This thread is deprecated
For a faster, easier and more up-to-date way of getting keys use Lockpick_RCM by shchmue
If you still want to follow this tutorial and end up with less keys, continue reading the Thread.

WARNING

• DO NOT GIVE OUT ANY OF YOUR KEYS TO ANYONE! I CANNOT STRESS THAT ENOUGH!
• DO NOT SHARE YOUR KEYS BETWEEN MULTIPLE SWITCHES THAT YOU DO/DON'T OWN! SOME ARE CONSOLE-UNIQUE
• DO NOT ASK ME FOR KEYS

LEGEND

• SBK
  SecureBootKey
• TSEC
  Tegra Security Co-processor Key
• eMMC
  Embedded MultiMediaCard (Switch's Onboard Storage)

GOAL
End up with 83+ keys including SBK and TSEC keys. Get Master Key's 0-5. (Master Keys 6 onwards is not done in this tutorial)
Reminder, if you want more up-to-date and much more convenient way to get your Switch's Keys, use Lockpick by shchmue (available in nx-appstore/homebrew store)

Tutorial — (Outdated for Switch's on firmware 6.x or newer)

#1 - Dumping System Keys (Biskeydump)#2 - Dumping Required Files#3 - Hactool Preparation#4 - Dumping KeysFinal WordsTroubleshooting

1. 
   We need to get your Secure Boot Key (SBK) and Tegra Security Co-processor Key (TSEC) before we can get the main keys.
   These are 100% console unique.
   
   
   1. Download and extract biskeydump.bin from biskeydumpvx.zip
      - Follow this tutorial but instead of using CTCaer's Hekate Mod .bin file, use the biskeydump.bin file
      - If the QR Code is Blue, Scan the QR Code with your Phone, Laptop e.t.c
      - If you cant find a device you can scan with, type them out into your PC/Laptop (Its highly recommended to scan the QR Code, as a lot of characters can look like another, O0, Il, rn can look like m, e.t.c)
   2. Once you have the biskeydump of your System, store all the keys you received somewhere safe, I recommend a secure cloud storage aswell as a USB Stick, perhaps even print it.
      - Don't give this to ANYONE, Seriously.
   
   If you get any errors please go to the Troubleshooting Tab.
   
2. 
   
   1. Follow this tutorial AGAIN but this time use CTCaer's Hekate Mod.
      - "Tools" -> "Backup..." -> "Backup eMMC BOOT0/1"
      - "Tools" -> "Backup..." -> "Backup eMMC SYS"
      - Back all the way to the first menu, and choose "Power off"
   2. Take the microSD Card out of your Switch and into your PC.
   3. Copy both "BOOT0" and "BCPKG2-1-Normal-Main" from "sd:/backup/xxxxxx/" (xxxxxx is different for everyone) to "hactool" on your Desktop (create the "hactool" folder)
      - Rename them with .bin at the end, "BOOT0.bin", "BCPKG2-1-Normal-Main.bin"
3. 
   
   1. Download and install Python 2.7.x - NOT Python 3.x.x
      When installing, it will ask you what features you want installed, scroll to the bottom and make sure "Add Python to Path" has "Entire Feature Installed to HDD" option chose (No Red X Icon), otherwise the scripts wont find Python and WILL fail
   2. Download and extract hactool TO THE DESKTOP AND NAME THE FOLDER "hactool"
      On Linux/MacOS: clone and build hactool manually
   3. Right-click this (script originally by tesnos6921, patched by shadowninja108, jakibaki and shchmue)
      - Click "Save link as" / "save as"
      - Set "Save as type" to "All Files"
      - Name it "keys.py"
      And finally save it to the hactool folder you placed in the Desktop.
      NOTICE TO GBATEMP STAFF: The "keys" inside this file, are NOT keys, they are SHA digest hashes used to search through files to find text that matches, which would be the keys.
4. 
   
   1. Press WIN(Btn)+R to open "Run", type "cmd" and press Ctrl+Shift then Enter to open Command Prompt as an Administrator
   2. Type (in order) or Copy the following and paste into Command Prompt (Some Windows Versions use Right Click to Paste, some use CTRL+C)
      python -m pip install --upgrade pip
      pip install lz4
      cd Desktop/hactool
      python keys.py SBK_Here_From_Biskeydump TSEC_Here_From_Biskeydump
   3. It should say: "Now you can do hactool --keyset=keys.txt to use them!", if it does, and there's no warning messages, you're good to go!
   If you get any errors please go to the Troubleshooting Tab.
   
5. 
   You now have a keys.txt file with your console-specific keys inside.
   Rename as needed by any software that requires a different name or file extension, it doesn't matter.
   Though I highly recommend renaming it to prod.keys as this filename for Key file's is becoming a popular choice with other software
   There may be more keys, as the Switch's lifecycle goes on, more and more keys will be needed as the firmwares grow and grow.
   
   • The Hactool warning:

     [WARN] prod.keys does not exist.

     can be safely ignored.
     - if you want to place your "keys.txt" file their, put "keys.txt" on your Desktop and run the following with Administrator Command Prompt (Step #4.1 for instructions):
     

     mkdir -p %USERPROFILE%\.switch
     move "%USERPROFILE%\Desktop\keys.txt" "%USERPROFILE%\.switch\prod.keys"

6. 
   #1 ISSUES:
   

   • Red QR Code Outline

     - The reasons this can occur is quite a rarity, all I can say is to keep rebooting and trying again.
     - If there's a new version of biskeydump out, try using the newer biskeydump.bin

   • QR Code not being scanned by your Reader

     - Align your QR Code Readers alignment overlay with the Blue Square's Corners/Edges, NOT the QR Code's Corners/Edges.
     - Clean your camera lens
     - Be in a bright room
   
   #4 ISSUES:
   

   • File "keys.py", line ...
     print message
     ^
     SyntaxError: Missing parentheses in call to 'print'. Did you mean print(message)?

     - You didn't place SBK and TSEC in the 4th line of the Command in Step #4.2
     - You installed Python 3.x.x when you must use 2.7.x, uninstall python, logout of windows (important it removes python from PATH) and follow Step #3.2 then move back to #4.1

   • import lz4.block
     File "C:\Python27\lib\site-packages\lz4\__init__.py", line 17, in <module>
     from ._version import ( # noqa: F401
     ImportError: DLL load failed: The specified module could not be found.

     - The 2nd line of the Command in Step #4.2 failed without you noticing. Try running the 1st line to upgrade pip and if that goes successfully run the 2nd line to install lz4 and see if it successfully installs.

 

[shchmue]

what did i do wrong here

you ran an administrative command prompt. the cd command in the tutorial assumes a non-elevated prompt and uses a relative path.
instead type

cd %UserProfile%\Desktop\hactool

and you'll be in the right place
@ShinyMK this might be worth changing in step 4 so it works regardless, or at least mentioning to use a regular cmd. iirc Windows 7 and earlier defaults to admin prompt if you have UAC disabled, but 10 (and I think 8.x) doesn't. for the record, Python package management actions should always be done in a non-elevated prompt, but it's not important for people that are only installing it to do this. anyway the command i listed will work regardless.

--------------------- MERGED ---------------------------

Ive got this error:

"Traceback (most recent call last):
File "keys.py", line 25, in <module>
import lz4.block
File "C:\Python27\lib\site-packages\lz4\__init__.py", line 11, in <module>
from ._version import ( # noqa: F401
ImportError: DLL load failed: No se puede encontrar el m¾dulo especificado."

Whats happen? :/

according to another poster upthread this happens when you install python x64 instead of x32. uninstall 64-bit and reinstall 32-bit python.

--------------------- MERGED ---------------------------

here is my hactool folder and the error i get

you put everything in C:\Windows\system32\ instead of C:\Users\<username>\Desktop like the tutorial said. the problem is probably that file permissions are very strict in system folders. cut and paste \hactool\ to a user folder like \Desktop\ and try again and it should work.

 

[dragon_from_iso]

now im getting this. ive uninstalled python restarted and pip instal was successful

 

[shchmue]

now im getting this. ive uninstalled python restarted and pip instal was successful

so you have only the 32-bit version of python installed and on the PATH and it's still doing that? that's weird. for what it's worth, that build of Win10 is almost 2 years old. I doubt that causes a problem but I am surprised to see it still :o

 

[tomhanks69]

you ran an administrative command prompt. the cd command in the tutorial assumes a non-elevated prompt and uses a relative path.

That actually was not the issue in my case. I figured out what the issue was and everything works great!

 

[shchmue]

I mean that's definitely why your CD desktop/hactool command wasn't working, because the guide assumes you used a non elevated prompt where the current directory defaults to C:\Users\<username> making the relative command work. the workaround I posted would work either way. What I gave was a full, pedantic explanation of why it happened - if you got to the right folder the rest of the guide will work fine either way.

 

[Haki]

this only dumped Master keys 00 and 04 for me I fixed my problem by googling the 01 02 and 03 hactool was able to work for me. Thanks for the tut!

 

[tomhanks69]

I mean that's definitely why your CD desktop/hactool command wasn't working, because the guide assumes you used a non elevated prompt where the current directory defaults to C:\Users\<username> making the relative command work. the workaround I posted would work either way. What I gave was a full, pedantic explanation of why it happened - if you got to the right folder the rest of the guide will work fine either way.

I still exclusively use administrative command prompt, and it works flawless. my issue was in changing directory and then following up with the next text command. It works fantastic now, even though I ultimately ended up not needing it as it only provides a portion of the keys and i procured all 80 by other means

 

[shchmue]

I still exclusively use administrative command prompt, and it works flawless. my issue was in changing directory and then following up with the next text command. It works fantastic now, even though I ultimately ended up not needing it as it only provides a portion of the keys and i procured all 80 by other means

didn't say the problem was caused by using admin prompt, i said the exact directions in the tutorial didn't work because you were in admin prompt. and i already addressed that the issue was changing directory.

 

[Nemean]

I have created my keys.txt however i only have master key 00 and 03 am i doing something wrong? I have found the other keys and want to add them to the file is there a specific way to do this or do i just add 01, 02 and 04 at the end?

 

[tomhanks69]

didn't say the problem was caused by using admin prompt, i said the exact directions in the tutorial didn't work because you were in admin prompt. and i already addressed that the issue was changing directory.

1. Open Windows Search Bar and type "cmd" or "command prompt", right click and run as admin.
   
2. Type the following:
   pip install lz4
3. Once that finishes installing, Type the following:
   cd Desktop/hactool
4. You should now be in the "hactool" folder.
5. Once installed, type the following (Replace as it says):
   python keys.py ReplaceMeWithSBK ReplaceMeWithTSEC
6. It will now execute the key extractor. In simple terms, what it's doing is extracting Package1 from BOOT0 -> Extracting keys from Package1 -> Using those keys to get other keys.
7. It should say: "Now you can do hactool --keyset=keys.txt to use them!", if it does, and theres no warning messages, your good to go!

Are you SUUUUUUUUUUUUUURE it doesn't say to run as admin? and it had nothing to do with the fact that i WAS in admin prompt

 

[shchmue]

1. Open Windows Search Bar and type "cmd" or "command prompt", right click and run as admin.
   
2. Type the following:
   pip install lz4
3. Once that finishes installing, Type the following:
   cd Desktop/hactool
4. You should now be in the "hactool" folder.
5. Once installed, type the following (Replace as it says):
   python keys.py ReplaceMeWithSBK ReplaceMeWithTSEC
6. It will now execute the key extractor. In simple terms, what it's doing is extracting Package1 from BOOT0 -> Extracting keys from Package1 -> Using those keys to get other keys.
7. It should say: "Now you can do hactool --keyset=keys.txt to use them!", if it does, and theres no warning messages, your good to go!

Are you SUUUUUUUUUUUUUURE it doesn't say to run as admin? and it had nothing to do with the fact that i WAS in admin prompt

ah weird. that's in conflict with the assumption that the given CD command will take you to the right place.

 

[Retroarcade2003]

Hi... I am arrived at last point, with the command
hactool --keyset=keys.txt

But when i launch this command appear:
unable to open : Invalid argument

So... What?
Thanks in advance

 

[PECONAUT]

Anyone know what do to if cmd is giving me the following command
cd Desktop/hactool "is not recognized as an internal or external command, operable program or batch file"

I uninstall pythin 2 and install it. Change the path name manually. restarted and still getting the error
It keeps giving me that error even when I try to enter any folder

 

[Blasty12234]

When you have to type "cd Desktop/hactool" I keeps saying the system cannot find the path location.

 

[SirNapkin1334]

as in with or without quotes? I tried both but to no avail

In the command, did you type in the keys correctly? Did you actually type them in, or did you put <TSEC> and <SBKSecureBootKey> as the actual keys? It’s a misconception people are having.

 

[Retroarcade2003]

Hi... I am arrived at last point, with the command
hactool --keyset=keys.txt

But when i launch this command appear:
unable to open : Invalid argument

So... What?
Thanks in advance

Anyone? Please...

 

[Blasty12234]

Anyone? Please...

Did you replace your SBK and your TSEC?
At the end of the of the of Keys.py, I added the .txt

(Keys.py.txt)

 

[Retroarcade2003]

Did you replace your SBK and your TSEC?
At the end of the of the of Keys.py, I added the .txt

(Keys.py.txt)

Yes, i extracted the keys. The prompt said
Now you can do hactool --keyset=keys.txt to use them!

So i used this command but says invalid argument. I tried also to decrypt an nca but says "invalid NCA header! Are your keys correct?" or something like that. So i have to solve this invalid argument

 

[WiiHomebrew+Snes]

In the command, did you type in the keys correctly? Did you actually type them in, or did you put <TSEC> and <SBKSecureBootKey> as the actual keys? It’s a misconception people are having.

yes, I typed the actual keys in.

 

[SirNapkin1334]

yes, I typed the actual keys in.

Then I am at a loss. Perhaps you typed them in incorrectly? I don’t know from here.