More actions
| Lockpick_RCM | |
|---|---|
 | |
| General | |
| Author | shchmue |
| Type | Payload (Binaries) |
| Version | 1.9.10 |
| License | GPL-2.0 |
| Last Updated | 2023/02/23 |
| Links | |
| Website | |
| Source | |
Lockpick_RCM is a bare metal Nintendo Switch payload that derives encryption keys for use in Switch file handling software like hactool, hactoolnet/LibHac, ChoiDujour, etc. without booting Horizon OS.
Due to changes imposed by firmware 7.0.0, Lockpick homebrew can no longer derive the latest keys. In the boot-time environment however, there are fewer limitations. That means the new keys are finally easy to dump.
User guide
Launch Lockpick_RCM.bin using your favorite payload injector or chainload from Hekate by placing it in /bootloader/payloads/.
Upon completion, keys will be saved to /switch/prod.keys on SD.
If the console has Firmware 7.x, the /sept/ folder from Atmosphère or Kosmos release zip containing both sept-primary.bin and sept-secondary.enc must be present on SD or else only keyblob master key derivation is possible (ie. up to master_key_05 only).
Screenshots
Known issues
Chainloading from SX will hang immediately due to quirks in their hwinit code, please launch payload directly.
Credits
Big thanks to CTCaer - For Hekate and all the advice while developing this.