New Nintendo Switch Payload: ArgonNX

Guillem96 has a new payload available on GitHub: argon-nx.

As he states in the description there, it’s meant to be used to choose which payload you’d actually like to launch; just use the ArgonNX payload, & then choose from any BIN you have located in the \argon\payloads\ directory. What’s nice about this is that you can choose the logos to go along with each BIN. Still have some work to do, but this is what my selection screen looks like right now:

Photo of the ArgonNX payload running.
Photo of the ArgonNX payload running.
ArgonNX logos.
Some quick logos I put together to be used with ArgonNX. Crappy screenshot because apparently WordPress \ Gutenberg views BMP files as a security risk… See screenshot below.
BMP files are a security risk?

Homebrewing ALL THE THINGS

Pretty accurate description of what I’ve been up to recently.

Since getting homebrew running on my Nintendo Switch, I’ve been booting up some old hardware & getting homebrew &\or custom firmware running there. The most recent three after the Switch have been my Nintendo Wii U, PlayStation Vita, & PlayStation 3. I’ve had CFW running on my Vita for a while, but also haven’t turned it on in ages. I came back to some interesting to features in the homebrew scene which was a nice surprise.

It took me a little while to get homebrew up on my Wii U, but was much easier than what I’ve been dealing with on the Switch. Same goes for the PlayStation 3. I’ve not yet gotten a chance to play around much with either system, but hopefully that will change in the upcoming weeks. I’ll be sure to post more information then, but in the meantime, here are some helpful sites I used in getting homebrew running on my Wii U & PS3:

Moving from Authy to Another 2FA App

Despite the convenience of having Authy’s ability to sync across devices, I decided I wanted to change my 2FA app to Android’s andOTP. To do this (without unenrolling & re-enrolling myself in 2FA for my 50+ services), I needed to find a way to export my secrets from Authy. I did find a few posts on the topic, but didn’t have any luck with those guides. Most seemed to be a variation on the same process of getting the secrets from the Authy Chrome extension.

GitHubGist: Generating Authy passwords on other authenticators

What I did end up finding that finally worked, was to pull the XML containing details on each entry in Authy, thanks to this post: GBATemp: extract your totp keys from authy using chrome:

Good job, this tutorial is great for people who need to extract their keys out of Authy without needing a rooted Android/Jailbroken iPhone to grab them from the mobile app.

For people with rooted Android phones, the totp keys are stored here:
/data/data/com.authy.authy/shared_prefs/com.authy.storage.tokens.authenticator.xml

The filepath is what I was looking for

In the past, when I was using Google Authenticator, you had the ability to pull the database from the Android app, assuming you were rooted. The above process seems to be similar, just for the Authy app, instead of Google Authenticator: /data/data/com.google.android.apps.authenticator2/databases/databases.

This post is for my own reference, & for anyone else that may want to move from Authy, to another authenticator app.

Scammers Using Microsoft’s Support Site

I just came across this video (posted yesterday), where scammers are leveraging Microsoft’s legitimate support site at https://support.microsoft.com/help. This was after I received a fake Microsoft support call. Unfortunately, I didn’t have a dummy VM ready to waste their time, but glad I found out about the use of Microsoft’s site. Because Microsoft uses LogMeIn, their support site seems to just forward the code to LogMeIn to start the session.

See the video below for how the site is used:

ANOTHER GOOD article about passwords

Very glad to see another post by a site, giving good information on handling passwords, security question answers, & the recommendation to use password managers. I last had a post about this in July, when Dreamhost also put out a good article about creating strong passwords for account security. The link to that article is below as well.

Lifehacker: Use Your Password Manager for Security Answers, Too

Dreamhost: How to Create Strong Passwords to Keep Your Website Safe