Homebrew RELEASE Noexs Remote Debugger

nmkd

Well-Known Member
Member
Joined
Oct 25, 2016
Messages
554
Trophies
0
Age
23
XP
743
Country
Germany
Seeing as a few other programs have been released, I figured there would now be no harm in releasing Noexs. It's a program I've teased a bit on reddit and on the RS discord. Enjoy!

https://github.com/mdbell/Noexes

You need Java 10 installed.

Oh and don't forget to enable debug mode in your hekate_ipl file. here's a snippet of mine:
Code:
[Noexes]
debugmode=1
kip1=modules/kips/loader.kip
kip1=modules/kips/sm.kip
kip1=modules/kips/noexs.kip1
kip1=modules/kips/nx-dreport.kip

Shoutout to roblabla for helping us figure out a bunch of stuff!

Ever heard of something called a "readme.md"?

How do I install it? There are some exe files but what is there to be done on the Switch?
 

matt123337

Well-Known Member
OP
Member
Joined
Mar 25, 2014
Messages
151
Trophies
0
XP
603
Country
Canada
d055db169b.gif

I had a few people ask me for automatically parsing pointers, in this case I show getting my money in XC2 v1.5.0 (I have 2928G, or B70 in hex). The UI stuff is currently WIP, I plan on integrating it into the pointer search tab.
 

matt123337

Well-Known Member
OP
Member
Joined
Mar 25, 2014
Messages
151
Trophies
0
XP
603
Country
Canada
need remove aslr or pointer is very hard to sarching and use.
You can disable ASLR with a patch to Loader iirc, just it wouldn't help as much as you'd think (games can dynamically allocate memory, so you still wouldn't have static addresses... Plus disabling ASLR is outside the scope of Noexs). As to pointer searching... I have a few ideas to make it better, and I'm working on implementing them just I've been super busy the past couple months IRL and haven't had time to activly work on Noexs.
 
Last edited by matt123337, , Reason: loader, not PM
  • Like
Reactions: ioritree

supermariorick

Well-Known Member
Member
Joined
Jun 18, 2010
Messages
640
Trophies
0
XP
791
Country
United States
need remove aslr or pointer is very hard to sarching and use.
You can disable ASLR with a patch to Loader iirc, just it wouldn't help as much as you'd think (games can dynamically allocate memory, so you still wouldn't have static addresses... Plus disabling ASLR is outside the scope of Noexs). As to pointer searching... I have a few ideas to make it better, and I'm working on implementing them just I've been super busy the past couple months IRL and haven't had time to activly work on Noexs.
You made me look up what that is instead of elaborating abbreviations.
https://www.mpgh.net/forum/showthread.php?t=1161252
>Address Space Layout Randomization
well shit
 

talixme

Active Member
Newcomer
Joined
Apr 12, 2009
Messages
37
Trophies
0
XP
1,228
Country
United States
d055db169b.gif

I had a few people ask me for automatically parsing pointers, in this case I show getting my money in XC2 v1.5.0 (I have 2928G, or B70 in hex). The UI stuff is currently WIP, I plan on integrating it into the pointer search tab.

Finally got some time and test the pointer search option, WORKS really good and now with Sx OS 2.1 is the best combination.
Will you please update it with the pointer tester?, it takes forever test each pointer on SX, and if you can add multiple search on pointers will be great, after 3 search all the results should works.
Thanks a lot for your work.
 
Last edited by talixme,

talixme

Active Member
Newcomer
Joined
Apr 12, 2009
Messages
37
Trophies
0
XP
1,228
Country
United States
Find Pointers Nintendo Switch


First thanks to @matt123337, for the support, the app,and this amazing work.


Need:
-Hekate Working
-JNoexs (https://github.com/mdbell/Noexes/releases )


Config:

First we need make a new profile config in our “hekate_ipl.ini” has to look like this:

Code:
[config]
autoboot=0
bootwait=5
customlogo=1
verification=2

{-- NSwitchDebugger --}
 [Noexs]
kip1=modules/nsdebugger/loader.kip
kip1=modules/newfirm/sm.kip
kip1=noexs.kip1
fullsvcperm=1
kip1patch=nosigchk
atmosphere=1
debugmode=1
fullsvcperm=1

The file “noexs.kip1” has to be on your SD root

We run the new profile with hekate and we are ready to go.


Search:

-Run the game that you want , i gonna do this tutorial with “Super Mario Odyseey”
-And run “JNoexs” on the PC

vi-zflEQ3.jpg


-Set Our Ip Address and click Connect
-Once we are connect clic Refresh Pids
-Select the last one, and click Attach to Process

vi-5fP4nF.jpg


-Now we click on search , and search for the HP, in this case 3

vi-NlCt7.jpg


-After some search pick the codes and test it on Watch List

vi-rIDFoq.jpg


-Once you have the real one Erase the others.
-In my case the Real one was “1D47D2A534”


Search the pointer:


Now we are gonna search for pointer for this code.

*First we have to understant how this Works. This option its going to search in “Main” memory a jump to heap memory and calculate the difference to our code.

-So the first thing that he have to to is dump all the main memory like this.

-Rigth click on the first block of main

vi-LQvaj.jpg


-And select Search (Start),
-Repeat and select “pointer Search Main” then,
-Rigth click again on the last block of Main, and select Search End

vi-dCEx8C.jpg


-Now go to Search Tab, and have to looks like this

vi-NnDykx.jpg


-Press restart Search, and search. The number on value doesnt care .
-With this we have make a complete dump of Main memory.
-Now go to “Pointer search”.
-This is a little explanation of each thing.

Code:
“Dump file” The last dump we made ( Main Memory)

“Index File” On same directory

“Address” The code that we found for our HP

“Max Offset” The valueo the diff to calculate after the jump

“Main” The address where Main memory start “ we selected on Tools Tab”

It should looks like this:

vi-rKmVb9.jpg


-Then click Search

vi-HpREl.jpg


The problem with the pointers is that some of them Works and others not,so you have to test one by one. In this case the last code is working for me.


Code:
[main+264af58] + 642d3c


Convert to SX format:

Now that we have a pointer we have to convert it to SX format, the good thing is the we have a app that do it for us. THANKS to @DaBlackDeath for the tool.

-Download it from (https://gbatemp.net/attachments/sxos_codebuilder-zip.146262/ )
-Is really easy to use and still on preogress, Works really good.
-With our code have to look like this,

vi-hvOXyW.jpg


Copy the code to our txt and thats all!!!


I made the tutorial on 30 minutes and my english its not really good, hope everyone understand the basic , and we can enjoy a good community of codes for Nintendo Swith.


Thanks.
 
Last edited by talixme,

fadx

Filthy Cheater
Member
Joined
Sep 15, 2016
Messages
428
Trophies
0
XP
1,786
Country
United Kingdom
EDIT: It was a network issue caused by the DNS I was using.

So I'm able to connect to the switch console but whenever I click "refresh pids" it just errors:
Exception in thread "JavaFX Application Thread" java.lang.RuntimeException: java.lang.reflect.InvocationTargetException
at javafx.fxml/javafx.fxml.FXMLLoader$MethodHandler.invoke(Unknown Source)
at javafx.fxml/javafx.fxml.FXMLLoader$ControllerMethodEventHandler.handle(Unknown Source)
at javafx.base/com.sun.javafx.event.CompositeEventHandler.dispatchBubblingEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.CompositeEventDispatcher.dispatchBubblingEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.EventUtil.fireEventImpl(Unknown Source)
at javafx.base/com.sun.javafx.event.EventUtil.fireEvent(Unknown Source)
at javafx.base/javafx.event.Event.fireEvent(Unknown Source)
at javafx.graphics/javafx.scene.Node.fireEvent(Unknown Source)
at javafx.controls/javafx.scene.control.Button.fire(Unknown Source)
at javafx.controls/com.sun.javafx.scene.control.behavior.ButtonBehavior.mouseReleased(Unknown Source)
at javafx.controls/com.sun.javafx.scene.control.inputmap.InputMap.handle(Unknown Source)
at javafx.base/com.sun.javafx.event.CompositeEventHandler$NormalEventHandlerRecord.handleBubblingEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.CompositeEventHandler.dispatchBubblingEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.CompositeEventDispatcher.dispatchBubblingEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
at javafx.base/com.sun.javafx.event.EventUtil.fireEventImpl(Unknown Source)
at javafx.base/com.sun.javafx.event.EventUtil.fireEvent(Unknown Source)
at javafx.base/javafx.event.Event.fireEvent(Unknown Source)
at javafx.graphics/javafx.scene.Scene$MouseHandler.process(Unknown Source)
at javafx.graphics/javafx.scene.Scene$MouseHandler.access$1300(Unknown Source)
at javafx.graphics/javafx.scene.Scene.processMouseEvent(Unknown Source)
at javafx.graphics/javafx.scene.Scene$ScenePeerListener.mouseEvent(Unknown Source)
at javafx.graphics/com.sun.javafx.tk.quantum.GlassViewEventHandler$MouseEventNotification.run(Unknown Source)
at javafx.graphics/com.sun.javafx.tk.quantum.GlassViewEventHandler$MouseEventNotification.run(Unknown Source)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at javafx.graphics/com.sun.javafx.tk.quantum.GlassViewEventHandler.lambda$handleMouseEvent$2(Unknown Source)
at javafx.graphics/com.sun.javafx.tk.quantum.QuantumToolkit.runWithoutRenderLock(Unknown Source)
at javafx.graphics/com.sun.javafx.tk.quantum.GlassViewEventHandler.handleMouseEvent(Unknown Source)
at javafx.graphics/com.sun.glass.ui.View.handleMouseEvent(Unknown Source)
at javafx.graphics/com.sun.glass.ui.View.notifyMouse(Unknown Source)
at javafx.graphics/com.sun.glass.ui.win.WinApplication._runLoop(Native Method)
at javafx.graphics/com.sun.glass.ui.win.WinApplication.lambda$runLoop$3(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)
Caused by: java.lang.reflect.InvocationTargetException
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at com.sun.javafx.reflect.Trampoline.invoke(Unknown Source)
at jdk.internal.reflect.GeneratedMethodAccessor2.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at javafx.base/com.sun.javafx.reflect.MethodUtil.invoke(Unknown Source)
at javafx.fxml/com.sun.javafx.fxml.MethodHelper.invoke(Unknown Source)
... 56 more
Caused by: me.mdbell.noexs.core.ConnectionException: Unable to fully read data. Expected 2 bytes, but we only read:0
at me.mdbell.noexs.core.IConnection.readShort(IConnection.java:49)
at me.mdbell.noexs.core.IConnection.readUShort(IConnection.java:42)
at me.mdbell.noexs.core.IConnection.readInt(IConnection.java:38)
at me.mdbell.noexs.core.Debugger.getPids(Debugger.java:425)
at me.mdbell.noexs.ui.controllers.ToolsController.setPidsList(ToolsController.java:105)
... 66 more

Any ideas? Using the latest Java 10.
 
Last edited by fadx,

mflvs

Member
Newcomer
Joined
May 7, 2017
Messages
13
Trophies
0
Age
27
XP
61
Country
Hi,
I think the tool seems awesome from what i have read but i have an issue getting it to work for me. Was wondering what im doing wrong.
i have copied noexs.kip1 to the sd card root.
changed my hekate_ipl.ini to include the following:
using hekate_ctcaer_4.2
Code:
{-- NSwitchDebugger --}
[Noexs]
debugmode=1
kip1=modules/kips/loader.kip
kip1=modules/kips/sm.kip
kip1=modules/kips/noexs.kip1
kip1=modules/kips/nx-dreport.kip
fullsvcperm=1
kip1patch=nosigchk
atmosphere=1
fullsvcperm=1

Though when i go to launch noexs from hekate i get the following error: Failed to launch firmware.

Thanks in advance
 
Last edited by mflvs,

matt123337

Well-Known Member
OP
Member
Joined
Mar 25, 2014
Messages
151
Trophies
0
XP
603
Country
Canada
Hi,
I think the tool seems awesome from what i have read but i have an issue getting it to work for me. Was wondering what im doing wrong.
i have copied noexs.kip1 to the sd card root.
changed my hekate_ipl.ini to include the following:
using hekate_ctcaer_4.2
Code:
{-- NSwitchDebugger --}
[Noexs]
debugmode=1
kip1=modules/kips/loader.kip
kip1=modules/kips/sm.kip
kip1=modules/kips/noexs.kip1
kip1=modules/kips/nx-dreport.kip
fullsvcperm=1
kip1patch=nosigchk
atmosphere=1
fullsvcperm=1

Though when i go to launch noexs from hekate i get the following error: Failed to launch firmware.

Thanks in advance
Try to follow the readme on GitHub. Your IPL file is wrong (you copy/pasted mine, just you have the wrong file paths for the kips)
More edit: Oh and I just posted a new pre-release on GitHub, feel free to check it out!
 
Last edited by matt123337,

mflvs

Member
Newcomer
Joined
May 7, 2017
Messages
13
Trophies
0
Age
27
XP
61
Country
Try to follow the readme on GitHub. Your IPL file is wrong (you copy/pasted mine, just you have the wrong file paths for the kips)
More edit: Oh and I just posted a new pre-release on GitHub, feel free to check it out!
Thanks that got it working. will check it out
 

Omno

Well-Known Member
Newcomer
Joined
Mar 2, 2016
Messages
78
Trophies
0
Age
35
XP
360
Country
Any idea why noexs doesn't work on Starlink? It gives an error when trying to resume after a pause, and when disconnecting/reconnecting and carrying on with a search. Thought it might be some sort of built-in protection.
 

mflvs

Member
Newcomer
Joined
May 7, 2017
Messages
13
Trophies
0
Age
27
XP
61
Country
Just a quick suggestion, is there anyway to add the ability to export a list of addresses to the clipboard. e.g. when you have searched for pointers

Thanks again
 
  • Like
Reactions: talixme

matt123337

Well-Known Member
OP
Member
Joined
Mar 25, 2014
Messages
151
Trophies
0
XP
603
Country
Canada
Any idea why noexs doesn't work on Starlink? It gives an error when trying to resume after a pause, and when disconnecting/reconnecting and carrying on with a search. Thought it might be some sort of built-in protection.
What is the error? In the past people who have had the same issue they've forgotten to enable debug mode :P

Just a quick suggestion, is there anyway to add the ability to export a list of addresses to the clipboard. e.g. when you have searched for pointers

Thanks again
Good idea! I'm actually planning on overhauling how I handle pointer search stuff, and when I do I'll try to add that
 

Omno

Well-Known Member
Newcomer
Joined
Mar 2, 2016
Messages
78
Trophies
0
Age
35
XP
360
Country
What is the error? In the past people who have had the same issue they've forgotten to enable debug mode :P

I'll check again shortly. It works for other games, so it's certainly not that. Gives some sort of mod=1 error I think. I'll get back to you with a direct error code.
 

JonJaded

Well-Known Member
Member
Joined
May 22, 2016
Messages
504
Trophies
0
XP
1,548
Country
United States
Thanks for the pointer search tutorial Tali.

I don't have SXOS to test pointers/converted codes, but I'll see if I can help.
 

matt123337

Well-Known Member
OP
Member
Joined
Mar 25, 2014
Messages
151
Trophies
0
XP
603
Country
Canada
I'll check again shortly. It works for other games, so it's certainly not that. Gives some sort of mod=1 error I think. I'll get back to you with a direct error code.
Yeah I need to know the exact message to be able to look into it, but that is kindof odd.
 

DaBlackDeath

.::[ lone wolf ]::.
Member
Joined
Dec 22, 2007
Messages
925
Trophies
1
XP
4,308
Country
Germany
Hey @matt123337
Is USB Connection still a placeholder or do I need another USB Driver ? Zadig 2.4 gives me 4 drivers to install, but what driver and what device to install for (controller or switch).
 

mflvs

Member
Newcomer
Joined
May 7, 2017
Messages
13
Trophies
0
Age
27
XP
61
Country
Im loving it so far. just wondering is there anyway to use this with .xci or should i contiune to use my carts.
Loving the tool super heapfull hehe
 
General chit-chat
Help Users
    Psionic Roshambo @ Psionic Roshambo: https://www.youtube.com/watch?v=EOXc7pGk5WM