Toggle sidebar

Front-page Hacking RELEASE  Updated

Lockpick_RCM payload - Official Thread


Description
Lockpick_RCM is a bare metal Nintendo Switch payload that derives encryption keys for use in Switch file handling software like hactool, hactoolnet/LibHac, ChoiDujour, etc. without booting Horizon OS.

Source: https://github.com/shchmue/Lockpick_RCM
Payload: https://github.com/shchmue/Lockpick_RCM/releases

Due to changes imposed by firmware 7.0.0, Lockpick homebrew can no longer derive the latest keys. In the boot-time environment however, there are fewer limitations. That means the new keys are finally easy to dump!

Usage
  • Launch Lockpick_RCM.bin using your favorite payload injector or chainload from Hekate by placing it in /bootloader/payloads
  • Upon completion, keys will be saved to /switch/prod.keys on SD
  • If the console has Firmware 7.x, the /sept/ folder from Atmosphère or Kosmos release zip containing both sept-primary.bin and sept-secondary.enc must be present on SD or else only keyblob master key derivation is possible (ie. up to master_key_05 only)
Big thanks to CTCaer
For Hekate and all the advice while developing this!

Known Issues
  • Chainloading from SX will hang immediately due to quirks in their hwinit code, please launch payload directly
 

Attachments

  • AB1248EA-8BB9-448B-83F5-FF68C2579FB1.jpeg
    AB1248EA-8BB9-448B-83F5-FF68C2579FB1.jpeg
    11.2 KB · Views: 0
Last edited by shchmue,
  • Like
Reactions: FanNintendo, Deleted member 753700, DefenderOfHyrule and 77 others
Click to expand...
impeeza said:
Are you using latest goldleaf? There is a new version supporting firmware 20. Also you can use NXDumpTool to dump installed apps
Click to expand...
Yes. I'm using Version 1.1.0. The screenshot shown in my post shows that the Key Generation is 9 despite this being the latest version. I want to use GoldLeaf to installed the dumped games in my emuMMC, so that I can do moddings while avoiding getting ban when I'm doing online in my sysMMC.
 
BooshinatorAbdou said:
Yes. I'm using Version 1.1.0. The screenshot shown in my post shows that the Key Generation is 9 despite this being the latest version. I want to use GoldLeaf to installed the dumped games in my emuMMC, so that I can do moddings while avoiding getting ban when I'm doing online in my sysMMC.
Click to expand...
May be open a issue in the goldleaf github and ir on the goldleaf's thread here
 
  • Like
Reactions: Blythe93
impeeza said:
May be open a issue in the goldleaf github and ir on the goldleaf's thread here
Click to expand...
I can try but the creator himself told me in their discord server, that GoldLeaf is working perfectly fine on their end in which they have Key Generation 20. Is my prod.keys file valid?
 
BooshinatorAbdou said:
I can try but the creator himself told me in their discord server, that GoldLeaf is working perfectly fine on their end in which they have Key Generation 20. Is my prod.keys file valid?
Click to expand...
The one you attached send valid. Look for duplicated key files on your card
 
  • Like
Reactions: Blythe93
Bad news the Prod.Keys file on SDMC:/switch folder is not used by Goldleaf, on my setup I did removed the file and started GoldLeaf:

1747508077928.png
Firmware information is ok
And was able to dump, firmware, two installed titles and verify another one.

So may be a problem with GoldLeaf and FW 20, I will not upgrade yet.
 
  • Like
Reactions: Tyvar1, Blythe93, BooshinatorAbdou and 1 other person
impeeza said:
Bad news the Prod.Keys file on SDMC:/switch folder is not used by Goldleaf, on my setup I did removed the file and started GoldLeaf:

View attachment 505283Firmware information is ok
And was able to dump, firmware, two installed titles and verify another one.

So may be a problem with GoldLeaf and FW 20, I will not upgrade yet.
Click to expand...
Is there a way to prove that Prod.keys is not being used by GoldLeaf? I would like to show the evidence to the creator if I can.
 
  • Like
Reactions: Blythe93
BooshinatorAbdou said:
Is there a way to prove that Prod.keys is not being used by GoldLeaf? I would like to show the evidence to the creator if I can.
Click to expand...
What exactly do you think you're trying to prove? You think the CREATOR doesn't understand how it works? How about this... did you read the readme in the github repo? Does it say ANYTHING about prod.keys? No. No it does not. Key generation comes from your firmware. Only thing goldleaf needs, if you don't have legit tickets for a given game on a specific console, would be sigpatches.

With that said... on my OLED on 20.0.1... I get Key Generation: 177.

goldleaf.jpg


And for those wondering, I've deleted everything in the Goldleaf folder, so only the new .nro remains, and I also renamed the atmosphere/contents folder, to block any and all sysmodules from loading (including syspatch), followed by a reboot. There is indeed a weird bug here. Dunno what it does for functionality... as I don't install things with this program.

EDIT: Key generation 20 on erista. So it's a Mariko issue...
 
Last edited by urherenow,
  • Love
Reactions: impeeza
urherenow said:
With that said... on my OLED on 20.0.1... I get Key Generation: 177.
Click to expand...
:blink:
urherenow said:
What exactly do you think you're trying to prove? You think the CREATOR doesn't understand how it works? How about this... did you read the readme in the github repo? Does it say ANYTHING about prod.keys? No. No it does not. Key generation comes from your firmware. Only thing goldleaf needs, if you don't have legit tickets for a given game on a specific console, would be sigpatches.

With that said... on my OLED on 20.0.1... I get Key Generation: 177.

View attachment 505381

And for those wondering, I've deleted everything in the Goldleaf folder, so only the new .nro remains, and I also renamed the atmosphere/contents folder, to block any and all sysmodules from loading (including syspatch), followed by a reboot. There is indeed a weird bug here. Dunno what it does for functionality... as I don't install things with this program.
Click to expand...
I really do recommend Sphaira https://gbatemp.net/threads/sphaira-hbmenu-replacement.664523/ a HBmenu replacement with lot of interesting functions.
 
urherenow said:
What exactly do you think you're trying to prove? You think the CREATOR doesn't understand how it works? How about this... did you read the readme in the github repo? Does it say ANYTHING about prod.keys? No. No it does not. Key generation comes from your firmware. Only thing goldleaf needs, if you don't have legit tickets for a given game on a specific console, would be sigpatches.

With that said... on my OLED on 20.0.1... I get Key Generation: 177.

View attachment 505381

And for those wondering, I've deleted everything in the Goldleaf folder, so only the new .nro remains, and I also renamed the atmosphere/contents folder, to block any and all sysmodules from loading (including syspatch), followed by a reboot. There is indeed a weird bug here. Dunno what it does for functionality... as I don't install things with this program.

EDIT: Key generation 20 on erista. So it's a Mariko issue...
Click to expand...
I apologize if my tone made it sound like I was mocking the creator in anyway. It was not my intention and I was just frustrated at my lack of understanding on the source of my issues. I tried out your suggestion and deleted my keys/sigpatches to see if it makes a difference, but no difference. I'm confused about your comment on how key generation is only based on firmware because my screenshot shown below is proof against that claim. I'm clearly at Version 20.0.1 according to GoldLeaf and yet my Key Generation is still 9. That's why I'm so confused, and the moment someone mention it being a bug in GoldLeaf, I wanted to see proof.
1747569066289.jpeg
 
BooshinatorAbdou said:
I have difficulties using the platform when I first use it a few months ago due to the language barrier. Plus, I feel the GoldLeaf is more safer in terms of avoiding bans, since I do want to play online on my switch.
Click to expand...

DBI has an English version but is outdated (DBI 658).

Also I think Sphaira now allows to install games.
 
  • Like
Reactions: NotUsingAnAltAccount
BooshinatorAbdou said:
I apologize if my tone made it sound like I was mocking the creator in anyway. It was not my intention and I was just frustrated at my lack of understanding on the source of my issues. I tried out your suggestion and deleted my keys/sigpatches to see if it makes a difference, but no difference. I'm confused about your comment on how key generation is only based on firmware because my screenshot shown below is proof against that claim. I'm clearly at Version 20.0.1 according to GoldLeaf and yet my Key Generation is still 9. That's why I'm so confused, and the moment someone mention it being a bug in GoldLeaf, I wanted to see proof. View attachment 505408
Click to expand...
xortroll has a discord server. I've pointed out that there is a bug with the keygen for OLED consoles. My Erista shows 20, like it's supposed to. My OLED showed 177. A test build he made on the discord, showed keygen 100. He's working on it... But you seem to be the only person with this keygen 9 problem.

My entire point to you, is that this has nothing at all to do with your prod.keys. Whether you have them or not, and whether they are correct or not, makes ZERO difference for this issue you're having.
 
  • Love
  • Like
Reactions: Blythe93 and impeeza

Site & Scene News

Go to forum More news

Popular threads in this forum

Dusk for switch (TLoZ Twilight Princess port)

Homebrew  New Homebrew "Foil Server"?

Homebrew  Full List of N64 Recompilation Switch ports

Hacking  WiFi chip failing and can't boot. is it possible to enable Airplane Mode by editing system save files directly?

Homebrew Tutorial Translation Project  CS2SX — Write Nintendo Switch Homebrew in C#

Is it fixable

Homebrew  Sonic Unleashed Recompiled (Homebrew Port)

Hacking Emulation  Switch Prod Keys downloading from sites okay?