Lockpick_RCM payload - Official Thread


Description

Lockpick_RCM is a bare metal Nintendo Switch payload that derives encryption keys for use in Switch file handling software like hactool, hactoolnet/LibHac, ChoiDujour, etc. without booting Horizon OS.

Source: https://github.com/shchmue/Lockpick_RCM
Payload: https://github.com/shchmue/Lockpick_RCM/releases

Due to changes imposed by firmware 7.0.0, Lockpick homebrew can no longer derive the latest keys. In the boot-time environment however, there are fewer limitations. That means the new keys are finally easy to dump!

Usage
  • Launch Lockpick_RCM.bin using your favorite payload injector or chainload from Hekate by placing it in /bootloader/payloads
  • Upon completion, keys will be saved to /switch/prod.keys on SD
  • If the console has Firmware 7.x, the /sept/ folder from Atmosphère or Kosmos release zip containing both sept-primary.bin and sept-secondary.enc must be present on SD or else only keyblob master key derivation is possible (ie. up to master_key_05 only)
Big thanks to CTCaer
For Hekate and all the advice while developing this!

Known Issues
  • Chainloading from SX will hang immediately due to quirks in their hwinit code, please launch payload directly
 

Attachments

  • AB1248EA-8BB9-448B-83F5-FF68C2579FB1.jpeg
    AB1248EA-8BB9-448B-83F5-FF68C2579FB1.jpeg
    11.2 KB · Views: 0
Last edited by shchmue,

oresterosso

Active Member
Newcomer
Joined
May 21, 2015
Messages
40
Trophies
0
Age
48
Website
www.dsitaly.it
XP
850
Country
Italy
You dont need to upload anything. You place a copy of the source code into the folder thats mapped from your host pc into docker and then you can run "make" from the terminal inside your source code folder. No keys need to be added yet, most likely only when support for firmware 17.0.0 comes out, atmosphere will change/add keys.
Unfortunately, my native language is Italian, and using the translator to write in English complicates the way I express myself. I'll still give it a try 😀
We mentioned that the keys to update lockpick/picklock are right here in the Atmosphere repository. You just need to update /source/keys/crypto.h and /source/keys/key_sources.inl with the new keys provided by Atmosphere. But just these keys are not enough to compile lockpick/picklock, right? You need to load the lockpick/picklock source code and make modifications, presumably by adding the keys somewhere. Basically, it's this step that I can't understand.
 

blindseer

Past Generation Gamer
Member
Joined
Jan 17, 2015
Messages
444
Trophies
0
Location
Earth
XP
875
Country
United States
git is just software. Githlab, Gitea, Gitbucket etc are all different selfhostable github alternatives.



I deleted the repository. Multiple sources told me that its not worth getting a letter from Nintendo and i should not risk getting the same fate/blame from them as as Gary did. I still have a private repository for .. "archival" purposes.

The keys to update lockpick/picklock are right here in the Atmosphere repository. You just have to update /source/keys/crypto.h and /source/keys/key_sources.inl with the new keys provided by atmosphere. If you look at my commits, they make it pretty clear what goes where.

Again, the keys are not the issue. The issue is that those boot keys are used within lockpick/picklock to dump prod.keys etc, which enables emulators and so on to be able to play illegitimate game copys. That was what the DMCA is about.
I've been looking into this more and I see every key that Id need to modify but one, where do you find the first key in "source/keys/key_sources.inl" at? cause ive been looking through the atosphere page and cant find that key anywhere on it, is it on another page or a key that need to be generated seperatly and if so how?

Found it by going though atmospheres history, never mind.
 

pogisanpolo

New Member
Newbie
Joined
Apr 23, 2023
Messages
4
Trophies
0
Age
34
XP
66
Country
Philippines
Oh I thought he meant a repository in Russia hosting Lockpick, I missed the part where he mentioned prod.keys specifically, so yeah those can be hosted in Russia I guess, but we still have the dilemma of where to host the actual repository without Ninty throwing a tantrum about it.
Is there a GitHub made in Russia? :tpi:

Some digging got me this: gitflic.ru
 
  • Like
Reactions: ShadowOne333

Slluxx

GBATemp Mayor
Developer
Joined
Jul 17, 2019
Messages
604
Trophies
0
XP
2,120
Country
Germany
I am not sure if you guys are aware that "not being able to recieve a dmca" does not mean you will not get sued. Instead, it means that if Nintendo figures out who you are, they will sue you big time instantly. Just like if they would if the counter dmca notice was invalid in their opinion.

DMCA sucks, yes. But it also protects you to an extend.

Also, people have copies of the source code and new versions will pop up, no matter what.
 

Adran_Marit

Walküre's Hacker
Member
Joined
Oct 3, 2015
Messages
3,781
Trophies
1
Location
42*South
XP
4,533
Country
Australia
I am not sure if you guys are aware that "not being able to recieve a dmca" does not mean you will not get sued. Instead, it means that if Nintendo figures out who you are, they will sue you big time instantly. Just like if they would if the counter dmca notice was invalid in their opinion.

DMCA sucks, yes. But it also protects you to an extend.

Also, people have copies of the source code and new versions will pop up, no matter what.
Imb4 syspatch XD
 

pogisanpolo

New Member
Newbie
Joined
Apr 23, 2023
Messages
4
Trophies
0
Age
34
XP
66
Country
Philippines
Ooooh that looks interesting.
If it is indeed a Russian-based GitHub-like repository system, then using that would be almost ideal.
Time to host all those Gigaleaks officially, boiz!
Some OPSEC will be necessary. As @Slluxx pointed out, if Nintendo gets wind of the account owner being somewhere they can act on, they will likely skip the dmca, and may go straight to the guy instead. They can't take down the repo, but may as well try to ruin the life of the guy who put it up there in the first place.
 
  • Like
Reactions: Slluxx

Perfect One

Well-Known Member
Member
Joined
Jul 13, 2017
Messages
211
Trophies
0
Age
33
XP
676
Country
Brazil
Does someone have a working file for me to use on my switch? It's an eternnally hackable one.

If needed, send me via PMs.
 

dogoku

New Member
Newbie
Joined
May 27, 2023
Messages
1
Trophies
0
Age
35
XP
13
Country
Singapore
1. Use 🦆🦆go
2. Search for the thing
3. Click on the reddit result that claims they backed up the source

(i am being vague and not sharing actual link to hopefully keep this alive for longer)
 

Lavaimp

☆ミ
Member
Joined
Apr 14, 2017
Messages
308
Trophies
1
Age
30
Website
www.youtube.com
XP
515
Country
United States
sorry to ask, but would not having the most recent keys happen to be the main reason why i cant look through the romfs of games i actually own? (ToTK and We Love Katamari). I have a version of lockpick_RCM but i think it's out of date, and i'm not entirely sure how to update it now
 

ShadowOne333

QVID PRO QVO
Editorial Team
Joined
Jan 17, 2013
Messages
12,106
Trophies
2
XP
32,408
Country
Mexico
The latest official build still works just fine (16.0.3) - no update needed.
Not sure how feasible it would be, but perhaps a moderator or a new thread could help to maintain new releases of Lockpick alive?
Possibly adding new updates to the OP could help, but that'd need either schmue's or a moderator to add a certain user to be able to edit the OP
 

Slluxx

GBATemp Mayor
Developer
Joined
Jul 17, 2019
Messages
604
Trophies
0
XP
2,120
Country
Germany
Not sure how feasible it would be, but perhaps a moderator or a new thread could help to maintain new releases of Lockpick alive?
Possibly adding new updates to the OP could help, but that'd need either schmue's or a moderator to add a certain user to be able to edit the OP
ill dump new "releases" in this thread. having another one will just be confusing
 

ghjfdtg

Well-Known Member
Member
Joined
Jul 13, 2014
Messages
1,347
Trophies
1
XP
3,224
Country
I don't think it's a good idea to edit the first post. At least not without clarifying that shchmue did not release this binary. Think of it like someone posting binaries in your name after you already received a DMCA takedown.
 

Slluxx

GBATemp Mayor
Developer
Joined
Jul 17, 2019
Messages
604
Trophies
0
XP
2,120
Country
Germany
I don't think it's a good idea to edit the first post. At least not without clarifying that shchmue did not release this binary. Think of it like someone posting binaries in your name after you already received a DMCA takedown.
"in your name" is not quite the case. its open source and anyone can build and distribute it. However i also dont think editing the first post (or making new threads) is a good idea. just dump em in here and leave it like that.

It will be fine, no need to artificially blow this up
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
    Sicklyboy @ Sicklyboy: *teleports behind you* "Nothing personnel, kiddo" +1