I see. I have no clue what happened here then: https://gbatemp.net/threads/hwfly-o...te-to-start-in-emummc-now-black-screen.624563
what rumors? I sure as heck haven't heard any of it from the horses mouth
How would this scenario look like? Is it possible to somehow read back the timings from the hwfly chip once they have been found? Where are those stored? Can they be read through putty and the debug mode?
Knock yourself out - https://github.com/hwfly-nx/firmware
Could you explain for me in training glitch process with orange light, why BOOT0 need to be written a payload? If we update switch OWF, will Boot0 change and makes hwfly chip malfunction and requires to reflash the chip as @kylum said?
I was wrong by the way. The scenario I mentioned did not cause the chip needing to be reflashed. Rather reset. The newer Hwfly-nx firmware didn’t have this problem.
I see some people comment still have this problem with 0.7.1 and they have to retrain (link ). I have no idea what causes this problem and why hwfly chip need to write payload to Boot0.
Depending on the emmc that is used in the Switch a slightly different timing might be needed.
Finding the timing when to voltage glitch is possible with the spacecraft-nx code and a simple mpu/cpu.
Hard part is the injection of the altered code after the glitch.
Post automatically merged:
Some students did some voltage glitching on StarLink devices with a RP2040.
https://github.com/KULeuven-COSIC/Starlink-FI
They seem to be using a bit more components but maybe most of that is not needed.
(I recall seeing an Amiibo emulator with an mpu and just 2 capacitors powering itself from the RFID antenna signal).
The hard part to me seem like the code injection that needs to happen at the emmc bus speed.
An RP2040 can natively interface with an emmc.
Question is how to sync the bus speed with the Switch.
Maybe this is as simple as using the CLK signal from the emmc on the Switch.
Last edited by thesjaakspoiler,
This dumped firmware for rp2040 glitch from china.
Used "picotool save all" command from linux.
Tested on Switch Lite
Used "picotool save all" command from linux.
Post automatically merged:
Tested on Switch Lite
Last edited by Mansi,
I don't believe you.
Last edited by binkinator,
Uhm the original devs code is apparently kbs so what chip have you dumped?
Also the firmware.bin is empty. Just 0xff?
- Joined
- Sep 9, 2019
- Messages
- 904
- Trophies
- 1
- Location
- Switch scene
- Website
- github.com
- XP
- 2,663
- Country
Vids or it didn't happen
Post automatically merged:
Ok actually tbf he does claim these chips are from China, in DMs he told me that the Chinese were independently making their own glitch chip based on the same hardware but with their own software solution.
So if what he has is that then it wouldn't match what the Pikofly dev has built.
I'm still sceptical though. I know a lot of people who deal with mod chips and if China had one working I'm fairly sure I'd be hearing about it from one of those guys first and not some random dude who showed up on GBAtemp 3 days ago.
Last edited by CompSciOrBust,
Thats the thing. It would be over twitter atleast. Im still confused why the firmware file is blank.
I really dont want anyone to damage their hardware. So I try to analyze this.
firmware.bin has about 85k of payload in there…
—-snip—-
the rest is probably just FF padding of the rest of the flash space. If this was just a dump of flash space it would be huge in comparison with the bulk being a lot of empty space.
….like the Trinket payloads.
Post automatically merged:
Some idiot is going to have to take one for the team and just inject this into their switch and see what catches fire…
Picofly has nothing to do with the glitch from the Chinese. This is a different developer.
Dump was read from the board from the Chinese as is.
Large size is due to the dump program itself.
The dump needs to be reduced in a hex editor.
The fact that I registered 3 days ago does not mean that I am a troll, I am trying to help and tell my story with rp2040 from another supplier. Believe me or not, your choice.
Dump was read from the board from the Chinese as is.
Large size is due to the dump program itself.
The dump needs to be reduced in a hex editor.
The fact that I registered 3 days ago does not mean that I am a troll, I am trying to help and tell my story with rp2040 from another supplier. Believe me or not, your choice.
agreed. truncated it’s only 85k. An Average firmware is around 110k. It’s in the ballpark. How did you test it? Did you just inject the firmware or did you wire it all up and put it in a rp2040 and everything?
They just sent a glitch, I switched to bootsel mode and counted through picotool. Firmware size may vary depending on code and compiler. There is a debug in hwfly, it is not in rp2040, here you save space)
Well... There are many other things in code you can remove and save memory.
Lots of nuances.
Where did you get it from?
Also the original pikofly is canceled since the dev doesn't want anything todo with it anymore
Also the original pikofly is canceled since the dev doesn't want anything todo with it anymore
a pity, too much drama over it, though as i see it it will be released uncredited from a chinese company locked and not open source. scene nowadays is becoming dramatic.
Similar threads
-
-
@
SylverReZ:
@AncientBoi, Yeah, believe you can do PSP games as well. But a Pi5 is much powerful in comparison.+2 -
-
@
Psionic Roshambo:
Not sure about other models of Pi4 but the Pi 4 B with 8GBs OCed to 2Ghz handles PSP really great except like 1 game I found and it is playable it just looks bad lol Motor Storm Arctic something or other. -
@
Psionic Roshambo:
Other games I can have turned up to like 2X and all kinds of enhancements, Motorstorm hmmm nope 1X and no enhancements lol
-
-
@
Psionic Roshambo:
I will admit that one does seem more interesting than the usual Ambernic ones, and I already liked those.
-
-
-
-
-
-
@
Veho:
I mean yeah sure but the specs are the same as a $50 model, it's just those pesky "quality of life" things driving up the price, like an actually working speaker, or buttons that don't melt, and stuff like that.+1 -
@
Psionic Roshambo:
I think all in my Pi 4 was well north of 200 bucks 150ish for the Pi 4 the case the fancy cooler, then like 70 for the 500GB MicroSD then like 70 for the Xbox controller. But honestly it's a nice set up I really enjoy and to me was worth every penny. (even bought more controllers for 2 or 4 player games.) hmmm have never played any 2 player games yet
-
@
Veho:
Yeah that's what I hate about the RPi, it's supposedly $30 or something but it takes an additional $200 of accessories to actually turn it into a working something.
-
-
-
@
Psionic Roshambo:
Yeah a lot of it I consider a hobby, using Batocera I am constantly adjusting the collection adding and removing stuff, scraping the artwork. Haven't even started on some music for the theme... Also way down the road I am considering attempting to do a WiiFlow knock off lol
-
-
-
@
Veho:
Hmm, with that in mind, maybe a complete out-the-box solution with all the games collected, pacthed and optimized for me would be worth $150
-
-
-
-
@
SylverReZ:
What its like to do online shopping in 1998: https://www.youtube.com/watch?v=vwag5XE8oJo
