yesIs the fact that my sd is not exFAT (i dont remember what it is) the reason to why rawnand gets dumped in parts?
...
For reasons like this one, TX is working on an all-in-one
you'll still need this if you plan on downloading games from nintendo's cdn in the near future 0.o
since the whole process is aids to figure out without any prior experience, I'll provide steps:
step 1: Download TegraRcmSmash https://gbatemp.net/threads/tegrarcmsmash-a-fusee-launcher-for-windows.502334/
step 2: Get payload https://gbatemp.net/threads/rcm-payload-hekate-mod-raw-full-nand-backup.502604/
step 3: Put an empty microSD card on exFAT with at least 32GB of space into your switch
step 4: Plug the switch into your comp, get into RCM
step 5: Boot hekate 1.3 and select rawNAND backup (something like that) and wait for it.
step 6: Get next payload (biskey) https://switchtools.sshnuke.net
step 7: Open the folder with TegraRcmSmash and place biskeydump.bin next to it
step 8: While in the TegraRcmSmash folder, Shift + Right Click in an empty space and press "Open command window here"
step 9: Plug the switch into your comp, get into RCM (microsd card not required)
step 10: Back where you opened the command window, type TegraRcmSmash.exe -w out/biskeydump.bin BOOT:0x0
step 11: biskeydump will now show your keys on the console AND on your computer in the command window
step 12: Open hacdiskmount https://switchtools.sshnuke.net
step 13: file > open > rawnand.bin (extracted from your switch)
step 14: select PRODINFO
step 15: put the keys in that it asks you for from the command window earlier.
step 16: You now have PRODINFO
step 17: download op's CertNXtractionPack
step 18: open up the pack and edit 00_generate_ssl_kek.py
step 19: insert the keys within the quotations
step 20: replace "ssl_aes_key_x" with "key_x_gak", and replace "ssl_rsa_key_y" with "rpk_key_y"
step 21: save it and drag your PRODINFO onto the 03_save_pft.bat
step 22: your cert is in the "Out" folder. gratz
I should add it in a new thread. So avoid that the last messages like this are not read and keep asking how to do it.How to obtain PRODINFO.bin file please ?
Ok thanks !I should add it in a new thread. So avoid that the last messages like this are not read and keep asking how to do it.
In step 20 you say to replace the "ssl_aes_key_x" with "key_x_gak", and replace "ssl_rsa_key_y" with "rpk_key_y". The output from the BIS payload gives me these keys. Which ones go where in the certnxtractionpack?since the whole process is aids to figure out without any prior experience, I'll provide steps:
step 1: Download TegraRcmSmash https://gbatemp.net/threads/tegrarcmsmash-a-fusee-launcher-for-windows.502334/
step 2: Get payload https://gbatemp.net/threads/rcm-payload-hekate-mod-raw-full-nand-backup.502604/
step 3: Put an empty microSD card on exFAT with at least 32GB of space into your switch
step 4: Plug the switch into your comp, get into RCM
step 5: Boot hekate 1.3 and select rawNAND backup (something like that) and wait for it.
step 6: Get next payload (biskey) https://switchtools.sshnuke.net
step 7: Open the folder with TegraRcmSmash and place biskeydump.bin next to it
step 8: While in the TegraRcmSmash folder, Shift + Right Click in an empty space and press "Open command window here"
step 9: Plug the switch into your comp, get into RCM (microsd card not required)
step 10: Back where you opened the command window, type TegraRcmSmash.exe -w out/biskeydump.bin BOOT:0x0
step 11: biskeydump will now show your keys on the console AND on your computer in the command window
step 12: Open hacdiskmount https://switchtools.sshnuke.net
step 13: file > open > rawnand.bin (extracted from your switch)
step 14: select PRODINFO
step 15: put the keys in that it asks you for from the command window earlier.
step 16: You now have PRODINFO
step 17: download op's CertNXtractionPack
step 18: open up the pack and edit 00_generate_ssl_kek.py
step 19: insert the keys within the quotations
step 20: replace "ssl_aes_key_x" with "key_x_gak", and replace "ssl_rsa_key_y" with "rpk_key_y"
step 21: save it and drag your PRODINFO onto the 03_save_pft.bat
step 22: your cert is in the "Out" folder. gratz
In step 20 you say to replace the "ssl_aes_key_x" with "key_x_gak", and replace "ssl_rsa_key_y" with "rpk_key_y". The output from the BIS payload gives me these keys. Which ones go where ni the certnxtractionpack?
HWI: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
SBK: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
TSEC KEY: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
DEVICE KEY: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
BIS KEY 0 (crypt): xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
BIS KEY 0 (tweak): xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
BIS KEY 1 (crypt): xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
BIS KEY 1 (tweak): xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
BIS KEY 2 (crypt): xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
BIS KEY 2 (tweak): xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
BIS KEY 3 (crypt): xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
BIS KEY 3 (tweak): xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
So just to be clear, are you telling me to replece the words "ssl_aes_key_x" with "key_x_gak"? Or are you just saying put those keys in inside the parenthesis? Also what about the rsa_private_kek_generation_source and master_key? Do I need to change those lines or insert something?BIS KEY 0 (crypt): xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
BIS KEY 0 (tweak): xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
No, no, no!!!BIS KEY 0 (crypt): xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
BIS KEY 0 (tweak): xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I'm on 4.1No, no, no!!!
That's completely incorrect.
Assuming you're on 5.0.2, find "F5D06292E093C651E67AA7C1A93B3880.nca" then decrypt and extract it in hactool.
Open the main file in a hex editor, then search for the hint bytes I gave in the script. Both are 16-bytes (32 characters) long.
How do I find that .nca file on 4.1? I followed the 20 steps by @aslk and I don't have that fileNo, no, no!!!
That's completely incorrect.
Assuming you're on 5.0.2, find "F5D06292E093C651E67AA7C1A93B3880.nca" then decrypt and extract it in hactool.
Open the main file in a hex editor, then search for the hint bytes I gave in the script. Both are 16-bytes (32 characters) long.
No, no, no!!!
That's completely incorrect.
Assuming you're on 5.0.2, find "F5D06292E093C651E67AA7C1A93B3880.nca" then decrypt and extract it in hactool.
Open the main file in a hex editor, then search for the hint bytes I gave in the script. Both are 16-bytes (32 characters) long.
If you're on 4.1.0, find "1FD444259440E23722CC0E0D0D8D0F0B.nca" in the system partition, and extract the exefs in hactool.I'm on 4.1
--------------------- MERGED ---------------------------
How do I find that .nca file on 4.1? I followed the 20 steps by @aslk and I don't have that file
Not sure how to find that .nca in the system partition. Do I use hacdiskmount to extract system first to a bin file and then hactool to find that .nca file? I'm not sure how to use hactoolIf you're on 4.1.0, find "1FD444259440E23722CC0E0D0D8D0F0B.nca" in the system partition, and extract the exefs in hactool.
Then, put the main file in a hex editor, and search for the leading bytes.
It's a bit annoying to keep messaging back and forth, do you have a Discord account?Not sure how to find that .nca in the system partition. Do I use hacdiskmount to extract system first to a bin file and then hactool to find that .nca file? I'm not sure how to use hactool