Lockpick RCM v1.3 Released - Supports 8.1.0 Key Extraction
shchmue has released a new version of Lockpick_RCM which is a bare metal Nintendo Switch payload that derives encryption keys for use in Switch file handling software like hactool, hactoolnet/LibHac, ChoiDujour, etc. without booting Horizon OS. Due to changes imposed by firmware 7.0.0, the normal Lockpick homebrew (nro) can no longer derive the latest keys.
What's New?
* Supports new keys if run on firmware 8.1.0
Instructions
- * Launch Lockpick_RCM.bin using your favorite payload injector
- * Upon completion, keys will be saved to `/switch/prod.keys` on SD
- * If the console has Firmware 7.x, the `/sept/` folder from [Atmosphère](https://github.com/Atmosphere-NX/Atmosphere/releases) or [Kosmos](https://github.com/AtlasNX/Kosmos/releases) release zip containing both `sept-primary.bin` and `sept-secondary.enc` must be present on SD or else only keyblob master key derivation is possible (ie. up to `master_key_05` only)
Credits
This software is heavily based on Hekate. Beyond that, CTCaer was exceptionally helpful in the development of this project, lending loads of advice, expertise, and humor.
Changelog
v1.3
* Supports new keys if run on firmware 8.1.0
v1.2
* The main visible differences are that if it's run on a dev console it will correctly name the key file dev.keys and if an upgrade or downgrade fails to install a matching set of package1 and package2, Lockpick_RCM will try every key it can instead of giving up on finding FS keys.
v1.1.1
* Fix smmu emulation for tsec on 6.2.0
v1.1
* Now includes support for firmware 8.0.0 along with a big speed increase thanks to advice from CTCaer. Interpolated recent hekate bugfixes as well.
v1.0
* Launch Lockpick_RCM.bin using your favorite payload injector
* Upon completion, keys will be saved to /switch/prod.keys on SD
0 Comments