1. tjok3000

    tjok3000 Advanced Member
    Newcomer

    Joined:
    Oct 3, 2016
    Messages:
    57
    Country:
    Belgium
    Is for a switch with firmware 1.0.0, the Nereba exploit with help from pc on wifi, and with atmosphere with emu for higher firmware as for now the best option?
    Or i'm curious are there also other developments going on for 1.0.0?
     
  2. snoofly

    snoofly GBAtemp Maniac
    Member

    Joined:
    Aug 18, 2015
    Messages:
    1,006
    Country:
    United Kingdom
    On my 1.0.0 I boot into stock 1.0 OFW then run fake news to access Pegascape DNS in order to run nereba to load SX OS payload (or Atmosphere whatever) into emunand on 8.1.
    It sounds long winded but really only takes a few seconds.
    So as long as the Pegascape DNS is up you've basically got a method to boot to 8.1 emunand direct from OFW.
    I host Pegascape locally as well and use my PC as second DNS entry in case Pega is down but it never has been.
    Outside of a modchip/trinket, I think this is the only way to enable CFW from Stock OFW without need of a PC or other cables/dongles etc.
     
    tjok3000 likes this.
  3. tjok3000

    tjok3000 Advanced Member
    Newcomer

    Joined:
    Oct 3, 2016
    Messages:
    57
    Country:
    Belgium
    That sounds like a very nice solution. So the only thing is a wifi to internet or a pc as a backuphost to Pegascape is needed I understand.

    Do you know if Pegascape is also hostable on for example an android phone?
    For my ps4 i got some sort of a Pegascape, but I can trigger it with an old android phone.
     
  4. snoofly

    snoofly GBAtemp Maniac
    Member

    Joined:
    Aug 18, 2015
    Messages:
    1,006
    Country:
    United Kingdom
    Sorry, I'm not sure, I expect so but I've never tried it.
    I use a ESP8266 for my PS4 and I think you can go that route also with Pegascape so I expect you can also use an Android phone as well
    but https://gbatemp.net/threads/pegaswi...witch-4-1-using-esp8266-chip-possible.542740/ maybe a place to enquire?
    I guess 99.99% of time the Pega DNS is available and you can hotspot to it thru your phone if you have no wifi so it's not something I looked into.
     
    tjok3000 likes this.
  5. tjok3000

    tjok3000 Advanced Member
    Newcomer

    Joined:
    Oct 3, 2016
    Messages:
    57
    Country:
    Belgium
    I don't have that chip, maybe I get one. It looks like a cool thing to try with that ESp8266 chip!
    A hotspot with the phone is also a nice solution if I want to enable when away from home.
     
  6. snoofly

    snoofly GBAtemp Maniac
    Member

    Joined:
    Aug 18, 2015
    Messages:
    1,006
    Country:
    United Kingdom
    Yeah, I tried the hotspot and connected the switch to that and it worked fine, that was my only concern - if I had no wifi.
    And sure, get a couple of ESP8266s - they're handy little things. I have one hanging off my 5.05 ps4 with Leeful exploit flashed to it
    https://gbatemp.net/threads/release...st-and-esp-devices.534441/page-5#post-8743282
     
  7. modern

    modern Newbie
    Newcomer

    Joined:
    Jul 4, 2018
    Messages:
    7
    Country:
    Brazil
    I read thru the thread and am a bit confused.... is this a semi cold boot exploit?

    I have a switch without any burnt fuses so I can go back to 1.0.0 I used puyo to hack my switch so redo that with this exploit. Then I reupgrade with Choidoujour to 8.1.0? Without auto rcm wouldn’t switch burn fuses? Do I use that emu thing to have 1.0.0 stock and Cfw 81.0?

    Edit so I read back 5 posts and seems I need to run pegaswitch each time so seems for now using a pc to drop payload is easier for now
     
    Last edited by modern, Aug 10, 2019
  8. snoofly

    snoofly GBAtemp Maniac
    Member

    Joined:
    Aug 18, 2015
    Messages:
    1,006
    Country:
    United Kingdom
    you do mostly what you said but create an emunand and upgrade that via choi to 8.1.
    You don’t touch your sys firm at all, that stays at 1.0 for the purpose of launching nereba via pegascape
    and you don’t need rcm as you’ll always only boot to 1.0 so you won’t burn anything
    You don’t need pc cables or dongles, just wifi or hotspot

    of course all this assumes you are sure you haven’t burnt any fuses at all else you won’t be able to boot to stock 1.0 so double check that
     
    Last edited by snoofly, Aug 10, 2019
  9. renegade2k82

    renegade2k82 Advanced Member
    Newcomer

    Joined:
    Oct 1, 2016
    Messages:
    71
    Country:
    United States
    When i click the nebra icon from pegascape i always get a error and tells me to shut down.so how do i fix this?i have the pegafolder and the files from the pegascape site.
     
  10. Milenko

    Milenko GBAtemp Addict
    Member

    Joined:
    Oct 16, 2017
    Messages:
    2,459
    Country:
    Australia
    You are on 1.0.0 yeah?
     
  11. renegade2k82

    renegade2k82 Advanced Member
    Newcomer

    Joined:
    Oct 1, 2016
    Messages:
    71
    Country:
    United States
    yes i am on 1.0
     
  12. renegade2k82

    renegade2k82 Advanced Member
    Newcomer

    Joined:
    Oct 1, 2016
    Messages:
    71
    Country:
    United States
    Also i got past the error screen by renaming the latest hekate payload nereba.bin and put it in the nereba folder but i was able to boot to hekate from pegascape once now everytime i try to do that when my switch reboots the screen just flickers black.
     
  13. BaamAlex

    BaamAlex CVE-2018-6242
    Member

    Joined:
    Jul 23, 2018
    Messages:
    3,648
    Country:
    Germany
    Why don't you use fusee gelee? Much more convenient :)
     
  14. snoofly

    snoofly GBAtemp Maniac
    Member

    Joined:
    Aug 18, 2015
    Messages:
    1,006
    Country:
    United Kingdom
    For 1.0 users, nereba provides an untethered payload injection.
    Unless things have changed and I’m out of the loop I thought best you could do for untethered with FG is a trinket, failing that you’re lugging a dongle or cable around for a reboot
     
  15. renegade2k82

    renegade2k82 Advanced Member
    Newcomer

    Joined:
    Oct 1, 2016
    Messages:
    71
    Country:
    United States
    yeah i got it working now i just used a older version of hekate and have 2 separate sd cards 1 fat32 to load into pegascape and inject the payload and the other exfat one to swap out to in hekate to load my emummc with latest firmware.i defiantly rather swap sd cards then have to be tethered or have to use a jig and carry that stuff around.like snoofly said its much more convenient with 1.0 compared to fusee gelee.
     
  16. snoofly

    snoofly GBAtemp Maniac
    Member

    Joined:
    Aug 18, 2015
    Messages:
    1,006
    Country:
    United Kingdom
    Glad you got it working but not sure why you need to swap sd cards.
    I’m running the pega/nereba/emummc setup on my 1.0 switch with just the one fat32 sd card.
    I’d be very wary swapping in and out sd cards, that microsd socket is very flimsy and broke on one of mine.
     
  17. petspeed

    petspeed GBAtemp Advanced Fan
    Member

    Joined:
    Nov 13, 2009
    Messages:
    699
    Country:
    Denmark
    Firmware 1.0.0 doesn't support exfat. If you reformat your exfat SD card to FAT32 I bet it will work fine with just one SD card.
     
    snoofly and StarGazerTom like this.
  18. Dust2dust

    Dust2dust GBAtemp Advanced Maniac
    Member

    Joined:
    Jun 17, 2010
    Messages:
    1,509
    Country:
    Canada
    Too bad support for 2.0-3.0 never materialized. :sad: I would have tried it on my 2.3.
     
  19. gbadl

    gbadl GBAtemp Regular
    Member

    Joined:
    Sep 13, 2009
    Messages:
    168
    Country:
    Hopefully researched can use this to figure out if something can be modified in patches OFW up to current versions.
     
  20. 8BitWonder

    8BitWonder Small Homebrew Dev
    Member

    Joined:
    Jan 23, 2016
    Messages:
    2,328
    Country:
    United States
    You can use caffeine on 2.0.0-4.1.0 to reboot into payloads.
    https://github.com/liuervehc/caffeine
     
    hippy dave likes this.
Draft saved Draft deleted
Loading...

Hide similar threads Similar threads with keywords - firmware, Exploit, payload