Hacking Payload Injection to Black Screen

[Pitohui]

Hello,

So I am attempting to use Atmosphere to run Hekate on my switch from a guide I found on YouTube.


I checked if my switch was hackable, then using all the suggested materials followed this guide... however after it successfully injected Hekate the switch's screen remains black and Atmosphere does not start. Not sure what I am doing wrong... the TegraRcmGui displays the text below as it attempts the injection.

No RCM device detected
RCM Device detected
Preset "PAYLOAD_FILE" set to : \\Mac\Home\Desktop\payloads\hekate_ctcaer_5.0.2.bin
Invoking TegraRcmSmash.exe with args : "\\Mac\Home\Desktop\payloads\hekate_ctcaer_5.0.2.bin"
TegraRcmSmash (32bit) 1.2.1-3 by rajkosto
Opened USB device path \\?\usb#vid_0955&pid_7321#5&19f4c0d2&0&6#{aa0dbd45-3117-f331-5c49-76bf65225042}
RCM Device with id 4082FF12000000104516446401101062 initialized successfully!
Uploading payload (mezzo size: 92, user size: 124395, total size: 190611, total padded size: 192512)...
Smashing the stack!
Smashed the stack with a 0x0002 byte SETUP request!
Payload successfully injected

 

[Taorn]

Try to run TegraRcm from an actual Windows machine. Apparently running it through some kind of vm can cause this problem.

Alternatively you can try some other device to inject the payload, like e. g. some Android smartphone.

 

[Pitohui]

Try to run TegraRcm from an actual Windows machine. Apparently running it through some kind of vm can cause this problem.

Alternatively you can try some other device to inject the payload, like e. g. some Android smartphone.

Thank you for the quick response!

I pulled out a PC and redid all the steps and ended up with a black screen again.

No RCM device detected
RCM Device detected
Invoking TegraRcmSmash.exe with args : "C:\Users\oeuvr\Desktop\payloads\hekate_ctcaer_5.0.2.bin"
TegraRcmSmash (32bit) 1.2.1-3 by rajkosto
Opened USB device path \\?\usb#vid_0955&pid_7321#5&1e425a8c&0&1#{aa0dbd45-3117-f331-5c49-76bf65225042}
RCM Device with id 4082FF12000000104516446401101062 initialized successfully!
Uploading payload (mezzo size: 92, user size: 124395, total size: 190611, total padded size: 192512)...
Smashing the stack!
Smashed the stack with a 0x0000 byte SETUP request!
Payload successfully injected

 

[Dfroberts86]

Sounds to me like you have a patched switch... was your serial number in the possibly patched range? From the log, it looks like it is sending the payload successfully. The patched units just stay at a black screen after receiving the payload.

Sent from my Pixel using Tapatalk

 

[Pitohui]

Sounds to me like you have a patched switch... was your serial number in the possibly patched range? From the log, it looks like it is sending the payload successfully. The patched units just stay at a black screen after receiving the payload.

Sent from my Pixel using Tapatalk

Yea, I'm thinking it is patched as well since neither a vm or a pc could inject.

Though, if I use ismyswitchpatched, it says my console is not patched as my serial number is XAW1007510xxxx.

 

[Randy1020]

Im having the same problem were you able to solve it?

 

[thesjaakspoiler]

One thing you could try is to prepare your SD card once more on a PC.
Mac's sometimes mess up the SD card by setting the archive flags.
I don't know exactly what it is but sometimes things just won't work with a Mac.

Also, if the files on the SD card are in the wrong location/folder, the boot process also shows a black screen on boot.

You could also use Rekado on an Android phone.

 

[ScarletDreamz]

0x0000 its a patched unit.

 

[Pitohui]

Small Update:

Tried redoing the micro SD card on a PC after messing with a virtual machine on my MAC and still had the black screen.

Did a final experiment with a RCM Loader instead of using a computer to load the payload, and still black. Definitely a patched model despite the ismyswitchpatched website saying otherwise. I will purchase an unpatched tablet soon and see if that works.