I'm really glad this thread is still alive. Thanks to all the developers and testers. :yayswitch:
You can create a section on the 1st post for your releases on the 1st post if you want.
I was thinking the same thing. cbz-to-b on patch 3. It would change the existing es patches of versions below 11 but it would be much easier and more consistent.
off-topic:
Which OS/python/IDA version do you use? i'll try to install IDA to see the disassemble code easier. last debugger i used...
patch 3 pattern for 11.0.0 below can be used also.
but 11.0.0 we cannot be sure if it will change on new updates.
on patch 1, we can use "patch = int((0x14 << 24) | ((inst >> 5) & 0x7FFFF))" to convert that cbz to b (credit to anon user)
how about at line 16? did you add
your keys there?
i have my prod.keys at %USERPROFILE%\.switch so i don't need to add it as an argument on hactool.
i forgot to add it also on some lines of the script
I looped on all files inside the folder until i get the nca with title id 0100000000000033.
remaining would be finding the addresses.
import os
import sys
import subprocess
if len(sys.argv) == 1:
print("no argv")
sys.exit(1)
ES_NCA = ""
FIRMWARE_DIR = sys.argv[1]
print("Checking files...
Great! thanks for all inputs!
a quick cpp code to get the offset
#include <stdio.h>
#include <iostream>
using namespace std;
typedef unsigned char BYTE;
long getFileSize(FILE *file)
{
long lCurPos, lEndPos;
lCurPos = ftell(file);
fseek(file, 0, 2);
lEndPos = ftell(file)...
Hi,
I haven't verify/confirm the bytes before patch is applied.
I was planning to do one of following to verify :
a. compare FS.decomp.kip1from different firmware version
b. dump or browse the memory region on a running Switch with and without the fs patch and compare.
c. check the vcdiff files...
If you want to know where those hashes came, here is what I've got so far.
1. Download Firmware 11.0.1.zip and extract the contents.
2. 2 ncas will contains "nx" folder (fat32 and exfat). I don't yet know how to identity which specific nca but it's always around 3mb.
3. Extract the contents...
any progress on fs/es patching? are you able to compile atmosphere? we can add debugging outputs on fs/es patching to trace where the hash is from. maybe here -> stratosphere.c line 390 (call to function apply_kip_ips_patches)
I've been playing fallout4 all day, I went into a elevator and it kept going, never stopped, waited 5 minutes, must of been a bug. How bout you, whatcha do today?