Description
Lockpick_RCM is a bare metal Nintendo Switch payload that derives encryption keys for use in Switch file handling software like hactool, hactoolnet/LibHac, ChoiDujour, etc. without booting Horizon OS.

Source: https://github.com/shchmue/Lockpick_RCM
Payload: https://github.com/shchmue/Lockpick_RCM/releases

Due to changes imposed by firmware 7.0.0, Lockpick homebrew can no longer derive the latest keys. In the boot-time environment however, there are fewer limitations. That means the new keys are finally easy to dump!

Usage

• Launch Lockpick_RCM.bin using your favorite payload injector or chainload from Hekate by placing it in /bootloader/payloads
• Upon completion, keys will be saved to /switch/prod.keys on SD
• If the console has Firmware 7.x, the /sept/ folder from Atmosphère or Kosmos release zip containing both sept-primary.bin and sept-secondary.enc must be present on SD or else only keyblob master key derivation is possible (ie. up to master_key_05 only)

Big thanks to CTCaer
For Hekate and all the advice while developing this!

Known Issues

• Chainloading from SX will hang immediately due to quirks in their hwinit code, please launch payload directly

 

[AliciaBurrito]

This looks awesome, and should really help a lot of people who can't get into Horizon for whatever reason

 

[tomGER]

Awesome work!

 

[Draxzelex]

RCMPick had potential...

 

[LeviDL]

You're Awesome!

 

[Whovian NineThreeSixNine]

Congrats to ya, and thanks!

 

[Adran_Marit]

Ty for the release

 

[Vaatu]

This is beyond cool! Good work

 

[ZachyCatGames]

This looks awesome, and should really help a lot of people who can't get into Horizon for whatever reason

and people on 7.0.0 who want the new keys

 

[Kadji]

Its not mentioned and while I am fairly sure that it should work I have to ask: Is 7.0.1 also supported?
And is the dereived key the same key that was needed when Atmosphere was still in "bring your own keys for 7.x support" mode?

Thanks for clarifying.

 

[Beerus]

Ayyyy thanks dude this gonna bless bare manz

 

[shchmue]

Its not mentioned and while I am fairly sure that it should work I have to ask: Is 7.0.1 also supported?
And is the dereived key the same key that was needed when Atmosphere was still in "bring your own keys for 7.x support" mode?

Thanks for clarifying.

it supports every firmware but no the keys for BYOK on 7.x remain private, Sept uses them and clears them from memory.

 

[huma_dawii]

Run this and then run lockpick?

 

[Kadji]

Ok now I am a bit confused: If I understood right it *does* dump *some* 7.X keys if we provide RCM_Paylock with the files from Atmo / Kosmos.
Are those the keys that would be used in the future to decrypt 7.X games (when they appear in the fututre)?

Sorry if those questions have been answered for about 100 times, the whole 7.X situation is a bit messy and I am out of the loop (private stuff that is kinda ruining my life atm).

 

[shchmue]

Run this and then run lockpick?

the only thing Lockpick does that this doesn't is derive titlekeys. so unless you want those this is all you need.

--------------------- MERGED ---------------------------

Ok now I am a bit confused: If I understood right it *does* dump *some* 7.X keys if we provide RCM_Paylock with the files from Atmo / Kosmos.
Are those the keys that would be used in the future to decrypt 7.X games (when they appear in the fututre)?

Sorry if those questions have been answered for about 100 times, the whole 7.X situation is a bit messy and I am out of the loop (private stuff that is kinda ruining my life atm).

it dumps and derives all the keys you need to decrypt 7.x files.

 

[bundat]

Are these the keys TX needed for SX OS 7.x support?

 

[Draxzelex]

Are these the keys TX needed for SX OS 7.x support?

it supports every firmware but no the keys for BYOK on 7.x remain private, Sept uses them and clears them from memory.

 

[huma_dawii]

Ok now I am a bit confused: If I understood right it *does* dump *some* 7.X keys if we provide RCM_Paylock with the files from Atmo / Kosmos.
Are those the keys that would be used in the future to decrypt 7.X games (when they appear in the fututre)?

Sorry if those questions have been answered for about 100 times, the whole 7.X situation is a bit messy and I am out of the loop (private stuff that is kinda ruining my life atm).

I hope your life gets better stay strong.

--------------------- MERGED ---------------------------

the only thing Lockpick does that this doesn't is derive titlekeys. so unless you want those this is all you need.

--------------------- MERGED ---------------------------


it dumps and derives all the keys you need to decrypt 7.x files.

I got only 126 keys, normal? On 7.0.1

 

[shchmue]

I hope your life gets better stay strong.

--------------------- MERGED ---------------------------


I got only 126 keys, normal? On 7.0.1

yes that's the count for 7.x

though I'd caution generally not to be too focused on key count as long as you have those you need. for example, consoles on 6.2.0 can dump a master kek and tsec root key that can't be dumped on any other firmware but those are just intermediate calculations and aren't as important as their result for anyone using this software

 

[SecureBoot]

I haven't really looked into what exactly I need but would this give me the keys for yuzu?