan 10, 2016
Messages
2,411
Trophies
1
Age
33
XP
2,457
Country
United States
Does anyone know the reason current clones are failing/poor quality?
Thats just the nature of clones they are never better than the original it was the same for 3ds flashcarts and they all had timebomb codes that would make them stop working overtime
 

Boydy86

Well-Known Member
Member
Joined
Jun 3, 2019
Messages
107
Trophies
0
Age
35
XP
268
Country
United Kingdom
Thats just the nature of clones they are never better than the original it was the same for 3ds flashcarts and they all had timebomb codes that would make them stop working overtime
Any clone products I have ever known utilize components of lesser quality, purely to reduce cost. What would be the point in saving a few dollars in build cost if you are selling them for $200?
 

MasterJ360

Well-Known Member
Member
Joined
Jan 10, 2016
Messages
2,411
Trophies
1
Age
33
XP
2,457
Country
United States
Any clone products I have ever known utilize components of lesser quality, purely to reduce cost. What would be the point in saving a few dollars in build cost if you are selling them for $200?
Well cheaper quality = higher failure rates. Thats something you have to take in consideration when buying a clone. The sxos chip clones were made to continue the distribution, but b/c the demand for them are so high and with the covid situation ongoing the prices will be too.
 

Hayato213

( -_・) ︻デ═一' * (/❛o❛)/
Member
Joined
Dec 26, 2015
Messages
10,732
Trophies
1
Location
Vector Industry
XP
5,676
Country
United States
Any clone products I have ever known utilize components of lesser quality, purely to reduce cost. What would be the point in saving a few dollars in build cost if you are selling them for $200?

You can't control something that is in high demand and low supply due to Nintendo going after team xecuter, sx lite and sx core was priced $45.95 USD, that $200 price is just people scalping the price, not the msrp price.
 
General chit-chat
Help Users
  • No one is chatting at the moment.
    Psionic Roshambo @ Psionic Roshambo: I hear if you talk too much you have to cut off a finger... What parts do you cut off for other...