Biskeydump V8 Released With TSEC Support 7.0.0

The developer rajkosto very well known for the tools TegraRcmSmash, ChoiDujourNX and RajNX, has released a new update of biskeydump in version 8.biskeydump allows you to dump all your keys BIS Switch for decrypting content on eMMC, to be used with fusee gelée (the exploit of RCM bootrom). With all your BIS keys and your RawNand.bin (or the physical eMMC connected via microSD reader or using a mass storage mode in u-boot / linux) you can explore / edit your eMMC partitions using the HacDiskMount tool (if running Windows) from https://switchtools.sshnuke.net

This version adds support for tsec fw on 7.0.0

Attention: the article is for study purposes only. We are not responsible for any brick to your console

use

  1. Build a biskeydump.binusing make from the repository root directory or download a binary version from  https://switchtools.sshnuke.net
  2. Send biskeydump.bin to your Switch running in RCM mode via a fusee-launcher (sudo ./fusee-launcher.py biskeydump.bin or simply drag it to TegraRcmSmash.exe on Windows)
  3. Read and note the text printed on the screen of your Switch, or scan the QR code generated with your phone to get a copy of all the specific keys of your device
  4. Alternatively, use TegraRcmSmash 1.1.0 or a more recent version with a fictitious argument so that you continue listening to usb communications, and you will get all the keys inside the console window, example cmdline:  TegraRcmSmash.exe -w out / biskeydump.bin BOOT: 0x0

Changes

  • initial code based on  https://github.com/Atmosphere-NX/Atmosphere
  • everything except fusee-primary and fusee-secondary key_derivation / masterkey / exocfg has been removed (from Atmosphere)
  • all the hwinit code has been replaced by updated versions from  https://github.com/nwert/hekate
  • tsec.c has been slightly modified (to simply use the address passed directly as a DMA source, instead of copying it to a temporary buffer)
  • qrcodegen (from  https://github.com/nayuki/QR-Code-generator  ) was included so you can view an image of the QR code of the downloaded data
  • main.c has been modified to get the tsec fw, executes a query for the tsec key, then calls the key_derivation.c functions using that key, then dumps the device and keys
  • key_derivation.c has been modified to use the tsec key and does not derive any masterkey derivation
Download and source
Github

Để lại Trả lời

Địa chỉ email của bạn sẽ không được công bố. Các trường bắt buộc được đánh dấu *