This thread is deprecated
For a faster, easier and more up-to-date way of getting keys use Lockpick_RCM by shchmue
If you still want to follow this tutorial and end up with less keys, continue reading the Thread.

WARNING

• DO NOT GIVE OUT ANY OF YOUR KEYS TO ANYONE! I CANNOT STRESS THAT ENOUGH!
• DO NOT SHARE YOUR KEYS BETWEEN MULTIPLE SWITCHES THAT YOU DO/DON'T OWN! SOME ARE CONSOLE-UNIQUE
• DO NOT ASK ME FOR KEYS

LEGEND

• SBK
  SecureBootKey
• TSEC
  Tegra Security Co-processor Key
• eMMC
  Embedded MultiMediaCard (Switch's Onboard Storage)

GOAL
End up with 83+ keys including SBK and TSEC keys. Get Master Key's 0-5. (Master Keys 6 onwards is not done in this tutorial)
Reminder, if you want more up-to-date and much more convenient way to get your Switch's Keys, use Lockpick by shchmue (available in nx-appstore/homebrew store)

Tutorial — (Outdated for Switch's on firmware 6.x or newer)

#1 - Dumping System Keys (Biskeydump)#2 - Dumping Required Files#3 - Hactool Preparation#4 - Dumping KeysFinal WordsTroubleshooting

1. 
   We need to get your Secure Boot Key (SBK) and Tegra Security Co-processor Key (TSEC) before we can get the main keys.
   These are 100% console unique.
   
   
   1. Download and extract biskeydump.bin from biskeydumpvx.zip
      - Follow this tutorial but instead of using CTCaer's Hekate Mod .bin file, use the biskeydump.bin file
      - If the QR Code is Blue, Scan the QR Code with your Phone, Laptop e.t.c
      - If you cant find a device you can scan with, type them out into your PC/Laptop (Its highly recommended to scan the QR Code, as a lot of characters can look like another, O0, Il, rn can look like m, e.t.c)
   2. Once you have the biskeydump of your System, store all the keys you received somewhere safe, I recommend a secure cloud storage aswell as a USB Stick, perhaps even print it.
      - Don't give this to ANYONE, Seriously.
   
   If you get any errors please go to the Troubleshooting Tab.
   
2. 
   
   1. Follow this tutorial AGAIN but this time use CTCaer's Hekate Mod.
      - "Tools" -> "Backup..." -> "Backup eMMC BOOT0/1"
      - "Tools" -> "Backup..." -> "Backup eMMC SYS"
      - Back all the way to the first menu, and choose "Power off"
   2. Take the microSD Card out of your Switch and into your PC.
   3. Copy both "BOOT0" and "BCPKG2-1-Normal-Main" from "sd:/backup/xxxxxx/" (xxxxxx is different for everyone) to "hactool" on your Desktop (create the "hactool" folder)
      - Rename them with .bin at the end, "BOOT0.bin", "BCPKG2-1-Normal-Main.bin"
3. 
   
   1. Download and install Python 2.7.x - NOT Python 3.x.x
      When installing, it will ask you what features you want installed, scroll to the bottom and make sure "Add Python to Path" has "Entire Feature Installed to HDD" option chose (No Red X Icon), otherwise the scripts wont find Python and WILL fail
   2. Download and extract hactool TO THE DESKTOP AND NAME THE FOLDER "hactool"
      On Linux/MacOS: clone and build hactool manually
   3. Right-click this (script originally by tesnos6921, patched by shadowninja108, jakibaki and shchmue)
      - Click "Save link as" / "save as"
      - Set "Save as type" to "All Files"
      - Name it "keys.py"
      And finally save it to the hactool folder you placed in the Desktop.
      NOTICE TO GBATEMP STAFF: The "keys" inside this file, are NOT keys, they are SHA digest hashes used to search through files to find text that matches, which would be the keys.
4. 
   
   1. Press WIN(Btn)+R to open "Run", type "cmd" and press Ctrl+Shift then Enter to open Command Prompt as an Administrator
   2. Type (in order) or Copy the following and paste into Command Prompt (Some Windows Versions use Right Click to Paste, some use CTRL+C)
      python -m pip install --upgrade pip
      pip install lz4
      cd Desktop/hactool
      python keys.py SBK_Here_From_Biskeydump TSEC_Here_From_Biskeydump
   3. It should say: "Now you can do hactool --keyset=keys.txt to use them!", if it does, and there's no warning messages, you're good to go!
   If you get any errors please go to the Troubleshooting Tab.
   
5. 
   You now have a keys.txt file with your console-specific keys inside.
   Rename as needed by any software that requires a different name or file extension, it doesn't matter.
   Though I highly recommend renaming it to prod.keys as this filename for Key file's is becoming a popular choice with other software
   There may be more keys, as the Switch's lifecycle goes on, more and more keys will be needed as the firmwares grow and grow.
   
   • The Hactool warning:

     [WARN] prod.keys does not exist.

     can be safely ignored.
     - if you want to place your "keys.txt" file their, put "keys.txt" on your Desktop and run the following with Administrator Command Prompt (Step #4.1 for instructions):
     

     mkdir -p %USERPROFILE%\.switch
     move "%USERPROFILE%\Desktop\keys.txt" "%USERPROFILE%\.switch\prod.keys"

6. 
   #1 ISSUES:
   

   • Red QR Code Outline

     - The reasons this can occur is quite a rarity, all I can say is to keep rebooting and trying again.
     - If there's a new version of biskeydump out, try using the newer biskeydump.bin

   • QR Code not being scanned by your Reader

     - Align your QR Code Readers alignment overlay with the Blue Square's Corners/Edges, NOT the QR Code's Corners/Edges.
     - Clean your camera lens
     - Be in a bright room
   
   #4 ISSUES:
   

   • File "keys.py", line ...
     print message
     ^
     SyntaxError: Missing parentheses in call to 'print'. Did you mean print(message)?

     - You didn't place SBK and TSEC in the 4th line of the Command in Step #4.2
     - You installed Python 3.x.x when you must use 2.7.x, uninstall python, logout of windows (important it removes python from PATH) and follow Step #3.2 then move back to #4.1

   • import lz4.block
     File "C:\Python27\lib\site-packages\lz4\__init__.py", line 17, in <module>
     from ._version import ( # noqa: F401
     ImportError: DLL load failed: The specified module could not be found.

     - The 2nd line of the Command in Step #4.2 failed without you noticing. Try running the 1st line to upgrade pip and if that goes successfully run the 2nd line to install lz4 and see if it successfully installs.

 

[lacrima08]

Hi all,

I got successfully 40 keys with the python script file but when I attempt to extract a XCI file, I got this error : "Invalid NCA header! Are keys correct?"

I added manually master_key_01 / master_key_02 / master_key_03 because they wren't in the prods.keys generated file

What's wrong ?

PS : BOOT0 and BCPKG2-1-Normal-Main are from a 5.1.0 backup and no errors or warning when using python script :

Using BOOT0.bin to get keys from package1...
Deriving keys...
Decrypting package1...
Using Secure_Monitor.bin to get keys to decrypt package2...
Decrypting package2...
Decompressing spl.kip1 and FS.kip1...
Getting keys from spl...
Getting keys from FS...
Doing final key derivation...
If there were no warnings, we found all the keys!

 

[MarzDaindigo]

'python' is not recognized as an internal or external command.........

my setup:
python is in C:\

hactools on desktop

BOOT0 BCPKG2 and keys.py in hactools

Regular CMD: c\users\...\desktop\hactool>python keys.py (SBK characters) (TSEC characters)

*Hits Enter*

'python' not recognized.....

can someone help, ive done the cd into hactools with normal and admin cmd

 

[Bigjokker]

Hi all,

I got successfully 40 keys with the python script file but when I attempt to extract a XCI file, I got this error : "Invalid NCA header! Are keys correct?"

What's wrong ?

hactool.exe -k keys.py -t xci -x *whatever-file.XCI

Don't forget to tell it what type of file

 

[Canna]

IF YOUR LIKE ME AND GOT THIS ERROR BY THINKING U CAN USE HACTOOL 1044 THE GUI .EXE THEN THINK AGAIN
ONCE I DOWNLOAD hactool -1.1.0
and placed them files in the hactool folder along side the hactool gui .exe
i run the script and it all worked

so if you get similar error below try this step above

C:\Windows\system32>cd C:\Users\mini\Desktop\Hactool

C:\Users\mini\Desktop\Hactool>python keys.py Keys my keys here removed for privacy

Using BOOT0.bin to get keys from package1...
Deriving keys...
Traceback (most recent call last):
File "keys.py", line 374, in <module>
stage0_results = subprocess.check_output([HACTOOL_PATH, "--keyset=keys.txt",
"--intype=keygen", "BOOT0.bin"])
File "C:\Python27\lib\subprocess.py", line 216, in check_output
process = Popen(stdout=PIPE, *popenargs, **kwargs)
File "C:\Python27\lib\subprocess.py", line 394, in __init__
errread, errwrite)
File "C:\Python27\lib\subprocess.py", line 644, in _execute_child
startupinfo)
WindowsError: [Error 2] The system cannot find the file specified




My key.txt file last entry was keyblob_mac_key_source =My key hidden

 

[lacrima08]

hactool.exe -k keys.py -t xci -x *whatever-file.XCI

Don't forget to tell it what type of file

This time, I get : Error: "Invalid XCI partition!" (with keys.dat and not keys.py) CRC/SHA of XCI files matches with online database

Edit : seems to be on a 4.1.0 Game

 

[AnagraM]

Hi,
I follow the tutorial, it gives me no error, and the key file is generated, though it's uncomplete. I only have 27 keys generated.
I'm on 2.3.
Any insight ?

 

[feidhlim1986]

'python' is not recognized as an internal or external command.........

my setup:
python is in C:\

hactools on desktop

BOOT0 BCPKG2 and keys.py in hactools

Regular CMD: c\users\...\desktop\hactool>python keys.py (SBK characters) (TSEC characters)

*Hits Enter*

'python' not recognized.....

can someone help, ive done the cd into hactools with normal and admin cmd

Python looks to not be in your Windows PATH variables.

Provide the full path to python.exe rather than just typing “python”

Eg
>”C:\somedirectory\python.exe keys.py

 

[Jax_Ripper]

Okay, so I figured out why it was not working. If you look at the python script, the path to the hactool is set like this:

HACTOOL_PATH = "hactool"

You need to set it to this

HACTOOL_PATH = "./hactool"

Once you fix that, the python script works great!

Edit: Don't forget to compile the hactool source code and put the newly created binary file next to keys.py.

How exactly do you make that change??
Thanks in Advance, Jax.

EDIT: I keep getting an error when I type in "cd Desktop/hactool", can't find path specified!
Is there a fix for this??

 

[CuriousTommy]

How exactly do you make that change??
Thanks in Advance, Jax.

When you download the python script, use your favorite text editor (I used sublime text) to search for HACTOOL_PATH and edit the stuff there.

EDIT: I keep getting an error when I type in "cd Desktop/hactool", can't find path specified!
Is there a fix for this??

The script expects the application to be next to it. Make sure you set it up like that.

 

[Kuin]

Hey there! Thanks for the tutorial, but I've a problem on the "python" part (I'm not very good in those things).

I did everything as said from step 1 to step 3, but at step 4 I've a problem... I get this when I try the "python keys.py ReplaceMeWithSBK ReplaceMeWithTSEC" command.

C:\Users\MYPCNAME\Desktop\hactool>python keys.py ReplaceMeWithSBK ReplaceMeWithTSEC
Using BOOT0.bin to get keys from package1...
Deriving keys...
Key (ReplaceMeWithTSEC) must be 32 hex digits!
Traceback (most recent call last):
File "keys.py", line 374, in <module>
stage0_results = subprocess.check_output([HACTOOL_PATH, "--keyset=keys.txt", "--intype=keygen", "BOOT0.bin"])
File "C:\Python27\lib\subprocess.py", line 223, in check_output
raise CalledProcessError(retcode, cmd, output=output)
subprocess.CalledProcessError: Command '['hactool', '--keyset=keys.txt', '--intype=keygen', 'BOOT0.bin']' returned non-zero exit status 1


What did I do wrong? Thanks, I'm stuck here.

 

[Kuin]

just raplace ReplaceMeWithSBK and ReplaceMeWithTSEC on yours keys on step one

OK it's exactly the problem I have that you quoted, but I don't understand your answer... What means "raplace XXX and XXX on yours keys on step one"?

OK got it... Damn I didn't understand that I should put the SBK and TSEC codes I had... I really thought I need to copy the whole line like that... I'm dumb.

 

[tomman321]

This happens every time I try to run keys.py

 

[Canna]

This guide is a little complicated for some, but there is a easier way to get all your keys , i believe also this method doesn't get them all

this is the easy way to get all your keys
Place this in your homebrew directory on your sd card and run it it will dump the keys to a text file on your sd

https://github.com/tesnos/kezplez-nx/releases

Instructions:

1. Launch hekate (ipl.bin attached), and dump your fuses (not kfuses!) and tsec_keys by going through the menus

• For fuses, Console Info -> Print fuse info -> Press power button
• For tsec_keys, Console Info -> Print TSEC keys -> Press power button

IF YOU ARE ON 1.0.0 - 2.3.0, ALSO DO THE FOLLOWING IN HEKATE:

• Tools -> Backup -> Backup eMMC BOOT0/1
• Tools -> Dump package1/2

1. Launch CFW so you can access homebrew
   
   
2. Put kezplez-nx.nro and kezplez-nx.nacp in "/switch/kezplez-nx" on your sd card.
   
   
3. Launch it, read the information presented, then press A to have the magic happen.
   

You'll find the keys on your sd card at "/keys.txt". Enjoy!

 

[Jax_Ripper]

Thank you>But I already got my keys.(I will use this in the future though, Thank You,Again!)

To answer my own question.....Yes!, you can type the keys to notepad, txt file or whatever you use (Not Advisable!!.
Use the program above, it will do the job without any mistakes.

Jax

 

[Sebi_Zocer]

Hey guys,

if you got the error down below, you need your TSEC key:
Download Hekate, inject payload, navigate to "Console Info" and select "Print TSEC key". Then you will see 3 keys, but you need the 1. key.

Have a nice day

 

[Canna]

Hey guys,

if you need your TSEC key:
Download Hekate, inject payload, navigate to "Console Info" and select "Print TSEC key". Then you will see 3 keys, but you need the 1. key.

Have a nice day

Erm dude we covered this in thread but thanks

 

[Sebi_Zocer]

Erm dude we covered this in thread but thanks

I wanted to use a img of an error and this should be the fix, but i cant upload images, so i posted it without img and want to edit it if i can use imgages.

 

[Canna]

I wanted to use a img of an error and this should be the fix, but i cant upload images, so i posted it without img and want to edit it if i can use imgages.

You can insert images via a link or click upload file

 

[Sebi_Zocer]

You can insert images via a link or click upload file

But i get this message:

The following error occurred:
Your content can not be submitted. This is likely because your content is spam-like or contains inappropriate elements. Please change your content or try again later. If you still have problems, please contact an administrator.

Please note if you are a NEW MEMBER you are unable to post any content that contains hyperlinks of any kind. Please ensure your post does not contain any links especially if you are quoting someone or replying to their post.

 

[Canna]

But i get this message:

The following error occurred:
Your content can not be submitted. This is likely because your content is spam-like or contains inappropriate elements. Please change your content or try again later. If you still have problems, please contact an administrator.

Please note if you are a NEW MEMBER you are unable to post any content that contains hyperlinks of any kind. Please ensure your post does not contain any links especially if you are quoting someone or replying to their post.

Ok then try upload/attach a file rather then using a http link

--------------------- MERGED ---------------------------

Hey guys,

if you got the error down below, you need your TSEC key:
Download Hekate, inject payload, navigate to "Console Info" and select "Print TSEC key". Then you will see 3 keys, but you need the 1. key.

Have a nice day

Use the method in my thread
https://gbatemp.net/threads/backup-your-nand-get-your-biskeys-tseckeys-keys-txt.513386/

the kezplez Method

these will give you More Keys then the method your using