Dockerized tool to build a custom Exosphere binary that spoofs the DeviceID. This can be used to boot Horizon with Atmosphere in a Nintendo Switch with transplanted PRODINFO
/PRODINFOF
partitions
This procedure is only meant to be able to boot the console back into Horizon, after losing the contents of PRODINFO
/PRODINFOF
partitions. THIS IS NOT MEANT TO UNBAN YOUR CONSOLE. If you try doing that, the most likely outcome is that you will end up with another banned console. Avoid any kind of piracy from now on and DON'T USE the transplanted console online
- Windows
- A working console full EMMC backup (Console A), or that console running latest Hekate, connected to the PC
- A console with working hardware, but without a working EMMC backup (Console B)
- NxNandManager
- HackDiskMount
- BIS keys for Console A and B
- Docker
- Latest Hekate
- Latest Atmosphere
- Open the EMMC from Console A or its backup with NxNandManager, using Console A BIS keys.
- Write down the DeviceID, without the initial
NX
and the-0
(or whatever there is) at the end, skipping the first two digits. For instance, if it says:NX1122334455667788-0
, the part you need to write down would be:22334455667788
. - Dump and decrypt
PRODINFO
andPRODINFOF
partitions from Console A. - Close NxNandManager.
- Open the EMMC from Console B with NxNandManager, using Console B BIS keys. It may say that it has BAD CRYPTO. This is expected on a nuked EMMC.
- Restore the decrypted
PRODINFO
andPRODINFO
partitions from Console A into Console B. - Close NxNandManager.
- Follow this guide to recreate the rest of the EMMC partitions,
BOOT0
andBOOT1
on Console B using Console B BIS keys, UP TO AND INCLUDING, STEP 12. DO NOT ATTEMPT TO BOOT THE CONSOLE YET. - On the
SYSTEM
partition, delete all the files/folders of thesave
folder except the one ending in120
. Not doing this may end up in the console freezing during boot or Atmosphere showing an error while booting. - Put the latest version of Hekate and Atmosphere on your SD card.
- Create the custom Exosphere binary to spoof the DeviceID.
- Boot the console using
fusee-primary.bin
or chainload it from Hekate.
This tool requires a volume mounted to the /output
directory of the container, and the DEVICEID
environment variable, with the DeviceID to spoof.
Either build the docker image locally or use the prebuilt image from Dockerhub, replacing the DEVICEID
value with your DeviceID (keep the 00
before your DeviceID. If the output from NxNandManager was NX1122334455667788-0
, the value to use should be: 0x0022334455667788
. ):
(if you want to use a specific Atmosphere version, change the latest
docker tag with the Atmosphere version number, like 0.14.4
)
mkdir -p ./output
docker pull pablozaiden/deviceid-exosphere-builder:latest
docker run -ti --rm -e DEVICEID=0x0022334455667788 -v "$PWD"/output:/output pablozaiden/deviceid-exosphere-builder:latest
After it finishes building, copy the output/deviceid_exosphere.bin
file to the Atmosphere
directory of your SD card, and add the following entries to BCT.ini
:
[stage2]
exosphere = Atmosphere/deviceid_exosphere.bin
If booting via Hekate (without fusee-primary.bin
), add this to the boot configuration to pick up the custom exosphere binary:
secmon=Atmosphere/deviceid_exosphere.bin
To build the same Exosphere custom binary without using the Docker image, you have to do the following manual steps first (for more details, just follow what is being done in the Dockerfile):
- Install DevKitPro
- Install the required libraries to build Atmosphere
- Clone Atmosphere into the commit/tag/branch you want
- Copy the
deviceid.patch
file from this repo into the Atmosphere directory - Run the following command, to modify the DeviceId value in the patch and apply the patch (tested only on linux):
export DEVICEID=0x0022334455667788 sed -i "s/###DEVICEID###/$DEVICEID/g" deviceid.patch git am deviceid.patch
- Go to the
exosphere
directory, inside the repo - Build
exosphere
:make -j$(nproc) exosphere.bin
- Copy
exosphere.bin
to theAtmosphere
directory in your SD card and follow the steps to configure it from the dockerized build.
- Important. Do not share your dumps and personalized builds. The
deviceid_exosphere.bin
is tied to a specific DeviceID and must not be shared. The same applies for thePRODINFO
/PRODINFOF
dumps. You may end up with a banned console. - Doing this will potentialy leave you with more than one console with the same MAC address. Trying to connect both of them at the same time, to the same wireless network may result in an unexpected behavior. To modify your MAC address, edit the decrypted PRODINFO and modify the 0x6 bytes starting at 0x210 and use the CRC16 method described here to properly fill the next 0x2 bytes.
- shchmue, Jan4V and SciresM for all the patience answering questions and all the info about this and the full nand transplant options.