Hacking Need help starting EmuMMC

PikachuPro

Active Member
OP
Newcomer
Joined
Apr 3, 2018
Messages
44
Trophies
0
Age
30
XP
278
Country
United States
I haven't modified my switch since last year and now I want to start using emuMMC but I need some clarification after going over some tutorials.

1. I have a backup of my clean sysnand, but I have no idea how to restore it, anyone know?
I've updated the FW with choidujour since my backup, what precautions do I need to take to make sure I don't burn any fuses?
I've seen tons of tutorials for making a new backup, but i want to restore the one I made.

2. I understand that emuMMC copies the current FW of the sysnand, but how do you have an emummc that's a higher firmware than the sysnand? is it as simple as using choidujour while running emummc on CFW?

Thank you all for helping me catch up!
 

LeMageFro

Well-Known Member
Member
Joined
Mar 29, 2018
Messages
213
Trophies
0
XP
1,275
Country
France
1) To restore your Nand you need to use hekate, it has the option to restore a Nand backup.
Since you made your clean backup before doing anything with ChoiDuJourNX you don't have to worry about burning fuses if you restore it, your clean backup has the FW version that corresponds to the number of fuses burnt on your console. If you wan't to be extra sure you can check how many fuse you've burnt via the infos with hekate, and compare it to the number of fuses needed by the FW of your clean backup indicated at the end of this page : https://switchbrew.org/w/index.php?title=Fuses
The only tricky thing is if you want to update your sysNAND without burning fuses after that. To do so you either have to launch your sysnand under CFW and use choidujourNX or to follow the tedious process of ChoiDuJour for PC (I'm not even sure you can update to the latest FW this way). Personally I only boot sysNAND in CFW to update with ChoiduJourNX (obviously while offline) and as soon as the process is done i reboot in stock and i have not been banned, but I have a european account and have disabled telemetry (thank's GDPR !) so I don't know if it's risky with a US account. If you don't need your clean sysNAND to play online or play recent games I'd say avoid updating it altogether, otherwise try to ask people with a US account.

2) First you should create your emuMMC before restoring your clean Nand, this way it will have the same FW and same games installed as your current unclean Nand. After that yeah all you have to do to update emuMMC is to use choidujourNX while running emuMMC.

A great tip to always instantly know if you're under emuMMC or not is to set different themes for your sysNAND and for your emuMMC.
 
Last edited by LeMageFro,
  • Like
Reactions: PikachuPro

The Real Jdbye

*is birb*
Member
Joined
Mar 17, 2010
Messages
22,047
Trophies
3
Location
Space
XP
11,321
Country
Norway
I haven't modified my switch since last year and now I want to start using emuMMC but I need some clarification after going over some tutorials.

1. I have a backup of my clean sysnand, but I have no idea how to restore it, anyone know?
I've updated the FW with choidujour since my backup, what precautions do I need to take to make sure I don't burn any fuses?
I've seen tons of tutorials for making a new backup, but i want to restore the one I made.

2. I understand that emuMMC copies the current FW of the sysnand, but how do you have an emummc that's a higher firmware than the sysnand? is it as simple as using choidujour while running emummc on CFW?

Thank you all for helping me catch up!
ChoiDujourNX, not ChoiDujour, they are different ;)
I also suggest patching your emuNAND with Incognito ( https://gbatemp.net/threads/incognito_rcm-wipe-personal-information-to-reduce-risk-of-ban.549462/ ) as it will protect you from connecting to Nintendo servers accidentally and getting banned (90DNS does this too but relies on you remembering to set the DNS any time you connect to a wifi, forgetting to just once could be enough to get flagged for a ban, which is a scary thought)
But currently that doesn't work on 9.1.0. If your FW is lower you can use it, if you are on 9.1.0 you will have to wait and make do with 90DNS and/or airplane mode for now. I suggest deleting all wifi connections and enabling airplane mode on sysNAND before creating an emuNAND so your emuNAND will copy those settings, so it won't try to connect immediately when you first start it.
 
  • Like
Reactions: PikachuPro

LeMageFro

Well-Known Member
Member
Joined
Mar 29, 2018
Messages
213
Trophies
0
XP
1,275
Country
France
ChoiDujourNX, not ChoiDujour, they are different ;)
I also suggest patching your emuNAND with Incognito ( https://gbatemp.net/threads/incognito_rcm-wipe-personal-information-to-reduce-risk-of-ban.549462/ ) as it will protect you from connecting to Nintendo servers accidentally and getting banned (90DNS does this too but relies on you remembering to set the DNS any time you connect to a wifi, forgetting to just once could be enough to get flagged for a ban, which is a scary thought)
But currently that doesn't work on 9.1.0. If your FW is lower you can use it, if you are on 9.1.0 you will have to wait and make do with 90DNS and/or airplane mode for now. I suggest deleting all wifi connections and enabling airplane mode on sysNAND before creating an emuNAND so your emuNAND will copy those settings, so it won't try to connect immediately when you first start it.
Ho yeah great advice, I completely forgot about incognito ! And you can use incognito with atmosphere on 9.1.0 by using the sysmodule available here : https://gbatemp.net/attachments/ams_mitm-zip.190294/ (I tested it this morning and can confirm that it works).
To enable the sysmodule just follow the instructions of the original post : https://gbatemp.net/threads/a-custo...phere-that-allows-writing-to-prodinfo.541609/
 
Last edited by LeMageFro,

Naxster

Well-Known Member
Member
Joined
Jun 10, 2009
Messages
624
Trophies
0
XP
1,360
Country
Sweden
When creating a backup does it matter if the autoRCM is enabled it not?

Or should we not enable AutoRCM before doing a backup?
 

PikachuPro

Active Member
OP
Newcomer
Joined
Apr 3, 2018
Messages
44
Trophies
0
Age
30
XP
278
Country
United States
Firstly, wow, thanks to everyone for all of the thorough and quick replies. Really goes to show how great the community is here.

I'm happy to report that I was able to restore my year old backup successfully, THE SYSTEM WORKS!
Making a emummc before restoring would've been a great idea, but things were already confusing enough for me so I errored on the side of safety. I also really like the idea of making a emu with a clean sys.... although I now realize that doesn't really matter.

One bug i found in booting an emu for the first time is that when you skip wifi setup the screen hangs at a white screen. (i made an emu of my clean sys that I had initialized, so it took me through the out-of-the-box setup when i started emu). I went through the outofbox setup on my sys then made an emu of that and I'm all good now.

LeMageFro, i've been out of the loop for awhile, but everything I know says that if you boot stock after updating (even through choidujourNX), you will blow fuses. Am I mistaken?
What you're doing sounds really interesting and I hope to learn.

1)
The only tricky thing is if you want to update your sysNAND without burning fuses after that. To do so you either have to launch your sysnand under CFW and use choidujourNX or to follow the tedious process of ChoiDuJour for PC (I'm not even sure you can update to the latest FW this way). Personally I only boot sysNAND in CFW to update with ChoiduJourNX (obviously while offline) and as soon as the process is done i reboot in stock and i have not been banned, but I have a european account and have disabled telemetry (thank's GDPR !) so I don't know if it's risky with a US account. If you don't need your clean sysNAND to play online or play recent games I'd say avoid updating it altogether, otherwise try to ask people with a US account.

2) First you should create your emuMMC before restoring your clean Nand, this way it will have the same FW and same games installed as your current unclean Nand.

haha, thanks for the correction on the NX! you're absolutely right.
Thanks for bringing up incognito and both of you for sharing more detail. It's something I've been interested in but haven't been able to look at much.
Does this allow you to play online without ban? (as long as not cheating)
if not, what do people use online functionality for if not gaming? curious to know.

ChoiDujourNX, not ChoiDujour, they are different ;)
I also suggest patching your emuNAND with Incognito ( https://gbatemp.net/threads/incognito_rcm-wipe-personal-information-to-reduce-risk-of-ban.549462/ ) as it will protect you from connecting to Nintendo servers accidentally and getting banned (90DNS does this too but relies on you remembering to set the DNS any time you connect to a wifi, forgetting to just once could be enough to get flagged for a ban, which is a scary thought)


Lastly, i don't plan on going online with emu, but if emu gets banned, does sys (and any subsequent emus) get banned?


THANKS EVERYONE!!!!!!!
 

The Real Jdbye

*is birb*
Member
Joined
Mar 17, 2010
Messages
22,047
Trophies
3
Location
Space
XP
11,321
Country
Norway
Firstly, wow, thanks to everyone for all of the thorough and quick replies. Really goes to show how great the community is here.

I'm happy to report that I was able to restore my year old backup successfully, THE SYSTEM WORKS!
Making a emummc before restoring would've been a great idea, but things were already confusing enough for me so I errored on the side of safety. I also really like the idea of making a emu with a clean sys.... although I now realize that doesn't really matter.

One bug i found in booting an emu for the first time is that when you skip wifi setup the screen hangs at a white screen. (i made an emu of my clean sys that I had initialized, so it took me through the out-of-the-box setup when i started emu). I went through the outofbox setup on my sys then made an emu of that and I'm all good now.

LeMageFro, i've been out of the loop for awhile, but everything I know says that if you boot stock after updating (even through choidujourNX), you will blow fuses. Am I mistaken?
What you're doing sounds really interesting and I hope to learn.



haha, thanks for the correction on the NX! you're absolutely right.
Thanks for bringing up incognito and both of you for sharing more detail. It's something I've been interested in but haven't been able to look at much.
Does this allow you to play online without ban? (as long as not cheating)
if not, what do people use online functionality for if not gaming? curious to know.




Lastly, i don't plan on going online with emu, but if emu gets banned, does sys (and any subsequent emus) get banned?


THANKS EVERYONE!!!!!!!
If you get banned, you get banned. SysNAND and emuNAND share the same cert and other console unique info. Unless you patch out all of that with Incognito.
Incognito prevents you from connecting to Nintendo servers (well, it's more like Nintendo servers refuse the connection because of bogus console unique info), what people normally use wifi for is pirate eShops (through Tinfoil), installing NSPs over network, downloading/updating homebrew with Homebrew App Store, that sort of thing.
 
Last edited by The Real Jdbye,

LeMageFro

Well-Known Member
Member
Joined
Mar 29, 2018
Messages
213
Trophies
0
XP
1,275
Country
France
LeMageFro, i've been out of the loop for awhile, but everything I know says that if you boot stock after updating (even through choidujourNX), you will blow fuses. Am I mistaken?
What you're doing sounds really interesting and I hope to learn.
When you update with choidujourNX it will automatically enable autoRCM (unless you intentionally uncheck the option). This way, your switch won't be able to boot on its own through nintendo's bootloader, which is the part that does the fuse check and burns them if there are less burnt fuses than required by the firmware. When you turn your switch on instead of booting it will strait up go to RCM mode (so you won't need to use a jig anymore). The only way to boot will thus be to use a custom bootloader, like atmosphere's fusee_primary or hekate. Both of these will bypass the fuse check and prevent more fuses to be burnt. Hekate has the great advantage of allowing you to boot to emuMMC under atmosphere, to sysNAND under atmosphere (which should be done with caution as mentioned above), or to sysNAND under stock firmware. So if you update your sysNAND with choidujourNX and then boot your sysNAND to stock HOS using hekate no fuses will get burnt. Right now my sysNAND is under 9.1.0 and my switch has only 2 fuses burnt.

Things will be even better when the option to boot stock HOS under emuMMC is available (unfortunately it just doesn't work for now), then we will be able to keep a low firmware sysNAND to use exploits such as déjà vu, have a first clean emuMMC that we boot on stock HOS to go online, and a second "dirty" emuMMC that we boot under atmosphere to enjoy homebrews.
 
Last edited by LeMageFro,
  • Like
Reactions: PikachuPro

PikachuPro

Active Member
OP
Newcomer
Joined
Apr 3, 2018
Messages
44
Trophies
0
Age
30
XP
278
Country
United States
Again, thank you all so much for the detailed info, I'm learning a lot.

The last thing I'm looking for clarity on is, is there a way to boot directly into hekate payload without using a payload injector (or hardmod)? or is this the fabled 'warm-boot' exploit?
 

Nezztor

Well-Known Member
Member
Joined
Nov 8, 2016
Messages
488
Trophies
0
XP
1,318
Country
Mexico
Again, thank you all so much for the detailed info, I'm learning a lot.

The last thing I'm looking for clarity on is, is there a way to boot directly into hekate payload without using a payload injector (or hardmod)? or is this the fabled 'warm-boot' exploit?

If your fw was 4.x.x then yes there is a way to get on cfw via software hax , the people that have that option have 3 nands (emunand for offline/piracy,emunand for online and sysnand always offline fw 4)
 

PikachuPro

Active Member
OP
Newcomer
Joined
Apr 3, 2018
Messages
44
Trophies
0
Age
30
XP
278
Country
United States
Ho yeah great advice, I completely forgot about incognito ! And you can use incognito with atmosphere on 9.1.0 by using the sysmodule available here : https://gbatemp.net/attachments/ams_mitm-zip.190294/ (I tested it this morning and can confirm that it works).
To enable the sysmodule just follow the instructions of the original post : https://gbatemp.net/threads/a-custo...phere-that-allows-writing-to-prodinfo.541609/

Apologies, but can you clarify incognito for me?
If I understand right it's a payload i have to inject. Is there any reason it wouldn't currently work on my 3.0.0 emummc? Then if i update to 9.0, i'll still have an empty prodinfo?

what would I need the sysmodule for?

EDIT: sorry, I believe I was mistaken, you were sharing a sysmodule (which I don't have experience with), i recently found a payload that works on 9.1 from the RELEASE thread

--------------------- MERGED ---------------------------

If your fw was 4.x.x then yes there is a way to get on cfw via software hax , the people that have that option have 3 nands (emunand for offline/piracy,emunand for online and sysnand always offline fw 4)
That's cool, could you share more? Will it work for 3.x or 2.x? If not i'm still curious :-)
 
Last edited by PikachuPro,

Nezztor

Well-Known Member
Member
Joined
Nov 8, 2016
Messages
488
Trophies
0
XP
1,318
Country
Mexico
Apologies, but can you clarify incognito for me?
If I understand right it's a payload i have to inject. Is there any reason it wouldn't currently work on my 3.0.0 emummc? Then if i update to 9.0, i'll still have an empty prodinfo?

what would I need the sysmodule for?

--------------------- MERGED ---------------------------


That's cool, could you share more? Will it work for 3.x or 2.x? If not i'm still curious :-)

Yeah I think so , I forgot where is the tutorial but is just for firmware =<4.x.x so maybe is worth to get one on that fw if you hate rcmhax but for me is more reliable with rcm hax xD
 
  • Like
Reactions: PikachuPro

LeMageFro

Well-Known Member
Member
Joined
Mar 29, 2018
Messages
213
Trophies
0
XP
1,275
Country
France
If your fw was 4.x.x then yes there is a way to get on cfw via software hax , the people that have that option have 3 nands (emunand for offline/piracy,emunand for online and sysnand always offline fw 4)
Just to make everything extra clear, this would be true except that for now we still don't have the option to have a "clean" emuMMC for online, since emuMMC can't boot stock HOS. So we still have to play online on our clean sysNAND.
Apologies, but can you clarify incognito for me?
If I understand right it's a payload i have to inject. Is there any reason it wouldn't currently work on my 3.0.0 emummc? Then if i update to 9.0, i'll still have an empty prodinfo?

what would I need the sysmodule for?

EDIT: sorry, I believe I was mistaken, you were sharing a sysmodule (which I don't have experience with), i recently found a payload that works on 9.1 from the RELEASE thread

That's cool, could you share more? Will it work for 3.x or 2.x? If not i'm still curious :-)
Yeah it's a bit confusing, what I was referring to is the homebrew incognito, not the payload incognito_RCM. They do the same thing, erase the prodinfo of either your sysNAND or emuNAND (the part that contains the serial number of your switch, used by nintendo's servers to identify it). I didn't know that incognito_RCM had been updated for 9.1 (but since your emuMMC is on 3.0 it doesn't even matter), so yeah you should use it it's more convenient than the homebrew version.

For the sake of understanding, the sysmodule was required to use the homebrew incognito on atmosphere because atmosphere does not allow homebrew to write to prodinfo for security reasons. So to use it we had to enable writing to prodinfo by using the custom sysmodule that I shared (a sysmodule is a bit of code loaded by atmosphere when it starts that can add or modify its functionalities). It's precisely because this whole process was a bit tedious and quite confusing that incognito_RCM was developed.

And yeah the software exploit that allows to start payloads is available for FWs up to 4.1. Everything about it is explained here : https://pegascape.sdsetup.com/
 
Last edited by LeMageFro,

PikachuPro

Active Member
OP
Newcomer
Joined
Apr 3, 2018
Messages
44
Trophies
0
Age
30
XP
278
Country
United States
Again, thanks to everyone for the info, but for some reason my emummc just isn't working right.

I've been following this guide exactly
.

What happens is that everything will freeze while i'm navigating menus while using emummc. Usually i'm trying to set up 90DNS, but it's also happened while navigating the homebrew menu as well. The screen just freezes, there's no 'crash', the screen would be stuck on whatever i was doing and would stay on forever until I force turn it off. seems to happen within about 5 minutes of starting. example below.
nkwWFjLox_YIAMU4KffizDm5RKKfnnAhveme1QtBTexc3wwYGl3cR_W23eHKtK-FGWdq3kVyKpP7xJBcXy2tN-SiGMj9I-S4Nn8G1ZjcPwC48j67BmkITVc4yNp4QC2l4YVXQ6ru9npmBAwn4jrBXqAnBtGHJeO-rAOWu65N0W7qvNSPIfT8AOuFmhT6VFUXnoWtAAy65IxkGN2e1sHmvnQw21HEdaLJNPb9786uEOh4BdwLcbMzXQBq0X4Blfs04pNUkxkuKvk51Rwy7T8qnhD7HGLozHMhO4qZdGqr6zBs52sTDvQB4cOB59ZAdjVHvQx2qij7PHBpbP8C7F42sXob3OSxNXl8O7I7ocLTZCNe4fxF-2HdPRYJoOJ2ud5x0IVc94Is7XXqVSMIY3-x_Doqqj-ye-cSCtGKvRJZKGcisXrude1CUeZqDfjx1_S1_G4-r6IX-SNSnzTHJ15d07wh_mQ0AZQWSVhvN-zWCWSEu6s8ueWkY0Tp9W5PajlRS6LMunS6cR5ssoWCRxHipUUBEvwnywsD36sXji1k9XRV_F__1NrQxnalZMY5ez_QkU3emzmIpTJhRXGyXrDjYJxv1jPBKSy9Of3RzBR7yNUKzzUzZXNkrZUGzxPCfN4JsSteocpft1fJ63A4xXydnrf8XChPSsoKhYsT6DW-TACtJGGttGvsDi8=w834-h625-no

This morning I reformated the sd card and made the emummc again, following the guide. But the freeze happened again within 5 minutes of starting up the emummc again for the first time (so nothing else was set up yet), so I know it's my emummc only.

Everything seems fine when using sysnand.
What's another way to set up emummc? I want to try something else.
Any other advise is greatly appreciated
EDIT: using 200gb sandisk sd, same one i used for running cfw on sysnand before emummc existed, so I'm condfident that's fine
 
Last edited by PikachuPro,

PikachuPro

Active Member
OP
Newcomer
Joined
Apr 3, 2018
Messages
44
Trophies
0
Age
30
XP
278
Country
United States
FIXED! for whatever reason, switching the files provided in the guide with sd files from Kosmos fixed everything. Atmos 9.4 seems to play nice where 10.0 was causing freezing.

Again, thanks to everyone for the info, but for some reason my emummc just isn't working right.

I've been following this guide exactly
.

What happens is that everything will freeze while i'm navigating menus while using emummc. Usually i'm trying to set up 90DNS, but it's also happened while navigating the homebrew menu as well. The screen just freezes, there's no 'crash', the screen would be stuck on whatever i was doing and would stay on forever until I force turn it off. seems to happen within about 5 minutes of starting. example below.
nkwWFjLox_YIAMU4KffizDm5RKKfnnAhveme1QtBTexc3wwYGl3cR_W23eHKtK-FGWdq3kVyKpP7xJBcXy2tN-SiGMj9I-S4Nn8G1ZjcPwC48j67BmkITVc4yNp4QC2l4YVXQ6ru9npmBAwn4jrBXqAnBtGHJeO-rAOWu65N0W7qvNSPIfT8AOuFmhT6VFUXnoWtAAy65IxkGN2e1sHmvnQw21HEdaLJNPb9786uEOh4BdwLcbMzXQBq0X4Blfs04pNUkxkuKvk51Rwy7T8qnhD7HGLozHMhO4qZdGqr6zBs52sTDvQB4cOB59ZAdjVHvQx2qij7PHBpbP8C7F42sXob3OSxNXl8O7I7ocLTZCNe4fxF-2HdPRYJoOJ2ud5x0IVc94Is7XXqVSMIY3-x_Doqqj-ye-cSCtGKvRJZKGcisXrude1CUeZqDfjx1_S1_G4-r6IX-SNSnzTHJ15d07wh_mQ0AZQWSVhvN-zWCWSEu6s8ueWkY0Tp9W5PajlRS6LMunS6cR5ssoWCRxHipUUBEvwnywsD36sXji1k9XRV_F__1NrQxnalZMY5ez_QkU3emzmIpTJhRXGyXrDjYJxv1jPBKSy9Of3RzBR7yNUKzzUzZXNkrZUGzxPCfN4JsSteocpft1fJ63A4xXydnrf8XChPSsoKhYsT6DW-TACtJGGttGvsDi8=w834-h625-no

This morning I reformated the sd card and made the emummc again, following the guide. But the freeze happened again within 5 minutes of starting up the emummc again for the first time (so nothing else was set up yet), so I know it's my emummc only.

Everything seems fine when using sysnand.
What's another way to set up emummc? I want to try something else.
Any other advise is greatly appreciated
EDIT: using 200gb sandisk sd, same one i used for running cfw on sysnand before emummc existed, so I'm condfident that's fine
 
General chit-chat
Help Users
  • No one is chatting at the moment.
    KenniesNewName @ KenniesNewName: Bout to get me a new washer and dryer if my bank approves my loan