Hacking Early Switch model - Black Screen on payload injection (Linux)

D

Deleted member 669151

New Member
OP
Newbie
Level 1
Joined
Aug 18, 2023
Messages
2
Trophies
0
XP
27
I have a Nintendo Switch with a serial # of less than XAW1001 (in the XAW10009 range precisely). I wanted to see if it was actually hackable before going out to get a larger microSD card, but after injecting the payload with fusee-launcher (the Tk interface running as root) I get a black screen. I have tried two payloads, TegraExplorer and a fusee-test payload. The firmware of this Switch is currently at 11.0.1. I tried to find an earlier version of TegraExplorer that was made for 11.0.1 but this didn't work either. I get the following output across any payload:

Code: 
Important note: on desktop Linux systems, we currently require an XHCI host controller. A good way to ensure you're likely using an XHCI backend is to plug your device into a blue 'USB 3' port. 

Identified a Linux system; setting up the appropriate backend.

Found a Tegra with Device ID: [ Redacted for privacy ]

Setting ourselves up to smash the stack...
Uploading payload...
Smashing the stack...
skipping checks
The USB device stopped responding-- sure smells like we've smashed its stack. :)
Launch complete!

I've ensured I am using USB3 because the cable that I'm using, which is the one for the Switch Pro Controller, is plugged into the blue USB port. lsmod shows me that XHCI is indeed being used, and the Injector GUI recognizes the Switch when it is in RCM mode (otherwise the button to inject payload cannot be pressed).

I suppose it can't be hacked, but with such a low serial # and that the site for checking the serial number shows me that mine is in the green, it begs the question of am I doing something wrong? I am using aluminum foil taped to the two farthest back pins to access RCM. I've tried inserting the only microSD card I have (which is 32 GB) formatted with FAT32 to see if it makes a difference, which it doesn't. Is there a certain step in this process that I'm missing or am I just unlucky and have an early patched Switch?
 
Ryab

Ryab

Well-Known Member
Member
Level 14
Joined
Aug 9, 2017
Messages
3,283
Trophies
1
XP
4,555
Country
United States
hunter0one said:
I have a Nintendo Switch with a serial # of less than XAW1001 (in the XAW10009 range precisely). I wanted to see if it was actually hackable before going out to get a larger microSD card, but after injecting the payload with fusee-launcher (the Tk interface running as root) I get a black screen. I have tried two payloads, TegraExplorer and a fusee-test payload. The firmware of this Switch is currently at 11.0.1. I tried to find an earlier version of TegraExplorer that was made for 11.0.1 but this didn't work either. I get the following output across any payload:

Code: 
Important note: on desktop Linux systems, we currently require an XHCI host controller. A good way to ensure you're likely using an XHCI backend is to plug your device into a blue 'USB 3' port.

Identified a Linux system; setting up the appropriate backend.

Found a Tegra with Device ID: [ Redacted for privacy ]

Setting ourselves up to smash the stack...
Uploading payload...
Smashing the stack...
skipping checks
The USB device stopped responding-- sure smells like we've smashed its stack. :)
Launch complete!

I've ensured I am using USB3 because the cable that I'm using, which is the one for the Switch Pro Controller, is plugged into the blue USB port. lsmod shows me that XHCI is indeed being used, and the Injector GUI recognizes the Switch when it is in RCM mode (otherwise the button to inject payload cannot be pressed).

I suppose it can't be hacked, but with such a low serial # and that the site for checking the serial number shows me that mine is in the green, it begs the question of am I doing something wrong? I am using aluminum foil taped to the two farthest back pins to access RCM. I've tried inserting the only microSD card I have (which is 32 GB) formatted with FAT32 to see if it makes a difference, which it doesn't. Is there a certain step in this process that I'm missing or am I just unlucky and have an early patched Switch?
Click to expand...
Deleted
 
Last edited by Ryab,
Hayato213

Hayato213

Newcomer
Member
Level 28
Joined
Dec 26, 2015
Messages
20,096
Trophies
1
XP
21,300
Country
United States
Ryab said:
If you use something like TegraRCMhgui it will specify if the system is in RCM mode. If the system says it is in RCM mode then it 100% is a hackable system. Also make sure you have installed the proper driver for it. If you have not I know that TegraRCMGui does have the installer built in.
Click to expand...

Patched unit can enter RCM mode too, just that they don't accept payload.
 
masagrator

masagrator

The patches guy
Developer
Level 22
Joined
Oct 14, 2018
Messages
6,325
Trophies
3
XP
12,161
Country
Poland
It's easier to confirm that with TegraRCMGui as it returns how many bytes it "smashed".

If it's 0x0000, it's patched. If it's 0x7000, it's not patched. Payload may not work for other reasons than unit being patched, so this is definitive way to check if Switch is patched.
 
D

Deleted member 669151

New Member
OP
Newbie
Level 1
Joined
Aug 18, 2023
Messages
2
Trophies
0
XP
27
masagrator said:
It's easier to confirm that with TegraRCMGui as it returns how many bytes it "smashed".
Click to expand...
Sadly TegraRCMGui doesn't work on Linux. So far the only injectors I know that work would be fusee-launcher and any frontends to it like the Tk one I used since its written in Python.
Post automatically merged:

Holy cow, JTegraNX works! TegraExplorer successfully appears on screen

My suggestion for Linux users, use JTegraNX. :)
 
Last edited by Deleted member 669151,

Site & Scene News

Go to forum More news

Popular threads in this forum

Paper Mario TTYD 60fps patch?

Paper Mario Thousand Year Door got leaked

Hacking Misc Tutorial  Eiyuden Chronicle Hundred Heroes save editing

TTYD patch for AMD black screen sewer issue?

Tutorial  How to play Pokerogue on Nintendo Switch

Help a noob with if I need to update CFW to 18.0 or not

Is there any point upgrading to 18.0?

Paper Mario TTYD Resolution Patch?

General chit-chat
Help Users
  • Xdqwerty @ Xdqwerty:
    @SylverReZ, that game is one of the reasons i met newgrounds bc the full versión of it is in that site
  • Xdqwerty @ Xdqwerty:
    Also somebody is remaking it
  • SylverReZ @ SylverReZ:
    @Xdqwerty, Reason how I found Newgrounds: https://www.newgrounds.com/portal/view/249365
  • Xdqwerty @ Xdqwerty:
    @SylverReZ, the other game where I found newgrounds is new york shark
     +1
  • SylverReZ @ SylverReZ:
    Spoke to Tom Fulp the other day, if he can find his old Newgrounds site content like the mini Flash animations from the 2000's that played on the portal.
  • SylverReZ @ SylverReZ:
    So far no response, but he did say that he'll find them. Wayback Machine doesn't have em.
  • Xdqwerty @ Xdqwerty:
    @SylverReZ, atleast the 1999 versión of pico's school is avaliable (the difference between it, the 2006 versión and the 2016 versión is that the speed of the game depends of the speed of your computer and that it had the og soundtrack)
  • SylverReZ @ SylverReZ:
    @Xdqwerty, Another being Pico VS Bear, the original 1999 version before Jim Henson filed a DMCA takedown.
     +1
  • Xdqwerty @ Xdqwerty:
    The 2006 versión was made when the flash portal was made
  • SylverReZ @ SylverReZ:
    Many people thought it was lost, but was discovered that he hid it on the same page.
  • SylverReZ @ SylverReZ:
    https://tcrf.net/Pico_VS_Bear
  • Xdqwerty @ Xdqwerty:
    @SylverReZ, although the "secrets" system where the game was has been removed. Also pico vs uberkids had a netplay versión that was shutdown, although the swf file has been found
  • SylverReZ @ SylverReZ:
    @Xdqwerty, Nope. There are two download buttons on the same page, where you can download the original under a file called "bear.exe". "bear2.exe", however, is the updated game in a Flash projector. P.s. this was on the archived Pico page from 2000.
  • SylverReZ @ SylverReZ:
    @Xdqwerty, That's been there for a long time, too. People who search for lost media don't look hard enough lmao.
     +1
  • Xdqwerty @ Xdqwerty:
    @SylverReZ, also the pico 2 demos used to be only for the newgrounds patrons but they are on internet archive too (https://archive.org/download/picos_school_2)
     +1
  • Xdqwerty @ Xdqwerty:
    Iirc the demos were removed from newgrounds in 2022
  • Xdqwerty @ Xdqwerty:
    @SylverReZ, or well only the demo with mindchamber's style was on newgrounds
     +1
  • Xdqwerty @ Xdqwerty:
    Fun fact @SylverReZ: iirc one of the goals on the fnf Kickstarter stated that pico 2 would be finished but the Kickstarter didnt get enough money for that goal to be fullfiled
  • SylverReZ @ SylverReZ:
    @Xdqwerty, FNF sucks, their community is toxic as hell.
  • The Real Jdbye @ The Real Jdbye:
    @SylverReZ its a single player game
  • Xdqwerty @ Xdqwerty:
    @The Real Jdbye, Yea but it has a shitton of mods with their own songs and stuff
  • Xdqwerty @ Xdqwerty:
    @The Real Jdbye, and quite a lot of people involved in those mods get cancelled
  • SylverReZ @ SylverReZ:
    Newgrounds wasn't the birth of FNF; rather, it was games where you beat up celebrities and parodies.
  • a_username_that_is_cool @ a_username_that_is_cool:
    FNF was born from Game Jams
  • a_username_that_is_cool @ a_username_that_is_cool:
    Specifically Ludum Dare 47
    a_username_that_is_cool @ a_username_that_is_cool: Specifically Ludum Dare 47