Hacking Question How does the SX Core work?

Arakon

Well-Known Member
Member
Joined
Apr 24, 2008
Messages
445
Trophies
1
XP
1,022
Country
Gambia, The
The "open source firmware" is just what runs once the chip did its glitching thing. What is not known is HOW it glitches the console into running that firmware.
 
Last edited by Arakon,
Joined
Sep 9, 2019
Messages
904
Trophies
1
Location
Switch scene
Website
github.com
XP
2,663
Country
Korea, North
The "open source firmware" is just what runs once the chip did its glitching thing. What is not known is HOW it glitches the console into running that firmware.
It's a fault injection attack that glitches the BCT check in the X1's boot rom. TX write a custom bct generated with the tools intended for Jetson development board, writes it to the nand, then rapidly drops and increases the voltage to the CPU just long enough so it skips over a branch but short enough that it doesn't crash the console. The Xbox 360 RGH worked in a similar way. Nvidia has mitigations in other parts of the boot rom for this type of attack but forgot it in the most important part, which is the BCT check.
 

Seelenamt

Member
Newcomer
Joined
Feb 9, 2017
Messages
10
Trophies
0
XP
66
Country
United States
The bitstream on the FPGA is the issue.
Once we figure this out, we can produce DIY clones.
If you have one on hand, hook a LA to it and look what it does, maybe you can reverse it.
Surely if it were as simple as just hooking a logic analyzer up to one someone would've already done it (and publicly posted the results), right?


[very nice explanation]
What I don't understand (at least based on this explanation) is the why there doesn't appear to be a DIY project available.

Is the custom boot configuration table console-specific? Does generating it require some unknown information? Is it some sort of timing issue with the voltage spikes or injection? Are people who know how to work with FPGAs just that rare? Is everyone just afraid that Nintendo will C&D, DMCA, or SLAPP their project out of existence (because of some of nintendo's IP is present, or because nintendo is not afraid of legal threats on dubious grounds)?

Don't get it twisted; I hardly know what I'm talking about here and I haven't been keeping up much; but I don't understand how there aren't DIY ones yet unless there is some specific information TX (and the new clones) had/have that the general public still does not.

It still burns my ass that I didn't get an SX Core while it was available- and the clones are overpriced and apparently poor quality. like ffs I would be using stuff like homebrew tools and emulators for games that I no shit legally own and have dumped myself.
Of course, everyone says that though.
 
Last edited by Seelenamt,
Joined
Sep 9, 2019
Messages
904
Trophies
1
Location
Switch scene
Website
github.com
XP
2,663
Country
Korea, North
Surely if it were as simple as just hooking a logic analyzer up to one someone would've already done it (and publicly posted the results), right?
I know someone who was trying to get the FPGA code. Apparently it's not as easy as just connecting a logic analyser. I have only a very basic understanding of electrical engineering though so I don't know why. Apparently the hwfly people just made their own FPGA firmware instead of trying to copy TX's.

What I don't understand (at least based on this explanation) is the why there doesn't appear to be a DIY project available.

Is the custom boot configuration table console-specific? Does generating it require some unknown information? Is it some sort of timing issue with the voltage spikes or injection? Are people who know how to work with FPGAs just that rare? Is everyone just afraid that Nintendo will C&D, DMCA, or SLAPP their project out of existence (because of some of nintendo's IP is present, or because nintendo is not afraid of legal threats on dubious grounds)?

Don't get it twisted; I hardly know what I'm talking about here and I haven't been keeping up much; but I don't understand how there aren't DIY ones yet unless there is some specific information TX (and the new clones) had/have that the general public still does not.

It still burns my ass that I didn't get an SX Core while it was available- and the clones are overpriced and apparently poor quality. like ffs I would be using stuff like homebrew tools and emulators for games that I no shit legally own and have dumped myself.
Of course, everyone says that though.
The files to produce your own hardware are floating about on the internet but without the FPGA firmware it's completely useless.
If / when that is made public we'll probably see cheaper clones available.

Slightly off topic but I've been told that the reason the original chips were priced the way were was to to make any attempts to clone them unprofitable as undercutting TX wouldn't make any money and if given the choice between a clone and the original at the same price why not get the original? Of course the supply of TX chips drying up makes it profitable to clone and then sell at a higher price point.
 
  • Like
Reactions: FR0ZN

MasterJ360

Well-Known Member
Member
Joined
Jan 10, 2016
Messages
2,796
Trophies
1
Age
35
XP
3,421
Country
United States
Does anyone know the reason current clones are failing/poor quality?
Thats just the nature of clones they are never better than the original it was the same for 3ds flashcarts and they all had timebomb codes that would make them stop working overtime
 

Boydy86

Well-Known Member
Member
Joined
Jun 3, 2019
Messages
107
Trophies
0
Age
38
XP
304
Country
United Kingdom
Thats just the nature of clones they are never better than the original it was the same for 3ds flashcarts and they all had timebomb codes that would make them stop working overtime
Any clone products I have ever known utilize components of lesser quality, purely to reduce cost. What would be the point in saving a few dollars in build cost if you are selling them for $200?
 

MasterJ360

Well-Known Member
Member
Joined
Jan 10, 2016
Messages
2,796
Trophies
1
Age
35
XP
3,421
Country
United States
Any clone products I have ever known utilize components of lesser quality, purely to reduce cost. What would be the point in saving a few dollars in build cost if you are selling them for $200?
Well cheaper quality = higher failure rates. Thats something you have to take in consideration when buying a clone. The sxos chip clones were made to continue the distribution, but b/c the demand for them are so high and with the covid situation ongoing the prices will be too.
 

Hayato213

Newcomer
Member
Joined
Dec 26, 2015
Messages
19,727
Trophies
1
XP
20,604
Country
United States
Any clone products I have ever known utilize components of lesser quality, purely to reduce cost. What would be the point in saving a few dollars in build cost if you are selling them for $200?

You can't control something that is in high demand and low supply due to Nintendo going after team xecuter, sx lite and sx core was priced $45.95 USD, that $200 price is just people scalping the price, not the msrp price.
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • Veho @ Veho:
    I only wish it was actually playable.
  • Veho @ Veho:
    There's a guy on the Tube of You that makes playable mechanical arcade games out of Lego. This could work on the same principle.
  • Veho @ Veho:
    Just a couple of guys taking their manatee out for some fresh air, why you have to molest them?
  • Veho @ Veho:
    Stupid Chinese shop switched their shipping company and this one is slooooooow.
  • LeoTCK @ LeoTCK:
    STOP BUYING CHINESE CRAP THEN
  • LeoTCK @ LeoTCK:
    SUPPORT LOCAL PRODUCTS, MAKE REVOLUTION
  • LeoTCK @ LeoTCK:
    THEY KEEP REMOVING LOCAL SHIt AND REPLACING WItH INFERIOR CHINESE CRAP
  • LeoTCK @ LeoTCK:
    THATS WHY MY PARTNER CANT GET A GOOTWEAR HIS SIZE ANYMORE
  • LeoTCK @ LeoTCK:
    HE HAS BIG FOOT AND BIG DUCK
  • LeoTCK @ LeoTCK:
    d*ck i mean*
  • LeoTCK @ LeoTCK:
    lol
  • Veho @ Veho:
    Mkay.
  • Veho @ Veho:
    I just ordered another package from China just to spite you.
  • SylverReZ @ SylverReZ:
    Communism lol
  • SylverReZ @ SylverReZ:
    OUR products
  • The Real Jdbye @ The Real Jdbye:
    @LeoTCK actually good quality products are dying out because they can't compete with dropshipped chinese crap
    +2
  • BakerMan @ BakerMan:
    @LeoTCK is your partner the sascrotch or smth?
  • Xdqwerty @ Xdqwerty:
    Good morning
  • Xdqwerty @ Xdqwerty:
    Out of nowhere I got several scars on my forearm and part of my arm and it really itches.
  • AdRoz78 @ AdRoz78:
    Hey, I bought a modchip today and it says "New 2040plus" in the top left corner. Is this a legit chip or was I scammed?
  • Veho @ Veho:
    @AdRoz78 start a thread and post a photo of the chip.
    +2
  • Xdqwerty @ Xdqwerty:
    Yawn
    Xdqwerty @ Xdqwerty: Yawn