Skip to content

Instantly share code, notes, and snippets.

@CTCaer

CTCaer/README.md

Forked from roblabla/HABILITIES.md
Created March 14, 2018 08:56
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save CTCaer/2608471b7d4ce8596f951d90e9ca43c0 to your computer and use it in GitHub Desktop.
Save CTCaer/2608471b7d4ce8596f951d90e9ca43c0 to your computer and use it in GitHub Desktop.
Download ZIP
We believe in your habilities.
Raw
README.md

Muh Switch Keys

So you want to decrypt switch content ? Well, the good news is that all the tools required to do that are written up! The great news is, since this is crypto we're talking about, you'll have to find the keys. Yourself. Like it's easter.

So here you can find a template of the $HOME/.switch/prod.keys file that hactool uses to decrypt content. It contains all the SHA256 and location of the keys and seeds, so you can find them yourselves.

Note that all the seeds (the keys that end with _source) are used along with the master_key_## to derive an actual key. If you have somehow obtained the key without the seed, you can rename xxx_source to xxx_## (where ## is the master key number) and put your key there.

How the heck do I obtain dem keys ?

If you have a dump of that archive 0100000000000819 and the master_key and package1_key for the version of your switch, you can find all the other key_sources by looking in the right files for a 16-byte values that match the sha256sums given in the below file. As a reminder

  • master_key_00: 1.0.0-2.3.0
  • master_key_01: 3.0.0
  • master_key_02: 3.0.1-3.0.2
  • master_key_03: 4.0.0-current

Good luck with The Hunt. And remember: We believe in your habilities.

FAQ

  • Q: The hashes are wrong !

    A: You are calculating it wrong. Hex is only a representation. Binary is truth. Because I'm such a nice guy, I'll tell you this :

    SHA256(00FF00FF) = 7a7bf454c5f3cb1b9d9a20f81417f98d976fe3b3dd52c1b9968f02e89e7e8a2f

  • Q: Why do I need master_key and package1_key to get the sources ?

    A: You need package1_key to decrypt package1, which contains the Secure_Monitor.bin. In there you'll find half the seeds, including the package2_key_source.

    The master_key is then needed (with the package2_key_source) to decrypt the package2, which contains FS, where the other half of the seeds are located.

  • Q: How do I get my hands on 0100000000000819 ?

    A: PegaSwitch can get them for you, with evalfile usefulscripts/dumpArchives.js. If you're on 1.0.0, you might want to use branch feature-dumpArchives1.0.0 on my fork.

    Those files are RomFS. You can use hactool to extract them, without any keys. RTFM, I'm not doing your homework for you.

    SHA256(0100000000000819.bin_1.0.0) = e057d10a485447e562bb8dea11afdcf3af5af8c4ec7a48f2f98ce47e2213b386 SHA256(0100000000000819.bin_2.0.0) = e4d57511f79b44f5fbe89d15eab38d31b4c5c3c697d0068fb6461a038dc28ac8

  • Q: RTFM ?

    A: Read The Fucking Manual. ./hactool --help will tell you everything else you need.

  • Q: Can you just cut the chase and give me the keys ?

    A: No. I enjoy watching you suffer.

Raw
test.ini
; Obtainable with TrustZone code execution.
; All the other keys are derived with this one.
; Don't forget to replace ## with the appropriate number!
; SHA256(master_key_00) = 0EE359BE3C864BB0782E1D70A718A0342C551EED28C369754F9C4F691BECF7CA
master_key_## = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Obtainable with Package1Ldr code execution.
; Allows decrypting package1, which contains the bootloader, warmboot.bin and TrustZone (also called Secure_Monitor).
; Don't forget to replace ## with the appropriate number!
; SHA256(package1_key_00) = 4543CD1B7CAD7EE0466A3DE2086A0EF923805DCEA6C741541CDDB14F54F97B40
package1_key_## = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Found in TrustZone .rodata.
; Allows decrypting package2, which contains the kernel and builtins.
; SHA256(package2_key_source) = 21E2DF100FC9E094DB51B47B9B1D6E94ED379DB8B547955BEF8FE08D8DD35603
package2_key_source = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Found in TrustZone .rodata.
; SHA256(aes_kek_generation_source) = FC02B9D37B42D7A1452E71444F1F700311D1132E301A83B16062E72A78175085
aes_kek_generation_source = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Found in spl .rodata.
; SHA256(aes_key_generation_source) = FBD10056999EDC7ACDB96098E47E2C3606230270D23281E671F0F389FC5BC585
aes_key_generation_source = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Found in TrustZone .rodata.
; SHA256(titlekek_source) = C48B619827986C7F4E3081D59DB2B460C84312650E9A8E6B458E53E8CBCA4E87
titlekek_source = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Found in FS .rodata.
; SHA256(key_area_key_application_source) = 04AD66143C726B2A139FB6B21128B46F56C553B2B3887110304298D8D0092D9E
key_area_key_application_source = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Found in FS .rodata.
; SHA256(key_area_key_ocean_source) = FD434000C8FF2B26F8E9A9D2D2C12F6BE5773CBB9DC86300E1BD99F8EA33A417
key_area_key_ocean_source = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Found in FS .rodata.
; SHA256(key_area_key_system_source) = 1F17B1FD51AD1C2379B58F152CA4912EC2106441E51722F38700D5937A1162F7
key_area_key_system_source = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Found in FS .rodata.
; SHA256(header_kek_source) = 1888CAED5551B3EDE01499E87CE0D86827F80820EFB275921055AA4E2ABDFFC2
header_kek_source = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
; Found in FS .data.
; SHA256(header_key_source) = 8F783E46852DF6BE0BA4E19273C4ADBAEE16380043E1B8C418C4089A8BD64AA6
header_key_source = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment