Hacking Launch CFW without going into RCM?

[smf]

People are splitting hairs.

OP is asking if CFW can be accessed without going through RCM at bootup. The answer is no, not at this point.

If you add a button to a joycon and can launch a payload from your phone, then it's way more convenient than deja vu.

Where you need to tether your switch to a device running a custom server, go into eshop, push some buttons, turn the switch off and on.

 

[Kubas_inko]

If you add a button to a joycon and can launch a payload from your phone, then it's way more convenient than deja vu.

Where you need to tether your switch to a device running a custom server, go into eshop, push some buttons, turn the switch off and on.

Do you know what is even more convenient? Modchip...

 

[smf]

Do you know what is even more convenient? Modchip...

Greater risk to your switch, for a marginal increase in convenience. Although I can see the advantage in greater levels of smugness.

 

[Draxzelex]

are you saying that is possible to charge the switch after drain battery on RCM?
Did i miss something in this thew days or im a dump understanding this?

from what i know, with autoRCM i cant charge the switch untill i open it and charge the battery manually (?). Am i correct?

The switch can charge during RCM. However with AutoRCM installed, the charge rate is diminished in RCM compared to without AutoRCM installed. Keep in mind I'm only referring to RCM charge rate. Charge rates remain the same everywhere else, AutoRCM or not

 

[ap20889]

People are splitting hairs.

OP is asking if CFW can be accessed without going through RCM at bootup. The answer is no, not at this point.

This answered my question most clearly, thank you all for your input!

 

[eoinzy]

If there's a way of bypassing RCM on <4.1.0, then that means it's patched in 4.1.0, yes?

So I wonder if it's already patched out, why they haven't released it publicly.

I thought they only kept it private so Nintendo don't find it, which leaves a known security hole in future FW versions. But if its patched out in 4.1.0, then there must be another reason its kept secret.

 

[RHOPKINS13]

This answered my question most clearly, thank you all for your input!

If you install AutoRCM, you will be able to launch RCM mode without a jig, but you will still need to send the payload using a dongle, phone, tablet, or computer.

If you install AutoRCM and solder a chip, most commonly the Trinket M0 right now, in your Switch, you can make it send the payload for you. This means you can boot CFW without using a jig, holding volume up, or using anything external to send a payload. You can just turn your console on like you normally would, and you'd be in CFW.

If you are running on older firmware, or upgraded your firmware but took measures to prevent your eFuses from burning so you could downgrade in the future, there are exploits that will allow you to load CFW without RCM mode. Those are Deja vu and jamais vu, they have been developed but they haven't been released to the public yet. It's advisable to avoid updating your system so that in the future there may be an exploit released that you can use to avoid requiring RCM mode.

--------------------- MERGED ---------------------------

I thought they only kept it private so Nintendo don't find it, which leaves a known security hole in future FW versions. But if its patched out in 4.1.0, then there must be another reason its kept secret.

Partially patched, we don't know the details.

 

[smf]

If there's a way of bypassing RCM on <4.1.0, then that means it's patched in 4.1.0, yes?

So I wonder if it's already patched out, why they haven't released it publicly.

An exploit chain is made up of multiple parts to get from unhacked to complete taking over of the device. Nintendo stopped the current implementation of one of those parts from working & everybody with the exploit is too busy on other things to look at whether it's possible to easily make it work again.

Releasing it would be like saying "my car stopped, so I scrapped it" without checking it you had run out of fuel.

They want to hold on to as much as possible until mariko is released. There are plenty of exploitable switches in the meantime, with even more when mariko is exploited because the current switches will all end up on ebay as everyone tries to offload them.

 

[Cookie__XD]

OP is asking if CFW can be accessed without going through RCM at bootup. The answer is no, not at this point.

What about now?

 

[masagrator]

What about now?

Only PegaScape.

 

[ZachyCatGames]

What about now?

On 3.0.0 and below, yes. It will also be possible on 3.0.1-4.1.0 VERY soon.

 

[Cookie__XD]

On 3.0.0 and below, yes. It will also be possible on 3.0.1-4.1.0 VERY soon.

Thanks for the Info!
I gonna ask again in a year or so

 

[Meriadoc]

On 3.0.0 and below, yes. It will also be possible on 3.0.1-4.1.0 VERY soon.

How? I thought it was possible only on 1.0.0 atm

 

[masagrator]

How? I thought it was possible only on 1.0.0 atm

Nereba is working only on 1.0.0. This has nothing to do with PegaSwitch which works currently on 1.0.0-4.1.0 (yes, hbmenu is already working on 4.x, but it's in closed beta).

 

[ZachyCatGames]

How? I thought it was possible only on 1.0.0 atm

https://github.com/pixel-stuck/nereba/ for 1.0.0 and https://github.com/liuervehc/caffeine for 3.0.0 (dunno if it works on 3.x)

Nereba is working only on 1.0.0. This has nothing to do with PegaSwitch which works currently on 1.0.0-4.1.0 (yes, hbmenu is already working on 4.x, but it's in closed beta).

There's a public pegaswitch branch with 4.x support https://github.com/noahc3/pegaswitch