Hacking Sigpatches for Atmosphere (Hekate, fss0, fusee & package3)

[unicornman]

He went out of his way to be shitty to people and say shitty things about people based on who they were. I call him shitty for being shitty to other people. If you feel that's equivalent then that's your opinion and you're welcome to it because it's not a harmful opinion being actively used to cause harm.

This post reminds me about the school yard bully that hits someone that's unconscious on the ground. MrDude is banned so can't answer back to your claims and so you go out of your way to bad mouth him. I didn't see any posts where your claims are true, only your words against his silence.
I am happy that we have patches and can make them by ourselves thanks to him, what did you bring to the table?

 

[RedColoredStars]

Moral of the story for now. If a person wants to keep using sigpatches with a modded fusee, doesn't want to use sys-patch, and wants ctest patched... they need to use the three cats ctest patches.

 

[unicornman]

Moral of the story for now. If a person wants to keep using sigpatches with a modded fusee, doesn't want to use sys-patch, and wants ctest patched... they need to use the three cats ctest patches.

Not true as the patch from IPS patch creator works just fine. I tried and can connect the switch to wifi with internet connection not turned on, this is the point of the patch.

This is what is patched:

========================
IPS Patch creator
Patch location: 0x00083660
patch -
E0 03 1F AA
C0 03 5F D6

Patch in assembly:
mov x0, xzr
ret
========================
3 cats Patches
Patch location: 0x00083660
Patch -
00 30 9A D2
00 1E A1 F2
61 01 00 D4
E0 03 1F AA
C0 03 5F D6

Patch in assembly:
movz x0, #0x8F0D180 (move address which is no existant into x0?)
svc 0xB (cause exception - processor mode changes to Supervisor)
mov x0, xzr (this just does the same as IPS patch creator and moves xzr into x0)
ret (return basically just exits the function)
========================

Both patches just move zxr into register x0 and then return out of the function without executing the rest of the code in that function.

 

[SaggyBeans]

Moral of the story for now. If a person wants to keep using sigpatches with a modded fusee, doesn't want to use sys-patch, and wants ctest patched... they need to use the three cats ctest patches.

What I did was copy over the sigpatches found here on the forum to my SD card, and then copied the three cats sigpatches over them, replacing duplicate files. Going forward I will just use the three cats sigpatches along with sys-patch.

 

[hippy dave]

I didn't see any posts where your claims are true, only your words against his silence.

I went back to the previous page because I was going to show you the link someone posted to mrdude calling people mentally ill and the r word, but oh look it was you who posted it. You can easily go back through his posts and find other offensive hate speech, but obviously you're claiming not to see it as such because your opinions are as shit as his. Don't worry, I won't be responding to you again.

 

[linuxares]

Can you guys shut the fuck up about a user getting banned? Jesus....

 

[RedColoredStars]

Not true as the patch from IPS patch creator works just fine.

I don't believe that and I've already explained why several times over. For the last time.... If using both sigpatches and sys-patch, the sys-patch overlay should show ctest in orange. That means the sigpatch for it is working correctly so there is no need for sys-patch to patch it. When it's green, that means the sigpatch didn't do it's job so sys-patch had to patch it.

Also sigpatches from here and created with the tool have matching hashes. The ctest patch from three cats does not. Both things tell me something is not right with the ctest patch from the tool and from impeezas pack. I also tested things myself. I literally changed around everything on my sd card to test. Changed hekate ini to use fusee instead of fss0, removed sys-patch, replaced fusee with the patched fusee, etc. In my own test the ctest patch from here and the one I made with the tool did not work. When I replaced ONLY the fw 18 ctest patch with the one from three cats, it worked. So i don't know what to tell you.

When using both, it's very clear that only the ctest patch from three cats is working. If the others were working, sys-patch would report it in orange. Indicating that the sigtest patch was in fact already doing it's job. When it's green it means sigpatch didn't patch it, so sys-patch had to patch it. I'm not sure what's difficult about that to understand. Perhaps you were able to connect to wifi with it disabled when usiing only sigpatches. I absolutely was not. And again, when using both, the sys-patch log indicates the ctest sigpatch is not being applied unless using the three cats version.

 

[unicornman]

I don't believe that and I've already explained why several times over. For the last time.... If using both sigpatches and sys-patch, the sys-patch overlay should show ctest in orange. That means the sigpatch for it is working correctly so there is no need for sys-patch to patch it. When it's green, that means the sigpatch didn't do it's job so sys-patch had to patch it.

Also sigpatches from here and created with the tool have matching hashes. The ctest patch from three cats does not. Both things tell me something is not right with the ctest patch from the tool and from impeezas pack. I also tested things myself. I literally changed around everything on my sd card to test. Changed hekate ini to use fusee instead of fss0, removed sys-patch, replaced fusee with the patched fusee, etc. In my own test the ctest patch from here and the one I made with the tool did not work. When I replaced ONLY the fw 18 ctest patch with the one from three cats, it worked. So i don't know what to tell you.

When using both, it's very clear that only the ctest patch from three cats is working. If the others were working, sys-patch would report it in orange. Indicating that the sigtest patch was in fact already doing it's job. When it's green it means sigpatch didn't patch it, so sys-patch had to patch it. I'm not sure what's difficult about that to understand. Perhaps you were able to connect to wifi with it disabled when usiing only sigpatches. I absolutely was not. And again, when using both, the sys-patch log indicates the ctest sigpatch is not being applied unless using the three cats version.

Just use whatever works for you. If you have this patch working it doesn't really matter how you did it. For me the IPS Patch creator one works fine and has been for a long time over many firmware versions without any issues, so I'll just continue to use that one. I explained and showed what's patched above and showed you the addresses and code that is executed from the patch, if you understand the Arm64 instruction set you can see from above what the patches are doing. If you don't understand what the patches are doing you are probably just best leaving it to the people that make that patches and not worry about it. Basically unless you want to use wifi without your router being connected to the internet you don't even need this patch.

The reason ctest (NFIM) patch from sys-patch shows the same as the ones from the three cats is because these use the same patch:

constexpr PatchData ctest_patch_data{ "0x00309AD2001EA1F2610100D4E0031FAAC0035FD6" };

IPS Patch creator uses a different shorter patch to acheive the same thing so that's why it doesn't show in sys-patch as patched. Now some say that the older patch has some memory issue, but I never ran into any issues with any of my games working wrong or crashing etc and i have been using this patch for a few years now. Also both patches are just doing the same thing by moving a value into a register and then exiting the function so that the internet check is never run.

 

[RedColoredStars]

IPS Patch creator uses a different shorter patch to acheive the same thing so that's why it doesn't show in sys-patch as patched. Now some say that the older patch has some memory issue, but I never ran into any issues with any of my games working wrong or crashing etc and i have been using this patch for a few years now. Also both patches are just doing the same thing by moving a value into a register and then exiting the function so that the internet check is never run.

Except the test is done on my end when I use ONLY sigpatches and either the ctest patch from here or one I created myself. When I use the one from three cats the test is not performed. I'll continue using the ctest patch from three cats as for me personally, the others do not work.

 

[unicornman]

Except the test is done on my end when I use ONLY sigpatches and either the ctest patch from here or one I created myself. When I use the one from three cats the test is not performed. I'll continue using the ctest patch from three cats as for me personally, the others do not work.

Well as long as you have it working, that's all that matters.

 

[shanefromoz]

Can you guys shut the fuck up about a user getting banned? Jesus....

Well said mate

 

[duckbill007]

the sys-patch overlay should show ctest in orange. That means the sigpatch for it is working correctly

No it does not. It means only that bytes that sys-patch wants to modify already modified by some other way. If ips patch changes some other bytes than sys-patch it will never found out that.

 

[RedColoredStars]

No it does not. It means only that bytes that sys-patch wants to modify already modified by some other way. If ips patch changes some other bytes than sys-patch it will never found out that.

The documentation literally states that if it's green it's being patched by sys-patch and if it's orange it's being patched by the sigpatch. If you have both, and it's green, the sigpatch obviously didn't patch it prior to sys-patch patching it.

If one sigpatch makes it orange and a different sigpatch makes it green. One of the sigpatches isn't doing it's job.

And honestly I don't give a fuck anymore. I lost my best friend in the world yesterday. This all means absolutely nothing to me. I have nothing left to say about it from here on out.

 

[impeeza]

didn't patch it prior to sys-patch patching it.

Didn't patch it The way SYS-Patch do it, but can be patched by sigpatches in other way. There are several ways to skin a cat

 

[hippy dave]

And honestly I don't give a fuck anymore. I lost my best friend in the world yesterday. This all means absolutely nothing to me. I have nothing left to say about it from here on out.

Really sorry mate, that's truly awful. Losing a friend is one of the hardest things. Take care of yourself the best you can, your Switch will be fine.

 

[Dust2dust]

I lost my best friend in the world yesterday. This all means absolutely nothing to me. I have nothing left to say about it from here on out.

Sorry about your loss. My best friend I ever had passed away 3 years ago, and I still think about him very often. Not easy to get over it, but life goes on.

 

[dogtygr]

The documentation literally states that if it's green it's being patched by sys-patch and if it's orange it's being patched by the sigpatch. If you have both, and it's green, the sigpatch obviously didn't patch it prior to sys-patch patching it.

If one sigpatch makes it orange and a different sigpatch makes it green. One of the sigpatches isn't doing it's job.

And honestly I don't give a fuck anymore. I lost my best friend in the world yesterday. This all means absolutely nothing to me. I have nothing left to say about it from here on out.

First of all sorry for your loss. I hope everything goes well for you.

I've made a patch on the IPS Patch creator tool that allows you to increase the number of bytes you can add in the NFIM patch 1 and 2 in the WCO tool

Following what unicornman said, you can replicate the sigpatches files by modifying the NFIM Patch2 and 1 value.

For obvious reasons I cannot send you the link of the compiled software but I can give you a patch of what I've modified

From 94885ec936930291a80b25d21ab317d06ddcd3ee Mon Sep 17 00:00:00 2001
From: dogty <[email protected]>
Subject: [PATCH] Allow to increase the size of the nfim patches

---
 IPS_Patch_Creator/Main.cs | 51 +++++++++++++++++++++++++++++----------
 1 file changed, 38 insertions(+), 13 deletions(-)

diff --git a/IPS_Patch_Creator/Main.cs b/IPS_Patch_Creator/Main.cs
index 6e40b4a..37ac333 100644
--- a/IPS_Patch_Creator/Main.cs
+++ b/IPS_Patch_Creator/Main.cs
@@ -3337,7 +3337,32 @@ namespace IPS_Patch_Creator
                 MessageBox.Show("Error is: " + error.Message);
             }
         }
-
+        private int GetHexVal(char hex)
+        {
+            int val = (int)hex;
+            //For uppercase A-F letters:
+            //return val - (val < 58 ? 48 : 55);
+            //For lowercase a-f letters:
+            //return val - (val < 58 ? 48 : 87);
+            //Or the two combined, but a bit slower:
+            return val - (val <= '9' ? '0' : (val <= 'Z' ? ('A' - 10) : ('a' - 10)));
+        }
+        private void convert_Hexstring_To_Bytes(string hexstring, out byte[] bytesArray)
+        {
+            char[] hexCharArray = hexstring.ToCharArray();
+            int sizeArray = 1;
+            int index = 0;
+            byte[] tempByteArray = new byte[sizeArray];
+            for (int i=0; i < hexCharArray.Length; i+=2)
+            {
+                Array.Resize(ref tempByteArray, sizeArray);
+                tempByteArray[index] = (byte)(GetHexVal(hexCharArray[i])*16 + GetHexVal(hexCharArray[i+1]));
+                index++;
+                sizeArray++;
+            }
+            bytesArray = new byte[sizeArray - 1];
+            Array.Copy(tempByteArray, bytesArray, sizeArray - 1);
+        }
         private void nfim_Patch_Creation()
         {
             try
@@ -3363,14 +3388,14 @@ namespace IPS_Patch_Creator
                                 if (checkBox_nfim_patch_override.Checked == true)
                                 {
                                     string hexstring = textBox_nfim_patch1.Text;
-                                    uint patch = uint.Parse(hexstring, System.Globalization.NumberStyles.AllowHexSpecifier);
-                                    patch = ReverseBytes(patch);
-                                    PatchBytes = BitConverter.GetBytes(patch);
+                                    convert_Hexstring_To_Bytes(hexstring, out PatchBytes);
 
                                     string hexstring2 = textBox_nfim_patch2.Text;
-                                    uint patch2 = uint.Parse(hexstring2, System.Globalization.NumberStyles.AllowHexSpecifier);
-                                    patch2 = ReverseBytes(patch2);
-                                    PatchBytes2 = BitConverter.GetBytes(patch2);
+                                    convert_Hexstring_To_Bytes(hexstring2, out PatchBytes2);
+                                  
+                                    int lengthPatches = PatchBytes2.Length + PatchBytes.Length;
+                                    string PaddingString = lengthPatches.ToString("x4");
+                                    convert_Hexstring_To_Bytes(PaddingString, out PaddingBytes);
                                 }
                             }
 
@@ -4859,14 +4884,14 @@ namespace IPS_Patch_Creator
                                 if (checkBox_fs_patch_override.Checked == true)
                                 {
                                     string hexstring = textBox_fs_patch1.Text;
-                                    uint patch = uint.Parse(hexstring, System.Globalization.NumberStyles.AllowHexSpecifier);
-                                    patch = ReverseBytes(patch);
-                                    PatchBytes = BitConverter.GetBytes(patch);
+                                    convert_Hexstring_To_Bytes(hexstring, out PatchBytes);
 
                                     string hexstring2 = textBox_fs_patch2.Text;
-                                    uint patch2 = uint.Parse(hexstring2, System.Globalization.NumberStyles.AllowHexSpecifier);
-                                    patch2 = ReverseBytes(patch2);
-                                    PatchBytes2 = BitConverter.GetBytes(patch2);
+                                    convert_Hexstring_To_Bytes(hexstring2, out PatchBytes2);
+
+                                    int lengthPatches = PatchBytes2.Length + PatchBytes.Length;
+                                    string PaddingString = lengthPatches.ToString("x4");
+                                    convert_Hexstring_To_Bytes(PaddingString, out PaddingBytes);
                                 }
                             }
 
--
2.36.0.windows.1

 

[TotalJustice]

Not true as the patch from IPS patch creator works just fine. I tried and can connect the switch to wifi with internet connection not turned on, this is the point of the patch.

This is what is patched:

========================
IPS Patch creator
Patch location: 0x00083660
patch -
E0 03 1F AA
C0 03 5F D6

Patch in assembly:
mov x0, xzr
ret
========================
3 cats Patches
Patch location: 0x00083660
Patch -
00 30 9A D2
00 1E A1 F2
61 01 00 D4
E0 03 1F AA
C0 03 5F D6

Patch in assembly:
movz x0, #0x8F0D180 (move address which is no existant into x0?)
svc 0xB (cause exception - processor mode changes to Supervisor)
mov x0, xzr (this just does the same as IPS patch creator and moves xzr into x0)
ret (return basically just exits the function)
========================

Both patches just move zxr into register x0 and then return out of the function without executing the rest of the code in that function.

i made the ctest patch, i thought i explained in already in another post, but couldn't find it.

basically, it was reported to me that in the past that core3 would randomly be pinned to 100% usage when using ctest patch. i couldn't find anyone that still had this issue, nor a way to reproduce it, but it was reported often enough, and the fix was to remove the ctest patch, as most people don't need it anyway.

i add a sleep() in the patch code (thats what svc 0xb is, and the mov prior is how long to sleep for) as a hacky "fix" to the problem, which was suggested in the github issue. afaik, no one has since reported crashes with ctest.

for a proper fix, i'd need a way to reproduce the bug, then i could track it down and correct it. but like i said, i can't find anyone with this issue, and i have asked in *everywhere*.

https://github.com/misson20000/exefs_patches/issues/30
https://armconverter.com/?disasm&lock=arm64&code=00309AD2001EA1F2610100D4E0031FAAC0035FD6

The documentation literally states that if it's green it's being patched by sys-patch and if it's orange it's being patched by the sigpatch. If you have both, and it's green, the sigpatch obviously didn't patch it prior to sys-patch patching it.

If one sigpatch makes it orange and a different sigpatch makes it green. One of the sigpatches isn't doing it's job.

And honestly I don't give a fuck anymore. I lost my best friend in the world yesterday. This all means absolutely nothing to me. I have nothing left to say about it from here on out.

duckbill is right. sys-patch simply searches for a pattern, when it finds it, it then looks at the area it wants to patch and checks if it matches the data sys-patch wants to overwrite it with. if its a match, then sys-patch reports it as already patched (orange), if its different, sys-patch will overwrite it (green). as ips patch creator patches the area with different code to sys-patch, it will overwrite it and report it green. i only shared this patch with the guys that make the patches for cat-site, so thats why only sys-patch and them patch it with the same code

tldr, both patches work the same to patch ctest, my patch just tries to work around a bug that seemingly no one can reproduce.

 

[shanefromoz]

Sorry guys now i am really confused.
If i update to 18.0.0 using daybreak do i just add sigpatches as normal?

 

[kidkat210]

Sorry guys now i am really confused.
If i update to 18.0.0 using daybreak do i just add sigpatches as normal?

no, you either gotta boot atmosphere with hekate using fsso, use a modified version of atmosphere that enables kips, or you gotta use sys-patch