[RCM Payload] Hekate mod - raw full nand backup

Discussion in 'Switch - Exploits, Custom Firmwares & Soft Mods' started by CTCaer, May 1, 2018.

  1. CTCaer
    OP

    CTCaer GBAtemp Fan

    Member
    5
    Mar 22, 2008
    Greece
    Hekate - ipl
    CTCaer mod v1.3 - Automatic RAW eMMC partial dumping



    Changelog:
    V1.3:
    • [Firmware] Add upstream changes for 4.xx/5.xx firmware launching support
    • [SD/MMC] More fixes for SDHC/SDXC sd cards.
    • [Tools] Add dumping fuses/kfuses to sd card
    • [Tools] Some small fixes on raw dumping edge cases
    • [Info] Add Info printing for eMMC and SD card

    V1.2:
    • Write errors to SD card are now fatal (as per FatFs/Diskio guidelines). You can still choose what to do though:
      • Abort and try again right away from the last part (recommended)
      • Continue (and potentially have a corrupt dump)
    • Fix SD card not mounting (by fixing the switch to low voltage 1.8v for these cards. Normally happening in Samsung sd cards)
    • Add high speed support for high voltage SD Cards


    Description:

    The main difference with the official hekate - ipl is support for automatic partial dumping for your Switch's eMMC.
    Additionally, there are some other quality of life small changes.
    • It automatically starts partial dumping (even in exFAT formatted SD Cards), based on the available free space. Supports both FAT32 and exFAT.
    • If you have enough space and an exFAT formatted partition, it will automatically choose to dump the raw eMMC as one big file.
    Detailed release notes:
    This release lets you dump the USER partition, or the whole RAW eMMC.

    The automatic partial dump is only activated if you don't have enough space in your SD card to dump the whole eMMC.

    The partial dumping is done in 15 2GB parts.
    This way you can even use a 4GB sd card to dump the whole eMMC.

    Normal dumping Procedure:
    If you have enough space, it will automatically dump your eMMC as one big file.

    Partial dumping Procedure:
    1. Run hekate-ipl_ctcaer_1.2 payload
    2. Select "Dump RAW eMMC"
    3. When this is finished, press any key and Power off Switch from main menu
    4. Move the files from SD card to your PC to free some space
      Don't move the partial.idx file!
    5. Unplug and re-plug USB while pressing Vol+
    6. Run hekate-ipl_partial_dumping again and press Dump RAW eMMC to continue
    7. Join the files with your favorite cmd or app
    Notice 1: Users that only have a 2GB or 4GB SD card, use the hekate-ipl_ctcaer_1.2_GBparts payload.
    Notice 2: If you have an unfinished partial dumping and want to start anew, delete the partial.idx file first.

    Warning: When dumping the eMMC, in parts, you should not power on the switch normally and boot to Switch OS before done. Otherwise your finished backup will probably corrupt, because Switch OS writes on your eMMC even if it seems you done nothing.


    Download v1.3


    There are also windows and linux scripts provided, that join these 15 2GB files into one.
    In windows, you can then use rajkosto's biskeydump and HacDiskMount to manipulate your raw eMMC dump.


    Thanks:
    naehrwert for the original code: https://github.com/nwert/hekate
    @rajkosto for his hekate - ipl commits and tools: https://github.com/rajkosto/hekate
    And all other contributors in hekate repo.
     
    Last edited by CTCaer, May 14, 2018
    MeatReed, Seathasky, ICED and 22 others like this.
  2. Taffy

    Taffy AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

    Member
    3
    Mar 3, 2017
    United States
    Student
    Ah....this is clever! But how do you consolidate/re-join the parts afterwards?
     
  3. DSpider

    DSpider GBAtemp Fan

    Member
    3
    Mar 14, 2015
    Romania
    A better question would be is there a way to restore it?
     
  4. CTCaer
    OP

    CTCaer GBAtemp Fan

    Member
    5
    Mar 22, 2008
    Greece
    Check OP, I've added a simple solution.
    You can still use whatever filer joiner exists though.
     
    Taffy likes this.
  5. Taffy

    Taffy AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

    Member
    3
    Mar 3, 2017
    United States
    Student
    iirc we only are able to dump things at this point.

    And if you're concerned about restoring things then you probably shouldn't be screwing with the console in the first place.

    edit: ninja'd

    I like it! Saves me a little money so I don't need to buy a bigger card!

    still will probably get one though
     
    Last edited by Taffy, May 1, 2018
  6. TheZander

    TheZander King of the Level 7's

    Member
    7
    Feb 1, 2008
    United States
    Level 7
    What's the firmware patching functionality of this?
     
  7. CTCaer
    OP

    CTCaer GBAtemp Fan

    Member
    5
    Mar 22, 2008
    Greece
    You can replace various firmwares and functions with your own.
     
  8. rajkosto

    rajkosto GBAtemp Regular

    Member
    3
    Apr 6, 2017
    if you have enough space on your microSD for all of USER you should probably use mine, this one seems a LOT hackier.
     
    CymraegAce and CTCaer like this.
  9. sweetlilmre

    sweetlilmre Member

    Newcomer
    2
    Aug 15, 2010
    The instructions state "Warning: When dumping the USER partition, you should not power on the switch normally before done. Otherwise the USER contents will change."

    Why would reading the contents change the partition?

    -(e)
     
  10. aut0mat3d

    aut0mat3d GBAtemp Regular

    Member
    2
    Mar 15, 2017
    Australia
    If only one bit is written to the Filesystem which you are currently dumping xou have good chances to have it corrupted.
    And you are reading it in parts...
     
    CTCaer likes this.
  11. tecfreak

    tecfreak Member

    Newcomer
    1
    Apr 24, 2018
    Germany
    How do you know that it only reads from this partition?
     
  12. sweetlilmre

    sweetlilmre Member

    Newcomer
    2
    Aug 15, 2010
    If the warning means the dump would be corrupted then that makes sense. The wording was ambiguous.

    -(e)
     
  13. sweetlilmre

    sweetlilmre Member

    Newcomer
    2
    Aug 15, 2010
    Because I looked at the code and writing to the partition when dumping would be insane?

    -(e)
     
  14. aut0mat3d

    aut0mat3d GBAtemp Regular

    Member
    2
    Mar 15, 2017
    Australia
    That is the key, yes.
    I see no reason why the dumper should write to emmc. This would be verry dangerous and there is no reason to do so
     
  15. tecfreak

    tecfreak Member

    Newcomer
    1
    Apr 24, 2018
    Germany
    ^^
    The warning says that you shouldn't boot into the OFW while you are dumping your user partition in the case when you need to restart the system because you have not enough space on your sd card for a complete dump.

    Got it now?
     
    CTCaer likes this.
  16. CTCaer
    OP

    CTCaer GBAtemp Fan

    Member
    5
    Mar 22, 2008
    Greece
    Because booting to Switch OS writes to the user partition.
    And that may render your unfinished backup corrupted, because one part of it changed.

    This tool does not write to your emmc by any means.

    EDIT:
    Fixed the ambiguous description in github
     
    Last edited by CTCaer, May 1, 2018
  17. sweetlilmre

    sweetlilmre Member

    Newcomer
    2
    Aug 15, 2010
    Thanks, makes sense :)
     
  18. TheZander

    TheZander King of the Level 7's

    Member
    7
    Feb 1, 2008
    United States
    Level 7
    Is this how they messed with the FW version field in the screenshots from months ago? What other system firmware changes are possible threw this?
     
  19. Ghost92

    Ghost92 GBAtemp Regular

    Member
    1
    Jun 29, 2017
    Colombia
    Do you think there is a possibility to dump the data directly to the PC ?. Like adding a driver to the useful load that allows to explore the data or transfer it to the connected PC after loading the Payload
     
  20. Carlos Escobar

    Carlos Escobar Member

    Newcomer
    1
    Jan 19, 2016
    Spain
    I have dumped the nand several times but part 6 is always skipped... I use a 32 gb sd and I dump all parts until part 6 hat I have to copy all contents of the sd to my pc and then boot again hetake to finish part 6 and 7 but 6 is always skipped. Anyone knows the reason?

    Regards,
     
    Last edited by Carlos Escobar, May 1, 2018
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice