1. PRAGMA

    OP PRAGMA GBAtemp Addict
    Member

    Joined:
    Dec 29, 2015
    Messages:
    2,183
    Country:
    Ireland
    This thread is deprecated
    For a faster, easier and more up-to-date way of getting keys use Lockpick_RCM by shchmue
    If you still want to follow this tutorial and end up with less keys, continue reading the Thread.


    WARNING
    • DO NOT GIVE OUT ANY OF YOUR KEYS TO ANYONE! I CANNOT STRESS THAT ENOUGH!
    • DO NOT SHARE YOUR KEYS BETWEEN MULTIPLE SWITCHES THAT YOU DO/DON'T OWN! SOME ARE CONSOLE-UNIQUE
    • DO NOT ASK ME FOR KEYS


    LEGEND
    • SBK
      SecureBootKey
    • TSEC
      Tegra Security Co-processor Key
    • eMMC
      Embedded MultiMediaCard (Switch's Onboard Storage)


    GOAL
    End up with 83+ keys including SBK and TSEC keys. Get Master Key's 0-5. (Master Keys 6 onwards is not done in this tutorial)
    Reminder, if you want more up-to-date and much more convenient way to get your Switch's Keys, use Lockpick by shchmue (available in nx-appstore/homebrew store)


    Tutorial — (Outdated for Switch's on firmware 6.x or newer)



    • We need to get your Secure Boot Key (SBK) and Tegra Security Co-processor Key (TSEC) before we can get the main keys.
      These are 100% console unique.

      1. Download and extract biskeydump.bin from biskeydumpvx.zip
        - Follow this tutorial but instead of using CTCaer's Hekate Mod .bin file, use the biskeydump.bin file
        - If the QR Code is Blue, Scan the QR Code with your Phone, Laptop e.t.c
        - If you cant find a device you can scan with, type them out into your PC/Laptop (Its highly recommended to scan the QR Code, as a lot of characters can look like another, O0, Il, rn can look like m, e.t.c)
      2. Once you have the biskeydump of your System, store all the keys you received somewhere safe, I recommend a secure cloud storage aswell as a USB Stick, perhaps even print it.
        - Don't give this to ANYONE, Seriously.

      If you get any errors please go to the Troubleshooting Tab.


      1. Follow this tutorial AGAIN but this time use CTCaer's Hekate Mod.
        - "Tools" -> "Backup..." -> "Backup eMMC BOOT0/1"
        - "Tools" -> "Backup..." -> "Backup eMMC SYS"
        - Back all the way to the first menu, and choose "Power off"
      2. Take the microSD Card out of your Switch and into your PC.
      3. Copy both "BOOT0" and "BCPKG2-1-Normal-Main" from "sd:/backup/xxxxxx/" (xxxxxx is different for everyone) to "hactool" on your Desktop (create the "hactool" folder)
        - Rename them with .bin at the end, "BOOT0.bin", "BCPKG2-1-Normal-Main.bin"

      1. Download and install Python 2.7.x - NOT Python 3.x.x
        When installing, it will ask you what features you want installed, scroll to the bottom and make sure "Add Python to Path" has "Entire Feature Installed to HDD" option chose (No Red X Icon), otherwise the scripts wont find Python and WILL fail
      2. Download and extract hactool TO THE DESKTOP AND NAME THE FOLDER "hactool"
        On Linux/MacOS: clone and build hactool manually
      3. Right-click this (script originally by tesnos6921, patched by shadowninja108, jakibaki and shchmue)
        - Click "Save link as" / "save as"
        - Set "Save as type" to "All Files"
        - Name it "keys.py"
        And finally save it to the hactool folder you placed in the Desktop.
        NOTICE TO GBATEMP STAFF: The "keys" inside this file, are NOT keys, they are SHA digest hashes used to search through files to find text that matches, which would be the keys.

      1. Press WIN(Btn)+R to open "Run", type "cmd" and press Ctrl+Shift then Enter to open Command Prompt as an Administrator
      2. Type (in order) or Copy the following and paste into Command Prompt (Some Windows Versions use Right Click to Paste, some use CTRL+C)
        python -m pip install --upgrade pip
        pip install lz4
        cd Desktop/hactool

        python keys.py SBK_Here_From_Biskeydump TSEC_Here_From_Biskeydump
      3. It should say: "Now you can do hactool --keyset=keys.txt to use them!", if it does, and there's no warning messages, you're good to go! :O
      If you get any errors please go to the Troubleshooting Tab.

    • You now have a keys.txt file with your console-specific keys inside.
      Rename as needed by any software that requires a different name or file extension, it doesn't matter.
      Though I highly recommend renaming it to prod.keys as this filename for Key file's is becoming a popular choice with other software
      There may be more keys, as the Switch's lifecycle goes on, more and more keys will be needed as the firmwares grow and grow.
      • The Hactool warning:
        Code:
        [WARN] prod.keys does not exist.
        can be safely ignored.
        - if you want to place your "keys.txt" file their, put "keys.txt" on your Desktop and run the following with Administrator Command Prompt (Step #4.1 for instructions):
        Code:
        mkdir -p %USERPROFILE%\.switch
        move "%USERPROFILE%\Desktop\keys.txt" "%USERPROFILE%\.switch\prod.keys"
        

    • #1 ISSUES:
      • Code:
        Red QR Code Outline
        - The reasons this can occur is quite a rarity, all I can say is to keep rebooting and trying again.
        - If there's a new version of biskeydump out, try using the newer biskeydump.bin
      • Code:
        QR Code not being scanned by your Reader
        - Align your QR Code Readers alignment overlay with the Blue Square's Corners/Edges, NOT the QR Code's Corners/Edges.
        - Clean your camera lens
        - Be in a bright room

      #4 ISSUES:
      • Code:
        File "keys.py", line ...
        print message
        ^
        SyntaxError: Missing parentheses in call to 'print'. Did you mean print(message)?
        - You didn't place SBK and TSEC in the 4th line of the Command in Step #4.2
        - You installed Python 3.x.x when you must use 2.7.x, uninstall python, logout of windows (important it removes python from PATH) and follow Step #3.2 then move back to #4.1
      • Code:
        import lz4.block
        File "C:\Python27\lib\site-packages\lz4\__init__.py", line 17, in <module>
        from ._version import ( # noqa: F401
        ImportError: DLL load failed: The specified module could not be found.
        - The 2nd line of the Command in Step #4.2 failed without you noticing. Try running the 1st line to upgrade pip and if that goes successfully run the 2nd line to install lz4 and see if it successfully installs.
     
    Last edited by shchmue, Oct 16, 2019
  2. Haugh645

    Haugh645 Member
    Newcomer

    Joined:
    Jul 12, 2011
    Messages:
    15
    Country:
    United States
    when you install python make sure to also pip install lz4 or it wont work.
     
  3. xXxSwagnemitexXx

    xXxSwagnemitexXx meme machine
    Member

    Joined:
    Dec 7, 2016
    Messages:
    657
    Country:
    United Kingdom
    nice use of tabs and information boxes

    i may use this turorial in the future
     
  4. evans112682

    evans112682 Member
    Newcomer

    Joined:
    Mar 30, 2009
    Messages:
    26
    Country:
    United States
    @RISEofProBB I followed the tutorial but your instructions on the keys.ini file are incomplete. Read over everything and it does not say what is supposed to be in the .ini file. Also when I tried to execute the command it gives me an error for LZ4. I see @Haugh645 mentions it needs installed but can you link the file and how to install it on Windows. Thanks
     
  5. PRAGMA

    OP PRAGMA GBAtemp Addict
    Member

    Joined:
    Dec 29, 2015
    Messages:
    2,183
    Country:
    Ireland
    Forgot, updated, Thanks.

    — Posts automatically merged - Please don't double post! —

    I updated the tutorial and keys.ini you never have to mess with, the keys.py creates the keys.txt then u just change it to an .ini, done.
     
  6. Cyan

    Cyan GBATemp's lurking knight
    Former Staff

    Joined:
    Oct 27, 2002
    Messages:
    23,147
    Country:
    France
    Nice to see users start using tabs for better tutorials layout :)
    Tables have been added recently too.
     
    Last edited by Cyan, Jun 11, 2018
  7. evans112682

    evans112682 Member
    Newcomer

    Joined:
    Mar 30, 2009
    Messages:
    26
    Country:
    United States
    @RISEofProBB I was referring to the keys.ini file you refer to in "Step 3 - File Preparation". Step 6 of that section says to put the keys.ini file next to hactool.exe. if we do not have that file until the final output than how are we supposed to add it in this step?

    Also how do we install LZ4 in Windows? What file do we need?
     
  8. PRAGMA

    OP PRAGMA GBAtemp Addict
    Member

    Joined:
    Dec 29, 2015
    Messages:
    2,183
    Country:
    Ireland
    My bad, removed, skip that step.
     
    Zaybokk and evans112682 like this.
  9. Tommy084

    Tommy084 GBAtemp Regular
    Member

    Joined:
    Feb 24, 2013
    Messages:
    119
    Country:
    Norway
    Type in «pip install lz4» in cmd

    i get this error tho
    Using BOOT0.bin to get keys from package1...
    Could not find keyblob_key_source_xx! Please check the integrity of the data used in the current stage!
    Windows 10 32 bit
    Switch 2.3.0

    Thanks for reply, but after dumping boot0 with ctchekate 2.3 and renameing it, still the same error.
    Gonna try with fat32 formated sd and dump again
     
    Last edited by Tommy084, Jun 11, 2018
  10. PRAGMA

    OP PRAGMA GBAtemp Addict
    Member

    Joined:
    Dec 29, 2015
    Messages:
    2,183
    Country:
    Ireland
    Your boot0 is probably corrupt in some way or you didnt rename it to .bin
     
    Tommy084 likes this.
  11. Davelo

    Davelo Advanced Member
    Newcomer

    Joined:
    Feb 10, 2018
    Messages:
    50
    Country:
    Bahrain
    I have a problem where i did "pip install lz4" but still get the lz4 error message

    Traceback (most recent call last):
    File "keys.py", line 25, in <module>
    import lz4.block
    ModuleNotFoundError: No module named 'lz4'

    any solution?
     
  12. SirNapkin1334

    SirNapkin1334 Renound Aritst
    Member

    Joined:
    Aug 20, 2017
    Messages:
    1,666
    Country:
    United States
    Are there any console-unique keys besides TSEC and SBK? If so, does this dump them?

    — Posts automatically merged - Please don't double post! —

    Try sudo pip install lz4
    Also try (can’t sure if this is correct, might be off) py -mpip instal lz4
    I haven’t used pip in a long time but if i remember correctly that might work.
     
    Endlessclouds likes this.
  13. Davelo

    Davelo Advanced Member
    Newcomer

    Joined:
    Feb 10, 2018
    Messages:
    50
    Country:
    Bahrain
    It worked somehow but now i get these errors

    Using BOOT0.bin to get keys from package1...
    Deriving keys...
    Traceback (most recent call last):
    File "keys.py", line 374, in <module>
    stage0_results = subprocess.check_output([HACTOOL_PATH, "--keyset=keys.txt", "--intype=keygen", "BOOT0.bin"])
    File "/usr/lib/python2.7/subprocess.py", line 212, in check_output
    process = Popen(stdout=PIPE, *popenargs, **kwargs)
    File "/usr/lib/python2.7/subprocess.py", line 390, in __init__
    errread, errwrite)
    File "/usr/lib/python2.7/subprocess.py", line 1024, in _execute_child
    raise child_exception
    OSError: [Errno 2] No such file or directory
     
  14. Clydefrosch

    Clydefrosch GBAtemp Guru
    Member

    Joined:
    Jan 2, 2009
    Messages:
    5,640
    Country:
    Germany
    just to be sure, the keys this generates, are they unique in any way, or are they the same ones you can find with a google search?
     
  15. PRAGMA

    OP PRAGMA GBAtemp Addict
    Member

    Joined:
    Dec 29, 2015
    Messages:
    2,183
    Country:
    Ireland
    Then you didnt install lz4 properly.

    — Posts automatically merged - Please don't double post! —

    Realistically all the keys are derived from the SBK, TSEC and Master Key 0-4, so realistically all of them are, but arent.

    — Posts automatically merged - Please don't double post! —

    There are no keys on google. Those are SHA digests used to find the keys in files. They are NOT keys.
     
  16. kevandkkim

    kevandkkim Advanced Member
    Newcomer

    Joined:
    Nov 22, 2016
    Messages:
    63
    Country:
    United States
    Im not sure how else to install lz4? requirements say it is good for 2.7.

    Traceback (most recent call last):
    File "keys.py", line 25, in <module>
    import lz4.block
    File "C:\Python27\lib\site-packages\lz4\__init__.py", line 11, in <module>
    from ._version import ( # noqa: F401
    ImportError: DLL load failed: The specified module could not be found.
     
  17. LordVe

    LordVe Member
    Newcomer

    Joined:
    May 28, 2018
    Messages:
    22
    Country:
    United States
    Question: Does this derive the SDSeed key for NAX0 decrypting? That is the only key I haven't a clue how to get...
     
  18. strangequark

    strangequark Newbie
    Newcomer

    Joined:
    May 15, 2018
    Messages:
    2
    Country:
    United States
    I also got this problem, can someone help?
     
  19. SirNapkin1334

    SirNapkin1334 Renound Aritst
    Member

    Joined:
    Aug 20, 2017
    Messages:
    1,666
    Country:
    United States
    Actually, they are on Google, you just know what to search for (found a file containing every single key, not the SHAs).
     
  20. dfsfds2

    dfsfds2 Member
    Newcomer

    Joined:
    Apr 7, 2018
    Messages:
    27
    Country:
    China
    The following error occurred while using the "python keys.py <SBKSecureBootKey> <TSEC>" command
     

    Attached Files:

Draft saved Draft deleted
Loading...

Hide similar threads Similar threads with keywords - Decrypting, Hactool, Switch