Toggle sidebar

Homebrew Discussion SX OS Crack Thread

  • Thread starter Thread starter pman152
  • Start date Start date
  • Views Views 465,525
  • Replies Replies 1,206
  • Likes Likes 117
Status
Not open for further replies.
I think we should all just do what the famous Mr. Ping Long originally told us to do and "Pay now play now!!!".
 
Last edited by ,
y4my4m said:
if you mean the person who mentioned it on the 19th, i dont think he decrypted it (not that it was hard, just maybe didnt bother), you can see the name "hot gameboy / icebird" if you look at the text value of the binary.
Still different than extracting it and running it on an emu :P
Click to expand...
I just think you should look for answers in other places because the crack will only be released when the team gives the green light to take it out and here are people who, out of selfishness or being part of the team, turn it into a ridiculous section , perhaps the hack by other hands, but I doubt it is here, including the atmosphere nx stopped and apparently is waiting for the team to alert, it is a round business, until this website fails. the streaming of games is approaching, that means that now many hackers are no longer just providing knowledge to hack chip makers but creating it and maybe they have always been part of it. because the console hacking business ends when the industry goes to streaming, the business of some hackers ends, regards.
 
y4my4m said:
if you mean the person who mentioned it on the 19th, i dont think he decrypted it (not that it was hard, just maybe didnt bother), you can see the name "hot gameboy / icebird" if you look at the text value of the binary.
Still different than extracting it and running it on an emu :P
Click to expand...

Maybe there is an easter egg hidden inside sx os like flog. Did anyone try the movements u do to start flog when the gallery/rom launcher is opened? Maybe it will start the gameboy demo?

I would do in myself but I have no switch yet. I am just here because I am interested in technical details how they managed to secure their os on a fully hacked console.
 
Dabiolos said:
Maybe there is an easter egg hidden inside sx os like flog. Did anyone try the movements u do to start flog when the gallery/rom launcher is opened? Maybe it will start the gameboy demo?

I would do in myself but I have no switch yet. I am just here because I am interested in technical details how they managed to secure their os on a fully hacked console.
Click to expand...
Gotta crack that Game Boy DRM.
 
  • Like
Reactions: Subtle Demise
Once loaded into SX could a homebrew be made to view/dump/decrypt the boot.dat? i know while in SX demo mode (no licence) it disables the backup loader, could a homebrew enable it?
 
  • Like
Reactions: leerz and naddel81
inb4 they update and we still dont have the ability to play cart2 and eshop roms until someone cracks it again,
 
Last edited by Batpeter,
Or extract the backup loader since that is the only thing we really need.
0xD3DPixxel said:
Once loaded into SX could a homebrew be made to view/dump/decrypt the boot.dat? i know while in SX demo mode (no licence) it disables the backup loader, could a homebrew enable it?
Click to expand...

Gesendet von meinem Redmi Note 4 mit Tapatalk
 
The Real Jdbye said:
Maybe he recently reinstalled Windows or got a new PC and hasn't installed IDA yet. Also, there are other alternatives to IDA that work fine. IDA just tends to be a bit easier to use and has more features. But not having IDA installed means nothing.
Click to expand...
If you start cracking something, you usually have IDA ready already. And I haven't actually seen anyone using radare2 or other alternatives, especially on Windows and that would support arm+arm64.
 
0xD3DPixxel said:
Once loaded into SX could a homebrew be made to view/dump/decrypt the boot.dat? i know while in SX demo mode (no licence) it disables the backup loader, could a homebrew enable it?
Click to expand...

that would be a possibility to patch the memory on the running sx os. For this we would need a cheat app/memory debugging homebrew.

But I would bet tx thought of that and used common anti debugging techniques or maybe execute their homebrew in a vm like environment. That could explain why homebrew on sx os runs slower or has compatibility issues... (Matpats Voice: That's just a theory a game/sx os theory)

As stated before, I would love to read how tx secured their os. I think it would be a pretty interesting read.
 
No. We are missing the private keys MITM won't help. All it can do now is to send you a bad activation response. If we somehow managed to get the keys we could activate sx os ourselves.

TX didn't even bother to fix this issue by using SSL certification, hard to say if it was on purpose or they didn't think about it...
 
naddel81 said:
So after the MITM I can create my own licenses?!

Gesendet von meinem Redmi Note 4 mit Tapatalk
Click to expand...
Du scheinst nich ganz zu rallen worums geht, mitm heißt man in the middle, aber ohne die entschlüssellungsschlüssel bringt es nichts außer ungültige lizenzvalidierungen.

You don't seem quite to understand how that works, to make it short, the man in the middle setup won't essentially help with anything regarding in getting a valid license, since the private rsa key is missing
 
  • Like
Reactions: Revard
adrifcastr said:
Du scheinst nich ganz zu rallen worums geht, mitm heißt man in the middle, aber ohne die entschlüssellungsschlüssel bringt es nichts außer ungültige lizenzvalidierungen.

You don't seem quite to understand how that works, to make it short, the man in the middle setup won't essentially help with anything regarding in getting a valid license, since the private rsa key is missing
Click to expand...

since we will certainly never get their private key, what's the point?
 
  • Like
Reactions: Subtle Demise
naddel81 said:
since we will certainly never get their private key, what's the point?
Click to expand...

I can only guess: After release of sx he couldn't knew if there were any requests to validate the payment. He saw the flaw (missing ssl certificate checks) and used a mitm to check for himself and released his findings for us to read.

Maybe the free switch-day guy shows up and hands over the keys. Who knows...

Kroosartige grüße
 
  • Like
Reactions: Revard and naddel81
https://twitter.com/hexkyz/status/1010994458316271616

"PSA: SX OS contains brick code. How do I know this? Take a guess... :/
Anyway, the concept is the same that was used by Gateway for the 3DS: your eMMC will be locked with a specific password. Sadly, in my case, the password was generated from random garbage on the stack. :("
 
  • Like
Reactions: Dabiolos and NeoSlyde
Status
Not open for further replies.

Site & Scene News

Go to forum More news

Popular threads in this forum

Dusk for switch (TLoZ Twilight Princess port)

Homebrew  New Homebrew "Foil Server"?

Homebrew  Full List of N64 Recompilation Switch ports

Hacking  WiFi chip failing and can't boot. is it possible to enable Airplane Mode by editing system save files directly?

Homebrew  Sonic Unleashed Recompiled (Homebrew Port)

Is it fixable

Hacking Emulation  Switch Prod Keys downloading from sites okay?

Homebrew Homebrew game Project  So... Dan didn't want to reveal his Vulkan, so I made mine.