Welcome to PlayStationHaX

Register now to gain access to all of our features. Once registered and logged in, you will be able to contribute to this site by submitting your own content or replying to existing content. You'll be able to customize your profile, receive reputation points as a reward for submitting content, while also communicating with other members via your own private inbox, plus much more! This message will be removed once you have signed in.


Super Admin
  • Content count

  • Joined

  • Last visited

  • Days Won


Community Reputation

1,219 Excellent

About zecoxao

  • Rank
    Posting Freak
  • Birthday 10/12/1990

Profile Information

  • Gender
    Not Telling
  1. Credits to: z80 (https://twitter.com/ZiL0G80 ) for finding the patches to enable more UART | /dev/klog logs on his console You will need: *Retail Payload * elfldr/extreme-modding.de playground's elf loader * UART Soldering Skills / FTP Server (to grab logs from /dev/klog) * Ps4 on 1.76 Steps: * Fire up your own elfldr or extreme-modding.de one (it needs to go all the way to step 5 without out of memory!) * Listen to the payload: #listener socat - TCP:my.ps4.ip:5052 * Send the payload: #sender socat -u FILE:path/to/mempatch_retail.elf TCP:my.ps4.ip:5053 * Launch a game or a system app * [Extra UART] If you have UART connected, listen to the logs while the game or app is being loaded * [Extra klog] If you're not a soldering guy, just grab the content from /dev/klog On your ftp root server. WARNING! Logs will delete themselves once every a couple of minutes or so! * You should have some extra logs.
  2. inject what? that just rebuilds database. it's the source code to the package lol. webman and rebug toolbox do the same
  3. So, for this tutorial, none of this would've been possible without the help of harlequin and Charles. all of the credits go to them, thanks guys You will need: * A PS4 on 1.76 firmware with ftp capabilities * the ps4 trophy keys (if it's inconvenient to the mods, please remove this link immediately) * Trophy Resigner * The TITLE ID of the game whose trophies you want to resign * An Hexeditor * Command line Knowledge Here are the steps: 1- Extract the contents of the trophy keys zipfile into your %USERPROFILE% folder (in my case it's C:\Users\zecoxao). You will have it as C:\Users\zecoxao\ps4keys\<keys_here> 2- Navigate to: /system_data/priv/appmeta And find the TITLE ID of the game which you want to resign the trophy file 3- Copy the CUSA title id folder to a safe place. 4- Open npbind.dat inside with Hexeditor: here we can see that game CUSA00434 has correspondant trophy file NPWR05974 5- Now that you know correspondant id, navigate to: /user/trophy/conf and find folder with that id and place it somewhere safe on your pc. you know have two things: your np communications id and your trophy file 6. Open a command line and type the appropriate command with trp_resigner.exe: trp_resigner.exe NPWR05974_00/TROPHY.TRP NPWR05974_00 trophy00.trp Following the example above. 7. Congratulations! You now have a resigned debug trophy
  4. I just completed this quiz. My Score 37/100 My Time 141 seconds  
  5. This tutorial would not be possible without the help of my friend Charles. Thank you Charles, for making this possible You will need: * A retail ps4 on 1.76 fw * A testkit or devkit on 1.76 fw, pre-activated (i will not go through details about the activation) * A game you wish to backup (disc or psn, as long as it's activated on psn) * hitodama's ps4sdk * DumpFile modified to decrypt the game's binaries (again, you're on your own) * An ftp payload to dump the files from app0 * Knowledge about the previous tutorials i wrote, namely pfs bypass and decrypt games * (Optional) The game's icons (you'll need the original pkg for this and flatz's awesome python script) * A resigner for AAAA00000 trophies (keys are on wiki, again, i won't go into much detail on this, but i'll update the tutorial later with info) * Target Manager and Target Manager Server (they're out there, just find them, once again, i will not help you on this) Some notes: I won't go into much detail on this tutorial. If you have a brain, use it. Savegames and Trophies now work. Filenames are case sensitive! Steps: - Install the game - Navigate to: system_data/priv/appmeta/ on your ftp server and find the title id of your game (CUSAXXXXX) - Copy the folder to a safe place (you'll need it) - Navigate to: /user/trophy/conf on your ftp server and find the np comms id of your game (hint, it's mentioned in the title id folder, inside npbind) (NPWRXXXXX) - Copy the folder to a safe place (you'll need it) - Resign the TRP inside NPWR folder to debug (i'll put a tutorial after this telling how to do it) - name it trophy00.trp - Transfer the entire content of app0 on pfsmnt to your desktop (you should have two folders, one called sce_sys, and another called trophy inside sce_sys) - Copy trophy00.trp to sce_sys/trophy - Copy the contents of the CUSAXXXXX folder to sce_sys - Decrypt the prx,sprx,eboot.bin contents of your app0 game using dumpfile modified - replace the existing ones in your copied app0 directory with the ones you just decrypted (using the same name) - now, on your activated testkit and devkit, launch the game using the configuration of eboot.bin as loading elf and elf directory as working directory - You should have your own backup running on testkit/devkit. Enjoy Here's the example of minecraft backup structure to serve as guide(take a closer look at sce_sys folder): http://pastebin.com/HNHLrwG5 Here are two videos as proof (Courtesy of Charles)
  6. Happy birthday @3141card !!
  7. It takes a while to build. On my case it took around 10 minutes on my i7, so results may vary.
  8. Credits(these go first): Original authors: wskeu(for the reading part), wildcard (for the writing part) Requirements: * 1.76 console * elf-loader * ps4-sdk * the payload source * a brain Steps: 1. Compile the payload. Specifically to what you want to patch, the size, etc. So, this: /* set variables for reading and writing mem */ size_t dumphexsize = 0x200; size_t dumpsize = 0x1; // size that you want to read size_t writesize = 0x1; // size of the data you are overwriting uint64_t base = start[0]; // use the number of the mapping you want to write to, starting with 0 size_t intoBase = 0x465FC9; // relative position of base and this: char *target = "SceShellCore"; 2. Load elf-loader. Let it stabilize on stage 5. (To increase success rate, clear cookies, cache and history) 3. Load the payload. Specifically: #listener socat - TCP:my.ps4.ip:5052 #sender socat -u FILE:path/to/rwmem TCP:my.ps4.ip:5053 4. This payload will take a while to listen to logs. Be patient. After a while it'll show log output with the memory before and memory after. Notes: this is process peek and poke (reading and writing to process memory) using proc_rwmem, which is more efficient than the old method.
  9. Requirements: * ps4sdk precompiled * elf loader precompiled or extreme-modding's elf loader * the payload source * 1.76 console * usb pendrive or external hdd (fat32 or exfat, exfat recommended) * A preactivated online game or a purchased disc game * The TITLE ID of the disc or online game Steps: 1. Compile the payload with the correct commands. Specifically for The Playroom (CUSA00001): decrypt_and_dump_self("/mnt/sandbox/pfsmnt/CUSA00001-app0/eboot.bin", "/mnt/usb0/eboot.bin"); decrypt_and_dump_self("/mnt/sandbox/pfsmnt/CUSA00001-app0/sce_module/libc.prx", "/mnt/usb0/libc.prx"); decrypt_and_dump_self("/mnt/sandbox/pfsmnt/CUSA00001-app0/sce_module/libSceFios2.prx", "/mnt/usb0/libSceFios2.prx"); decrypt_and_dump_self("/mnt/sandbox/pfsmnt/CUSA00001-app0/sce_sys/about/right.sprx", "/mnt/usb0/right.sprx"); 2. Start the game. 3. Minimize the game (PS Button) 4. Access elf loader 5. Let it load all the way until stage 5 and stabilize 6. Plug the usb stick or hdd on the rightmost port, near PS4 logo 7. Load the payload: #listener socat - TCP:my.ps4.ip:5052 #sender socat -u FILE:path/to/DumpFile TCP:my.ps4.ip:5053 8. when it finishes loading (user return 0) unplug the stick or hdd and check inside. you should have the files in elf format on the root PS: This is a continuation to the previous tutorial "dump and decrypt usermodules" PPS: do not forget that the games decryption require ABSOLUTE PATH due to rif management.
  10. @gusha i have a retarded idea. completely turn off your vita (instead of keeping it on standby) and try going to go.henkaku.xyz or beta.henkaku.xyz when you turn it on
  11. russians had it for a while and used it to make money out of it. so it's not new to them.
  12. it's the same thing...
  13. yeah, just grab a ps3 on 4.70 cfw, spoof it to 4.81, and perform data transfer. it'll allow both new and old games.
  14. you cannot downgrade to 4.70 due to SYSCON HASHES :/ EEPROM stores lv0 and lv1 hashes inside. you cannot magically flash 4.70 on your ps3s and hope it'd work. it'll triple beep and shutdown like the others. access EEPROM and you MIGHT be able to downgrade. since there's no way to access it on 3K/SuperSlim, you cannot downgrade.
  15. Just a quick note @BobbyBlunt, it's STILL 3.61 spoofing, it's just that it wasn't working before and now it is, and Sony didn't pull the plug on PSN for 3.61 yet