Previous Page | Next Page

by Segtendo at 10:35 PM EST on February 4, 2018
Simon. You don't deserve anything, judging from that tone. You want the dumps? Do what bxaimc said. Learn the documentation. Grab the tools. Dump the files.

Right now, you sound super entitled to everything.
by soneek at 11:08 PM EST on February 4, 2018
@Simon it's easy. Hang your Switch like a piñata with the game you wanna dump files from loaded. Then you whack it with a USB-C charging cable until it dumps every file.

It could take a while and is life threatening due to exhaustion and overwork, so that's why it's been secret for a while.
by simonmkwii at 12:21 AM EST on February 5, 2018
Apologies to everyone:

Sorry about my passive-aggressive tone, it was a poor decision and a poor choice of words.

It wasn't my intention to offend anyone.

-----

I managed to use SciresM's hactool to dump the encrypted nca's.

I read through the documentation on switchbrew.org, but i'm still not completely clear.

My main question is what method do I use to retrieve the decryption keys from my Switch?

Would it be easier via a software or hardware method?

If software, what firmware, and what exploit and utility should I use to access it?

If hardware, what would be necessary?
by boop snoot at 2:42 PM EST on February 5, 2018
@simonmkwii

Super Mario Odyssey is a 3.0.1 title. There are currently no public ways to get at the keys for 3.0.1 crypto. Effectively, you would need a bootrom exploit to dump your Secure Boot Key and tsec key to get the package1 and master keys.

For the 1.0.0-2.3.0 keys, you could use Team Xecutor's key to decrypt package1.1 and package2/TrustZone and then use the leaked 1.0 master key to get the actual NCA keys.

See also http://switchbrew.org/index.php?title=Cryptosystem
by 54634564 at 5:56 PM EST on February 5, 2018
simon don't bother, you're not going to get anywhere currently. SciresM dumped Odyssey and provided the files to various people so they could have the audio/models/whatever. Just be happy we have anything from it, tbh.

edited 5:57 PM EST February 5, 2018
by RebeccaSugar at 10:35 PM EST on February 5, 2018
"Hang your Switch like a piñata with the game you wanna dump files from loaded. Then you whack it with a USB-C charging cable until it dumps every file."

THIS WORKS!!!! HOLY SHIT, I'M MAKING A YOUTUBE VIDEO, BUT I AM NOT GIVING YOU CREDIT. MY IDEA, MINE!
by NintenComet at 11:44 PM EST on February 7, 2018
@Simon If you want the decrypted files, use the tools. If you want to understand how the tools work, look at the source code. In order to create these tools, one must have an in-depth understanding of computer technology and hardware security. Exploiting firmware isn't something you can learn from a single forum post.
by simonmkwii at 11:36 PM EST on February 8, 2018
All I need now is a method to extract the keys from my Switch!

I have read through all the SwitchBrew documentation thoroughly.

There's not exactly a written method on how to to get the keys per se, but I think I figured out a way to extract them on 3.0.2.

Unfortunately, my Switch is on 4.1.0.

Is there any known way to pwn TrustZone and extract the keys on 4.1.0?

If not, could someone on 3.0.1 or 3.0.2 attempt to extract the keys? I will be eternally grateful!

At this rate, I'm hoping BigBlueBox leaks them!
by Hater at 7:53 AM EST on February 10, 2018
I don't understand why you're all hatin' so much on SIMON
by TheUltimateKoopa at 11:01 AM EST on February 10, 2018
Exactly. It's not his fault. He probably didn't hang his Switch high enough, or maybe he didn't whack it with the USB-C charging cable hard enough.

Previous Page | Next Page
Go to Page 0 1 2 3

Search this thread

Show all threads

Reply to this thread:

User Name Tags:

bold: [b]bold[/b]
italics: [i]italics[/i]
emphasis: [em]emphasis[/em]
underline: [u]underline[/u]
small: [small]small[/small]
Link: [url=http://www.google.com]Link[/url]

[img=https://www.hcs64.com/images/mm1.png]
Password
Subject
Message

HCS Forum Index
Halley's Comet Software
forum source