Lockpick RCM v1.5.0 Released
shchmue has released a new version of Lockpick_RCM which is a bare metal Nintendo Switch payload that derives encryption keys for use in Switch file handling software like hactool, hactoolnet/LibHac, ChoiDujour, etc. without booting Horizon OS. This new version can extract your keys from an emuMMC NAND installation.
What's New?
* Now lets users choose whether to dump keys from sysNAND or emuMMC. Also a fix for BIS key generation on consoles released after firmware 5.0.0 (presently it's rare that these have code execution, but eventually this will apply to more).
Firmware 9.0.0 Warning
Link
Due to changes in the way firmware 9.0.0 handles user input homebrew will have to be recompiled to function correctly using this firmware. Read the changelog to make sure the homebrew you're using has been updated to work on 9.0.0 if you're using firmware 9.0.0 or newer.
Link
Due to changes in the way firmware 9.0.0 handles user input homebrew will have to be recompiled to function correctly using this firmware. Read the changelog to make sure the homebrew you're using has been updated to work on 9.0.0 if you're using firmware 9.0.0 or newer.
Description
Lockpick_RCM is a bare metal Nintendo Switch payload that derives encryption keys for use in Switch file handling software like hactool, hactoolnet/LibHac, ChoiDujour, etc. without booting Horizon OS. Due to changes imposed by firmware 7.0.0, the normal Lockpick homebrew (nro) can no longer derive the latest keys. In the boot-time environment however, there are fewer limitations.
Instructions
* Launch Lockpick_RCM.bin using your favorite payload injector
* Upon completion, keys will be saved to `/switch/prod.keys` on SD
* If the console has Firmware 7.x, the `/sept/` folder from [Atmosphère](https://github.com/Atmosphere-NX/Atmosphere/releases) or [Kosmos](https://github.com/AtlasNX/Kosmos/releases) release zip containing both `sept-primary.bin` and `sept-secondary.enc` must be present on SD or else only keyblob master key derivation is possible (ie. up to `master_key_05` only)
Credits
This software is heavily based on Hekate. Beyond that, CTCaer was exceptionally helpful in the development of this project, lending loads of advice, expertise, and humor.
Changelog
v1.5.0
* Now lets users choose whether to dump keys from sysNAND or emuMMC. Also a fix for BIS key generation on consoles released after firmware 5.0.0 (presently it's rare that these have code execution, but eventually this will apply to more).
v1.4.0
* Update for 9.0.0 keys
* Also added BPMP overclock
v1.3
* Supports new keys if run on firmware 8.1.0
Links & Downloads
https://github.com/shchmue/Lockpick_RCM/releases/tag/v1.5.0
0 Comments