Homebrew Discussion [Pointless?] PSA - Do NOT transfer eMMC backups over FTP. Bytes could be lost!

mattytrog

You don`t want to listen to anything I say.
OP
Member
Joined
Apr 27, 2018
Messages
3,708
Trophies
0
Age
48
XP
4,328
Country
United Kingdom
As the title...

If you transfer your Hekate backups etc over FTP depending how your FTP connection is configured, there is a possibility that you COULD lose bytes, resulting in a bad restore if you needed to.

Investigations are still ongoing, and I am sure most people are fine.

But for safetys sake, once you have your Hekate eMMC backups, transfer them back and forth by a direct connection (ie card reader) over PC.
Do NOT rely on FTP. Especially where prodinfo is concerned.

We seem to be seeing a lot of bricks lately.

Forgive me if this has been covered in "gaming" sections or whatever.

I don`t game and I don`t have a clue about developments on the high-level side.

But working with rawnands, EMMCs and PRODINFOs for the best part of a year has taught me - please be careful!

Quick check:

Open your boot0 in a hex editor.

Go to offset 0x180000.

If 0x17FFF0 is 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 then you are fine.

Pic attached.


blobs.png


 
Last edited by mattytrog,

mattytrog

You don`t want to listen to anything I say.
OP
Member
Joined
Apr 27, 2018
Messages
3,708
Trophies
0
Age
48
XP
4,328
Country
United Kingdom
Very possibly.

Personally, I don't use FTP. But two different people lost bytes in their boot0, making them 16 bytes off by the time you get to the keyblob section.

The only common denominator in it, is the fact they were using FTP to transfer their dumps.

Which mode FTP was being used, I have no idea.

But you can appreciate it is dangerous.

--------------------- MERGED ---------------------------

Hmm, I wonder if similar issues arise if you transfer via mtp...
MTP is arguably safer, I would say at this point.
 
  • Like
Reactions: Draxzelex

mattytrog

You don`t want to listen to anything I say.
OP
Member
Joined
Apr 27, 2018
Messages
3,708
Trophies
0
Age
48
XP
4,328
Country
United Kingdom
Who in the world would transfer 30 gb over FTP?
I wouldn't even transfer a NSP over FTP.
It's great for homebrews and savegames but that's it.
Mainly seems to be BOOT0 that is the best example.

Scenario...

You have all fuses intact(right from v1.0.0), using autoRCM or a chip or whatever...
You are on 9.0.1 and you wish to downgrade to v1.0.0 to test the new all-sing-all-dancing exploit.

You transfer your boot0 over FTP(the 4096kb version), it loses 16 bytes...

v1.0.0 boot is impossible as keyblobs are fooked. Only way around it is to restore a 100% perfect boot0. Fingers crossed you have one.

**Not saying this scenario applies to anyone, but it gives you an example.
 
  • Like
Reactions: lordelan

smf

Well-Known Member
Member
Joined
Feb 23, 2009
Messages
6,659
Trophies
2
XP
5,939
Country
United Kingdom
Who in the world would transfer 30 gb over FTP?

If you're integrity checking files then ftp is fine, if you backup your emmc, modify it and write it back without doing any kind of hash check then you're playing russian roulette no matter what transfer you use.
 

lordelan

Well-Known Member
Member
Joined
Jan 4, 2015
Messages
5,884
Trophies
1
Age
44
XP
6,729
Country
Germany
If you're integrity checking files then ftp is fine, if you backup your emmc, modify it and write it back without doing any kind of hash check then you're playing russian roulette no matter what transfer you use.
I was using a card reader every time and comparing the size (BIT wise, not MB wise lol) but it appears that was always enough. ;)
 

linuxares

The inadequate, autocratic beast!
Global Moderator
Joined
Aug 5, 2007
Messages
13,506
Trophies
2
XP
18,588
Country
Sweden
Can confirm, it's the FTP transfer. Copied with my SD Card reader and it looks like the correct one now.
Filezilla is default set to automatic.

kZr02LE.png



Just set it to Binary and it will ALWAYS copy the exact file you have. No idea why the heck ASCII is even an option is darn age.

ldcJ9hW.png
 

Crusatyr

Well-Known Member
Member
Joined
Jul 31, 2016
Messages
197
Trophies
0
XP
901
Country
United States
Sounds like a checksum file that can be check on the computer would be a good addition to for example Hekate.

Easiest solution but shittiest would be something like have hekate create a hash as it verifies the dump then saves it in a file that you could also copy to your PC. The issue with this is I'm not sure how long it would take the switch to hash 30GB.
 

linuxares

The inadequate, autocratic beast!
Global Moderator
Joined
Aug 5, 2007
Messages
13,506
Trophies
2
XP
18,588
Country
Sweden
Easiest solution but shittiest would be something like have hekate create a hash as it verifies the dump then saves it in a file that you could also copy to your PC. The issue with this is I'm not sure how long it would take the switch to hash 30GB.
No idea, but it's up to ctcaer if he wish to add something like that to Hekate. For sure this was a Filezilla issue. This means however that all my previous backups I have made I will call void. I will not trust them and therefore I have removed them.
 

mrdude

Developer
Developer
Joined
Dec 11, 2015
Messages
3,071
Trophies
1
Age
56
XP
8,240
Maybe check the md5 or the backup before transfering - and then check the md5 of the transferred file before restoring would prevent these issues. It's not hard to make a switch app for checking the md5 of a file.
 

mixelpixx

hardware monkey
Member
Joined
Aug 10, 2014
Messages
133
Trophies
0
Location
y0uR m0mz b0x
XP
356
Country
United States
Xfering game files is probably ok to do over network, but if its important, then use the most direct connection possible. I flash hardware a lot, sometimes I do 10 devices via a Cisco2960-XR, shouldnt lose packets, but for every 10 i do, one fails. You WILL lose packets/bits.. I would never transfer over a wireless network anything regarding system files. And the device you are using to push whatever software should be plugged into a power source.

The more hardware and processes you put in between you and the device you are flashing, the more chance for an error.
 

Ev1l0rd

(⌐◥▶◀◤) girl - noirscape
Member
Joined
Oct 26, 2015
Messages
2,004
Trophies
1
Location
Site 19
Website
catgirlsin.space
XP
3,441
Country
Netherlands
I mean, you're transporting files on a protocol that has no error checking by default.

The onus isn't really on Hekate to account for a harebrained move like that. Use an SD card reader or an equivalent whenever possible, you're just setting yourself up to be shot in the foot if you don't.

There's an open PR for Hekate (and an implementation existed for a while although I'm not sure if it's still in there) to dump it's hash checks to a file.
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
    BigOnYa @ BigOnYa: @BakerMan Yep it was embarrassing, but I know what you did last summer, in the woods... +1