[RCM Payload] Hekate - CTCaer mod

Discussion in 'Switch - Exploits, Custom Firmwares & Soft Mods' started by CTCaer, May 1, 2018.

  1. connectconnect

    connectconnect Member

    Newcomer
    5
    GBAtemp Patron
    connectconnect is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    May 9, 2016
    If you replace the eMMC module,
    how do you recreate the content in the new eMMC?
    I have a switch with problems in my eMMC, indeed trying to get the BIS Keys it can't access the required keys in the eMMC,
    I wonder if I buy a replacement eMMC module how I would be able to create the structure again because restoring a backup from another switch won't work, will it?
     
  2. CTCaer
    OP

    CTCaer Developer

    pip Developer
    11
    Mar 22, 2008
    Greece
    Well if you don't have a backup and especially prod, you can't restore it to a replacement eMMC.
     
  3. Canna

    Canna Bad Ass Poisonous Mushroom

    Member
    7
    GBAtemp Patron
    Canna is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Jul 14, 2018
    United Kingdom
    Excuse me sir.
    When you mention you can simply replace the emmc Chip/Board/package..
    Is there any identification the switch pulls from the chip to say this is not the real one Like a serial match etc..
    Or is this in the Prod info..? and long as i copy the original emmc to the new one i should be fine ?
    also can we access a bootloader to restore a image to emmc if the emmc board inserted is blank or new ?
     
    Last edited by Canna, Aug 16, 2018
  4. CTCaer
    OP

    CTCaer Developer

    pip Developer
    11
    Mar 22, 2008
    Greece
    They already collect these through error reporting.
    http://switchbrew.org/index.php?title=Error_Report_services search for nand.
    NANDCID (serial and other id) and NANDTotalSize/NANDFreeSpace are the most important.

    So best way is to have the error services disabled.

    On the other hand these can be spoofed and use a let's say 64GB eMMC. You then restore your backup. Memload it to PC and resize USER partition.
     
    wicksand420 likes this.
  5. Canna

    Canna Bad Ass Poisonous Mushroom

    Member
    7
    GBAtemp Patron
    Canna is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Jul 14, 2018
    United Kingdom
    Im not sure i follow, im not as smart as you sir..

    Why can i not replace the emmc with another same size ?
    How do i spoof? or spoof a larger ? thank you
     
  6. CTCaer
    OP

    CTCaer Developer

    pip Developer
    11
    Mar 22, 2008
    Greece
    I didn't say you cannot. I also even said how to do it.

    Spoofing of serial numbers needs patching of FS.kip
     
  7. mariogamer

    mariogamer GBAtemp Maniac

    Member
    5
    Aug 12, 2015
    Canada
    Is it safe to actually disable the error report service? It would seem supspicious, no?
     
    Last edited by mariogamer, Aug 16, 2018
  8. Canna

    Canna Bad Ass Poisonous Mushroom

    Member
    7
    GBAtemp Patron
    Canna is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Jul 14, 2018
    United Kingdom
    And this is to spoof emmc id ?

    So simply using a new emmc chip/board of the same size and brand.
    Cant be used without the fs.kip being patched ?
    How would one patch the fs.kip

    Thank you for your reply much appreciated
     
  9. CTCaer
    OP

    CTCaer Developer

    pip Developer
    11
    Mar 22, 2008
    Greece
    Well, in the end the can create whatever ban heuristics they decide..
    It's always cat and mouse, these stuff.

    Just let it run when you go online. As long as it's clean.
    I live in europe, so this does not reach me a lot..

    it can be used. Whatever one you get.
    It's to avoid detection. Nintendo knows which eMMC id your console has.
     
  10. Canna

    Canna Bad Ass Poisonous Mushroom

    Member
    7
    GBAtemp Patron
    Canna is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Jul 14, 2018
    United Kingdom
    Do i need to make a special fs.kip ? If so do you recommend a method for me ?

    Thank you for your help
     
  11. qaz015393

    qaz015393 GBAtemp Advanced Fan

    Member
    5
    Jan 28, 2009
    United States
    I can't seem to boot into cfw. I tried the one from HERE and then tried it with the V3.2 payload with it as well and still get black screen on my 2.0.0 Switch. Can I please get some help to get it booting into cfw because I need to finish making my backup and need the key files from the system.
     
  12. BaamAlex

    BaamAlex (*(vu64 *)0x1FF81100)

    Member
    6
    Jul 23, 2018
    Germany
    Update the console?
     
  13. Pockets69

    Pockets69 Newbie

    Newcomer
    1
    Nov 29, 2017
    Portugal
    So quick question here, I am trying to boot a 3.0.0 CFW using hekate bootloader, but i haven't had any luck :/

    I am using hekate-3.2-CTCaer-mod and i am using tomGER SDFIles.zip 7.3.1, whenver i do launch CFW i get a black screen, after a while like 30secs i get the nintendo switch logo, and a black (backlit) screen, nothing happens.

    Can you guys help me troubleshoot this?

    This must be something very obvious, but i don't get what is going on :/
     
  14. qaz015393

    qaz015393 GBAtemp Advanced Fan

    Member
    5
    Jan 28, 2009
    United States
    Yeah I was trying to update my 2.0.0 system (without burning the fuses) and needed to do a proper backup of everything.

    I'm in the same boat as you. This happens to me too and I even used v7. 3.2 and same thing. Its funny, I asked them on the issue section of the github but the thread was closed without any real help besides use the latest release - which does nothing. Hope we can get some help getting it to work
     
    Last edited by qaz015393, Aug 18, 2018
  15. XaneTenshi

    XaneTenshi GBAtemp Fan

    Member
    5
    Nov 24, 2013
    Denmark
    So while I don't really have an answer to your problem right now, I'd like to clear up a few things so that maybe someone else have a better chance of helping you.

    You are saying that you need help to get into CFW to backup the rest of your system, but that's not really how this works. You are supposed to backup your Nand, Boot files, BIS Keys etc. before you enter CFW, not after.

    Which leads me to the question: Are you having trouble getting the Custom Bootloader (Hekate) to work, as in, do you get stuck on a black screen when you send the Payload or...

    Are you actually unable to boot into CFW from within Hekate?
     
    qaz015393 likes this.
  16. Pockets69

    Pockets69 Newbie

    Newcomer
    1
    Nov 29, 2017
    Portugal
    @qaz015393 I found the answer to my problem, may help solve yours, the issue was that the cfw wasn't booting, I could boot into hekate but could not launch the CFW.

    Turns out i was using my sdxc formatted as exfat and my firmware didn't support it, while hekate does and i used it to backup my nand and my keys, when it came to boot the cfw since i had not installed the exfat patch, the cfw would not boot.

    I fixed by formatting the sdxc as fat32, and then launching the cfw, it booted right away, i actually used choidujournx to update to the latest firmware, but somehow my gamecart stopped working which makes no sense :/

    I was careful and added the nogc kip1patch, and the gamecart problem is only revealed when you downgrade not when you upgrade, so I don't know what might have happened

    Hopefully this post helps you out, good luck

    EDIT: found why my gamecart controller doesn't work, if you update past 4.0.0 and use the nogc kip1patch so it doesn't update the gamecart controller you also won't be able to play gamecarts on newer firmwares, only on old ones.
    Makes sense but it's a shame, I really wanted to update to play mario kart since i bought an updated gamecart that only works on a newer firmware :/
     
    Last edited by Pockets69, Aug 19, 2018
    qaz015393 likes this.
  17. qaz015393

    qaz015393 GBAtemp Advanced Fan

    Member
    5
    Jan 28, 2009
    United States
    Yes that helped big thanks man.

    I was using exfat which doesn't support my fw but when i used my fat 32 memory car, I was able to boot into Hekate cfw from within the Hekate.
     
    Last edited by qaz015393, Aug 19, 2018
    XaneTenshi likes this.
  18. cherup

    cherup Advanced Member

    Newcomer
    5
    Jan 10, 2016
    Gambia, The
    I bought a switch which does not start properly. RCM, SD card working fine.
    Maintenance mode does not work so I decided to rewrite the partitions using the following
    method:

    https://gbatemp.net/threads/how-to-...nofficially-without-burning-any-fuses.507461/

    In the first step a made a backup of BOOT0/1

    Then I was trying to flash BOOT0, which ends in an error. After that I cannot mount the discs with memloader any longer.

    Trying to restore the B00T0/1 partitions with hetake ends up with ERROR 4.

    I guess the internal emmc is damaged ?? Any ideas what to do ?
    Would it be possible to buy a new emmc storage and simple restore a new system into it with the biskeys ?
     
  19. Quicksilver88

    Quicksilver88 GBAtemp Advanced Fan

    Member
    4
    Jan 26, 2013
    United States
    No complaints with speed, I just meant I wished we could easily update the EEMC capacity. I assume the chips are on the board? A lift and replace shouldn't be that hard so if we could get say 128gb or more with a bigger EEMC that would be a dream.
     
  20. CTCaer
    OP

    CTCaer Developer

    pip Developer
    11
    Mar 22, 2008
    Greece
    It's super easy, because for some reason, this device is the only one that uses a separate pcb for eMMC, that connects with a "lego" connector..
     
    Kukielka and xabier like this.
Quick Reply
Draft saved Draft deleted
Loading...