Hacking RELEASE CertNXtractionPack - Get your Switch cert from a NAND dump!

[SimonMKWii]

Bumping this because it's much better than my other release, and I want to remove the focus on that dramatised topic...

 

[SilverfalconLP]

i obtain keys for .py but on lauch have "NameError: name 'key_x_gak' is not defined" ,any help?

 

[SimonMKWii]

i obtain keys for .py but on lauch have "NameError: name 'key_x_gak' is not defined" ,any help?

Which version of python are you using?

 

[SilverfalconLP]

Which version of python are you using?

python 3 on windows ,im look .py and obtain on first "B011100660D1...................." put on convert to der and have "Failed to read Client Cert from clcert.der!"

 

[subcon959]

My copy+paste muscles were aching after this but got there in the end lol.
Cheers

Edit: meant to post that in the other thread but they're related so it still counts.

Edit2: just a heads up, to get asn1 you gotta do a "pip3 install future" before you do "pip3 install asn1"

 

[Addconsult]

What if my "friend" would share his titelkey for a game. Would i be able to run it after i extract my cert key and use your HACDN tool to download it and then apply the "borrowed" titlekey? Have you tried this?

 

[DotDotDot]

My copy+paste muscles were aching after this but got there in the end lol.
Cheers

Edit: meant to post that in the other thread but they're related so it still counts.

Edit2: just a heads up, to get asn1 you gotta do a "pip3 install future" before you do "pip3 install asn1"

Error when running 02, Cannot enter a non-constructed tag. Line 59. Any ideas? Thanks.

 

[ut0pia]

Want your cert to access Nintendo's CDN, but you're not on 3.0.0 anymore so you can't run the PegaSwitch script?
Don't worry, I've got you covered!
Included in the pack is everything you need to generate a pfx certificate file from a NAND dump!

Usage:

• First, make sure Python3 and both the asn1 and pycrypto modules are installed.
• Next, copy your PRODINFO.bin partition into the folder
• Now, add the required keydata into "00_generate_ssl_kek.py", then run it; this will output the ssl_kek.
• Add the generated ssl_kek into "01_decrypt_privk_extract_cert.py", then run it, that will decrypt your private key and extract your cert.
• Then, run "02_convert_to_der.py", which will convert the extracted files into DER.
• Lastly, run "03_save_as_pfx.bat" to save it as an installable PFX certificate!
• Voila! You can now find your generated certificate in the new folder named "Out"!

How 2 get dem keyz???

• The first key is generated by XORing the AES_KEK (kek_mask 0) with the CryptoUsecase_RsaPrivate seed (kek_seed 1).
• The second key is the original master key, you can extract it from your keyblobs using hactool.
• The third and fourth keys are plaintext in the ssl sysmodule NSO.
• Or alternatively, you can skip this entire step by finding the ssl_kek online, not giving links for obvious reasons... (Trust me, it's out there!)

Massive thanks to @SocraticBliss for helping me out with the python stuff and @SciresM for the RSA calcs required in script 02.

How do you get required keydata in step 3 ? Extracted my PRODINFO.bin from my nand backup but i don't know where to start

Didn't even read the tuto...

 

[Xyphoseos]

Is there another way to do it with a 3.0.0 ?

 

[DotDotDot]

Error when running 02, Cannot enter a non-constructed tag. Line 59. Any ideas? Thanks.

Finally, I got the final file. Thanks to the author. @SimonMKWii
Things user need to notice is that, you have to ensure the PRODINFO.bin is decrypted by your BIS keys.

 

[Mazamin]

python 3 on windows ,im look .py and obtain on first "B011100660D1...................." put on convert to der and have "Failed to read Client Cert from clcert.der!"

Same error here

 

[AlphaSapphire]

does this mean that I can dump carts and install them to my console then I can use the cart on another console?

 

[yyoossk]

rsa_private_kek_generation_source = uhx('EF2C........................')
binascii.Error: Non-hexadecimal digit found

 

[SimonMKWii]

rsa_private_kek_generation_source = uhx('EF2C........................')
binascii.Error: Non-hexadecimal digit found

Yes, you need to fill in the keydata yourself.

 

[yyoossk]

how to find?
rsa private kek generation source

--------------------- MERGED ---------------------------

in PRODINFO?
http://archive.is/DrJTH

 

[Mat37]

When i load 03_save_as_pfx.bat it says cat isn't recognized a command or program and the final pfx is 0 byte long

 

[Gnarmagon]

You plan on making a github repository ?
(for pull requests ^^)

 

[nashstrife]

your the best.. keep up the good work.

 

[Imancol]

@SimonMKWii I get this error

Traceback (most recent call last):
File "C:\Users\Iman\Documents\Nintendo\Switch\Hacks\Shop\CertNXtractionPack\00_generate_ssl_kek.py", line 3, in <module>
from Crypto.Cipher import AES
ModuleNotFoundError: No module named 'Crypto'

 

[Gnarmagon]

pip install pycryptodome

--------------------- MERGED ---------------------------

Do you even know how to write Python code ???
I mean that code looks horrible... and btw what are rpk_key_y and key_x_gak ? both variables are undefined...