EurAsiayour console hacking resource
Select topic
  Create an account Home  ·  Your Account  ·  Online Shop  ·  Forums  ·  Downloads new  ·  Wiki  
Main Menu
· Home
· About Us
· Downloads
· FAQ
· Forums
· Info Pages
· Members List
· Online Shop
· PDA - AvantGo
· Private Messages
· Search Stories
· Statistics
· Stories Archive
· Submit Story
· Top 10
· Topics
· Upload
· WAP
· Web Links
· Wiki
· Your Account
· Switch to HTTPS!

Online Shop
Credit Card

Bitcoin

EurAsia Online Shop
enter

new products
· HAKKO SSPON 18G
· NS-Atmosphere
· PsNee modchip PSX
· R4i Gold 3DS RTS
· Mars Pro GM-816HD
· EurAsia File Collection 2017
· Matrix Infinity 2.0
· Modbo 5.0
· Screwdriver GC/SNES
· X360ACE V3
· E3 NOR Flasher
· Corona Postfix Adapter V2
· SuperCIC cart key
· SuperCIC SNES kit
· Gateway 3DS
· X360ACE V1
· 3k3y 3KR (SATA)
· Mtx Glitcher v1
· HAKKO WICK
· HAKKO PRESTO 980

complete price list

Tor Hidden Service
Tor Project
EurAsia Onion URL: wrqgfbrcgttkp6pi.onion

Who's Online
There are currently 243 guest(s) and 14 member(s) online.

baraka73 - bob123456 - captao_comando - groats - IQzero - JackBoosh - jotas - katzoo - Ottoman90 - playxgames - Supastar2k4 - theagedgamer - vlskeyzone - wyzard

Welcome honored guest. You can register for free by clicking here.

Site Protection
INFOSEC
BM

Hot Wikis
· Xbox One Dev Mode
· PS4 Exploit using Raspberry Pi
· Switch Key List
· PS4 firmware updates
· 3k3y nokeys ISO tutorial
· 3DS game fw updates
· 3k3y microSD recovery
· PS3 SKU Models
· PS3 Metldrpwn
· Xk3y microSD recovery
· Xbox360 motherboards
· Xbox360 Reset Glitch Hack
· PS3 Blu-ray Drive
· Homemade Sputnik360
· PS3 BD drive swap
· PSP Crypto Keys
· PS3_Crypto_Keys
· PS3 Hypervisor RE
· PS3 Dongle User Guide
· PSGroove tutorial
· Xecuter LT Fakir
· PS3 YLOD Fix
· NSMB Modchip Tutorial
· PS3 Glitch Hack
· Xbox360NoDvdRom
· Ps3FactoryRestore
· Free60JtagHack
· Ps3HddDecrypt
· WiiKey2EjectFix
· SaveMiiFree
· WiiHwDiagram
· Ps3OsRels
· PandoraNoHomebrewPsp
· GcOsMultiGameWiiHowTo
· Xbox360LinuxBurn
· Xbox360EraserFix
· Xbox360Kernel
· Xbox360DisasmXtreme
· Ps2HdlPatchTutorial
· Ps2VersionTable
· XboxErrorCodes
· XboxVersionTable
· GameCubeLaserTweak
· ModchipSolderingGuide
· PspUmdIsoHaxorLinux

RSS Feed
News & Downloads & Wiki

IRC
#eur
EFnet

Hosted By

Ad

Respected Sites
· Home of the Hitmen
· radare
· gc-forever
· pouet.net
· English Amiga Board
· GXArena OFW Repo
· WiiBrew
· WiiUBrew
· 3DBrew
· SwitchBrew
· Games and Consoles
· Maxconsole.com
· Console Wizard
· GameCube Linux
· Xbox Linux
· Xbox-Scene.com
· XboxHacker.Net
· xbins.org
· Doom9.net
· bunnie's blog
· debugmo.de
· GX-Mod.com
· ElOtroLado.net
· uCON64
· GBADEV.ORG
· GBAtemp.net
· PocketHeaven.com
· PDRoms
· GameSX.com
· ASSEMbler
· phrack.org
· Woz.org

Support...

Bitcoin

Namecoin

radare

OpenCores
LibreCores
Electronic Frontier Foundation
Amnesty International

Nectarine Radio

Demovibes Radio

GNU
Linux
Mozilla

Total Page Views
We received
162836739
page views since June 2002


Moderated by: Robert

EurAsia : Index » » Switch » » Switch FW 6.2.0 keys out in the wild
New Topic   Post Reply
Author Switch FW 6.2.0 keys out in the wild
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6479
Status: Offline
 _#36244 posted 2018-11-26 @ 02:18 GMT   
SciresM has added support for Switch firmware 6.2.0 key generation to hactool v1.2.2.

Quote from Twitter...

Quote:
A new hactool release has been posted, supporting 6.2.0+ key generation.



The new tsec_root_key was retrieved through an unpublished exploit and these changes were made to add support for the new firmware. Since the keys are still kept private there is currently no custom firmware out which supports 6.2.0, so keep that in mind while avoiding the update from Nintendo.

Thanks goes to hitman43 for the heads up.

[ This message was edited by modrobert on 2018-11-26 @ 02:23 GMT ]
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
garyopa



lt

Registered: 2003-11-06
From: Toronto
Messages: 83
Status: Offline
 _#36245 posted 2018-11-26 @ 02:58 GMT   
The SHA256 Hashes are:

PK11: 7D58F68E73784DCF8453B6BB67E78CC7D88004612DDD35DBEC 91C385E3AF9413
Master key: 9497E6779F5D840F2BBA1DE4E95BA1D6F21EFC94717D5AE5CA 37D7EC5BD37A19

Source: --> https://twitter.com/elmirorac/status/1066106288747237377

The undisclosed exploited used on TSEC is basically:

This was posted by Mathieulh on the reswitched discord, but vanished 1 minute later. It's probably legit since the 'elite' does not want you to see this:

Quote:

[12:04 AM] Mathieulh: just use SMMU
[12:04 AM] Mathieulh: create a fake environment for TSEC
[12:05 AM] Mathieulh: have it decrypt package 1 for you
[12:05 AM] Mathieulh: done
[12:05 AM] Mathieulh: you can redirect memory ranges checked by TSEC
[12:05 AM] Mathieulh: to anything
[12:05 AM] Mathieulh: using SMMU
[12:05 AM] Shadów: then brute force the key
[12:05 AM] Mathieulh: and TSEC is nonethewiser
[12:05 AM] Shadów: :iwanttodie:
[12:05 AM] Mathieulh: then you can use the keyslots time attack fail
[12:05 AM] Mathieulh: to dump anything TSEC writes in SEC keyslots
[12:06 AM] Mathieulh: and voila, done.
[12:06 AM] Mathieulh: literally, that'll just work
[12:07 AM] Mathieulh: as in, you have 99.9% chances for this to work(edited)
[12:07 AM] Bįlint: Get that to @SciresM
[12:07 AM] Mathieulh: of course that doesn't give you the actual TSEC secrets
[12:07 AM] Mathieulh: but who cares?



Happy hacking!

Source: --> https://team-xecuter.com/forums/threads/155510-6-2-exploit-by-Matheiulh-LEAKED
  ________                         ________    __________    _____     
 /  _____/ _____  _______  ___.__. \_____  \   \______   \  /  _  \    
/   \  ___ \__  \ \_  __ \<   |  |  /   |   \   |     ___/ /  /_\  \   
\    \_\  \ / __ \_|  | \/ \___  | /    |    \  |    |    /    |    \  
 \______  /(____  /|__|    / ____| \_______  //\|____|  /\\____|__  //\
        \/      \/         \/              \/ \/        \/        \/ \/
                                                                       

 Profile  pm  Email  www   skype   Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6479
Status: Offline
 _#36246 posted 2018-11-26 @ 04:12 GMT   
Thanks. Do you know the reason they want keep the keys private?
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
garyopa



lt

Registered: 2003-11-06
From: Toronto
Messages: 83
Status: Offline
 _#36247 posted 2018-11-26 @ 07:35 GMT   
Not sure, I think they afraid Nintendo is going to either close up the 'exploit' to get the keys, or got after those legally disclosing them to public, or including them in app.

And it seem you going to have 'cough' find them yourself to make usage of Atmosphere now:

https://www.maxconsole.com/threads/wip-atmosphere-cfw-updated-by-sciresm-with-partial-v6-2-0-support.49932/

v6.2.0 CFW works but you have to supply the 'missing keys' in a custom prod.keys file.

Now the timer is set how long before someone leaks a working set of 'prod.keys', but I heard these have to be generated for your own 'Switch' itself, meaning they are now 'unique to device id', not common keys.



[ This message was edited by garyopa on 2018-11-26 @ 07:35 GMT ]

[ This message was edited by garyopa on 2018-11-26 @ 07:36 GMT ]
  ________                         ________    __________    _____     
 /  _____/ _____  _______  ___.__. \_____  \   \______   \  /  _  \    
/   \  ___ \__  \ \_  __ \<   |  |  /   |   \   |     ___/ /  /_\  \   
\    \_\  \ / __ \_|  | \/ \___  | /    |    \  |    |    /    |    \  
 \______  /(____  /|__|    / ____| \_______  //\|____|  /\\____|__  //\
        \/      \/         \/              \/ \/        \/        \/ \/
                                                                       

 Profile  pm  Email  www   skype   Quote
garyopa



lt

Registered: 2003-11-06
From: Toronto
Messages: 83
Status: Offline
 _#36248 posted 2018-11-26 @ 11:32 GMT   
On the fly boot with key generation? ??

http://twitter.com/naehrwert/status/1066998624410730496

[ This message was edited by garyopa on 2018-11-26 @ 11:32 GMT ]
  ________                         ________    __________    _____     
 /  _____/ _____  _______  ___.__. \_____  \   \______   \  /  _  \    
/   \  ___ \__  \ \_  __ \<   |  |  /   |   \   |     ___/ /  /_\  \   
\    \_\  \ / __ \_|  | \/ \___  | /    |    \  |    |    /    |    \  
 \______  /(____  /|__|    / ____| \_______  //\|____|  /\\____|__  //\
        \/      \/         \/              \/ \/        \/        \/ \/
                                                                       

 Profile  pm  Email  www   skype   Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6479
Status: Offline
 _#36249 posted 2018-11-26 @ 13:15 GMT   
Interesting...

New updates here as well:
https://switchbrew.org/w/index.php?title=TSEC

...specifically:
https://switchbrew.org/w/index.php?title=TSEC&type=revision&diff=5629&oldid=5575

  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
_
New Topic   Post Reply
Jump To
 

All trademarks and copyrights on this page are owned by their respective owners.
Comments and forum messages are owned by the Poster.