ROM Hack Is a reeboot payload NSP or XCI possible?

[Kallim]

There's been similar questions to this. But has anyone written, working on, or thought of "Reboot to payload" as an XCI or NSP file.

The idea being it'd basically be a Fake Game so it'd exist in OFW. So it would allow you to boot into Custom Firmware even when OFW (no homebrew) is running. The concept is to allow CFW to launch even if no jig/dongle or laptop are handy.

Other people have asked if the homebrew app "reeboot to payload" or "payload launcher" can be installed on OFW but this obviously isn't possible as OFW can't run homebrew apps.

I'm asking if anyone has written or thought of effectively writing a full NSP that will do the same thing, independently of CFW?? It'd obviously need to be installed on the sysnand, but would completely eliminate the need for a Jig/RCM loader/laptop etc.

In theory can this even be done?? Also would it have a ban risk? (after all it will be on the sysnand)

 

[kidkat210]

1) I dont think it would be possible, you would need sig patches to "launch" said nsp. Without cfw, the nsp would error out and kick you to the switches dashboard. In order to achieve something like what your thinking/suggesting, you would need nintendo keys for signing games and such (which no one has, nor has been leaked)

2) even if this was possible, it would more than likely lead to a ban. Since its an unsigned (non-legit) nsp installed.

Anyone correct me if I'm wrong/misinformed

 

[CompSciOrBust]

You can make a reboot to payload NSP (any homebrew can be compiled as an NSP) but it wouldn't work outside of CFW unless you somehow got ahold of Nintendo's private keys, which probably isn't happening any time soon unless you're willing to break in to their offices.

Edit: Actually even if you got their private keys it still wouldn't work outside of CFW because rebooting to payload requires extra permissions that games don't normally have access (CFW allows them to run with extra permissions) to so you would have to get the keys for signing the firmware. If you managed to get them you wouldn't even need an NSP though, you can just boot straight in to CFW.

 

[Kallim]

You can make a reboot to payload NSP (any homebrew can be compiled as an NSP) but it wouldn't work outside of CFW unless you somehow got ahold of Nintendo's private keys, which probably isn't happening any time soon unless you're willing to break in to their offices.

Edit: Actually even if you got their private keys it still wouldn't work outside of CFW because rebooting to payload requires extra permissions that games don't normally have access (CFW allows them to run with extra permissions) to so you would have to get the keys for signing the firmware. If you managed to get them you wouldn't even need an NSP though, you can just boot straight in to CFW.

Not the same keys provided lockpickrcm.bin I assume?? Or that'd be too easy.

 

[hippy dave]

Not the same keys provided lockpickrcm.bin I assume?? Or that'd be too easy.

No definitely not. Nintendo's private signing keys don't exist within the Switch to be extracted, and don't exist outside of specially designed secure hardware within Nintendo headquarters.

 

[CompSciOrBust]

No definitely not. Nintendo's private signing keys don't exist within the Switch to be extracted, and don't exist outside of specially designed secure hardware within Nintendo headquarters.

Tangently related: I can't confirm it but I've heard from a usually reputable source (big name in the PS4 scene) that a private group has obtained Xbox 360 retail signing keys even though MS uses hardware signing machines too.

 

[Kallim]

Ok So In theory the only way to do this would be to boot cfwsysnand downgrade the firmware to v4.00 (to when the switch was software exploitable). Then install the NSP that nobody has written yet (and probably won't as it doesn't work with new Firmware).... then it could work?

Also you can't go online with the old firmware and updating could result in a ban. Anything else I've missed???

Actually joking aside it could still be a handy NSP for those with a banned switch as you wouldn't need any other devices to boot CFW. You could just delete the network settings once installed so it never updates.

Thanks for your help!

 

[hippy dave]

Ok So In theory the only way to do this would be to boot cfwsysnand downgrade the firmware to v4.00 (to when the switch was software exploitable). Then install the NSP that nobody has written yet (and probably won't as it doesn't work with new Firmware).... then it could work?

Even on the low firmware, you'd only be able to run it after manually running the software hacks (through the browser or whatever). In which case you might as well use the software hacks to reboot to payload directly. So, the nsp/xci doesn't get you anything you couldn't have had already at that firmware - and it won't work on higher firmware - so there's no point to it honestly.

 

[Kallim]

OK no worries. I've asked a similar question to you in another thread but I think that's answered everything. Unless I can think of another idea (maybe a 3rd clean emunand to trick Nintendo etc). But I'm probably getting obsessed with a minor inconvenience.

 

[CompSciOrBust]

If you really don't want to use another device to boot cfw you could install a mod chip. The idea is to put a small low power computer inside of the Switch that will automatically inject a payload when rcm is detected.
https://gbatemp.net/threads/interna...ybitsy-m0-express-guide-files-support.508068/

SwitchMe seems to be the easiest chip to install. I was able to install mine with minimal soldering experience. I've heard good things about rcmx86 too.

 

[Draxzelex]

Ok So In theory the only way to do this would be to boot cfwsysnand downgrade the firmware to v4.00 (to when the switch was software exploitable). Then install the NSP that nobody has written yet (and probably won't as it doesn't work with new Firmware).... then it could work?

Also you can't go online with the old firmware and updating could result in a ban. Anything else I've missed???

Actually joking aside it could still be a handy NSP for those with a banned switch as you wouldn't need any other devices to boot CFW. You could just delete the network settings once installed so it never updates.

Thanks for your help!

No it wouldn't work because there is nothing 'magical' about firmware 4.0 that would make such a .NSP file work. All .NSP files require CFW in order to be launched no matter how or what firmware they are installed to; without CFW, .NSP files are useless.