Hacking R.I.P. Public CDNSP Cert. as Nintendo Getting Better

Dominator211 · Sep 26, 2018

while it is a sad day, I know there will be people that will continue to try and find a way to get around this. best of luck to them

KsAmJ · Sep 26, 2018

Dominator211 said:
while it is a sad day, I know there will be people that will continue to try and find a way to get around this. best of luck to them

indeed it is

Draxzelex · Sep 26, 2018

So since the last thread was locked, a new development has been discovered. Turns out that the CDN server now only accepts requests for everything except system updates if you're on firmware 6.0 and the only way to be on firmware 6.0 without hacks is by going online and downloading the update. So until someone updates to firmware 6.0 officially and dumps their console's certificate, CDNSP is "dead".

KsAmJ · Sep 26, 2018

Draxzelex said:
So since the last thread was locked, a new development has been discovered. Turns out that the CDN server now only accepts requests for everything except system updates if you're on firmware 6.0 and the only way to be on firmware 6.0 without hacks is by going online and downloading the update. So until someone updates to firmware 6.0 officially and dumps their console's certificate, CDNSP is "dead".

source?

Conex · Sep 26, 2018

The 6.0 thing is true, however still untested in cdnsp as far as grabbing titles besides Firmware Update, the Switch-Hacks discord is currently obtaining a 6.0 cert for tests.

Draxzelex · Sep 26, 2018

KsAmJ said:
source?

If you take the current public certificate to try and download a system update, it will work. The only reason its not working is because its not on firmware 6.0

Rikikoo · Sep 26, 2018

Draxzelex said:
If you take the current public certificate to try and download a system update, it will work. The only reason its not working is because its not on firmware 6.0

That doesn't mean a thing, a tls cert isn't tied to a specific firmware version.
6.0 could've introduced a cryptographic "challenge" (what dauth really is), or a hardcoded value the server expects to see in a request, etc. Could be anything, but nothing that can't be replicated on desktop.
Or, requests now upload a copy of your ticket (what 3ds was changed to), and in that case it's game over unless Nintendo's private key somehow leaks.

V-Temp · Sep 26, 2018

Draxzelex said:
So since the last thread was locked, a new development has been discovered. Turns out that the CDN server now only accepts requests for everything except system updates if you're on firmware 6.0 and the only way to be on firmware 6.0 without hacks is by going online and downloading the update. So until someone updates to firmware 6.0 officially and dumps their console's certificate, CDNSP is "dead".

How would a tls-cert be tied to a firmware? That doesn't make much sense.

I was under the impression the change was a token challenge from earlier info?

Mr_Pichu · Sep 26, 2018

I am sure many of us enjoyed the free ride while it lasted. After all it was on the dime of Nintendo and all those third party developers. It dIdn't hurt Nintendo's stock any, but those poor bastard third party and not to forget indie developers.

Just remember, where there is a hack there is a way.

SSG Vegeta · Sep 26, 2018

Just when I was talking about joining the band wagon this happens 0.0

MrWallace · Sep 26, 2018

ive download all the games and dlc updates but a few games 1.59TB worth of games, updates, and DLC

Nezztor · Sep 26, 2018

MrWallace said:
ive download all the games and dlc updates but a few games 1.59TB worth of games, updates, and DLC

Do you have time to play it all? Also there isnt a 1 tb microsd I think?

Rahkeesh · Sep 26, 2018

Nezztor said:
Do you have time to play it all? Also there isnt a 1 tb microsd I think?

Could get to a good chunk over the next decade. Since you won't be downloading from Nintendo anymore.

bundat · Sep 26, 2018

Draxzelex said:
If you take the current public certificate to try and download a system update, it will work. The only reason its not working is because its not on firmware 6.0

Wait, does this mean the public cert isn't even banned?
And that the full protocol for 6.0 CDN requests just hasn't been fully RE'd yet, which is causing the CDN error?

Is it possible to request a system update using the older superbanned certs?
(I'd test it myself, as I have copies of the old certs, but I have no idea how to)

Or did they simply change it so that even superbanned certs are able to ask for FW updates, but nothing else?

Lacius · Sep 26, 2018

Is anyone aware of a computer application other than CDNSP that can easily check downloaded NSP files for whether or not updates are available? That's really all I ever used CDNSP for.

Draxzelex · Sep 26, 2018

bundat said:
Wait, does this mean the public cert isn't even banned?
And that the full protocol for 6.0 CDN requests just hasn't been fully RE'd yet, which is causing the CDN error?

Is it possible to request a system update using the older superbanned certs?
(I'd test it myself, as I have copies of the old certs, but I have no idea how to)

Or did they simply change it so that even superbanned certs are able to ask for FW updates, but nothing else?

Basically, the cert's not CDN banned at the very least because if it was, it wouldn't be able to download system updates and CDN bans prevent even system updates from downloading. The CDN's protocol has changed but as you said, we don't quite fully understand what's changed; just what are the side effects of these changes. The old CDN banned certs will still not work as explained above. As long as a cert isn't CDN banned, it can still request system updates without being on firmware 6.0 because how else would Nintendo expect people to update? Its just that all other requests now require the console to be on firmware 6.0

Lacius said:
Is anyone aware of a computer application other than CDNSP that can easily check downloaded NSP files for whether or not updates are available? That's really all I ever used CDNSP for.

I've seen people recommend this site: https://www.perfectly-nintendo.com/nintendo-updates/

bundat · Sep 27, 2018

Draxzelex said:
Basically, the cert's not CDN banned at the very least because if it was, it wouldn't be able to download system updates and CDN bans prevent even system updates from downloading. The CDN's protocol has changed but as you said, we don't quite fully understand what's changed; just what are the side effects of these changes. The old CDN banned certs will still not work as explained above. As long as a cert isn't CDN banned, it can still request system updates without being on firmware 6.0 because how else would Nintendo expect people to update? Its just that all other requests now require the console to be on firmware 6.0

Oh, I was just thinking of the possibility that they changed the way atum works, and that even if you're CDN banned, they don't block a FW update request (just cause it's weird that they didn't ban the last cert). But if it's confirmed that nothing changed in that regard... then I guess that they really didn't ban this cert :wtf:

In this case, the people who were saying "CDNSP still works, IF the cert owns the game legally" were wrong (was reading this mostly on reddit).

Lacius · Sep 27, 2018

Draxzelex said:
Basically, the cert's not CDN banned at the very least because if it was, it wouldn't be able to download system updates and CDN bans prevent even system updates from downloading. The CDN's protocol has changed but as you said, we don't quite fully understand what's changed; just what are the side effects of these changes. The old CDN banned certs will still not work as explained above. As long as a cert isn't CDN banned, it can still request system updates without being on firmware 6.0 because how else would Nintendo expect people to update? Its just that all other requests now require the console to be on firmware 6.0
I've seen people recommend this site: https://www.perfectly-nintendo.com/nintendo-updates/

That's something, but I'm going to miss the convenience of having my downloaded games/updates scanned for updates without me having to check them one by one.

Draxzelex · Sep 27, 2018

bundat said:
Oh, I was just thinking of the possibility that they changed the way atum works, and that even if you're CDN banned, they don't block a FW update request (just cause it's weird that they didn't ban the last cert). But if it's confirmed that nothing changed in that regard... then I guess that they really didn't ban this cert

In this case, the people who were saying "CDNSP still works, IF the cert owns the game legally" were wrong (was reading this mostly on reddit).

Yeah it was just a "scare tactic" since none of the certs were no longer working with CDNSP but I guess they didn't actually know why? At the very least, it seems game updates are now held behind dauth so people who were afraid of bans and with the lack of working public certs might have to rethink their ways (at least from a convenience perspective).

huma_dawii · Sep 27, 2018

Draxzelex said:
Yeah it was just a "scare tactic" since none of the certs were no longer working with CDNSP but I guess they didn't actually know why? At the very least, it seems game updates are now held behind dauth so people who were afraid of bans and with the lack of working public certs might have to rethink their ways (at least from a convenience perspective).

Hopefully this means no ban with updates from XCI games xD

Hacking R.I.P. Public CDNSP Cert. as Nintendo Getting Better

JFK's Jelly Donut

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Member

Well-Known Member

かわいいね！

Well-Known Member

New Member

Well-Known Member

Well-Known Member

¿

Well-Known Member

Well-Known Member

¿

Well-Known Member

Well-Known Member

Well-Known Member

Similar threads

Popular threads in this forum