Toggle sidebar

Hacking Question The *.nrp loader

D

Deleted member 191657

Well-Known Member
Newcomer
Level 8
Joined
Aug 10, 2009
Messages
87
Reaction score
199
Trophies
1
XP
1,315
Country
Italy
During the "hyper-release-day" of yesterday, on #switch-hacking-meta of the Reswitched Discord, this snippet of code was pasted

PdWe2LF.png

https://pastebin.com/a19ZDZAw

And I feel it deserves way more attention and clarification:

- Since sm:h (if I understand correctly) is exploitable only on 3.0.0, how would this code work in firmwares below 3.0.0?
- How exactly does one obtain a .nsp executable?
- Does it actually allow homebrew launching on fw 1.0.0 to 3.0.0?

Thanks to anyone that can clarify.

EDIT: AAAAND i wrote NSP wrong. Twice.
 
Last edited by Deleted member 191657,
  • Like
Reactions: Technicmaster0, charlieb, Boot_8046 and 2 others
Yes, this deserves much attention! Been waiting on 1.0.0 for ages now and I'm itching to tinker with some homebrew.

Thanks for sharing!

I'd try it but I'm currently at work so if another 1.0.0'er tries it and it works, please post back, thanks!

(Sorry still riding that wave of excitement from yesterday)

LucaFraga said:
During the "hyper-release-day" of yesterday, on #switch-hacking-meta of the Reswitched Discord, this snippet of code was pasted

PdWe2LF.png

https://pastebin.com/a19ZDZAw

And I feel it deserves way more attention and clarification:

- Since sm:h (if I understand correctly) is exploitable only on 3.0.0, how would this code work in firmwares below 3.0.0?
According to TuxSH, it works on 2.1.0, just not tested on other low firmwares.
- How exactly does one obtain a .nrp executable?
I'm actually trying to figure that out now while I'm on the way to the job site. If I figure it out before I actually start working I'll post how.
- Does it actually allow homebrew launching on fw 1.0.0 to 3.0.0?
According to TuxSH, it works on 2.1, just not tested on the other firmwares yet, I'm sure it does though. They have been saying 1.0.0-3.0.0 is "interchangeable" so that leads me to believe it will, hopefully without any or much modifications.

Thanks to anyone that can clarify.
Click to expand...
 
Last edited by BL4Z3D247,
Would it be possible to run the hbl without an internet connection after running it once with something like this?
 
Loke said:
Would it be possible to run the hbl without an internet connection after running it once with something like this?
Click to expand...
Yes and no.

(Educated guess.)

You are basically swaping the need for going through the browser based steps (exploit can also be hosted in your local LAN, if internet is an issue, search for esp8266 in this forum), with a need to go through the "shorting pins - and presumably also tethering through usb" steps.

As a 3.0.0 user - it would take more than this or me to go through the "shorting pins" method after each bootup. More - as in "a cfw with more "features"" which is coming anyhow.

Running this "once" this way - wouldnt change anything. The "remaping" this script does gets reset on reboot. Its not permanent.
 
Last edited by notimp,
BL4Z3D247 said:
Yes, this deserves much attention! Been waiting on 1.0.0 for ages now and I'm itching to tinker with some homebrew.

Thanks for sharing!

I'd try it but I'm currently at work so if another 1.0.0'er tries it and it works, please post back, thanks!

(Sorry still riding that wave of excitement from yesterday)
Click to expand...

I tried running it via PegaSwitch on my 1.0.0. The script runs just fine, but running Album just crashes the Switch (assuming because it does not find the .nrp file)
 
Eh guys?

Short logic test incoming.

If HBL only was a thing on 3.0.0 how do you expect a simple script that launches the HBL payload to work on 1.0.0 all of a sudden?

Don't you think HBL does more than just "run - and everything will be good" conceptually? You know like - making sure you can launch .nros in userland, from an SDcard, ...

edit: So even if it runs on 2.1.0 it might not on 1.0.0 and so forth - at which point this becomes pretty much an exercise in futility.. ;) (Enabling one lower version firmware to be HBL compatible at one time... :) )
 
Last edited by notimp,
From Switchbrew:
This is the FS which has magicnum "PFS0" at header+0. This is very similar to HFS0. A tool for extracting this FS is available here.

The hash table is hashes for every {Block size from superblock} starting at the PFS0 header. The size used for the last hash is {PFS0 filesystem size from superblock} - offset_relativeto_header.

See also the PFS0 superblock above.
Click to expand...

That tool will allow us to obtain the nsp file if I'm not mistaken.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Feedback Homebrew  Essential Homebrew

Homebrew Tutorial Translation Project  CS2SX — Write Nintendo Switch Homebrew in C#

Homebrew Homebrew game Project  So... Dan didn't want to reveal his Vulkan, so I made mine.

Homebrew  Sonic Unleashed Recompiled (Homebrew Port)

running 20.5 Is it worth upgrading my firmware...?

Homebrew Homebrew game  GTA: Chinatown Wars - Switch port

Homebrew Homebrew game  Lego Star Wars: The Complete Saga · Switch Port

Is it fixable