This thread is deprecated
For a faster, easier and more up-to-date way of getting keys use Lockpick_RCM by shchmue
If you still want to follow this tutorial and end up with less keys, continue reading the Thread.

WARNING

• DO NOT GIVE OUT ANY OF YOUR KEYS TO ANYONE! I CANNOT STRESS THAT ENOUGH!
• DO NOT SHARE YOUR KEYS BETWEEN MULTIPLE SWITCHES THAT YOU DO/DON'T OWN! SOME ARE CONSOLE-UNIQUE
• DO NOT ASK ME FOR KEYS

LEGEND

• SBK
  SecureBootKey
• TSEC
  Tegra Security Co-processor Key
• eMMC
  Embedded MultiMediaCard (Switch's Onboard Storage)

GOAL
End up with 83+ keys including SBK and TSEC keys. Get Master Key's 0-5. (Master Keys 6 onwards is not done in this tutorial)
Reminder, if you want more up-to-date and much more convenient way to get your Switch's Keys, use Lockpick by shchmue (available in nx-appstore/homebrew store)

Tutorial — (Outdated for Switch's on firmware 6.x or newer)

#1 - Dumping System Keys (Biskeydump)#2 - Dumping Required Files#3 - Hactool Preparation#4 - Dumping KeysFinal WordsTroubleshooting

1. 
   We need to get your Secure Boot Key (SBK) and Tegra Security Co-processor Key (TSEC) before we can get the main keys.
   These are 100% console unique.
   
   
   1. Download and extract biskeydump.bin from biskeydumpvx.zip
      - Follow this tutorial but instead of using CTCaer's Hekate Mod .bin file, use the biskeydump.bin file
      - If the QR Code is Blue, Scan the QR Code with your Phone, Laptop e.t.c
      - If you cant find a device you can scan with, type them out into your PC/Laptop (Its highly recommended to scan the QR Code, as a lot of characters can look like another, O0, Il, rn can look like m, e.t.c)
   2. Once you have the biskeydump of your System, store all the keys you received somewhere safe, I recommend a secure cloud storage aswell as a USB Stick, perhaps even print it.
      - Don't give this to ANYONE, Seriously.
   
   If you get any errors please go to the Troubleshooting Tab.
   
2. 
   
   1. Follow this tutorial AGAIN but this time use CTCaer's Hekate Mod.
      - "Tools" -> "Backup..." -> "Backup eMMC BOOT0/1"
      - "Tools" -> "Backup..." -> "Backup eMMC SYS"
      - Back all the way to the first menu, and choose "Power off"
   2. Take the microSD Card out of your Switch and into your PC.
   3. Copy both "BOOT0" and "BCPKG2-1-Normal-Main" from "sd:/backup/xxxxxx/" (xxxxxx is different for everyone) to "hactool" on your Desktop (create the "hactool" folder)
      - Rename them with .bin at the end, "BOOT0.bin", "BCPKG2-1-Normal-Main.bin"
3. 
   
   1. Download and install Python 2.7.x - NOT Python 3.x.x
      When installing, it will ask you what features you want installed, scroll to the bottom and make sure "Add Python to Path" has "Entire Feature Installed to HDD" option chose (No Red X Icon), otherwise the scripts wont find Python and WILL fail
   2. Download and extract hactool TO THE DESKTOP AND NAME THE FOLDER "hactool"
      On Linux/MacOS: clone and build hactool manually
   3. Right-click this (script originally by tesnos6921, patched by shadowninja108, jakibaki and shchmue)
      - Click "Save link as" / "save as"
      - Set "Save as type" to "All Files"
      - Name it "keys.py"
      And finally save it to the hactool folder you placed in the Desktop.
      NOTICE TO GBATEMP STAFF: The "keys" inside this file, are NOT keys, they are SHA digest hashes used to search through files to find text that matches, which would be the keys.
4. 
   
   1. Press WIN(Btn)+R to open "Run", type "cmd" and press Ctrl+Shift then Enter to open Command Prompt as an Administrator
   2. Type (in order) or Copy the following and paste into Command Prompt (Some Windows Versions use Right Click to Paste, some use CTRL+C)
      python -m pip install --upgrade pip
      pip install lz4
      cd Desktop/hactool
      python keys.py SBK_Here_From_Biskeydump TSEC_Here_From_Biskeydump
   3. It should say: "Now you can do hactool --keyset=keys.txt to use them!", if it does, and there's no warning messages, you're good to go!
   If you get any errors please go to the Troubleshooting Tab.
   
5. 
   You now have a keys.txt file with your console-specific keys inside.
   Rename as needed by any software that requires a different name or file extension, it doesn't matter.
   Though I highly recommend renaming it to prod.keys as this filename for Key file's is becoming a popular choice with other software
   There may be more keys, as the Switch's lifecycle goes on, more and more keys will be needed as the firmwares grow and grow.
   
   • The Hactool warning:

     [WARN] prod.keys does not exist.

     can be safely ignored.
     - if you want to place your "keys.txt" file their, put "keys.txt" on your Desktop and run the following with Administrator Command Prompt (Step #4.1 for instructions):
     

     mkdir -p %USERPROFILE%\.switch
     move "%USERPROFILE%\Desktop\keys.txt" "%USERPROFILE%\.switch\prod.keys"

6. 
   #1 ISSUES:
   

   • Red QR Code Outline

     - The reasons this can occur is quite a rarity, all I can say is to keep rebooting and trying again.
     - If there's a new version of biskeydump out, try using the newer biskeydump.bin

   • QR Code not being scanned by your Reader

     - Align your QR Code Readers alignment overlay with the Blue Square's Corners/Edges, NOT the QR Code's Corners/Edges.
     - Clean your camera lens
     - Be in a bright room
   
   #4 ISSUES:
   

   • File "keys.py", line ...
     print message
     ^
     SyntaxError: Missing parentheses in call to 'print'. Did you mean print(message)?

     - You didn't place SBK and TSEC in the 4th line of the Command in Step #4.2
     - You installed Python 3.x.x when you must use 2.7.x, uninstall python, logout of windows (important it removes python from PATH) and follow Step #3.2 then move back to #4.1

   • import lz4.block
     File "C:\Python27\lib\site-packages\lz4\__init__.py", line 17, in <module>
     from ._version import ( # noqa: F401
     ImportError: DLL load failed: The specified module could not be found.

     - The 2nd line of the Command in Step #4.2 failed without you noticing. Try running the 1st line to upgrade pip and if that goes successfully run the 2nd line to install lz4 and see if it successfully installs.

 

[RazorX2014]

thanks, now i remember i've only backed up boot0 and 1.
doing all of them now including the NAND, this gonna take sometime, thanks again.

well be back if there new question.

dumping SYS doesn't take to long, i think it's just 2.6gb

 

[Roger66681]

I'm having problems with step 4...I've installed python 2.7.9 with pip, and installed lz4. Using cmd I was able to get into the hactool folder only after I had moved it to the C drive on my PC, and once I had access to the folder, I would use "python keys.py" with my correct sbk and tsec numbers and I get "no such file or directory" I have followed each step correctly up to this point, with moving files and such. The files are all named exactly how you have them as well...would love the help!!

 

[RazorX2014]

I'm having problems with step 4...I've installed python 2.7.9 with pip, and installed lz4. Using cmd I was able to get into the hactool folder only after I had moved it to the C drive on my PC, and once I had access to the folder, I would use "python keys.py" with my correct sbk and tsec numbers and I get "no such file or directory" I have followed each step correctly up to this point, with moving files and such. The files are all named exactly how you have them as well...would love the help!!

hold shift and right click the folder with your files in which should be atleast:
hactool.exe
keys.py
BOOT0.bin
BCPKG2-1-Normal-Main.bin
libmbedcrypto.dll (i think you need this too)
libmbedtls.dll(i think you need this too)
libmbedx509.dll(i think you need this too)

and it should give you an option to launch command prompt, click it and enter python keys.py xxxxxxxxxxxxxx xxxxxxxxxxxxxxxx (where the x's are you enter your SBK and TSEC keys) and hit enter and see what it says

 

[aos10]

i am having error in step 4

Once installed, type the following (Replace as it says):
python keys.py ReplaceMeWithSBK ReplaceMeWithTSEC

and yes, i've installed python 2.7.1

 

[RazorX2014]

i am having error in step 4

Once installed, type the following (Replace as it says):
python keys.py ReplaceMeWithSBK ReplaceMeWithTSEC

and yes, i've installed python 2.7.1

you don't actually type ReplaceMeWithSBK ReplaceMeWithTSEC that is where you actually type in your switches SBK and TSEC keys

 

[aos10]

you don't actually type ReplaceMeWithSBK ReplaceMeWithTSEC that is where you actually type in your switches SBK and TSEC keys

wow, i mean
WOW

i feel very embarrassed right now

 

[RazorX2014]

wow, i mean
WOW

i feel very embarrassed right now

you should be ashamed of yourself XD

 

[aos10]

you should be ashamed of yourself XD

i know, i deserve it because i forgot to do the first step.

 

[Roger66681]

hold shift and right click the folder with your files in which should be atleast:
hactool.exe
keys.py
BOOT0.bin
BCPKG2-1-Normal-Main.bin
libmbedcrypto.dll (i think you need this too)
libmbedtls.dll(i think you need this too)
libmbedx509.dll(i think you need this too)

and it should give you an option to launch command prompt, click it and enter python keys.py xxxxxxxxxxxxxx xxxxxxxxxxxxxxxx (where the x's are you enter your SBK and TSEC keys) and hit enter and see what it says

Thanks for the feedback, and where would I find those libmbedxxx.dll files?

 

[RazorX2014]

Thanks for the feedback, and where would I find those libmbedxxx.dll files?

use the latest hactool here: https://github.com/SciresM/hactool/releases/download/1.1.0/hactool-1.1.0.win.zip

 

[Roger66681]

use the latest hactool here: https://github.com/SciresM/hactool/releases/download/1.1.0/hactool-1.1.0.win.zip

Yeah I'm still getting "C:\Python27\python.exe: can't open file 'keys.py': [Errno 2] No such file or directory" Oh and I don't get cmd when I right click, I get powershell, which works the same I believe...

 

[RazorX2014]

Yeah I'm still getting "C:\Python27\python.exe: can't open file 'keys.py': [Errno 2] No such file or directory" Oh and I don't get cmd when I right click, I get powershell, which works the same I believe...

right click on the folder with the keys.py in it and create a shortcut and for the shortcut type in cmd and hit next so it creates a command prompt shortcut then right click it and goto properties and check the directory from system32 to the folder that the keys.py is in and then launch it and try doing python keys.py xxxxxxxx xxxxxxxx again

 

[Roger66681]

right click on the folder with the keys.py in it and create a shortcut and for the shortcut type in cmd and hit next so it creates a command prompt shortcut then right click it and goto properties and check the directory from system32 to the folder that the keys.py is in and then launch it and try doing python keys.py xxxxxxxx xxxxxxxx again

Still same thing and I double checked my Path and everything seems fine...the file is there, so something has to be wrong with python's file system...Should I just reinstall everything?

 

[RazorX2014]

Still same thing and I double checked my Path and everything seems fine...the file is there, so something has to be wrong with python's file system...Should I just reinstall everything?

be sure you have extensions shown on your computer so it's not actually named something like keys.py.txt also i think keys.py requires you to be using python27 so be sure you have that.
you can also try going into C:\Users\USERNAME\.switch and deleting the prod.keys if it's in there and then run the command again.


here use this keys.py:

--------------------- MERGED ---------------------------

be sure you have your BOOT0.bin and BCPKG2-1-Normal-Main.bin in that folder too

 

[Roger66681]

be sure you have extensions shown on your computer so it's not actually named something like keys.py.txt also i think keys.py requires you to be using python27 so be sure you have that.
you can also try going into C:\Users\USERNAME\.switch and deleting the prod.keys if it's in there and then run the command again.


here use this keys.py:

--------------------- MERGED ---------------------------

be sure you have your BOOT0.bin and BCPKG2-1-Normal-Main.bin in that folder too

I'd like to thank you for the help you've been giving me, but still getting problems. This time using the new keys file you gave me I don't get the directory error anymore, now I'm getting"
Traceback (most recent call last):
File "keys.py", line 25, in <module>
import lz4.block
File "C:\Python27\lib\site-packages\lz4\__init__.py", line 11, in <module>
from ._version import ( # noqa: F401
ImportError: DLL load failed: The specified module could not be found."

 

[RazorX2014]

I'd like to thank you for the help you've been giving me, but still getting problems. This time using the new keys file you gave me I don't get the directory error anymore, now I'm getting"
Traceback (most recent call last):
File "keys.py", line 25, in <module>
import lz4.block
File "C:\Python27\lib\site-packages\lz4\__init__.py", line 11, in <module>
from ._version import ( # noqa: F401
ImportError: DLL load failed: The specified module could not be found."

load up command prompt and type in:
pip install lz4

that will sort it

 

[Seelbreaker]

You need to be more specific about errors you get.

I still get invalid syntax when i call the keys.py

C:\Users\Seelbreaker\Desktop>python C:\Users\Seelbreaker\Desktop\hactool\keys.py
File "C:\Users\Seelbreaker\Desktop\hactool\keys.py", line 29
def kip1_blz_decompress(compressed)
^
SyntaxError: invalid syntax

It is still the Syntax error which i don't understand, since environment variables for python are showing to my python 2.7 Install on C:\Python

therefore i can start Python trough cmd from anywhere and also do pip install lz4 which gives me the following:

Spoiler

C:\Users\Seelbreaker>pip install lz4
Requirement already satisfied: lz4 in c:\python\lib\site-packages (2.0.2)
Requirement already satisfied: future in c:\python\lib\site-packages (from lz4) (0.16.0)

The Script also has it's problem with line 29 - lz4 is imported at line 25.


but something what i wonder, why is "compressed" not stated in the keys.py which is called at line 29?











:Edit- it worked with the script from Razor 2 posts above me!! Finaly!!!!

Using BOOT0.bin to get keys from package1...
Deriving keys...
Decrypting package1...
Using Secure_Monitor.bin to get keys to decrypt package2...
Decrypting package2...
Decompressing spl.kip1 and FS.kip1...
Getting keys from spl...
Getting keys from FS...
Doing final key derivation...
If there were no warnings, we found all the keys!



Oh god... finally

 

[RazorX2014]

I still get invalid syntax when i call the keys.py

C:\Users\Seelbreaker\Desktop>python C:\Users\Seelbreaker\Desktop\hactool\keys.py
File "C:\Users\Seelbreaker\Desktop\hactool\keys.py", line 29
def kip1_blz_decompress(compressed)
^
SyntaxError: invalid syntax

It is still the Syntax error which i don't understand, since environment variables for python are showing to my python 2.7 Install on C:\Python

therefore i can start Python trough cmd from anywhere and also do pip install lz4 which gives me the following:

Spoiler

C:\Users\Seelbreaker>pip install lz4
Requirement already satisfied: lz4 in c:\python\lib\site-packages (2.0.2)
Requirement already satisfied: future in c:\python\lib\site-packages (from lz4) (0.16.0)

The Script also has it's problem with line 29 - lz4 is imported at line 25.


but something what i wonder, why is "compressed" not stated in the keys.py which is called at line 29?

no idea what your issue is to be honest, i didn't have any issues

 

[Seelbreaker]

no idea what your issue is to be honest, i didn't have any issues

funfact your script from Post:
https://gbatemp.net/threads/how-to-...ol-xci-decrypting.506978/page-17#post-8138762

worked like a charm - i don't even now why but it worked now i can get the update-file from kirby to get my switch unofficially to 4.0 ^^

 

[RazorX2014]

funfact your script from Post:
https://gbatemp.net/threads/how-to-...ol-xci-decrypting.506978/page-17#post-8138762

worked like a charm - i don't even now why but it worked now i can get the update-file from kirby to get my switch unofficially to 4.0 ^^

glad i could help