Hacking [Q] Restoring switch to a "clean" state

[AnthonyBarrasso]

I have read some similar situation but I am looking for some answers..

My situation: Had my switch at 4.1.0 on airplane mode for at least a year lol. Got cfw and updated to 6.2.0 with Choi, used kosmos I believe and didn’t realize 6.2 didn’t work with atmosphere at the time and switch would not boot (autoRCM) disabled that and ofw booted which I assume burnt my fuses to 6.2.0. Being that I still have a 4.1.0 backup (clean) that I HOPE works.... could I restore and then boot with hekate and update to 6.2.0 official? Or will this switch be forever “dirty” ? Just a question really as I’m considering getting a second switch for legitimate play but also curious if this one can still be clean then I might just restore it and be done with this.

Not sure if boot(s) (boot0 & 1?) are backed up. I believe I did but I'm not sure. I followed a guide on Kosmos
So I get the impression that if I restore nand (4.1.0) I need to boot with Hekate and then update to 6.2.0 OFW and then I *SHOULD* be clean? Again airplane mode has been on the entire time.

Any help would be greatly appreciated.

Thank you,

 

[Draxzelex]

Yes you should be able to restore it. Since it sounds like you burnt fuses, you will not be able to boot raw OFW; you will have to bypass the fuse check by booting into RCM and using a bootloader/payload that bypasses the fuse check. Luckily all of the currently available ones do so by default.

You will not only need to restore the rawnand but boot0/boot1 since those are firmware-specific. If you do not have a boot0/boot1 that matches the firmware of your rawnand, you can generate them with this tutorial.

 

[AnthonyBarrasso]

Yes you should be able to restore it. Since it sounds like you burnt fuses, you will not be able to boot raw OFW; you will have to bypass the fuse check by booting into RCM and using a bootloader/payload that bypasses the fuse check. Luckily all of the currently available ones do so by default.

You will not only need to restore the rawnand but boot0/boot1 since those are firmware-specific. If you do not have a boot0/boot1 that matches the firmware of your rawnand, you can generate them with this [removed link due to being a newbie].

Doesn't that mean if I cannot boot OFW and have to boot with Hekate or any other payload that this switch will still not be clean? The idea is to be done with CFW and go back to a clean switch (legit) But if I cannot then it is what it is I guess.

Thanks,

 

[Draxzelex]

Doesn't that mean if I cannot boot OFW and have to boot with Hekate or any other payload that this switch will still not be clean? The idea is to be done with CFW and go back to a clean switch (legit) But if I cannot then it is what it is I guess.

Thanks,

I said you could not boot into raw OFW but you can boot into RCM OFW which is theoretically as pure as raw OFW. Hekate for example clears the flag that it was booted from RCM whenever it launches CFW or OFW so to Nintendo, they would not notice the difference as explained in this line of code.

 

[SomeGamer]

I said you could not boot into raw OFW but you can boot into RCM OFW which is theoretically as pure as raw OFW. Hekate for example clears the flag that it was booted from RCM whenever it launches CFW or OFW so to Nintendo, they would not notice the difference as explained in this line of code.

That link gives me a 404 error.

 

[Draxzelex]

That link gives me a 404 error.

Oof. Well you can peruse Hekate's source code for the line but maybe you can trust the words from the developer himself: https://gbatemp.net/threads/rcm-payload-hekate-ctcaer-mod.502604/page-19#post-7999648

 

[AnthonyBarrasso]

I said you could not boot into raw OFW but you can boot into RCM OFW which is theoretically as pure as raw OFW. Hekate for example clears the flag that it was booted from RCM whenever it launches CFW or OFW so to Nintendo, they would not notice the difference as explained in this[removed again].

So in theory I do this and boot with Hekate every single time? I will never be able to boot without it? That's my only concern as going legit I planned on being able to take it on the go again without a jig / way to send a payload. Is this mainly because I screwed it all up by burning my fuses?

Thanks,

 

[Draxzelex]

So in theory I do this and boot with Hekate every single time? I will never be able to boot without it? That's my only concern as going legit I planned on being able to take it on the go again without a jig / way to send a payload. Is this mainly because I screwed it all up by burning my fuses?

Thanks,

You would only need to do this when booting a firmware lower than the fuse count. Once the console is on a firmware that matches the fuse count (e.g. 6.2 with 8 burnt fuses), then you won't need to rely on RCM and Hekate.

 

[AnthonyBarrasso]

You would only need to do this when booting a firmware lower than the fuse count. Once the console is on a firmware that matches the fuse count (e.g. 6.2 with 8 burnt fuses), then you won't need to rely on RCM and Hekate.

Oh! That was my plan.. restore 4.1.0 Nand and then boot with hekate into 4.1.0 and update to 6.2.0 official then I should be good?

Thanks again!

 

[Draxzelex]

Oh! That was my plan.. restore 4.1.0 Nand and then boot with hekate into 4.1.0 and update to 6.2.0 official then I should be good?

Thanks again!

Yes. Just one thought came across my mind. Since you updated to 6.2 officially, Nintendo expects you to be on that firmware and if you restore a NAND of a lower firmware, that might set off some red flags. In that case, it might be better to update the clean NAND with either ChoiDujour or ChoiDujoruNX offline.

 

[AnthonyBarrasso]

Yes. Just one thought came across my mind. Since you updated to 6.2 officially, Nintendo expects you to be on that firmware and if you restore a NAND of a lower firmware, that might set off some red flags. In that case, it might be better to update the clean NAND with either ChoiDujour or ChoiDujoruNX offline.

Would it matter that I never connected to Wifi? I do have 6.2 update sitting on my SD from when I used Choi last to go from 4.1 to 6.2 without burning fuses but then I messed that up lol! I just want the cleanest safest way to restore this. I might not even do that I'm just looking into my options regardless.

Thanks,

 

[Draxzelex]

Would it matter that I never connected to Wifi? I do have 6.2 update sitting on my SD from when I used Choi last to go from 4.1 to 6.2 without burning fuses but then I messed that up lol! I just want the cleanest safest way to restore this. I might not even do that I'm just looking into my options regardless.

Thanks,

Oh your're right, you updated to 6.2 using ChoiDujour/NX so you were never online. Disregard my previous post.

 

[AnthonyBarrasso]

Oh your're right, you updated to 6.2 using ChoiDujour/NX so you were never online. Disregard my previous post.

So I can proceed as I originally planned if I decide I want to do this? I've been in airplane mode for over a year now lol

Thanks,

 

[Draxzelex]

So I can proceed as I originally planned if I decide I want to do this? I've been in airplane mode for over a year now lol

Thanks,

Yes

 

[AnthonyBarrasso]

Yes

Thank you for all the help! I couldn't get any straight answers about this and I also assume that this is not 100% unbannable since we really don't know what they see and don't at this point?

Thanks,

 

[Draxzelex]

Thank you for all the help! I couldn't get any straight answers about this and I also assume that this is not 100% unbannable since we really don't know what they see and don't at this point?

Thanks,

Anything performed in RCM is theoretically undetectable since RCM is loaded before the NAND.

 

[AnthonyBarrasso]

Anything performed in RCM is theoretically undetectable since RCM is loaded before the NAND.

Was going to try to restore tonight and as I was about to move everything to the restore folder I realized I do not have Boot0! I have Boot1 and my Rawnand backup. Is there anyway to restore to a clean slate at this point or am I SOL now...?

 

[Draxzelex]

Was going to try to restore tonight and as I was about to move everything to the restore folder I realized I do not have Boot0! I have Boot1 and my Rawnand backup. Is there anyway to restore to a clean slate at this point or am I SOL now...?

That's fine. Boot0 only changes during firmware updates or if AutoRCM is enabled. No other CFW/homebrew touch boot0 to the best of my knowledge.

 

[AnthonyBarrasso]

That's fine. Boot0 only changes during firmware updates or if AutoRCM is enabled. No other CFW/homebrew touch boot0 to the best of my knowledge.

So I should be able to restore my 4.1.0 clean nand with just boot1 and the rawnand backup? and then I will update to 6.2.0 OFW and I should be clean like we talked about? I plan on restoring 4.1.0 and then booting with Hekate, then doing the online OFW 6.2.0 update and going legit. if so wish me luck!

Thanks,

 

[Draxzelex]

So I should be able to restore my 4.1.0 clean nand with just boot1 and the rawnand backup? and then I will update to 6.2.0 OFW and I should be clean like we talked about? I plan on restoring 4.1.0 and then booting with Hekate, then doing the online OFW 6.2.0 update and going legit. if so wish me luck!

Thanks,

Well no you need boot0 to complete your full NAND backup unless the firmware you are currently running is the same as the NAND backup you are restoring. If they do differ, you can either temporarily downgrade to 4.1 with ChoiDujourNX so you can dump boot0 (preferably without AutoRCM enabled) or build a boot0 of 4.1 with ChoiDujour.