Description
Lockpick_RCM is a bare metal Nintendo Switch payload that derives encryption keys for use in Switch file handling software like hactool, hactoolnet/LibHac, ChoiDujour, etc. without booting Horizon OS.

Source: https://github.com/shchmue/Lockpick_RCM
Payload: https://github.com/shchmue/Lockpick_RCM/releases

Due to changes imposed by firmware 7.0.0, Lockpick homebrew can no longer derive the latest keys. In the boot-time environment however, there are fewer limitations. That means the new keys are finally easy to dump!

Usage

• Launch Lockpick_RCM.bin using your favorite payload injector or chainload from Hekate by placing it in /bootloader/payloads
• Upon completion, keys will be saved to /switch/prod.keys on SD
• If the console has Firmware 7.x, the /sept/ folder from Atmosphère or Kosmos release zip containing both sept-primary.bin and sept-secondary.enc must be present on SD or else only keyblob master key derivation is possible (ie. up to master_key_05 only)

Big thanks to CTCaer
For Hekate and all the advice while developing this!

Known Issues

• Chainloading from SX will hang immediately due to quirks in their hwinit code, please launch payload directly

 

[linuxares]

I've made archives of the URL.

Archive.org links also taken down

 

[SylverReZ]

Archive.org links also taken down

Slluxx's link is still up on Archive.

 

[linuxares]

Slluxx's link is still up on Archive.

But not the lockpick. So it most likely will get nuked as well

 

[Slluxx]

I assume Picklock will go down tomorrow no matter what. I did submit a counter notice but GitHub reserves about 10-12 days for an answer from the person who did the DMCA claim in the first place.

As we mentioned above, if the complaining party wishes to keep the content disabled after receiving a counter notice, they will need to initiate a legal action seeking a court order to restrain you from engaging in infringing activity relating to the content on GitHub.

Either it is the troll from twitter who obviously wont take legal action against me or it is Nintendo. In which case I will probably receive a "friendly letter" or a visit from the Nintendo ninjas. Because of the counter notice, which had me fill out my address etc, they know that about me now.

 

[linuxares]

I assume Picklock will go down tomorrow no matter what. I did submit a counter notice but GitHub reserves about 10-12 days for an answer from the person who did the DMCA claim in the first place.



Either it is the troll from twitter who obviously wont take legal action against me or it is Nintendo. In which case I will probably receive a "friendly letter" or a visit from the Nintendo ninjas. Because of the counter notice, which had me fill out my address etc, they know that about me now.

Is it the literal same notification like last time?

 

[Slluxx]

Is it the literal same notification like last time?

I got it as an RTF and copied it to a txt to be able to attach it here.

 

[linuxares]

"Specifically, the reported repository provides software entitled Picklock to users. Picklock is also known as Lockpick, and is the subject of multiple circumvention notices submitted to GitHub on behalf of Nintendo."

Why would they include this? I smell something off

 

[Slluxx]

Well, they could include it because it "proves their case" since lockpick did not file a counter notice and got shut down.
But i doubt that nintendo would go after lockpick (or picklock) as its not its fault that people pirate.

 

[Waicol]

Real lawyers or trolls, couldn't these could be circumvented by hosting the bin on one of the 7 countries ignored by the DMCA like the Netherlands?, i have zero legal expertise but reading their claims they are saying that LockPick software violates the WIPO treaties from 1996 to 1998 (DMCA) as their pretty much only legal recourse.

All of this seems pretty bogus and it's sad, and understandable giving the recent events, that Github is scared of Nintendo.

 

[iruzer]

I got it as an RTF and copied it to a txt to be able to attach it here.

ok i got DMCA too.

 

[linuxares]

Real lawyers or trolls, couldn't these could be circumvented by hosting the bin on one of the 7 countries ignored by the DMCA like the Netherlands?, i have zero legal expertize but reading their claims they are saying that LockPick software violates the WIPO treaties from 1996 to 1998 (DMCA) as their pretty much only legal recourse.

All of this seems pretty bogus and it's sad, and understandable giving the recent events, that Github is scared of Nintendo.

The Nehterlands have to follow EU law that have the same-ish law.
San Marino might be an option but they have joined WIPO so it's just a matter of time.

 

[testing123]

Reading the thread, it looks like I picked an odd day to learn about prod.keys.

So how can I install Zelda? Tinwoo keeps crashing with "cannot load hfs0 header" errors. I assume that's a keys issue. However, I don't know what to do at this point?

Is there a manual way to install the prod.keys? I'm relatively new to this entire process.

Thanks in advance.

 

[linuxares]

Reading the thread, it looks like I picked an odd day to learn about prod.keys.

So how can I install Zelda? Tinwoo keeps crashing with "cannot load hfs0 header" errors. I assume that's a keys issue. However, I don't know what to do at this point?

Is there a manual way to install the prod.keys? I'm relatively new to this entire process.

Thanks in advance.

Use DBI imho. It works great.

 

[testing123]

Use DBI imho. It works great.

Yes, but where would I put the two files?

 

[linuxares]

DBI have multiple ways to do it. I recommend the MTP Responder. When you plug your switch in to the computer it will be really self explanatory

 

[testing123]

DBI have multiple ways to do it. I recommend the MTP Responder. When you plug your switch in to the computer it will be really self explanatory

Something's definitely wrong...I load up MTP responder, and just drag and drop the file...it just sits like this for a few minutes, then has an error noise and no files get transferred. I believe I saw "invalid handle" appear in DBI responder.

 

[linuxares]

Something's definitely wrong...I load up MTP responder, and just drag and drop the file...it just sits like this for a few minutes, then has an error noise and no files get transferred. I believe I saw "invalid handle" appear in DBI responder.


View attachment 372357

FAT32 or Exfat SD Card?
But follow this guide, I normally HATE video guides but I feel it might help here

 

[Adran_Marit]

ahoy there this is sucky, if its a troll can they nick off?

 

[mrdude]

Reading the thread, it looks like I picked an odd day to learn about prod.keys.

So how can I install Zelda? Tinwoo keeps crashing with "cannot load hfs0 header" errors. I assume that's a keys issue. However, I don't know what to do at this point?

Is there a manual way to install the prod.keys? I'm relatively new to this entire process.

Thanks in advance.

I've updated tinwoo - just grab the lastest version from github or open tinwoo on your switch and it should tell your there's an update. I just installed the new Zelda via usb with it and didn't get any errors.

 

[ShadowOne333]

Well, looks like it's time to come up with other options to dump the keys, or ways/instructions to get them.

The Yuzu guides still refer the use of Lockpick for dumping the keys, and they haven't said a word from what I could gather regarding the DMCA or other possible options to get them. Still though, this won't stop the community, I'm sure even if another software of dumping them doesn't pop up, the newer keys will still pop up in pastebin or some other places, there's jackshit Nintendo can do about that, they're just pushing the community to go the full BIOS kind of way to get the files if you don't own the console (if you catch my drift), so yeah, good tantrum Nintendo (if it was really them).

Has Ryu announced anything regarding the keys?
It'd be interesting to see how Yuzu and Ryujinx deal with the keys stuff if no other method comes around.