This thread is deprecated
For a faster, easier and more up-to-date way of getting keys use Lockpick_RCM by shchmue
If you still want to follow this tutorial and end up with less keys, continue reading the Thread.

WARNING

• DO NOT GIVE OUT ANY OF YOUR KEYS TO ANYONE! I CANNOT STRESS THAT ENOUGH!
• DO NOT SHARE YOUR KEYS BETWEEN MULTIPLE SWITCHES THAT YOU DO/DON'T OWN! SOME ARE CONSOLE-UNIQUE
• DO NOT ASK ME FOR KEYS

LEGEND

• SBK
  SecureBootKey
• TSEC
  Tegra Security Co-processor Key
• eMMC
  Embedded MultiMediaCard (Switch's Onboard Storage)

GOAL
End up with 83+ keys including SBK and TSEC keys. Get Master Key's 0-5. (Master Keys 6 onwards is not done in this tutorial)
Reminder, if you want more up-to-date and much more convenient way to get your Switch's Keys, use Lockpick by shchmue (available in nx-appstore/homebrew store)

Tutorial — (Outdated for Switch's on firmware 6.x or newer)

#1 - Dumping System Keys (Biskeydump)#2 - Dumping Required Files#3 - Hactool Preparation#4 - Dumping KeysFinal WordsTroubleshooting

1. 
   We need to get your Secure Boot Key (SBK) and Tegra Security Co-processor Key (TSEC) before we can get the main keys.
   These are 100% console unique.
   
   
   1. Download and extract biskeydump.bin from biskeydumpvx.zip
      - Follow this tutorial but instead of using CTCaer's Hekate Mod .bin file, use the biskeydump.bin file
      - If the QR Code is Blue, Scan the QR Code with your Phone, Laptop e.t.c
      - If you cant find a device you can scan with, type them out into your PC/Laptop (Its highly recommended to scan the QR Code, as a lot of characters can look like another, O0, Il, rn can look like m, e.t.c)
   2. Once you have the biskeydump of your System, store all the keys you received somewhere safe, I recommend a secure cloud storage aswell as a USB Stick, perhaps even print it.
      - Don't give this to ANYONE, Seriously.
   
   If you get any errors please go to the Troubleshooting Tab.
   
2. 
   
   1. Follow this tutorial AGAIN but this time use CTCaer's Hekate Mod.
      - "Tools" -> "Backup..." -> "Backup eMMC BOOT0/1"
      - "Tools" -> "Backup..." -> "Backup eMMC SYS"
      - Back all the way to the first menu, and choose "Power off"
   2. Take the microSD Card out of your Switch and into your PC.
   3. Copy both "BOOT0" and "BCPKG2-1-Normal-Main" from "sd:/backup/xxxxxx/" (xxxxxx is different for everyone) to "hactool" on your Desktop (create the "hactool" folder)
      - Rename them with .bin at the end, "BOOT0.bin", "BCPKG2-1-Normal-Main.bin"
3. 
   
   1. Download and install Python 2.7.x - NOT Python 3.x.x
      When installing, it will ask you what features you want installed, scroll to the bottom and make sure "Add Python to Path" has "Entire Feature Installed to HDD" option chose (No Red X Icon), otherwise the scripts wont find Python and WILL fail
   2. Download and extract hactool TO THE DESKTOP AND NAME THE FOLDER "hactool"
      On Linux/MacOS: clone and build hactool manually
   3. Right-click this (script originally by tesnos6921, patched by shadowninja108, jakibaki and shchmue)
      - Click "Save link as" / "save as"
      - Set "Save as type" to "All Files"
      - Name it "keys.py"
      And finally save it to the hactool folder you placed in the Desktop.
      NOTICE TO GBATEMP STAFF: The "keys" inside this file, are NOT keys, they are SHA digest hashes used to search through files to find text that matches, which would be the keys.
4. 
   
   1. Press WIN(Btn)+R to open "Run", type "cmd" and press Ctrl+Shift then Enter to open Command Prompt as an Administrator
   2. Type (in order) or Copy the following and paste into Command Prompt (Some Windows Versions use Right Click to Paste, some use CTRL+C)
      python -m pip install --upgrade pip
      pip install lz4
      cd Desktop/hactool
      python keys.py SBK_Here_From_Biskeydump TSEC_Here_From_Biskeydump
   3. It should say: "Now you can do hactool --keyset=keys.txt to use them!", if it does, and there's no warning messages, you're good to go!
   If you get any errors please go to the Troubleshooting Tab.
   
5. 
   You now have a keys.txt file with your console-specific keys inside.
   Rename as needed by any software that requires a different name or file extension, it doesn't matter.
   Though I highly recommend renaming it to prod.keys as this filename for Key file's is becoming a popular choice with other software
   There may be more keys, as the Switch's lifecycle goes on, more and more keys will be needed as the firmwares grow and grow.
   
   • The Hactool warning:

     [WARN] prod.keys does not exist.

     can be safely ignored.
     - if you want to place your "keys.txt" file their, put "keys.txt" on your Desktop and run the following with Administrator Command Prompt (Step #4.1 for instructions):
     

     mkdir -p %USERPROFILE%\.switch
     move "%USERPROFILE%\Desktop\keys.txt" "%USERPROFILE%\.switch\prod.keys"

6. 
   #1 ISSUES:
   

   • Red QR Code Outline

     - The reasons this can occur is quite a rarity, all I can say is to keep rebooting and trying again.
     - If there's a new version of biskeydump out, try using the newer biskeydump.bin

   • QR Code not being scanned by your Reader

     - Align your QR Code Readers alignment overlay with the Blue Square's Corners/Edges, NOT the QR Code's Corners/Edges.
     - Clean your camera lens
     - Be in a bright room
   
   #4 ISSUES:
   

   • File "keys.py", line ...
     print message
     ^
     SyntaxError: Missing parentheses in call to 'print'. Did you mean print(message)?

     - You didn't place SBK and TSEC in the 4th line of the Command in Step #4.2
     - You installed Python 3.x.x when you must use 2.7.x, uninstall python, logout of windows (important it removes python from PATH) and follow Step #3.2 then move back to #4.1

   • import lz4.block
     File "C:\Python27\lib\site-packages\lz4\__init__.py", line 17, in <module>
     from ._version import ( # noqa: F401
     ImportError: DLL load failed: The specified module could not be found.

     - The 2nd line of the Command in Step #4.2 failed without you noticing. Try running the 1st line to upgrade pip and if that goes successfully run the 2nd line to install lz4 and see if it successfully installs.

 

[Hondyn]

put the SBK and TSEC, dont just type SBK and TSEC next to keys.py

alright I ll try it out

 

[andeers]

Is this process firmware dependent?

 

[PRAGMA]

Is this process firmware dependent?

I dont actually know, I do know there are some keys specific to firmwares like masterkey 02+

 

[Hondyn]

Alright, I ll point out some stuffs newbies like me will most likely ask.
________________________________________________________________________

- Python 3x didnt work for me, 2.7 did.
- Back on step 1, you got a bunch of keys out of biskeydump, right? take the key SBK to \/ ReplaceMeWithSBK and the key TSEC to \/ ReplaceMeWithTSEC
python keys.py ReplaceMeWithSBK ReplaceMeWithTSEC:
________________________________________________________________

Way simple for some, way complicated for others, I got mine working all good

--------------------- MERGED ---------------------------

put the SBK and TSEC, dont just type SBK and TSEC next to keys.py

Thanks bro, it worked flawlessly

 

[prism_]

Seems like i tried anything, I'm just dumb... halp.

tried python 3 and 2

Traceback (most recent call last):
File "keys.py", line 25, in <module>
import lz4.block
ImportError: No module named lz4.block

 

[PRAGMA]

Seems like i tried anything, I'm just dumb... halp.

tried python 3 and 2

Traceback (most recent call last):
File "keys.py", line 25, in <module>
import lz4.block
ImportError: No module named lz4.block

Python 3 will NOT ever work. Dont bother trying. Script is specifically for 2.7.x
Follow tutorial again closely. Your missing something obvious.
hint: pip install

 

[prism_]

hint: pip install

did follow it closely and installed everything usually I'm not that dumb, but I'll check a 4th time now or reinstall 2.7 python

 

[icefox]

Hey guys. Everything worked for me, but i only got the Masterkeys 0 and 4 so far. I also tried to decrypt it with the 1-click-decrypt tool, but it does not work, because "section 0" is corrupted. Any ideas?

same here. followed every line to the letter, got keys.txt, found all other keys, but missing master keys 01-03. A few other members experienced the same. Any thoughts why and how to fix?

--------------------- MERGED ---------------------------

I got no error messages but there are no master_key_01-03 only 00 and 04 exists?

same here, followed instruction to the letter, got all other keys, but missing master keys 01-03.

--------------------- MERGED ---------------------------

so guys should this method extract
master_key_01 =
master_key_02 =
master_key_03 =

??

because hacktool seem to require those but I cant find them in the created keys.txt

same here, missing master keys 01-03

 

[prism_]

did follow it closely and installed everything usually I'm not that dumb, but I'll check a 4th time now or reinstall 2.7 python

fixed it myself, weird.. but fixed. merged the python folder into hactool folder now it works fine.

 

[CuriousTommy]

It worked somehow but now i get these errors

Using BOOT0.bin to get keys from package1...
Deriving keys...
Traceback (most recent call last):
File "keys.py", line 374, in <module>
stage0_results = subprocess.check_output([HACTOOL_PATH, "--keyset=keys.txt", "--intype=keygen", "BOOT0.bin"])
File "/usr/lib/python2.7/subprocess.py", line 212, in check_output
process = Popen(stdout=PIPE, *popenargs, **kwargs)
File "/usr/lib/python2.7/subprocess.py", line 390, in __init__
errread, errwrite)
File "/usr/lib/python2.7/subprocess.py", line 1024, in _execute_child
raise child_exception
OSError: [Errno 2] No such file or directory

Can work on linux ?

The script didn't load :-/

anyway, work well on VM

Okay, so I figured out why it was not working. If you look at the python script, the path to the hactool is set like this:

HACTOOL_PATH = "hactool"

You need to set it to this

HACTOOL_PATH = "./hactool"

Once you fix that, the python script works great!

Edit: Don't forget to compile the hactool source code and put the newly created binary file next to keys.py.

 

[SexiestManAlive]

Can someone help, im typing in cd Desktop/hactool, but its saying the system cannot find the path specified

 

[M7L7NK7]

Open the folder that it's in, hold shift then right click and open command window here

 

[SexiestManAlive]

Open the folder that it's in, hold shift then right click and open command window here

thanks, but now im getting an error
Traceback (most recent call last):
File "keys.py", line 25, in <module>
import lz4.block
File "C:\Python27\lib\site-packages\lz4\__init__.py", line 11, in <module>
from ._version import ( # noqa: F401
ImportError: DLL load failed: The specified module could not be found.

 

[kamo]

Now, dll load failed the specified module could not be found
what the hell?

--------------------- MERGED ---------------------------

Same problem, any solution for this?

 

[DJT1M/T1MLPD3]

Wanted to decrypt a xci, then a nca, getting this error :/

 

[Cerealz]

+1 to having the "missing master keys 01-03." issue.
Can anyone that successfully created the keys file with these 01-03, share which fw version was the dumps made? (Just to know if it's a fw version related issue)

Also, i compared the generated keys file(hactool) with another "floating around internet" keys file..and all the master_key_00 ; header_key; aes_kek_generation_source; etc.. have the same value/string.
Are these the same for every switch and only the master_key_01 - 03 are different ?

Thks.

 

[Nitsuka]

guys it is written that this tutorial gives masterkey 0-4, i think he wanted to write masterkey-00 and masterkey-04 so it is normal I suppose

 

[Ty_]

Wanted to decrypt a xci, then a nca, getting this error :/

View attachment 131693

I've deal with and seen this a bunch of times, AFAIK it's a problem with your keys file. Either you're mi

guys it is written that this tutorial gives masterkey 0-4, i think he wanted to write masterkey-00 and masterkey-04 so it is normal I suppose

Yeah, seems to be confusion over this. For me personally I only have 00 and 04, and it worked fine for me once I'd set up the keys.ini properly

 

[DJT1M/T1MLPD3]

I've deal with and seen this a bunch of times, AFAIK it's a problem with your keys file. Either you're mi


Yeah, seems to be confusion over this. For me personally I only have 00 and 04, and it worked fine for me once I'd set up the keys.ini properly

No, not really, used a batch script which gives me this error, hactoolgui works without problems :thinking:

 

[Ofdas23]

Hello, I am stuck doing this tutorial because I am using mac. If I run "python keys.py ReplaceMeWithSBK ReplaceMeWithTSEC" (Yes, I replaced them with SBK and TSEC) I am getting this error:

Using BOOT0.bin to get keys from package1...
Deriving keys...
Traceback (most recent call last):
File "keys.py", line 374, in <module>
stage0_results = subprocess.check_output([HACTOOL_PATH, "--keyset=keys.txt", "--intype=keygen", "BOOT0.bin"])
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/subprocess.py", line 216, in check_output
process = Popen(stdout=PIPE, *popenargs, **kwargs)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/subprocess.py", line 394, in __init__
errread, errwrite)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/subprocess.py", line 1047, in _execute_child
raise child_exception
OSError: [Errno 2] No such file or directory.

Can someone help me, please?
I appreciate every answer!