How to remove fake tickets from NSP file ("Standard crypto" equivalent) [Ban Risk Mitigation]

Discussion in 'Switch - Tutorials' started by PsychOsmosis, Sep 17, 2018.

  1. PsychOsmosis
    OP

    PsychOsmosis Advanced Member

    Newcomer
    2
    Jan 18, 2016
    Canada
    Hello everyone!

    It is widely thought that going online after installing a NSP with a fake ticket leads to an almost inevitable ban.

    Some people have been bragging on the forum that they use a private method (using the SDK) to reencrypt the NSP file with "standard crypto" (like the XCI/cartridge games) instead of the "ticket rights" usually used for eShop titles.
    Detailed below is a method to modify a NSP file by removing the fake title rights, rewriting the header to no longer use the ticket, and finally deleting the fake ticket, therefore leading to a theoretically reduced risk of ban, as your console will no longer have a fake ticket in its ticket blob and your installed eShop titles will no longer have a rights-ID that doesn't match your console ID. This method leads to the creation of a NSP file that is practically equivalent to one that as been repacked using "standard crypto" (which is a bit misleading in its own right as NSP files are not encrypted).


    DO NOT USE THIS GUIDE IF YOU ABSOLUTELY DON'T WANT TO GET BANNED!
    THERE IS NO GUARANTEE THIS WILL PREVENT YOU FROM BEING BANNED!
    THIS METHOD LEADS TO A THEORETICAL REDUCTION OF THE BAN RISK!


    This method should be used in conjunction with other ban risk reduction methods, such as disabling telemetry (EU) / blocking the telemetry servers in your router hosts file (EU citizens should do BOTH), using a whitelist-based custom DNS/firewall configuration, using creport (for people not on SXOS) and/or using Stealth Mode (for people on SXOS, because we don't have access to creport... :()


    This guide is based on the awesome script "nut" by Blawar!
    Without him, this method would not exist!!


    I added a guide on how to block the telemetry (and other harmful) servers in post #10 below!!


    Game updates NSP files should NOT be processed using this method if you apply the update on a XCI game (cartridge dump)!
    The tickets in an update are actually 100% legit and are neither console-specific or account-specific!


    If you have processed the base game NSP file (using this method) on which you want to apply the update to, it is debatable if you should process the update as well or not.
    The creator of CDNSP believes you should not, while I think it might raise some red flags if you install an update with tickets on a game for which there is no ticket in your console's ticket blob.
    Please be aware of this information and proceed as you see fit.




    Update (October 22, 2018) :

    The script no longer works when applied to DLCs as of 6.0.1 (and probably 6.0.0)! It still works on base games though!!
    This is due to the anti-piracy measures implemented by Big-N in this firmware version.

    Since DLCs always come from the eShop, and therefore always come with a ticket, there is some kind of online check made when you try to run a game after installing a ticketless DLC for it.
    Furthermore, it seems that the check is made using one of the few servers I actually whitelist (game update server maybe?).

    I still have to try applying the script on an update to see if it works in this case. I will update you guys when I've done so.




    Prerequisites :

    - Download nut from github (https://github.com/blawar/nut/) by using the "Clone or download" green button and choosing "Download as ZIP". Extract the ZIP archive.

    - LOOK AT THE REQUIREMENTS FOR NUT ON THE GITHUB PAGE. You need to have Python3 installed, then you use pip to install some modules :
    pip3 install colorama pyopenssl requests tqdm unidecode image bs4

    In my case, I had to update pip before I could install the other modules :
    python -m pip install --upgrade pip

    There was also another module I needed but I don't remember what its name is. If you try to run it and you get a Python error, it should display the name of the module in there.
    If the command line window shuts down before you can read, read the troubleshooting part below in red, it will help you reading the error message.
    Just run "pip3 install MODULE_NAME" as you did with the other modules above.

    Configure your nut.conf (in the "conf" folder). In my case, I just disabled (set to false) the first four settings of the "download" section of "nut.default.conf".

    - A copy of your Switch keys. If you don't have them, you need to find them on your own on the interwebs or extract them from your console. There are guides for that. The file must be named "keys.txt" and be located in the (incredibly funny default-named) "nut-master" folder you extracted from the ZIP.

    - A game in the NSP file format. Place it in the nut-master folder. The file can be a scene release or a game obtained from the CDN. You CAN use nut to download games from the CDN, but I personally don't know how and this is not a "CDN download tutorial".

    - Hactool should be updated to the latest release (1.2.0) in the bin subfolder of nut-master in order to support NSP packages containing > 15 files!



    NOW AUTOMATED IN A BATCH FILE!! :toot:
    Code updated: October 16, 2018.
    Confirmed working with firmwares up to 6.0.1 (on SXOS at least)!!


    You still need the prerequisites listed above though. There's no way around that! ;)


    Your .NSP must be located in the nut-master folder AND must contain the TitleID in the filename so nut can use it to rewrite the header of the .NCA!!

    Well, the code just got a fair bit prettier thanks to
    Bigjokker with two simple but brilliant variable changes!
    Now, after placing the .NSP and the batch file in the nut-master folder, just drag & drop the .NSP onto the batch file and voilà, it does its magic!!

    You should see the ASCII squirrel a total of three times in the command line window, but it does not necessarily mean it worked if you see this!
    In your nut-master folder, a folder with the same name as your NSP will be created, the NSP will be deleted and a new NSP will be created (about 2.5 kilobytes smaller than the original, compare with a backup of the original!!).

    If the behavior of the script is any different, IT DIDN'T WORK!!

    Even if all of the above is true, it might not have worked!! If the first part fails, you will still have a modified NSP 2.5 kilobytes smaller than the original (but it will crash at launch and send a dirty error log to Big-N)!

    You can verify if it works by removing the "REM " at the three instances where there is a "REM pause" in the code, so it says "pause" instead.

    By doing this, the script will pause after every step (prompting you to press a key to continue) so you can see if there was a nut / Python3 / Windows CLI related error!
    You can also remove the @Echo off if you're having issues but the script doesn't show any error to make troubleshooting easier for us.

    EVERYBODY SHOULD DO THIS AT LEAST ONCE TO MAKE SURE NUT AND PYTHON ARE PROPERLY CONFIGURED!!!
    If everything works as it should, you can revert back the script to its original form to re-automate the three steps together.


    Code:
    @echo off
    SET "nutpy=%~dp0"
    SET "filenam=%~n1"
    if EXIST "%nutpy%%filenam%\" rmdir /s /q "%nutpy%%filenam%"
    if NOT EXIST "%nutpy%backup\" mkdir "%nutpy%backup"
    if NOT EXIST "%nutpy%backup\%filenam%.nsp" copy /v "%nutpy%%filenam%.nsp" "%nutpy%backup\%filenam%.nsp"
    cd /d "C:\Windows"
    py.exe "%nutpy%nut.py" --remove-title-rights "%filenam%.nsp"
    REM pause
    py.exe "%nutpy%nut.py" -x "%filenam%.nsp"
    REM pause
    cd /d "%nutpy%%filenam%"
    del *.tik
    del *.cert
    cd /d "%nutpy%"
    del "%filenam%.nsp"
    cd /d "%nutpy%%filenam%"
    set /a n=0
    setlocal ENABLEDELAYEDEXPANSION
    for %%i in (*) do (
        set /a n=n+1
        set files!n!=%%i
    )
    if !n! == 2 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%"
    )
    if !n! == 3 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%"
    )
    if !n! == 4 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%"
    )
    if !n! == 5 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%"
    )
    if !n! == 6 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%"
    )
    if !n! == 7 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%"
    )
    if !n! == 8 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%"
    )
    if !n! == 9 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%" "%nutpy%%filenam%\%files9%"
    )
    if !n! == 10 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%" "%nutpy%%filenam%\%files9%" "%nutpy%%filenam%\%files10%"
    )
    if !n! == 11 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%" "%nutpy%%filenam%\%files9%" "%nutpy%%filenam%\%files10%" "%nutpy%%filenam%\%files11%"
    )
    if !n! == 12 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%" "%nutpy%%filenam%\%files9%" "%nutpy%%filenam%\%files10%" "%nutpy%%filenam%\%files11%" "%nutpy%%filenam%\%files12%"
    )
    if !n! == 13 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%" "%nutpy%%filenam%\%files9%" "%nutpy%%filenam%\%files10%" "%nutpy%%filenam%\%files11%" "%nutpy%%filenam%\%files12%" "%nutpy%%filenam%\%files13%"
    )
    if !n! == 14 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%" "%nutpy%%filenam%\%files9%" "%nutpy%%filenam%\%files10%" "%nutpy%%filenam%\%files11%" "%nutpy%%filenam%\%files12%" "%nutpy%%filenam%\%files13%" "%nutpy%%filenam%\%files14%"
    )
    if !n! == 15 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%" "%nutpy%%filenam%\%files9%" "%nutpy%%filenam%\%files10%" "%nutpy%%filenam%\%files11%" "%nutpy%%filenam%\%files12%" "%nutpy%%filenam%\%files13%" "%nutpy%%filenam%\%files14%" "%nutpy%%filenam%\%files15%"
    )
    if !n! == 16 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%" "%nutpy%%filenam%\%files9%" "%nutpy%%filenam%\%files10%" "%nutpy%%filenam%\%files11%" "%nutpy%%filenam%\%files12%" "%nutpy%%filenam%\%files13%" "%nutpy%%filenam%\%files14%" "%nutpy%%filenam%\%files15%" "%nutpy%%filenam%\%files16%"
    )
    if !n! == 17 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%" "%nutpy%%filenam%\%files9%" "%nutpy%%filenam%\%files10%" "%nutpy%%filenam%\%files11%" "%nutpy%%filenam%\%files12%" "%nutpy%%filenam%\%files13%" "%nutpy%%filenam%\%files14%" "%nutpy%%filenam%\%files15%" "%nutpy%%filenam%\%files16%" "%nutpy%%filenam%\%files17%"
    )
    if !n! == 18 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%" "%nutpy%%filenam%\%files9%" "%nutpy%%filenam%\%files10%" "%nutpy%%filenam%\%files11%" "%nutpy%%filenam%\%files12%" "%nutpy%%filenam%\%files13%" "%nutpy%%filenam%\%files14%" "%nutpy%%filenam%\%files15%" "%nutpy%%filenam%\%files16%" "%nutpy%%filenam%\%files17%" "%nutpy%%filenam%\%files18%"
    )
    if !n! == 19 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%" "%nutpy%%filenam%\%files9%" "%nutpy%%filenam%\%files10%" "%nutpy%%filenam%\%files11%" "%nutpy%%filenam%\%files12%" "%nutpy%%filenam%\%files13%" "%nutpy%%filenam%\%files14%" "%nutpy%%filenam%\%files15%" "%nutpy%%filenam%\%files16%" "%nutpy%%filenam%\%files17%" "%nutpy%%filenam%\%files18%" "%nutpy%%filenam%\%files19%"
    )
    if !n! == 20 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%" "%nutpy%%filenam%\%files9%" "%nutpy%%filenam%\%files10%" "%nutpy%%filenam%\%files11%" "%nutpy%%filenam%\%files12%" "%nutpy%%filenam%\%files13%" "%nutpy%%filenam%\%files14%" "%nutpy%%filenam%\%files15%" "%nutpy%%filenam%\%files16%" "%nutpy%%filenam%\%files17%" "%nutpy%%filenam%\%files18%" "%nutpy%%filenam%\%files19%" "%nutpy%%filenam%\%files20%"
    )
    if !n! == 21 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%" "%nutpy%%filenam%\%files9%" "%nutpy%%filenam%\%files10%" "%nutpy%%filenam%\%files11%" "%nutpy%%filenam%\%files12%" "%nutpy%%filenam%\%files13%" "%nutpy%%filenam%\%files14%" "%nutpy%%filenam%\%files15%" "%nutpy%%filenam%\%files16%" "%nutpy%%filenam%\%files17%" "%nutpy%%filenam%\%files18%" "%nutpy%%filenam%\%files19%" "%nutpy%%filenam%\%files20%"  "%nutpy%%filenam%\%files21%"
    )
    if !n! == 22 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%" "%nutpy%%filenam%\%files9%" "%nutpy%%filenam%\%files10%" "%nutpy%%filenam%\%files11%" "%nutpy%%filenam%\%files12%" "%nutpy%%filenam%\%files13%" "%nutpy%%filenam%\%files14%" "%nutpy%%filenam%\%files15%" "%nutpy%%filenam%\%files16%" "%nutpy%%filenam%\%files17%" "%nutpy%%filenam%\%files18%" "%nutpy%%filenam%\%files19%" "%nutpy%%filenam%\%files20%"  "%nutpy%%filenam%\%files21%"  "%nutpy%%filenam%\%files22%"
    )
    if !n! == 23 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%" "%nutpy%%filenam%\%files9%" "%nutpy%%filenam%\%files10%" "%nutpy%%filenam%\%files11%" "%nutpy%%filenam%\%files12%" "%nutpy%%filenam%\%files13%" "%nutpy%%filenam%\%files14%" "%nutpy%%filenam%\%files15%" "%nutpy%%filenam%\%files16%" "%nutpy%%filenam%\%files17%" "%nutpy%%filenam%\%files18%" "%nutpy%%filenam%\%files19%" "%nutpy%%filenam%\%files20%"  "%nutpy%%filenam%\%files21%"  "%nutpy%%filenam%\%files22%"  "%nutpy%%filenam%\%files23%"
    )
    if !n! == 24 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%" "%nutpy%%filenam%\%files9%" "%nutpy%%filenam%\%files10%" "%nutpy%%filenam%\%files11%" "%nutpy%%filenam%\%files12%" "%nutpy%%filenam%\%files13%" "%nutpy%%filenam%\%files14%" "%nutpy%%filenam%\%files15%" "%nutpy%%filenam%\%files16%" "%nutpy%%filenam%\%files17%" "%nutpy%%filenam%\%files18%" "%nutpy%%filenam%\%files19%" "%nutpy%%filenam%\%files20%" "%nutpy%%filenam%\%files21%"  "%nutpy%%filenam%\%files22%"  "%nutpy%%filenam%\%files23%" "%nutpy%%filenam%\%files24%"
    )
    if !n! == 25 (
        "C:\Windows\py.exe" "%nutpy%nut.py" -c "%filenam%.nsp" "%nutpy%%filenam%\%files1%" "%nutpy%%filenam%\%files2%" "%nutpy%%filenam%\%files3%" "%nutpy%%filenam%\%files4%" "%nutpy%%filenam%\%files5%" "%nutpy%%filenam%\%files6%" "%nutpy%%filenam%\%files7%" "%nutpy%%filenam%\%files8%" "%nutpy%%filenam%\%files9%" "%nutpy%%filenam%\%files10%" "%nutpy%%filenam%\%files11%" "%nutpy%%filenam%\%files12%" "%nutpy%%filenam%\%files13%" "%nutpy%%filenam%\%files14%" "%nutpy%%filenam%\%files15%" "%nutpy%%filenam%\%files16%" "%nutpy%%filenam%\%files17%" "%nutpy%%filenam%\%files18%" "%nutpy%%filenam%\%files19%" "%nutpy%%filenam%\%files20%" "%nutpy%%filenam%\%files21%"  "%nutpy%%filenam%\%files22%"  "%nutpy%%filenam%\%files23%" "%nutpy%%filenam%\%files24%" "%nutpy%%filenam%\%files25%"
    )
    endlocal
    REM pause



    Troubleshooting script :


    If you're having issues and want our help, run the following script on your NSP BEFORE AND AFTER running the method described above and provide us with the information this script displays.


    Code:
    @echo off[/SIZE][/SIZE][/SIZE][/SIZE][/SIZE][/SIZE][/SIZE][/SIZE]
    [SIZE=3][SIZE=4][SIZE=3][SIZE=4][SIZE=3][SIZE=4][SIZE=3][SIZE=4]SET "nutpy=%~dp0"
    SET "filenam=%~n1"
    py.exe "%nutpy%nut.py" -i "%filenam%.nsp"
    pause




    Batch processing :


    If you have a bunch of NSP files in a folder and some of them don't have the TitleKey in the filename, I understand that it would be a pain to process them one by one using the batch file (even though it takes only 2 seconds per file).

    If you are in this situation, @Bigjokker has made another batch file that will process every NSP in a folder, even if the TitleKey is not in the filename!!

    The code of his batch file is a bit above my skill level, so I cannot vouch 100% for it (since I understand about 85% of it), but the code looks fine and I trust the guy.
    For the same reason, I cannot troubleshoot your issues and modify the code accordingly, so if you use his batch processing batch file (it might not be the most elegant way to call it, but it is what it is! :lol:), you'll have to see with him if you have problems with it.
    You might want to test your setup of Python3 and nut with my batch file first (to see if everything works properly) since it has been tested by more people since its release and then switch to @Bigjokker 's batch file if all goes well.

    Here'a a link to his post where you can download his file!




    Manual Method :

    No longer kept up to date, but it should still work if you don't want to use the above script for whatever reason.

    - Copy your NSP file in the "nut-master" folder.

    - (OPTIONAL) Use the following command to pull the info of your NSP file. This is not required as it's only used to compare your file before and after the two "main steps" of this method.
    nut.py -i "YOUR_GAME [TITLEKEY][vX].nsp"
    In my case, on Windows 10, I had to use the following command to access nut.py using python. So, if you have problems getting nut.py to run, try this for each and every command in this guide :
    cd C:\PYTHON3_INSTALL_FOLDER
    python "C:\WHERE_YOU_EXTRACTED\nut-master\nut.py" -i "YOUR_GAME [TITLEKEY][vX].nsp"

    In the info dump provided by nut, you can see a ticket file (in which the rightsId is not related to your console-id), a few NCA files, a CERT file and a XML file.
    If you install the NSP as is, this ticket gets imported in your console's ticket blob and when it sends its telemetry to Big-N, you get banned!!
    The "main NCA file" (the one with the largest file size, AKA "the game") also has a rightsId which doesn't match your console, which could also lead to a ban if you launch the game and then connect to the internet.
    You can see that the smaller NCA files have their rightsID set to 0, as they are "unprotected" because they are not important enough to protect.

    - Run the following command to set the value of these rightsId to 0.
    nut.py --remove-title-rights "YOUR_GAME [TITLEKEY][vX].nsp"

    - (OPTIONAL) Then, if you run the "info" command again, you should see that the ticket is still there, but the instances where you had fake rightsId are set to 0 (as they are in the other NCA files, so it should theoretically be considered "unprotected" by the console).

    - Now we need to remove this evil ticket to prevent it from being imported in our precious ticket blob. Let's start by unpacking the NSP.
    nut.py -x "YOUR_GAME [TITLEKEY][vX].nsp"

    A folder is then created with all the files of the NSP inside.

    - DELETE (OR MOVE AWAY) THE NSP FROM YOUR nut-master FOLDER!!

    - Navigate to that folder, and delete the ticket file "WHATEVER.TIK".

    - Then, we repack the NSP without this ticket :
    nut.py -c "YOUR_GAME [TITLEKEY][vX].nsp" "C:\WHERE_YOU_EXTRACTED\nut-master\YOUR_GAME [TITLEKEY][vX]\*.*"

    For some reason, in my case, this command didn't work. It seems that, in some instances on Windows, Python3 shits the bed when using wildcards. But for Blawar, also on Windows 10, it works perfectly. Go figure.

    If this happens to you, use the following command instead (it's incredibly long and tedious to input, but I didn't find another way to make it work) :
    nut.py -c "YOUR_GAME [TITLEKEY][vX].nsp" "C:\WHERE_YOU_EXTRACTED\nut-master\YOUR_GAME [TITLEKEY][vX]\FILE1.cert" "C:\WHERE_YOU_EXTRACTED\nut-master\YOUR_GAME [TITLEKEY][vX]\FILE2.nca" "C:\WHERE_YOU_EXTRACTED\nut-master\YOUR_GAME [TITLEKEY][vX]\FILE3.nca" ............. "C:\WHERE_YOU_EXTRACTED\nut-master\YOUR_GAME [TITLEKEY][vX]\LAST_FILE.xml"

    YOU MUST DO THIS WITH EVERY FILE (apart from the deleted ticket) IN THE FOLDER IN A SINGLE COMMAND!

    - There you go, it's done. You can run the "info" command again and you should see that the ticket (along with the rightsID) is no more.
    The final file size should be about 768 bytes smaller than the initial file size.



    This has been tested with SXOS and it works flawlessly. The games install and run just fine.
    You also need to follow the same procedure for the NSP updates you want to install.

    Thanks again Blawar for your incredible tool and all the help you gave me!!
     
    Last edited by PsychOsmosis, Oct 22, 2018
    Khim09, DarkUnixOs, LiamMCW and 7 others like this.
  2. Xenon Hacks

    Xenon Hacks GBAtemp Guru

    Member
    13
    Nov 13, 2014
    United States
    I've been using XCI's exclusively for a good while with no issues if someone can try this and a full month goes by without them getting banned i'll try this out. thanks for sharing
     
    CallmeBerto likes this.
  3. PsychOsmosis
    OP

    PsychOsmosis Advanced Member

    Newcomer
    2
    Jan 18, 2016
    Canada
    I will update as time goes by. As of now, I've installed two games (along with two game updates) using this method and I'm about to install two more.
    I just disabled Stealth Mode in order to update some XCI games (and reenabled it after).

    Along with the method in this guide for the NSPs, I use a set whitelist-based custom firewall rules in my router to only enable the Big-N servers required for wifi connection and game updates. I've been doing this for a few months (XCI exclusively) and I've not been banned yet.
    I only started using TX's "Stealth Mode" (in addition to my firewall rules) when I don't use my console about a week ago when I installed my first two NSPs.
     
    GeraltOfRivia and Xenon Hacks like this.
  4. Xenon Hacks

    Xenon Hacks GBAtemp Guru

    Member
    13
    Nov 13, 2014
    United States
    That's good to hear I kinda feel bad for the people who jumped the gun and installed NSP's without waiting for Emunand and going online just to get banned or those who shit on SXOS when it's completely safe to go online using XCI only with headers.
     
    Last edited by Xenon Hacks, Sep 17, 2018
  5. PsychOsmosis
    OP

    PsychOsmosis Advanced Member

    Newcomer
    2
    Jan 18, 2016
    Canada
    I don't even use fake headers. My XCI games are just headerless. But since I only allow the IPs of the "wifi connection verification" and the "game updates server" to connect to my console, it has no way to send telemetry back to Big-N.
    Also, I update my XCIs while they are not "mounted" in the "cartridge slot", so the update server can't see that they're headerless.

    But yeah, people should have waited. Or they don't care to get banned, that's fine too!
     
  6. guitarheroknight

    guitarheroknight 1.6180339887

    Member
    11
    Nov 9, 2014
    Norway
    Grand Line
    All my games are exclusively NSP's and I haven't been banned yet. It's been over a month and I've connected to my WiFi on several other occasions to update said games with no issues whatsoever. The only thing I can think of is the fact that I disabled the telemetry in my EU account. Praise GDPR.
     
    MushGuy and CallmeBerto like this.
  7. Ericthegreat

    Ericthegreat Not New Member

    Member
    8
    Nov 8, 2008
    United States
    Vana'diel
    Theoretical means fact right?
     
    PsychOsmosis likes this.
  8. PsychOsmosis
    OP

    PsychOsmosis Advanced Member

    Newcomer
    2
    Jan 18, 2016
    Canada
    Yeah, while not being the only ban factor, the telemetry servers seem to be the easiest way to get banned. So using the GDPR toggle (for europeans) or just blocking them in your router hosts file does a wonderful job at greatly reducing the ban risk.
    Of course, if you try to access the online play of a pirated game, you'll get banned regardless. Or if you try to update a game for which the rightsId doesn't relate to your consoleId through Horizon's official game update functionality, it would be very easy for Big-N to ban you.

    This method is for people that want to bring the ban risk as close to zero as possible, because some people claim to have been banned even though measures to prevent bans had been used.
     
    Last edited by PsychOsmosis, Sep 18, 2018
  9. maguro

    maguro Newbie

    Newcomer
    1
    Feb 5, 2017
    Indonesia
    Can you share the list of blocked address in your hosts file? I want to try it too on my router
     
  10. PsychOsmosis
    OP

    PsychOsmosis Advanced Member

    Newcomer
    2
    Jan 18, 2016
    Canada

    Sure, for telemetry it's the following :
    Code:
    127.0.0.1    receive-lp1.dg.srv.nintendo.net
    127.0.0.1    receive-lp1.er.srv.nintendo.net
    For system updates :
    Code:
    127.0.0.1    sun.hac.lp1.d4c.nintendo.net
    For game cert (you want to block that one) and gold retrieval :
    Code:
    127.0.0.1    beach.hac.lp1.eshop.nintendo.net
    Unknown (I don't trust it, nobody knows what it does. This server was added in firmware 5.0, right when Big-N increased their anti-piracy measures. Just saying...) :
    Code:
    127.0.0.1    pearljam.hac.lp1.eshop.nintendo.net

    That's the first step. If you want something even more secure, you can create rules for your device so it only allows connections by whitelist, and you only allow the following (Wifi Connection Verification & Game Updates) :
    Code:
    ctest.cdn.nintendo.net                   -->  WiFi Connection Test
    aqua.hac.lp1.d4c.nintendo.net        ¯\
    superfly.hac.lp1.d4c.nintendo.net     |  -->  Game Updates
    atum.hac.lp1.d4c.nintendo.net        _/
    
    nasc.nintendowifi.net                (Do not include this one unless you require access to the Official Big-N WiFi Hotspots in Japan.)
    If you have a Tomato (CFW) router, I can give you a detailed tutorial on how to achieve this since this is what I use on my own Tomato router.


    But depending on the OS of your router, it might be easier to just add the other Big-N servers (everyone of them apart from the four listed right above) to your hosts file (same way as with the telemetry ones listed above).
    Here is the full list : http://switchbrew.org/index.php?title=Network#Servers
    Everywhere it says "%" in the addresses, it's "lp1" (Live Production 1 --> Post-release consoles).


    If your router has a URL filter tab in its interface, you can use the following guide instead. It's the easiest way to achieve this!!
     
    Last edited by PsychOsmosis, Oct 1, 2018
  11. mike087

    mike087 GBAtemp Regular

    Member
    3
    Jan 6, 2017
    Ecuador
    I installed 5 nsp games without this method. I've been playing online with my original games (in ofw of corse) with those nsp still installed and not ban yet. I've been doing this for months.
     
  12. linuxares

    linuxares I'm not a generous god!

    Moderator
    14
    Aug 5, 2007
    Sweden
    A person I know got banned even with the GDPR thingy. However that person sent an invalid dauth to Nintendo so might be it.
     
    CallmeBerto likes this.
  13. Biff627

    Biff627 GBAtemp Advanced Maniac

    Member
    7
    Aug 15, 2015
    United States
    You'll still get banned. Have a nice day
     
  14. Only1chance

    Only1chance Member

    Newcomer
    1
    Aug 7, 2018
    Costa Rica
    Cool, but still waiting for emunand to get my 1.0.0 out of my closet.
     
  15. PsychOsmosis
    OP

    PsychOsmosis Advanced Member

    Newcomer
    2
    Jan 18, 2016
    Canada
    Nobody said it's impossible to not get banned while doing so, but you have to understand that many people in your situation got banned for doing just that.
    As I said above, this guide will be for people who want to minimize their ban risk as much as possible. For now, as we don't have much real life data at all on people having used this method, caution is advised!

    It's been said that even with the GDPR toggle activated, the console still sends some data to Big-N.
    It's probable that blocking the two telemetry servers in your router hosts file is a better method of avoiding a ban, so EU citizens should probably do so all well (in conjuction with the GDPR toggle)!

    Umm, perhaps? I fail to see how your post contributes in any way to the discussion...
    Or was it an attempt at trolling? In any case, have a nice day as well!

    As you should! This definitely isn't an acceptable alternative to emunand in any way, shape or form!!
     
    Whole lotta love and Only1chance like this.
  16. Biff627

    Biff627 GBAtemp Advanced Maniac

    Member
    7
    Aug 15, 2015
    United States
    It doesn't :) If you are online they can see a whole lot more than you think they can. Sadly this isn't like the ps3 days where we could hide about 99% of the cfw :( I wish it was though... sorry to seem like a troll.
     
  17. PsychOsmosis
    OP

    PsychOsmosis Advanced Member

    Newcomer
    2
    Jan 18, 2016
    Canada
    As I said above, which you would have known if you had actually read the thread (although perhaps I should have explained myself a bit more, sorry if that's the case), I use custom whitelist-based rules in my network so my Switch only connects to seven IPs of Big-N (the ones for the wifi connection validation and the game updates), all seven of them obtained by myself from my router's DNS forwarder. Those are seven IPs out of the forty-nine IPs my console attempted to connect to. And that doesn't even include the IPs of the two telemetry servers, as those are blocked directly in my hosts file and therefore never get queried by my DNS forwarder.

    It's also worth noting that I allowed seven IPs but the wifi connection and game update servers actually have twelve IPs related to them, but allowing only 7 of them is sufficient to actually connect and update games.
    This is an advantage of using IP based instead of URL based filtering, as maybe the other five IPs are for some kind of telemetry that gets blocked in my case.
    But there are also disadvantages to using IP based filtering, such as the IP linked to the server actually rotates each week, so I need to manually add the new IP to the list of whitelisted IPs.

    So yes, if you're online without any protection, they can see VERY MUCH of your console.
    In my case though, they see exactly what I allow them to see!
     
    Last edited by PsychOsmosis, Sep 19, 2018
  18. mike087

    mike087 GBAtemp Regular

    Member
    3
    Jan 6, 2017
    Ecuador
    I have a URL Filter option in my router, is that the one tht i have top use?. I f so, that option have 3 boxes: URL, priority, status(enable disable). Do i have to write all this line: 127.0.0.1 sun.hac.lp1.d4c.nintendo.net in the URL box?
     
  19. PsychOsmosis
    OP

    PsychOsmosis Advanced Member

    Newcomer
    2
    Jan 18, 2016
    Canada
    It's a Huawei right? It's indeed the right option. You don't need the 127.0.0.1 since it's not a hosts file (it's an interface that manages the hosts file, it will add it by itself).


    URL Filter Guide :

    "Priority" is only useful if multiple rules apply to one website so the router knows which rule gets priority over the others.
    So just start with the worst servers (telemetry) with priority 1 and then the next one is 2, etc.

    Depending on the model there is also an "Action" setting (it's "Status" for Huawei) that lets you choose Allow, Deny or Reject. If so, choose Reject.
    If there is no such setting to choose, my understanding is that every rule you add is automatically a "reject" rule. So with the URL sun.hac.lp1.d4c.nintendo.net and the Priority 1, it should work as intended.

    Of course, if there is a way for you to test that it's working without putting your console at risk, that would be your best bet.
    Ping the URL from a PC on your network (if you know how) or on your cellphone (PingTools on Android) before applying the rule and after so you know if it works.
    If it works before you apply the rules and then afterwards it doesn't ping, you're all set!
     
    Last edited by PsychOsmosis, Sep 20, 2018
  20. eyeliner

    eyeliner Has an itch needing to be scratched.

    Member
    4
    Feb 17, 2006
    Portugal
    Pray tell me, if blocking all those nintendo addresses, won't your console be prevented to connect to any online service?
    If so, just remove your Wifi connection from the console and that's it. Disable all options all you want then.
    Of course, if there's any online service still functioning and worth having connected, please share.

    I know, you want to use FTP to your console. Besides that.
     
Loading...