Welcome to PlayStationHaX

Register now to gain access to all of our features. Once registered and logged in, you will be able to contribute to this site by submitting your own content or replying to existing content. You'll be able to customize your profile, receive reputation points as a reward for submitting content, while also communicating with other members via your own private inbox, plus much more! This message will be removed once you have signed in.

  • Announcements

    • GregoryRasputin

      Say Hello, Make An Introduction Thread :)   11/20/2015

      We love having new members join the forum, what we like more is them being productive people and contributing a little bit to the forum. So if you are a new member, let us know who you are by saying hi in an introduction thread, you can find the forum section here: http://playstationhax.xyz/forums/forum/15-member-introduction/
    • GregoryRasputin

      Henkaku Section Now Open   07/28/2016

      PlayStationHaX now has its own dedicated Henkaku section: http://playstationhax.xyz/forums/forum/129-ps-vita-henkaku/
Sign in to follow this  
Followers 0
zecoxao

[Tutorial] How to decrypt and dump usermodules

First of all i'd like to say thank you to the person who has allowed me to post this tutorial. His english isn't perfect so he asked me to make this tutorial on his behalf. Thanks, grass skeu :)

So for this, you'll need:

* ps4sdk precompiled

* elf-loader precompiled OR alternatively extreme-modding.de's elf loader (found here)

* the payload source

* 1.76 console

* fat32 usb pendrive


Steps:
1- Fire up elf loader on your 1.76 console

2- Let it load all the way up to stage 5 without memory errors!

3- Compile the payload source. You can specify in between:
 

ps4KernelExecute((void*)path_self_mmap_check_function, NULL, &ret, NULL);

and
 

ps4KernelExecute((void*)unpath_self_mmap_check_function, NULL, &ret, NULL);

which module(s) you want to decrypt. if you want, you can even decrypt all modules from 1.76 Dump released a while ago! This includes elf,self,prx,sprx,sexe,sdll and eboot.bin. However, take into notice that you can only decrypt usermodules from disc or psn apps when you have loaded them and minimize them (by pressing ps button), and only from absolute path! (due to npdrm management)
I have left an example:
 

decrypt_and_dump_self("/mini-syscore.elf", "/mnt/usb0/mini-syscore.elf");

so, the elf will be written to usb0 (rightmost port), but you can specify others

4. run listener (if you want, this is optional):

socat - TCP:my.ps4.ip.here:5052

where ps4 ip is your local ip (mine is 192.168.1.72)
5. finally send payload:

socat -u FILE:path/to/DumpFile TCP:my.ps4.ip.here:5053

specifying the path to the payload and the ip.
if the payload fails to be executed with out of memory error just stabilize on stage 5 WITHOUT restarting console and try again.

Any doubts please ask.
And all credits go to grass skeu for this awesome trick :)
 

 


 

added 5 minutes later

also @GregoryRasputin i cannot seem to find the attachment button >.<

Edited by zecoxao
6

Share this post


Link to post
Share on other sites

Just a small note. segment 0x6fffff01 cannot be "decrypted" from game eboots because... it's a plaintext segment in encrypted file :)
Just add it to the end of the elf.

Edited by zecoxao
3

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0