Hacking Question Will I get banned?

[LeMageFro]

How do you even get a clean NAND backup if you use use a CFW or homebrew to dump the NAND? I haven't done any homebrew with my Switch at all.

You use hekate, which is a payload that runs on the switch before anything from HOS gets booted (the main function of hekate is to be a custom bootloader actually). So it's not a CFW nor a Homebrew and does not modify your sysNAND, hence leaving it "clean" when you back it up.

 

[Lumince]

okay so I have checked my Backup and it looks like I "only" have the raw Nand backup :/

So do you know if this was made before running cfw and such?

 

[RedBlueGreen]

You can make a NAND backup using Hekate, before the Switch operating system ever loads. Making a NAND backup with Hekate should be the very first thing a person does.

In other words, if you use Hekate to make a NAND backup, you are making the NAND backup before using CFW and/or homebrew.

So in THEORY having a clean Sysnand and an Emunand that's either never been online, or online with 90DNS or Incognito, should be safe?

 

[Lacius]

So in THEORY having a clean Sysnand and an Emunand that's either never been online, or online with 90DNS or Incognito, should be safe?

That's correct, yes. Many people use this setup and haven't been banned, so it seems to work in practice.

 

[akey83]

So do you know if this was made before running cfw and such?

sorry for the late response- the whole family is over at our place I bought the clean Switch and did the Nand dump right after, then I started with the CFW

 

[akey83]

okay so I just checked my clean SysNand Backup and I was on FW 5.1.0. Since I never did a downgrade, here are my steps, please correct me if I'm missing something or if these steps are correct.

Step 1: Backup current dirty SysNand + Boot0/1 (Hekate)
Step 2: Restore "clean" SysNand (Hekate)
Step 3: Downgrade to FW 5.1.0 (ChoiDUjourNX)
Step 4: Backup Boot0/1 from SysNand (Hekate)
Step 5: Upgrade clean SysNand to current FW 9.1.0
Step 6: Go Online and see what happens
Step 7: Create EmuNand
Step 8: Install CFW/Atmosphere + 90DNS + Incognito

 

[The Real Jdbye]

okay so I just checked my clean SysNand Backup and I was on FW 5.1.0. Since I never did a downgrade, here are my steps, please correct me if I'm missing something or if these steps are correct.

Step 1: Backup current dirty SysNand + Boot0/1 (Hekate)
Step 2: Restore "clean" SysNand (Hekate)
Step 3: Downgrade to FW 5.1.0 (ChoiDUjourNX)
Step 4: Backup Boot0/1 from SysNand (Hekate)
Step 5: Upgrade clean SysNand to current FW 9.1.0
Step 6: Go Online and see what happens
Step 7: Create EmuNand
Step 8: Install CFW/Atmosphere + 90DNS + Incognito

Once you restore your clean NAND backup you will be on 5.1.0, no extra steps needed to downgrade as long as you have your boot0/boot1 backup, if you don't, you'll have to create them with ChoiDujour (non NX), as the console will not boot with mismatching boot0/boot1. At no point should you run any homebrew or CFW on the clean NAND or it will no longer be clean.

 

[ZachyCatGames]

I’m just simply saying it in layman’s terms without going into great detail a payload is data “the ban” that is sent to a destination ie his switch from Nintendo headquarters, soon as that switch connects to the worlds web the ban is then activated on the console this then bans his switch ASAP and there is nothing he can do to stop this automated procedure from happening.

That’s not how it works...
Nintendo removes your cert from their whitelist, resulting in their servers rejecting any requests made by your cert.
Nothing is sent to the system to make it banned or whatever.

 

[LeMageFro]

okay so I just checked my clean SysNand Backup and I was on FW 5.1.0. Since I never did a downgrade, here are my steps, please correct me if I'm missing something or if these steps are correct.

Step 1: Backup current dirty SysNand + Boot0/1 (Hekate)
Step 2: Restore "clean" SysNand (Hekate)
Step 3: Downgrade to FW 5.1.0 (ChoiDUjourNX)
Step 4: Backup Boot0/1 from SysNand (Hekate)
Step 5: Upgrade clean SysNand to current FW 9.1.0
Step 6: Go Online and see what happens
Step 7: Create EmuNand
Step 8: Install CFW/Atmosphere + 90DNS + Incognito

Restoring your clean rawnand.bin is not the second step, the process is :
Step 1: Backup current dirty SysNand + Boot0/1 (Hekate) and copy them on your PC
Step 2: Downgrade to FW 5.1.0 (ChoiDUjourNX). For this you're gonna have to find the files of FW 5.1.0 somewhere, you can find them on xbins for exemple. DM if you need help finding them.
Step 3: Backup Boot0/1 from SysNand (Hekate)
Step 4: Restore boot0, boot1 and clean rawnand.bin with hekate
Step 5: Upgrade clean SysNand to current FW 9.1.0.
Step 6: Go Online and see what happens

And you don't really need steps 7 and 8, your current emuMMC partition should be unaffected by all the previous steps. If you've set it up with incognito/90DNS before it will still be set up.

Once you restore your clean NAND backup you will be on 5.1.0, no extra steps needed to downgrade as long as you have your boot0/boot1 backup, if you don't, you'll have to create them with ChoiDujour (non NX), as the console will not boot with mismatching boot0/boot1. At no point should you run any homebrew or CFW on the clean NAND or it will no longer be clean.

Yeah the thread went a bit south due to the whole "what gets you banned" discussion so it's hard to follow, but OP had not backed up boot0/1 from 5.1, hence the extra steps to downgrade and get them. I don't see why downgrading with choiNX and then backing up boot0/1 wouldn't work ?

 

[akey83]

okay, I will try my luck today

 

[LeMageFro]

okay, I will try my luck today

Cool, let us know how it went !
By the way if you have a european account and disabled telemetry there is a way to update your sysNAND to 9.1 without loosing autoRCM and burning fuses and without getting banned (it may also work without a european account but I can't guarantee it). If you just use the official updater to go from 5.1 to 9.1 you will lose autoRCM, more fuses will be burnt and you won't be able to downgrade in the future to use the déjà vu exploit, but I don't know if you care about that.

 

[akey83]

I have an European Switch yes Okay, that would be awesome, is there a Guide or Tutorial on how to update the "proper" way without losing AutoRCM?

 

[LeMageFro]

I have an European Switch yes Okay, that would be awesome, is there a Guide or Tutorial on how to update the "proper" way without losing AutoRCM?

I don't think there is really a guide so I'll explain the process. First you need to connect to your Nintendo account and disable the telemetry option (that's only possible with a european account, thanks to GDPR), for this you can follow the step 2 indicated here : https://switch.homebrew.guide/hacking/fuseegelee/safetyprecautions.html?highlight=disable

After that you will have to boot your sysNAND under CFW in order to update with ChoiDuJourNX. If you only do that and reboot to stock HOS as soon as the update is done you should not get banned. I've been doing it since 4.0 tu keep my sysNAND updated and have never been banned, but I can't 100% guarantee it for you and you should decide for yourself if it's a risk worth taking, however small it probably is.

I can detail the exact process I personally follow :
1) I boot my switch on stock HOS and connect it to the internet.
2) I open the settings, go to system and just open the system update menu to force the switch to download the latest firmware update. Do not press the "update" option once you've opened this menu as it would start the official update. Instead just qui it by hitting B.
3) I wait for a few minutes, until the line under "system update" no longer tell what version of FW I'm on but instead says "system update ready". This means that the update has been downloaded in the background.
4) I reboot my sysNAND under CFW.
5) I use Firmware Dumper to dump the pending update to my sd card (this can take a while). You can find it here https://gbatemp.net/threads/firmware-dumper.522522/
6) I use ChoiDuJourNX to apply the update from the sd card.
7) I reboot on stock HOS after the update is done.

There are other ways to get the update files than going through steps 2 and 3, like downloading it from xbins, but these are the closest to the regular update process since it does connect to Nintendo's servers to get the files.

 

[akey83]

back when I did the original clean Nand backup I made a note saying it was FW5.1.0 but now I'm not that sure anymore... anyway, now when I try to read the FW with the Firmware Version Inspecter Tool by shchmue I get the following error... I have a feeling the OG nand backup is somehow corrupted Damn, I think that's it, screwed.

 

[akey83]

quick update. Since my original clean Nanddump got corrupted I had to use Haku33's tool and cleaned/wiped my dirty nand. After setting up everything I am able to use the eShop and download apps. I wonder if they would ban me right away or if it will take some time to receive a ban in case I was blacklisted before.

I installed 90DNS and Incognito for my EmuNand setup, also does it make sense to use incognito for your "clean" SysNand too (to go online) ?

 

[LeMageFro]

quick update. Since my original clean Nanddump got corrupted I had to use Haku33's tool and cleaned/wiped my dirty nand. After setting up everything I am able to use the eShop and download apps. I wonder if they would ban me right away or if it will take some time to receive a ban in case I was blacklisted before.

I installed 90DNS and Incognito for my EmuNand setup, also does it make sense to use incognito for your "clean" SysNand too (to go online) ?

Since you've never been online without 90DNS/incognito after using CFW I don't think you've been blacklisted, and I don't see why Nintendo would wait to ban a certificate, so you're almost certainly safe, congrats !

You cannot use incognito on your sysNand if you want to play online and buy games from the eShop, after your serial number has been erased you won't be able to connect to Nintendo's servers anymore because they won't be able to identify your switch and will refuse to communicate with it (which is precisely the point of using incognito). 90DNS will also prevent you to play online and connect to the eshop and seems useless to me if you intend to keep your Nand clean. If you want to start your sysNand under CFW only to update it with ChoiDuJourNX just don't forget to go offline before doing so.

Lastly, you should make a new full backup (boot0, boot1, rawnand) of your current "clean" sysNand and keep it somewhere safe and reliable.

 

[Erol]

Yea