Hacking Discussion Info on SHA-256 hashes on FS patches
- Thread starter crckd
- Start date
- Views 204,318
- Replies 526
- Likes 17
Compile hactool yourself then, the source code mods are here:
https://gbatemp.net/threads/info-on-sha-256-hashes-on-fs-patches.581550/post-9918301
Last edited by mrdude,
Please read the instructions on https://gbatemp.net/threads/how-to-create-your-own-sigpatches.616288/#post-9896637 and you learn about the false warnings of windows.
FYI - updated IPS Patch Creator: (added a few check routines to warn about keys if decryption fails)
https://github.com/mrdude2478/IPS_Patch_Creator/releases/tag/1.5.6-2
https://github.com/mrdude2478/IPS_Patch_Creator/releases/tag/1.5.6-2
hey @mrdude im new to this switch . but i am interested in making the patches for switch with and with out your tool. is it hard? i have made your tool on visual studio and i was trying to figure out how you updated for 15.0.0 support. is that hard? i was looking from the recent version to previous and found difference in package patterns. something like that. i dont know what im doing haha . i would like to understand if possible. does it revolve around the first post of this thread? guess to sum it up im trying to figure out how to make the patches where to start. im using linux with hactool but im pretty much lost. i dm'd you if thats ok . i appreciate the response
This is for Advanced users - for finding wilcards in files such as exe,bin or decompiled switch firmware files :-)...
I couldn't find an app to do what I wanted on windows so I made this yesterday in about an hour....
Screenshot:
Now you may be wondering what good is this app for the average user, well it's not - it's for more advanced people that want to search through files for hex patterns and to display all the offsets where the patterns were found. For example, Imagine we wanted to find the offset for the ES patch in switch firmware - we could decompile the main file with IPS Patch Creator - and uncheck "auto clean decrypted files", if we had the correct keys and dragged a firmware folder onto the app we would be left with a file called "main_dec". We could look at the address for the patch and note it down and if did this for say FW11 - FW15 we could load those files into a hex editor and look at the bytes for the addresses we found. We would end up with something like this.
We could then see that there was a kind of pattern if we looked at the bytes, and create a wildcard to seach for that pattern by replacing non matching hex with a period/dot/full stop.
Now with pattern we could put that into the wildcard search program and see if we could find the offets we needed to patch when a new switch firmware comes out. Included in the zip is wildcards for FS/ES/NFIM files. Hope this comes in handy for you advanced users, NOOBS - do not download, this is beyond your skill level.
I couldn't find an app to do what I wanted on windows so I made this yesterday in about an hour....
Screenshot:
Now you may be wondering what good is this app for the average user, well it's not - it's for more advanced people that want to search through files for hex patterns and to display all the offsets where the patterns were found. For example, Imagine we wanted to find the offset for the ES patch in switch firmware - we could decompile the main file with IPS Patch Creator - and uncheck "auto clean decrypted files", if we had the correct keys and dragged a firmware folder onto the app we would be left with a file called "main_dec". We could look at the address for the patch and note it down and if did this for say FW11 - FW15 we could load those files into a hex editor and look at the bytes for the addresses we found. We would end up with something like this.
Code:
11.0.0 - Probable patch offset location: 0x0002D0CC - E0 03 13 AA FD 7B 52 A9 F4 4F 51 A9 FC 83 40 F9 FF C3 04 91 C0 03 5F D6
11.0.1 - Probable patch offset location: 0x0002D0CC - E0 03 13 AA FD 7B 52 A9 F4 4F 51 A9 FC 83 40 F9 FF C3 04 91 C0 03 5F D6
12.0.0 - Probable patch offset location: 0x0002E57C - 60 7E 40 92 F4 4F 52 A9 FC 8B 40 F9 FD 7B 50 A9 FF C3 04 91 C0 03 5F D6
12.0.1 - Probable patch offset location: 0x0002E57C - 60 7E 40 92 F4 4F 52 A9 FC 8B 40 F9 FD 7B 50 A9 FF C3 04 91 C0 03 5F D6
12.0.2 - Probable patch offset location: 0x0002E57C - 60 7E 40 92 F4 4F 52 A9 FC 8B 40 F9 FD 7B 50 A9 FF C3 04 91 C0 03 5F D6
12.0.3 - Probable patch offset location: 0x0002E57C - 60 7E 40 92 F4 4F 52 A9 FC 8B 40 F9 FD 7B 50 A9 FF C3 04 91 C0 03 5F D6
12.1.0 - Probable patch offset location: 0x0002E61C - 60 7E 40 92 F4 4F 52 A9 FC 8B 40 F9 FD 7B 50 A9 FF C3 04 91 C0 03 5F D6
13.0.0 - Probable patch offset location: 0x00031528 - 60 7E 40 92 F4 4F 52 A9 FC 8B 40 F9 FD 7B 50 A9 FF C3 04 91 C0 03 5F D6
13.1.0 - Probable patch offset location: 0x00031A28 - 60 7E 40 92 F4 4F 52 A9 FC 8B 40 F9 FD 7B 50 A9 FF C3 04 91 C0 03 5F D6
13.2.0 - Probable patch offset location: 0x00031A28 - 60 7E 40 92 F4 4F 52 A9 FC 8B 40 F9 FD 7B 50 A9 FF C3 04 91 C0 03 5F D6
13.2.1 - Probable patch offset location: 0x00031A28 - 60 7E 40 92 F4 4F 52 A9 FC 8B 40 F9 FD 7B 50 A9 FF C3 04 91 C0 03 5F D6
14.0.0 - Probable patch offset location: 0x000663D8 - 60 7E 40 92 F4 4F 52 A9 FC 8B 40 F9 FD 7B 50 A9 FF C3 04 91 C0 03 5F D6
14.1.0 - Probable patch offset location: 0x000663D8 - 60 7E 40 92 F4 4F 52 A9 FC 8B 40 F9 FD 7B 50 A9 FF C3 04 91 C0 03 5F D6
14.1.2 - Probable patch offset location: 0x000663D8 - 60 7E 40 92 F4 4F 52 A9 FC 8B 40 F9 FD 7B 50 A9 FF C3 04 91 C0 03 5F D6
15.0.0 - Probable patch offset location: 0x00064AEC - E0 03 13 2A F4 4F 52 A9 FC 8B 40 F9 FD 7B 50 A9 FF C3 04 91 C0 03 5F D6We could then see that there was a kind of pattern if we looked at the bytes, and create a wildcard to seach for that pattern by replacing non matching hex with a period/dot/full stop.
Code:
.0 .. .. .. .. .. 52 A9 .. .. .. .. .. .. .. .. FF C3 04 91 C0 03 5F D6Now with pattern we could put that into the wildcard search program and see if we could find the offets we needed to patch when a new switch firmware comes out. Included in the zip is wildcards for FS/ES/NFIM files. Hope this comes in handy for you advanced users, NOOBS - do not download, this is beyond your skill level.
wow, I was about to point you to Total Commander's Lister Viewer but yours is lot better
Yep, It's good for checking binary stuff.
edit...ignore previous edit - I was using the wrong file...doh!
Last edited by mrdude,
I might be doing something wrong, but I updated my switch to 15 and dumped the keys with lockpick. Moved and renamed the file in to the tools folder for IPS Patch. When I try to run ES, FS or anything else that needs the firmware, it is saying it cannot decrypt it. I am using version: 1.5.6-2.
Hello, sorry for my very bad English. I'm not a developer so I hope I understood correctly but it seems to me that the bits of version 1.5.0.0.0 are different "0e" so you have to compile the latest version of LockPick_RCm the Linux moderator does it for us thanks to him. and if I didn't understand anything please bounce back.
Look "_/how-to-create-your-own-sigpatches.616288/page-7#posts_" Lockpick_rcm.zip Ty Linux Ty MrDude
Didn't work for me. I used the file you mentioned and dumped my keys again and copied them over to the ISP tools folder.
I get
Code:
Unable to decrypt, did you update your keys?
Try adjusting the ES size limits in the config settings if firmware is greater than 15.0.0.You didn't update your keys to include key 0E - this is about the millionth time this info has been posted, try using the search button. You can't decrypt the files without the proper keys.
1,000,000+1
Do you have the _0e keys? Double check inside the prod.keys to be sure it’s not just _0d keys.
If not, grab this version of Lockpick_RCM and dump agin to see if that gives you a different file with _0e lines this time.
(link courtesy of @impeeza; code courtesy of @dezem)
Do you have the _0e keys? Double check inside the prod.keys to be sure it’s not just _0d keys.
If not, grab this version of Lockpick_RCM and dump agin to see if that gives you a different file with _0e lines this time.
(link courtesy of @impeeza; code courtesy of @dezem)
Here's a picture for those that can't read English....
I got it working. For some reason the new key file wasn't copying over. Thanks!
Hello there, I was having a couple of very busy weeks, I haven't able to test things.
Just today start to fiddling with the "Sigpatch-IPS-Creator V1.5.6-2" and found what the NFIM patches creation, trying to generate NFIM with any firmware besides 15.0 you get the error:
but using the version "Sigpatch-IPS-Creator V1.5.6" you can generate patches NFIM for firmwares 1.00 to 15.00 without problem.
Since nothing changed on the WCO strings between the two versions something should be different on the code.
sorry @mrdude for not reporting this before.
Just today start to fiddling with the "Sigpatch-IPS-Creator V1.5.6-2" and found what the NFIM patches creation, trying to generate NFIM with any firmware besides 15.0 you get the error:
but using the version "Sigpatch-IPS-Creator V1.5.6" you can generate patches NFIM for firmwares 1.00 to 15.00 without problem.
Since nothing changed on the WCO strings between the two versions something should be different on the code.
sorry @mrdude for not reporting this before.
I've already fixed this, I'm adding/chaging some stuff and will upload a fixed version when I am done. Also if you look at the github page, I've updated the code with this problem fixed, so you can compile it yourself in the meantime if you have visual studio installed.
Similar threads
-
- Article
-
Xdqwerty
what are you looking at?
-
-
-
-
@
AncientBoi:
And a part of my immediate family passed also. Sending my good suit to the cleaners for the funeral Saturday -
-
-
-
-
-
@
Xdqwerty:
@SylverReZ, may I ask you something? What are your favorite animes? (Aside of serial code lain)
-
-
@
Xdqwerty:
Mines are all the dragon ball animes. Im also enjoying Fullmetal alchemist and my hero academia+1
-
-
-
-
-
-
-
-
-
-
-
-
-
