1. nmkd

    nmkd GBAtemp Advanced Fan
    Member

    Joined:
    Oct 25, 2016
    Messages:
    554
    Country:
    Germany
    Ever heard of something called a "readme.md"?

    How do I install it? There are some exe files but what is there to be done on the Switch?
     
  2. matt123337

    OP matt123337 GBAtemp Regular
    Member

    Joined:
    Mar 25, 2014
    Messages:
    150
    Country:
    Canada
    [​IMG]
    I had a few people ask me for automatically parsing pointers, in this case I show getting my money in XC2 v1.5.0 (I have 2928G, or B70 in hex). The UI stuff is currently WIP, I plan on integrating it into the pointer search tab.
     
    dually8, DaBlackDeath and Supreme23 like this.
  3. ioritree

    ioritree Member
    Newcomer

    Joined:
    Jan 4, 2015
    Messages:
    26
    Country:
    Taiwan
    need remove aslr or pointer is very hard to sarching and use.
     
  4. matt123337

    OP matt123337 GBAtemp Regular
    Member

    Joined:
    Mar 25, 2014
    Messages:
    150
    Country:
    Canada
    You can disable ASLR with a patch to Loader iirc, just it wouldn't help as much as you'd think (games can dynamically allocate memory, so you still wouldn't have static addresses... Plus disabling ASLR is outside the scope of Noexs). As to pointer searching... I have a few ideas to make it better, and I'm working on implementing them just I've been super busy the past couple months IRL and haven't had time to activly work on Noexs.
     
    Last edited by matt123337, Sep 27, 2018 - Reason: loader, not PM
    ioritree likes this.
  5. supermariorick

    supermariorick GBAtemp Advanced Fan
    Member

    Joined:
    Jun 18, 2010
    Messages:
    640
    Country:
    United States
    You made me look up what that is instead of elaborating abbreviations.
    https://www.mpgh.net/forum/showthread.php?t=1161252
    >Address Space Layout Randomization
    well shit
     
  6. talixme

    talixme Member
    Newcomer

    Joined:
    Apr 12, 2009
    Messages:
    37
    Country:
    United States
    Finally got some time and test the pointer search option, WORKS really good and now with Sx OS 2.1 is the best combination.
    Will you please update it with the pointer tester?, it takes forever test each pointer on SX, and if you can add multiple search on pointers will be great, after 3 search all the results should works.
    Thanks a lot for your work.
     
    Last edited by talixme, Oct 12, 2018
  7. talixme

    talixme Member
    Newcomer

    Joined:
    Apr 12, 2009
    Messages:
    37
    Country:
    United States
    Find Pointers Nintendo Switch


    First thanks to @matt123337, for the support, the app,and this amazing work.


    Need:
    -Hekate Working
    -JNoexs (https://github.com/mdbell/Noexes/releases )


    Config:

    First we need make a new profile config in our “hekate_ipl.ini” has to look like this:

    Code:
    [config]
    autoboot=0
    bootwait=5
    customlogo=1
    verification=2
    
    {-- NSwitchDebugger --}
     [Noexs]
    kip1=modules/nsdebugger/loader.kip
    kip1=modules/newfirm/sm.kip
    kip1=noexs.kip1
    fullsvcperm=1
    kip1patch=nosigchk
    atmosphere=1
    debugmode=1
    fullsvcperm=1
    The file “noexs.kip1” has to be on your SD root

    We run the new profile with hekate and we are ready to go.


    Search:

    -Run the game that you want , i gonna do this tutorial with “Super Mario Odyseey”
    -And run “JNoexs” on the PC

    [​IMG]

    -Set Our Ip Address and click Connect
    -Once we are connect clic Refresh Pids
    -Select the last one, and click Attach to Process

    [​IMG]

    -Now we click on search , and search for the HP, in this case 3

    [​IMG]

    -After some search pick the codes and test it on Watch List

    [​IMG]

    -Once you have the real one Erase the others.
    -In my case the Real one was “1D47D2A534”


    Search the pointer:


    Now we are gonna search for pointer for this code.

    *First we have to understant how this Works. This option its going to search in “Main” memory a jump to heap memory and calculate the difference to our code.

    -So the first thing that he have to to is dump all the main memory like this.

    -Rigth click on the first block of main

    [​IMG]

    -And select Search (Start),
    -Repeat and select “pointer Search Main” then,
    -Rigth click again on the last block of Main, and select Search End

    [​IMG]

    -Now go to Search Tab, and have to looks like this

    [​IMG]

    -Press restart Search, and search. The number on value doesnt care .
    -With this we have make a complete dump of Main memory.
    -Now go to “Pointer search”.
    -This is a little explanation of each thing.

    Code:
    “Dump file” The last dump we made ( Main Memory)
    
    “Index File” On same directory
    
    “Address” The code that we found for our HP
    
    “Max Offset” The valueo the diff to calculate after the jump
    
    “Main” The address where Main memory start “ we selected on Tools Tab”
    It should looks like this:

    [​IMG]

    -Then click Search

    [​IMG]

    The problem with the pointers is that some of them Works and others not,so you have to test one by one. In this case the last code is working for me.


    Code:
    [main+264af58] + 642d3c

    Convert to SX format:

    Now that we have a pointer we have to convert it to SX format, the good thing is the we have a app that do it for us. THANKS to @DaBlackDeath for the tool.

    -Download it from (https://gbatemp.net/attachments/sxos_codebuilder-zip.146262/ )
    -Is really easy to use and still on preogress, Works really good.
    -With our code have to look like this,

    [​IMG]

    Copy the code to our txt and thats all!!!


    I made the tutorial on 30 minutes and my english its not really good, hope everyone understand the basic , and we can enjoy a good community of codes for Nintendo Swith.


    Thanks.
     
    Last edited by talixme, Oct 13, 2018
    ali.ee, falcorr, abadidea and 8 others like this.
  8. fadx

    fadx Filthy Cheater
    Member

    Joined:
    Sep 15, 2016
    Messages:
    408
    Country:
    United Kingdom
    EDIT: It was a network issue caused by the DNS I was using.

    So I'm able to connect to the switch console but whenever I click "refresh pids" it just errors:
    Exception in thread "JavaFX Application Thread" java.lang.RuntimeException: java.lang.reflect.InvocationTargetException
    at javafx.fxml/javafx.fxml.FXMLLoader$MethodHandler.invoke(Unknown Source)
    at javafx.fxml/javafx.fxml.FXMLLoader$ControllerMethodEventHandler.handle(Unknown Source)
    at javafx.base/com.sun.javafx.event.CompositeEventHandler.dispatchBubblingEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.CompositeEventDispatcher.dispatchBubblingEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventUtil.fireEventImpl(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventUtil.fireEvent(Unknown Source)
    at javafx.base/javafx.event.Event.fireEvent(Unknown Source)
    at javafx.graphics/javafx.scene.Node.fireEvent(Unknown Source)
    at javafx.controls/javafx.scene.control.Button.fire(Unknown Source)
    at javafx.controls/com.sun.javafx.scene.control.behavior.ButtonBehavior.mouseReleased(Unknown Source)
    at javafx.controls/com.sun.javafx.scene.control.inputmap.InputMap.handle(Unknown Source)
    at javafx.base/com.sun.javafx.event.CompositeEventHandler$NormalEventHandlerRecord.handleBubblingEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.CompositeEventHandler.dispatchBubblingEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.CompositeEventDispatcher.dispatchBubblingEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventUtil.fireEventImpl(Unknown Source)
    at javafx.base/com.sun.javafx.event.EventUtil.fireEvent(Unknown Source)
    at javafx.base/javafx.event.Event.fireEvent(Unknown Source)
    at javafx.graphics/javafx.scene.Scene$MouseHandler.process(Unknown Source)
    at javafx.graphics/javafx.scene.Scene$MouseHandler.access$1300(Unknown Source)
    at javafx.graphics/javafx.scene.Scene.processMouseEvent(Unknown Source)
    at javafx.graphics/javafx.scene.Scene$ScenePeerListener.mouseEvent(Unknown Source)
    at javafx.graphics/com.sun.javafx.tk.quantum.GlassViewEventHandler$MouseEventNotification.run(Unknown Source)
    at javafx.graphics/com.sun.javafx.tk.quantum.GlassViewEventHandler$MouseEventNotification.run(Unknown Source)
    at java.base/java.security.AccessController.doPrivileged(Native Method)
    at javafx.graphics/com.sun.javafx.tk.quantum.GlassViewEventHandler.lambda$handleMouseEvent$2(Unknown Source)
    at javafx.graphics/com.sun.javafx.tk.quantum.QuantumToolkit.runWithoutRenderLock(Unknown Source)
    at javafx.graphics/com.sun.javafx.tk.quantum.GlassViewEventHandler.handleMouseEvent(Unknown Source)
    at javafx.graphics/com.sun.glass.ui.View.handleMouseEvent(Unknown Source)
    at javafx.graphics/com.sun.glass.ui.View.notifyMouse(Unknown Source)
    at javafx.graphics/com.sun.glass.ui.win.WinApplication._runLoop(Native Method)
    at javafx.graphics/com.sun.glass.ui.win.WinApplication.lambda$runLoop$3(Unknown Source)
    at java.base/java.lang.Thread.run(Unknown Source)
    Caused by: java.lang.reflect.InvocationTargetException
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.base/java.lang.reflect.Method.invoke(Unknown Source)
    at com.sun.javafx.reflect.Trampoline.invoke(Unknown Source)
    at jdk.internal.reflect.GeneratedMethodAccessor2.invoke(Unknown Source)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.base/java.lang.reflect.Method.invoke(Unknown Source)
    at javafx.base/com.sun.javafx.reflect.MethodUtil.invoke(Unknown Source)
    at javafx.fxml/com.sun.javafx.fxml.MethodHelper.invoke(Unknown Source)
    ... 56 more
    Caused by: me.mdbell.noexs.core.ConnectionException: Unable to fully read data. Expected 2 bytes, but we only read:0
    at me.mdbell.noexs.core.IConnection.readShort(IConnection.java:49)
    at me.mdbell.noexs.core.IConnection.readUShort(IConnection.java:42)
    at me.mdbell.noexs.core.IConnection.readInt(IConnection.java:38)
    at me.mdbell.noexs.core.Debugger.getPids(Debugger.java:425)
    at me.mdbell.noexs.ui.controllers.ToolsController.setPidsList(ToolsController.java:105)
    ... 66 more

    Any ideas? Using the latest Java 10.
     
    Last edited by fadx, Oct 13, 2018
  9. mflvs

    mflvs Member
    Newcomer

    Joined:
    May 7, 2017
    Messages:
    13
    Country:
    Hi,
    I think the tool seems awesome from what i have read but i have an issue getting it to work for me. Was wondering what im doing wrong.
    i have copied noexs.kip1 to the sd card root.
    changed my hekate_ipl.ini to include the following:
    using hekate_ctcaer_4.2
    Code:
    {-- NSwitchDebugger --}
    [Noexs]
    debugmode=1
    kip1=modules/kips/loader.kip
    kip1=modules/kips/sm.kip
    kip1=modules/kips/noexs.kip1
    kip1=modules/kips/nx-dreport.kip
    fullsvcperm=1
    kip1patch=nosigchk
    atmosphere=1
    fullsvcperm=1
    Though when i go to launch noexs from hekate i get the following error: Failed to launch firmware.

    Thanks in advance
     
    Last edited by mflvs, Oct 13, 2018
  10. matt123337

    OP matt123337 GBAtemp Regular
    Member

    Joined:
    Mar 25, 2014
    Messages:
    150
    Country:
    Canada
    Try to follow the readme on GitHub. Your IPL file is wrong (you copy/pasted mine, just you have the wrong file paths for the kips)
    More edit: Oh and I just posted a new pre-release on GitHub, feel free to check it out!
     
    Last edited by matt123337, Oct 14, 2018
  11. mflvs

    mflvs Member
    Newcomer

    Joined:
    May 7, 2017
    Messages:
    13
    Country:
    Thanks that got it working. will check it out
     
  12. Omno

    Omno Advanced Member
    Newcomer

    Joined:
    Mar 2, 2016
    Messages:
    78
    Country:
    Any idea why noexs doesn't work on Starlink? It gives an error when trying to resume after a pause, and when disconnecting/reconnecting and carrying on with a search. Thought it might be some sort of built-in protection.
     
  13. mflvs

    mflvs Member
    Newcomer

    Joined:
    May 7, 2017
    Messages:
    13
    Country:
    Just a quick suggestion, is there anyway to add the ability to export a list of addresses to the clipboard. e.g. when you have searched for pointers

    Thanks again
     
    talixme likes this.
  14. matt123337

    OP matt123337 GBAtemp Regular
    Member

    Joined:
    Mar 25, 2014
    Messages:
    150
    Country:
    Canada
    What is the error? In the past people who have had the same issue they've forgotten to enable debug mode :P

    Good idea! I'm actually planning on overhauling how I handle pointer search stuff, and when I do I'll try to add that
     
    DaBlackDeath and talixme like this.
  15. Omno

    Omno Advanced Member
    Newcomer

    Joined:
    Mar 2, 2016
    Messages:
    78
    Country:
    I'll check again shortly. It works for other games, so it's certainly not that. Gives some sort of mod=1 error I think. I'll get back to you with a direct error code.
     
  16. JonJaded

    JonJaded GBAtemp Fan
    Member

    Joined:
    May 22, 2016
    Messages:
    474
    Country:
    United States
    Thanks for the pointer search tutorial Tali.

    I don't have SXOS to test pointers/converted codes, but I'll see if I can help.
     
  17. matt123337

    OP matt123337 GBAtemp Regular
    Member

    Joined:
    Mar 25, 2014
    Messages:
    150
    Country:
    Canada
    Yeah I need to know the exact message to be able to look into it, but that is kindof odd.
     
  18. Omno

    Omno Advanced Member
    Newcomer

    Joined:
    Mar 2, 2016
    Messages:
    78
    Country:
    Latest version now, different error. Resume Failed. Reason : Module - 1, Desc - 33
     
  19. DaBlackDeath

    DaBlackDeath .::[ lone wolf ]::.
    Member

    Joined:
    Dec 22, 2007
    Messages:
    909
    Country:
    Germany
    Hey @matt123337
    Is USB Connection still a placeholder or do I need another USB Driver ? Zadig 2.4 gives me 4 drivers to install, but what driver and what device to install for (controller or switch).
     
  20. mflvs

    mflvs Member
    Newcomer

    Joined:
    May 7, 2017
    Messages:
    13
    Country:
    Im loving it so far. just wondering is there anyway to use this with .xci or should i contiune to use my carts.
    Loving the tool super heapfull hehe
     
Draft saved Draft deleted
Loading...

Hide similar threads Similar threads with keywords - Debugger, Remote, Noexs