TegraRcmSmash

A reimplementation of fusee-launcher in C++ for Windows platforms.

Lets you launch fusee/shofEL2 payloads to a USB connected Switch in RCM mode.

Downloads

ChoiDujourNX

ChoiDujourNX screenshot

Homebrew for installing Nintendo Switch firmware update packages directly on the console, without burning fuses!

ChoiDujour

Converts Nintendo Switch firmware update packages to installable images/files that can be transferred to the device itself

RajNX

Simply the BEST and most USER-FRIENDLY Nintendo Switch "CFW" EVER!

gptrestore

Restores the original Nintendo Switch GPT to your eMMC if you somehow messed it up ;)

briccmii

Corrupts (or fixes) the first byte of every BCT's pubkey in BOOT0 so your Nintendo Switch always enters RCM mode (or boots normally)

memloader

Parses ini files from microsd root and loads/decompresses/boots the appropriate binaries on the AArch64 CPU of the Nintendo Switch.

Ini files can be generated from source images using the programs inside tools subdirectory. Currently the tools understand coreboot CBFS images or ELF payloads (like u-boot).

romdump

Dumps the RAW FUSE, KFUSE and BOOTROM bytes to your microSD/HOST PC via USB/console screen

biskeydump

Dumps all your Switch BIS keys for eMMC contents decryption, to be used as a fusee payload.

With all your BIS keys and your RawNand.bin (or the physical eMMC attached via microSD reader or using a mass storage gadget mode in u-boot/linux) you can explore/modify your eMMC partitions using my HacDiskMount tool below

Downloads

HacDiskMount

HacDiskMount screenshot

Allows to open Switch eMMC RawNand dumps (and physical devices) and lets you perform operations on the individual partitions within, such as dump/restore from file, or mount them as a drive letter in Windows (with transparent crypto performed provided you have your BIS keys).

Running all programs from this page requires that you have the Visual C++ 2017 x64 Redistributable installed.

Downloads

PartialAesKeyCrack

Multithreaded CPU-based (AES-NI accelerated, if possible) cracker for the "Partial Key overwrite" vulnerability in Switch secure-engine

My Switch scripts pastebin

Donate to rajkosto