Kofysh / Lockpick_RCM
Lockpick_RCM is a bare-metal Nintendo Switch payload that extracts encryption keys for use in file handling software like hactool, hactoolnet/LibHac, ChoiDujour, etc., all without booting into Horizon OS. ๐
AI Architecture Analysis
This repository is indexed by RepoMind. By analyzing Kofysh/Lockpick_RCM in our AI interface, you can instantly generate complete architecture diagrams, visualize control flows, and perform automated security audits across the entire codebase.
Our Agentic Context Augmented Generation (Agentic CAG) engine loads full source files into context on-demand, avoiding the fragmentation of traditional RAG systems. Ask questions about the architecture, dependencies, or specific features to see it in action.
Embed this Badge
Showcase RepoMind's analysis directly in your repository's README.
Repository Overview (README excerpt)
Crawler view๐ Lockpick_RCM Lockpick_RCM is a bare-metal Nintendo Switch payload that extracts encryption keys for use in file handling software like **hactool**, **hactoolnet/LibHac**, **ChoiDujour**, etc., all without booting into Horizon OS. ๐ > โ ๏ธ **Note :** Due to changes in firmware 7.0.0 and beyond, the Lockpick homebrew can no longer derive the latest keys. However, this limitation doesn't apply in the boot-time environment, allowing Lockpick_RCM to function properly. ๐ Usage โข ๐๏ธ **Recommended** : Place **Minerva** on your SD card for optimal performance, especially when dumping titlekeys. You can get it from the latest Hekate release. Place the file at: โข ๐ฎ Launch using your preferred payload injector or chainloader. โข ๐พ Keys will be saved to: โข - on your SD card. > This release also includes the Falcon keygen from Atmosphรจre-NX. ๐ Mariko-Specific Keys Mariko consoles (Switch V2 and Switch Lite) contain unique keys and protected keyslots. To extract these keys, you will need to use the file along with a brute-forcing tool like PartialAesKeyCrack. The process involves: โข Open and observe the keyslot data. โข Use the following command format : Replace with the number of threads to utilize (not exceeding your CPU's core count). ๐ Keyslots Overview | Keyslot | Name | Notes | |---------|---------------------------|-----------------------------------------------| | 0-11 | | Not used by the Switch (set by bootrom) | | 12 | | Used for master key derivation | | 13 | | Used for BCT and package1 decryption | | 14 | | Console unique (for personal records) | | 15 | Secure storage key | Console unique (not used on retail/dev units) | **Example:** To brute force , run : > [!NOTE] > ๐ก On a high-performance CPU like the Ryzen 3900x, this process takes about 45 seconds using 24 threads. ๐ For more details on the hardware flaw utilized : Switch System Flaws - Hardware ๐ ๏ธ Building With Docker โข Install Docker Desktop (for Mac/Windows). โข Run: Without Docker โข Install devkitARM. โข Run: ๐ Massive thanks to CTCaer This project owes a lot to Hekate, and special thanks go to **CTCaer** for his valuable advice, expertise, and humor throughout the development process. ๐ ๐ License Lockpick_RCM is licensed under the **GPLv2**. The save processing module is adapted from hactool, licensed under ISC. โ ๏ธ Unofficial Repository This repository is a clone of the DMCA'd Lockpick_RCM by shchmue. The modifications here are based on the source code shared on the ReSwitched Discord server.