rajkosto/biskeydump rajkosto/biskeydump

  • Stars
    star
    121
  • Rank 293,924 (Top 6 %)
  • Language
    C
  • License
    GNU General Publi...
  • Created over 6 years ago
  • Updated over 5 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
rajkosto/biskeydump
github

rajkosto

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

fusee payload that dumps your BIS keys

biskeydump License

Dumps all your Switch BIS keys for eMMC contents decryption, to be used with fusée gelée (the bootrom RCM exploit)

With all your BIS keys and your RawNand.bin (or the physical eMMC attached via microSD reader or using a mass storage gadget mode in u-boot/linux) you can explore/modify your eMMC partitions using my HacDiskMount tool (if running Windows) from https://switchtools.sshnuke.net

Usage

  1. Build biskeydump.bin using make from the repository root directory, or download a binary release from https://switchtools.sshnuke.net
  2. Send the biskeydump.bin to your Switch running in RCM mode via a fusee-launcher (sudo ./fusee-launcher.py biskeydump.bin or just drag and drop it onto TegraRcmSmash.exe on Windows)
  3. Either read out and note down the text printed on your Switch's screen, or scan the generated QR code with your phone to have a copy of all your device-specific keys
  4. Alternatively, use TegraRcmSmash 1.1.0 or newer with a dummy argument so it keeps listening for usb comms, and you will get all the keys inside the console window, sample cmdline: TegraRcmSmash.exe -w out/biskeydump.bin BOOT:0x0

Changes

This section is required by the GPLv2 license

  • initial code based on https://github.com/Atmosphere-NX/Atmosphere
  • everything except fusee-primary and key_derivation/masterkey/exocfg from fusee-secondary has been removed (from Atmosphere)
  • all hwinit code has been replaced by the updated versions from https://github.com/nwert/hekate
  • tsec.c has been slightly modified (to just use the passed-in address directly as DMA source, instead of copying to a temporary buffer)
  • qrcodegen (from https://github.com/nayuki/QR-Code-generator) has been included so that a QR code image of the dumped data can be displayed
  • main.c has been modified to get tsec fw, query for tsec key then call key_derivation.c functions using that key, then dump device and bis keys
  • key_derivation.c has been modified to use passed-in tsec key and not do any masterkey derivation

Responsibility

I am not responsible for anything, including dead switches, loss of life, or total nuclear annihilation.

More Repositories

1

TegraRcmSmash

A reimplementation of fusee-launcher in C++ for Windows platforms.
C++
152
star
2

ChoiDujour

Converts Nintendo Switch firmware update packages to installable images/files that can be transferred to the device itself.
Python
122
star
3

memloader

fusee payload that loads payloads from microsd/USB and boots them on the AArch64 CPU of the Nintendo Switch
C
110
star
4

mxoemu

The Matrix Online Server Emulator
C
52
star
5

briccmii

fusee payload that corrupts (or fixes) the first byte of every BCT's pubkey in BOOT0 of a Nintendo Switch.
C
48
star
6

hive

dayz hive access dll
C++
23
star
7

gptrestore

fusee payload that restores the original Nintendo Switch GPT to its eMMC
C
23
star
8

NvTimingsEd

Allows you to add new/edit the Monitor and Glasses timings for stereoscopy using the 3D vision emitter and glasses.
C#
15
star
9

romdump

fusee payload that dumps the RAW FUSE, KFUSE and BOOTROM bytes from a Nintendo Switch.
C
11
star
10

ChromeClickOnce

ClickOnce Helper extension for Google Chrome
C
2
star
11

deps-poco

POCO Dependency
C++
2
star
12

SBAuroraR.NET

.NET bindings for the Sound BlasterX LED SDK
C
2
star
13

fusedump

A barebones fuse dumper for the Switch, to be used with fusée gelée.
C
2
star
14

native-client-ffplay

Automatically exported from code.google.com/p/native-client-ffplay
C
1
star
15

deps-cryptopp

CryptoPP dependency
C++
1
star
16

simplecpu

Simple 16 bit CPU assembler and emulator
C++
1
star
17

deps-rcf

DeltaV RCF Dependency
C++
1
star
18

openzone

Automatically exported from code.google.com/p/openzone
C++
1
star
19

deps-detours

Detours dependency
C++
1
star
20

hogger

Syphon Filter Omega Strain PS2 HOG archive packer/unpacker
Python
1
star