Front-page Hacking RELEASE  Updated

Lockpick_RCM payload - Official Thread


Description
Lockpick_RCM is a bare metal Nintendo Switch payload that derives encryption keys for use in Switch file handling software like hactool, hactoolnet/LibHac, ChoiDujour, etc. without booting Horizon OS.

Source: https://github.com/shchmue/Lockpick_RCM
Payload: https://github.com/shchmue/Lockpick_RCM/releases

Due to changes imposed by firmware 7.0.0, Lockpick homebrew can no longer derive the latest keys. In the boot-time environment however, there are fewer limitations. That means the new keys are finally easy to dump!

Usage
  • Launch Lockpick_RCM.bin using your favorite payload injector or chainload from Hekate by placing it in /bootloader/payloads
  • Upon completion, keys will be saved to /switch/prod.keys on SD
  • If the console has Firmware 7.x, the /sept/ folder from Atmosphère or Kosmos release zip containing both sept-primary.bin and sept-secondary.enc must be present on SD or else only keyblob master key derivation is possible (ie. up to master_key_05 only)
Big thanks to CTCaer
For Hekate and all the advice while developing this!

Known Issues
  • Chainloading from SX will hang immediately due to quirks in their hwinit code, please launch payload directly
 

Attachments

  • AB1248EA-8BB9-448B-83F5-FF68C2579FB1.jpeg
    AB1248EA-8BB9-448B-83F5-FF68C2579FB1.jpeg
    11.2 KB · Views: 0
Last edited by shchmue,
  • Like
Reactions: NotUsingAnAltAccount, BigOnYa, Blythe93 and 74 others
Click to expand...
impeeza

impeeza

¡Kabito!
Member
Level 27
Joined
Apr 5, 2011
Messages
6,361
Trophies
3
Age
46
Location
At my chair.
XP
18,717
Country
Colombia
oresterosso said:
is it hosted on github?

Why not learn the lesson and keep going to GitHub?
Click to expand...
¿?

is it hosted on github?
Has the developer taken the DMCA issue into account?
Click to expand...
Nop, Was, hosted, and obviously was DMCA



Why not learn the lesson and keep going to GitHub?
Click to expand...
Because the scene has been using GitHub for more than 10 years, and yes, people are looking for alternatives.
 
impeeza

impeeza

¡Kabito!
Member
Level 27
Joined
Apr 5, 2011
Messages
6,361
Trophies
3
Age
46
Location
At my chair.
XP
18,717
Country
Colombia
urherenow said:
Wait... how was lockpick updated before Atmosphere? I know how to update it, but I need Atmosphere source to get the relevant changes. Whomever did the update... TEACH ME!!! :D
Click to expand...
Yeah, some people on Discord got the numbers, normally we waited to the Atmosphere code teach us about that codes but well is on the air now.
 
  • Like
Reactions: BigOnYa and w0nd3rb0yfx
J4115

J4115

Member
Newcomer
Level 1
Joined
Mar 29, 2024
Messages
5
Trophies
0
Age
21
XP
22
Country
Venezuela
Needing some help here. It seems like my sdcard got corrupted and I'm trying to use lockpick to get the keys to use nandmanager to recover some saves before trying to format it.

This is what happens, it seems that the sdcard does not allow modifying its contents, I keep getting this error

[FatFS] error: WLIO
Unable to save keys to SD

Does anyone know if there is any way to fix this?
 
urherenow

urherenow

Well-Known Member
Member
Level 13
Joined
Mar 8, 2009
Messages
4,780
Trophies
2
Age
48
Location
Japan
XP
3,680
Country
United States
J4115 said:
Needing some help here. It seems like my sdcard got corrupted and I'm trying to use lockpick to get the keys to use nandmanager to recover some saves before trying to format it.

This is what happens, it seems that the sdcard does not allow modifying its contents, I keep getting this error

[FatFS] error: WLIO
Unable to save keys to SD

Does anyone know if there is any way to fix this?
Click to expand...
IMMEDIATELY try to copy the contents to your PC. If you use a RAW partition for emummc, you can use win32diskimager (Imagewriter: https://sourceforge.net/projects/win32diskimager/) to copy that, but may need to use widows disk management to assign a drive letter to the partition (and ignore Windows' requests to format it).

From there, you can either try to format with nyx, then copy everything back, or use a new card. It's highly recommended to use a new card.

Were you using exFAT?
 
  • Like
Reactions: kidkat210
J4115

J4115

Member
Newcomer
Level 1
Joined
Mar 29, 2024
Messages
5
Trophies
0
Age
21
XP
22
Country
Venezuela
I formatted it to fat32 before starting the hacking process.

I will try that later and communicate the results but I have no idea if it will work, I still have many doubts about this case.

Anyway thanks for the help.
 
impeeza

impeeza

¡Kabito!
Member
Level 27
Joined
Apr 5, 2011
Messages
6,361
Trophies
3
Age
46
Location
At my chair.
XP
18,717
Country
Colombia
J4115 said:
Needing some help here. It seems like my sdcard got corrupted and I'm trying to use lockpick to get the keys to use nandmanager to recover some saves before trying to format it.

This is what happens, it seems that the sdcard does not allow modifying its contents, I keep getting this error

[FatFS] error: WLIO
Unable to save keys to SD

Does anyone know if there is any way to fix this?
Click to expand...

Your card is corrupted, Backup all files on your SD card on your pc, format it to fat 32 using fat32 format (https://gbatemp.net/download/gui-format.33869/) or Hekate; then test your sd card using H2Testw (https://www.heise.de/download/product/h2testw-50539)


urherenow said:
IMMEDIATELY try to copy the contents to your PC. If you use a RAW partition for emummc, you can use win32diskimager (Imagewriter: https://sourceforge.net/projects/win32diskimager/) to copy that, but may need to use widows disk management to assign a drive letter to the partition (and ignore Windows' requests to format it).

From there, you can either try to format with nyx, then copy everything back, or use a new card. It's highly recommended to use a new card.

Were you using exFAT?
Click to expand...
Also EmuTool https://github.com/TheyKilledKenny/Emutool/releases allows you to backup/convert your RAW Partition EmuNAND to files, then you can use the set of files to create the Raw Partition on another SD Card or use these files for File Based EmuNAND.
 
  • Like
Reactions: Blythe93

Site & Scene News

Go to forum More news

Popular threads in this forum

Homebrew Tutorial  Building Pagascape from source to running Self Hosted mode on Windows and MSYS

Hacking Misc  Getting the MIG Switch to load an XCI dump without its original Initial Data

mig switch not working/updating??

Fusee.bin with the new Pre-release of Atmoshere 1.7.0

DBI language error

Rumor  April Nintendo Direct Leak + New Ubisoft IP?

April Nintendo Direct Leak

Can you trade in a banned switch for an unbanned one?

General chit-chat
Help Users
    K3Nv2 @ K3Nv2: So salty