Toggle sidebar

Homebrew WIP nxdumptool - Nintendo Switch Dump Tool

  • Thread starter Thread starter DarkMatterCore
  • Start date Start date
  • Views Views 316,451
  • Replies Replies 562
  • Likes Likes 50
Quoting myself from another thread:

DarkMatterCore said:
Error 0x32002 means "permission denied". It also pops up in my application when trying to get an IStorage interface with a previously opened gamecard handle under FW < 4.0.0. I'm looking into it right now.

Which method are you guys using to load NRO binaries? I'm not aware if there's a Hekate version that's compatible with 3.0.X, but it may have something to do with that.

I'm on 5.0.2, using the Hekate mod made by @CTCaer. I never had the chance to use PegaSwitch since I got late to the party.
Click to expand...

I've been trying to get around this in the last few hours by porting a privilege escalation procedure used by @Ac_K in this PegaSwitch script to libNX, but I couldn't get it to work.

I'll try to fix this in the next days, but for the time being, I'd like to know if the application works under FW < 4.0.0 using Hekate.

Nonetheless, I want to thank @SAKyle and @MonMonz for doing many tests for me. I really appreciate it.
______________________

I just released v1.0.2 to fix a silly bug in the file splitting code I hadn't noticed before. It should now be able to generate dumps identical to the dumps released by BBB (except for the additional 0xFF padding they don't have).

On a second note, I'm pretty much sure the cartridge contents are encrypted, but the IStorage interface returns a decrypted buffer. Do any of you know what kind of crypto is in place? It's probably a lot for me, but I want to aim to 1:1 dumps whenever possible.

Testers for type 0x02 gamecards and/or pull requests are still welcome.
 
  • Like
Reactions: SAKyle and MonMonz
xXDungeon_CrawlerXx said:
Would love to see a way to create a nsp out of an cartridge with a valid ticket.
But I don't think this will happen any time soon (or ever).
Click to expand...

Creating the NSP, maybe. But the fact that it must have both a valid ticket and a valid cert makes things difficult. I assume they also use some kind of crypto I'm not aware of.
 
@AnalogMan
Sure no problem but that will probably be somewhere weekend that I can test it. A bit on the go as we speak.
And I still have to transfer my personal XCIs to a HDD, I want to also looking into trimming soon ... even 400GB SDXC get full eventually ;)
Will report back soon!
 
  • Like
Reactions: nukester84, DarkMatterCore and thaikhoa
PatrickD85 said:
@AnalogMan
Sure no problem but that will probably be somewhere weekend that I can test it. A bit on the go as we speak.
And I still have to transfer my personal XCIs to a HDD, I want to also looking into trimming soon ... even 400GB SDXC get full eventually ;)
Will report back soon!
Click to expand...

Thanks for your help, really! If it isnt't too much to ask, make sure to take a screenshot while you're creating the XCI dump (without cert). You'll need the XCI dump size from that screenshot to perform the CRC32 calculation because BBB dumps are not 0xFF padded.
 
Last edited by DarkMatterCore,
DarkMatterCore said:
Thanks for your help, really! If it isnt't too much to ask, make sure to take a screenshot while you're creating the XCI dump (without cert). You'll need the XCI dump size from that screenshot to perform the CRC32 calculation because BBB dumps are not 0xFF padded.
Click to expand...
Hey, just wanted to drop in and say that they do come padded, but the majority of dumps flying around right now have that clipped off. You can re-pad them using XCI-Cutter, though.
The fastest way to compare hashes would just to be to go look them up from a database, however.

Thanks for the work!
 
Last edited by Hking0036,
  • Like
Reactions: DarkMatterCore
Hking0036 said:
Hey, just wanted to drop in and say that they do come padded, but the majority of dumps flying around right now have that clipped off. You can re-pad them using XCI-Cutter, though.
The fastest way to compare hashes would just to be to go look them up from a database, however.

Thanks for the work!
Click to expand...

Good to know, thanks. I'll add that to the first post.

What I really meant is that the 0xFF padding they have doesn't take up the whole cartridge size (e.g. 7.44 GiB vs 8 GiB for Super Mario Odyssey).
 
DarkMatterCore said:
Good to know, thanks. I'll add that to the first post.

What I really meant is that the 0xFF padding they have doesn't take up the whole cartridge size (e.g. 7.44 GiB vs 8 GiB for Super Mario Odyssey).
Click to expand...
Correct me if I'm wrong, but I believe the ROM size for the carts is in GB and not GiB so it would be correct for the final dump to come out to around that.
 
DarkMatterCore said:
Thanks for your help, really! If it isnt't too much to ask, make sure to take a screenshot while you're creating the XCI dump (without cert). You'll need the XCI dump size from that screenshot to perform the CRC32 calculation because BBB dumps are not 0xFF padded.
Click to expand...

No problem if I can help in any way ... sure.
In a quick search I did not find the BBB release on usenet. (not asking for it btw as I am not into the nsw scene releases)
But basically what you guys need is a check if the CRC equals; 0B37BC97 ? (online database notes that as the imgcrc)
 
PatrickD85 said:
No problem if I can help in any way ... sure.
In a quick search I did not find the BBB release on usenet. (not asking for it btw as I am not into the nsw scene releases)
But basically what you guys need is a check if the CRC equals; 0B37BC97 ? (online database notes that as the imgcrc)
Click to expand...
Yes, you need to check and make sure that the crc of the game matches that. If not, then it's not a good dump (or it includes your cert, which you can blank out).
 
Hking0036 said:
Correct me if I'm wrong, but I believe the ROM size for the carts is in GB and not GiB so it would be correct for the final dump to come out to around that.
Click to expand...

It's expressed in GiB. There's a byte in the gamecard header that indicates the storage size. The dump size is incomplete because the application only dumps the range covered by the two IStorage interfaces available for every gamecard, which are concatenated in the dump process (but their combined size never takes up all that space).

Historically speaking, this is a pretty common thing with ROM images.

cubex said:
Is the current release the one you need tested with type 2 game cards? I could test and get you the CRC in the next hour or so..
Click to expand...

Yes, it is. Thanks a lot, I really appreciate it.

PatrickD85 said:
No problem if I can help in any way ... sure.
In a quick search I did not find the BBB release on usenet. (not asking for it btw as I am not into the nsw scene releases)
But basically what you guys need is a check if the CRC equals; 0B37BC97 ? (online database notes that as the imgcrc)
Click to expand...

You're right. Just make sure you calculate the CRC32 hash over the XCI dump size displayed on that screen and not over the whole file. Worked fine for me using Super Mario Odyssey.

I'll just probably make the additional padding a configurable option.
 
  • Like
Reactions: Hking0036
I dumped my copy of Minecraft (0100D71004694000) this morning, my CRC32 ended up being 753F2AD5 vs 262EC0D2 for the BBB release. Also, on my dump the XCI file size is 2,048.00 MB and the cartridge size is 1,904.00 MB while both the XCI file size and cartridge size is 1,904.00 MB on the BBB release.

Z8ENAsQ.jpg

gd1fcyj.jpg

EuDuoEl.png
 
Last edited by cubex,
Last edited by Drejj,
cubex said:
I dumped my copy of Minecraft (0100D71004694000) this morning, my CRC32 ended up being 753F2AD5 vs 262EC0D2 for the BBB release. Also, on my dump the XCI file size is 2,048.00 MB and the cartridge size is 1,904.00 MB while both the XCI file size and cartridge size is 1,904.00 MB on the BBB release.

Z8ENAsQ.jpg

gd1fcyj.jpg

EuDuoEl.png
Click to expand...
Cut and then un-cut your file with XCI-Cutter to get a file that (hopefully) matches the Scene release, if Card2 is working! Double check that your cert is not included, as well.
 
Last edited by Hking0036,

Site & Scene News

Go to forum More news

Popular threads in this forum

Dusk for switch (TLoZ Twilight Princess port)

Homebrew  Full List of N64 Recompilation Switch ports

Hacking  WiFi chip failing and can't boot. is it possible to enable Airplane Mode by editing system save files directly?

Homebrew Tutorial Translation Project  CS2SX — Write Nintendo Switch Homebrew in C#

Homebrew  Sonic Unleashed Recompiled (Homebrew Port)

Is it fixable

Homebrew Homebrew game Project  So... Dan didn't want to reveal his Vulkan, so I made mine.

Hacking Emulation  Switch Prod Keys downloading from sites okay?