Tutorial  Updated

A definitive way to test if your Switch is patched or not (purchases after 07-2018)

This tutorial uses TegraRCM command line to send payloads to RCM enabled Switch.
Command line is used since it offers a more detailed explanation on what is going on.
So it is a definitive way to confirm if your Switch is patched or not without further questions.
This tutorial does not make any modification to your Switch console.

Requirement:
No Micro SD Card is required.
1. Any way of entering Recovery Mode. Please read here, https://gbatemp.net/threads/the-ultimate-list-of-mods-to-enter-rcm.502145/
2. biskeydump.bin payload(please get the latest version, as of 30th July 2019, the latest version is V9), can be downloaded from https://switchtools.sshnuke.net/
3. TegraRcm GUI, can be downloaded from https://github.com/eliboa/TegraRcmGUI/releases
4. USB C to USB A cable
5. A PC with USB port (Sorry I don't have Mac so I could not cover this area)

Step-by-Step (in total 7 steps):
1. put in your RCM Jig on the right joy con rail. Press and hold Vol+ then press the power button.
You should see a black/blank screen after you press the power button.
If you see a Nintendo logo, you can power off your console and try to adjust your RCM Jig position.

2. To install APX driver
2.1 Launch TegraRcm GUI, go to Settings tab, click on "Install Driver" button.
2-1-1.jpg

Confirm the driver installation.
2-1-2.jpg

2.2 For those having problems installing APX driver :
Install and launch Zadig. Plug your Switch in RCM mode, then select Options > List All Devices.
Select the APX device and check which driver is installed for this specific device. If libusbK is not the current driver, install it.
zadig.png
(This step is copied from https://gbatemp.net/threads/tegrarcmgui-simple-gui-for-tegrarcmsmash.503510/)

3. Plug in USB cable from your PC to Switch(in RCM).
Open TegraRcm GUI and you should see this window with "RCM OK".
3.jpg

Alternatively, you can use Device Manager to confirm if the APX device is recognized.
3-2.jpg

Now you can close the TegraRcm GUI application.

4. Copy biskeydump.bin to the TegraRcm GUI folder.
4-1.jpg

5. Open a command line and go to the TegraRcm GUI folder.
4.jpg

6. Run this on the command line
Code: 
TegraRcmSmash.exe -w biskeydump.bin BOOT:0x0

7. Check the result
7.1 Switch accepts and executes payload, which mean your Switch is not patched.
Please refer to 0X7000
working.png

You will also see QR code on your Switch screen.

7.2 Switch accepts but does not executes payload, which means your Switch is patched.
Please refer to 0X0000
not-working.png
 
Last edited by gnilwob, , Reason: update biskeydump version
  • Like
Reactions: Blythe93, KholodOK, JenAtkinson and 43 others
Click to expand...
E

Eds89

Member
Newcomer
Joined
Sep 6, 2018
Messages
20
Trophies
0
Age
35
XP
145
Country
United Kingdom
Is it true that patched units running 4.1 are still open to the Deja Vu exploit, and may still be possible to hack in the future?
 
Draxzelex

Draxzelex

Well-Known Member
Member
Joined
Aug 6, 2017
Messages
19,021
Trophies
2
Age
29
Location
New York City
XP
13,423
Country
United States
Eds89 said:
Is it true that patched units running 4.1 are still open to the Deja Vu exploit, and may still be possible to hack in the future?
Click to expand...
Yes because Deja Vu is a software exploit meaning its dependent on the firmware of the console. These ipatched units have slightly modified hardware hence why they are immune to Fusee Gelee which is a hardware exploit.
 
E

Eds89

Member
Newcomer
Joined
Sep 6, 2018
Messages
20
Trophies
0
Age
35
XP
145
Country
United Kingdom
Draxzelex said:
Yes because Deja Vu is a software exploit meaning its dependent on the firmware of the console. These ipatched units have slightly modified hardware hence why they are immune to Fusee Gelee which is a hardware exploit.
Click to expand...

Excellent! I'm guessing that because I can't find any info on it it's still pending a release?
It is something the atmosphere guys are likely to release when their CFW is completed?
 
Draxzelex

Draxzelex

Well-Known Member
Member
Joined
Aug 6, 2017
Messages
19,021
Trophies
2
Age
29
Location
New York City
XP
13,423
Country
United States
Eds89 said:
Excellent! I'm guessing that because I can't find any info on it it's still pending a release?
It is something the atmosphere guys are likely to release when their CFW is completed?
Click to expand...
The most likely release date for Deja Vu is when the new Mariko Units ship as these will not only block the Fusee Gelee exploit but many possible other unreleased bootrom exploits.
 
E

Eds89

Member
Newcomer
Joined
Sep 6, 2018
Messages
20
Trophies
0
Age
35
XP
145
Country
United Kingdom
Draxzelex said:
The most likely release date for Deja Vu is when the new Mariko Units ship as these will not only block the Fusee Gelee exploit but many possible other unreleased bootrom exploits.
Click to expand...
That makes perfect sense!

Cheers
Eds
 
M

MovingxTarget

Member
Newcomer
Joined
Jan 30, 2018
Messages
9
Trophies
0
Age
27
XP
143
Country
United States
Important to note that when using a VM via Parallels or any method on Mac will give you 0x0002.

This DOES NOT mean your Switch is patched. The software works incorrectly with VM's.

Use Bootcamp or a real Windows computer. Turns out my Switch was unpatched. :)
 
  • Like
Reactions: gnilwob
J

jamezco

Member
Newcomer
Joined
Nov 20, 2006
Messages
17
Trophies
0
XP
67
Country
Thank you guys for sharing the walkthrough on how to check patched or not patched ... ^_^ ... Works ... XAJ700464XXXXX is definitely patched ...
 
S

Shadow147

Active Member
Newcomer
Joined
Oct 1, 2018
Messages
37
Trophies
0
Age
34
XP
134
Country
China
Hi guys!

So yeah I'm not sure if my Switch is gonna be able to be hacked so I want to test it but unfortunately I only have a Macbook Air, which means I don't have a disc drive to be able to install a Windows partition (I also don't own a flash drive unfortunately).

I have a jig so no hard-modding will be required or attempted and I'm just wondering-- Is there actually any risk to directly trying to load the CFW/payload so long as I keep the Switch in Airplane Mode?

If there isn't, surely just trying to do it could be my test?

Do please let me know if I'm being stupid here because I am very much a novice haha.
 
G

gnilwob

Well-Known Member
OP
Member
Joined
Mar 16, 2008
Messages
204
Trophies
1
XP
646
Country
Hong Kong
Shadow147 said:
Hi guys!

So yeah I'm not sure if my Switch is gonna be able to be hacked so I want to test it but unfortunately I only have a Macbook Air, which means I don't have a disc drive to be able to install a Windows partition (I also don't own a flash drive unfortunately).

I have a jig so no hard-modding will be required or attempted and I'm just wondering-- Is there actually any risk to directly trying to load the CFW/payload so long as I keep the Switch in Airplane Mode?

If there isn't, surely just trying to do it could be my test?

Do please let me know if I'm being stupid here because I am very much a novice haha.
Click to expand...

Well, if you are sure that your JIG is working (Switch boots into RCM).
You can use any fusee gelee launcher on MacOS and send biskeydump payload to test your switch.
If you can see QR code on switch screen, your switch is not patched.
If you cannot see QR code on switch screen, it is either your switch is not in RCM(JIG does not work properly) or your switch is patched.
 
  • Like
Reactions: Shadow147
S

Shadow147

Active Member
Newcomer
Joined
Oct 1, 2018
Messages
37
Trophies
0
Age
34
XP
134
Country
China
gnilwob said:
Well, if you are sure that your JIG is working (Switch boots into RCM).
You can use any fusee gelee launcher on MacOS and send biskeydump payload to test your switch.
If you can see QR code on switch screen, your switch is not patched.
If you cannot see QR code on switch screen, it is either your switch is not in RCM(JIG does not work properly) or your switch is patched.
Click to expand...

Super quick reply-- Thank you!

I'll give this a go later today and let you know :-)
 
S

Shadow147

Active Member
Newcomer
Joined
Oct 1, 2018
Messages
37
Trophies
0
Age
34
XP
134
Country
China
...Nuts.

So the screen does stay dark when I hold the volume+ and power buttons for 5 seconds, but then when I plug it into the usb, the screen comes on as normal :-(
 
G

gnilwob

Well-Known Member
OP
Member
Joined
Mar 16, 2008
Messages
204
Trophies
1
XP
646
Country
Hong Kong
Shadow147 said:
...Nuts.

So the screen does stay dark when I hold the volume+ and power buttons for 5 seconds, but then when I plug it into the usb, the screen comes on as normal :-(
Click to expand...

Which mean you didn't boot your switch to RCM at all.
It does not prove anything.
 
  • Like
Reactions: Shadow147
S

Shadow147

Active Member
Newcomer
Joined
Oct 1, 2018
Messages
37
Trophies
0
Age
34
XP
134
Country
China
gnilwob said:
Which mean you didn't boot your switch to RCM at all.
It does not prove anything.
Click to expand...

Oh I thought the patched Switches are unable to boot into RCM at all?

I definitely made sure the jig was properly inserted, positioned and that I was properly holding down the buttons for long enough.

How else can you make sure, if it doesn't seem to be booting to RCM?
 
G

gnilwob

Well-Known Member
OP
Member
Joined
Mar 16, 2008
Messages
204
Trophies
1
XP
646
Country
Hong Kong
Shadow147 said:
Oh I thought the patched Switches are unable to boot into RCM at all?

I definitely made sure the jig was properly inserted, positioned and that I was properly holding down the buttons for long enough.

How else can you make sure, if it doesn't seem to be booting to RCM?
Click to expand...

If you have a windows machine, you can follow the step to get the RCM OK which mean that your device is on RCM.
If it is only black screen, you can't tell if it is turn off or it is on RCM.

Both patched and unpatched switch can boot into RCM but it will accept or reject unsigned payload accordingly.
 
  • Like
Reactions: Shadow147
S

Shadow147

Active Member
Newcomer
Joined
Oct 1, 2018
Messages
37
Trophies
0
Age
34
XP
134
Country
China
gnilwob said:
If you have a windows machine, you can follow the step to get the RCM OK which mean that your device is on RCM.
If it is only black screen, you can't tell if it is turn off or it is on RCM.

Both patched and unpatched switch can boot into RCM but it will accept or reject unsigned payload accordingly.
Click to expand...

:-( I don't have access to a Windows machine at the moment.

Is there currently no other way to check RCM on Mac?
 
G

gnilwob

Well-Known Member
OP
Member
Joined
Mar 16, 2008
Messages
204
Trophies
1
XP
646
Country
Hong Kong
Shadow147 said:
:-( I don't have access to a Windows machine at the moment.

Is there currently no other way to check RCM on Mac?
Click to expand...

I do not have Mac so I cannot try or support it.
You will need a tool to detect if your Switch is on RCM to be able to "definitely" confirm that your console is patched or not.
This is to rule out the possibility that user may not know how to use JIG properly.

An "RCM OK" on tegrarcmgui on windows is one of the example to make sure that your device is on RCM.
You will have to find similar app on Mac. (I don't know any).
 
  • Like
Reactions: Shadow147

Site & Scene News

Go to forum More news

Popular threads in this forum

Emulation Homebrew  duckstation for Switch

Can you trade in a banned switch for an unbanned one?

Why is Atmosphere so dominant?

Hacking Misc Tutorial  Eiyuden Chronicle Hundred Heroes save editing

Hacking  Weird findings from that DQ trilogy switch port

Migswitch backups without certificate files

Help a noob with if I need to update CFW to 18.0 or not

Emulation Misc  Is a totk memory editor possible? If so why has no one made one yet?

General chit-chat
Help Users
  • No one is chatting at the moment.
    Psionic Roshambo @ Psionic Roshambo: https://www.youtube.com/watch?v=iIpfWORQWhU