Lockpick_RCM is a bare metal Nintendo Switch payload that derives encryption keys for use in Switch file handling software like hactool, hactoolnet/LibHac, ChoiDujour, etc. without booting Horizon OS.
Due to changes imposed by firmware 7.0.0, Lockpick homebrew can no longer derive the latest keys. In the boot-time environment however, there are fewer limitations.
- Launch Lockpick_RCM.bin using your favorite payload injector
- Upon completion, keys will be saved to /switch/prod.keys on SD
- If the console has Firmware 7.x, the /sept/ folder from Atmosphère or Kosmos release zip containing both sept-primary.bin and sept-secondary.enc must be present on SD or else only keyblob master key derivation is possible (ie. up to master_key_05 only)
Que novedades incluye la versión 1.7.0
Lockpick_RCM now parses the ES save files correctly for much quicker Titlekey extraction, ie linear in number of titlekeys rather than checking the whole save container
Huge thanks to @Thealexbarney for an excellent source of truth on save parsing in the form of https://github.com/Thealexbarney/LibHac/ and for answering so many questions about it on top of all the hard work reversing FS and constantly improving LibHac
Also corrected a major bug in Hekate's heap code (please do the same if you use Hekate code in your own projects! ref CTCaer/hekate#300 ) and eliminated a few of my own memory leaks, both guaranteed and potential