Jump to content
  • Announcements

    • GregoryRasputin

      Say Hello, Make An Introduction Thread :)   11/20/2015

      We love having new members join the forum, what we like more is them being productive people and contributing a little bit to the forum. So if you are a new member, let us know who you are by saying hi in an introduction thread, you can find the forum section here: https://playstationhax.xyz/forums/forum/15-member-introduction/
Sign in to follow this  

[Tutorial] how to create elfs from process dumps

Recommended Posts

zecoxao    1,305

You'll need:

* HxD
* PS4 FileNinja v2.0 (the one with process dump support)
* extreme-modding.de ftp payload (or you can use fileninja but filezilla is a better client for this purpose)
* a brain

Step 1:
Go to your playground of choice (in this case my playground is extreme-modding.de one)
Step 2:
Grab your elf or self that you want to make a forgery of (i'm going to use SysCore for this)
Step 3:
Look closely at the header and pick ONLY the elf header chunk of the file. Note here: the elf header must contain all of it's necessary bytes EXCEPT the last 32!

Step 4:
Add the necessary number of bytes until the file has EXACTLY 0x4000 bytes.
Step 5:
If necessary restart ps4 so you can clean the payload's memory and then start ps4 file ninja.
Step 6:
Go to the process of choice (in this case SceSysCore) by going to Tools->Processes, picking SceSysCore and attaching to the process.
Step 7:
Dump the first process offsets, and ONLY those in the LOWER memory range. Here's my example:

Step 8:
Copy the first segment and add it after the end of the elf forged header. do the same for the other segments.
Step 9:
You have now a forged elf you can use in IDA for analysis.

Some Notes:
* You can use readelf to check on how good your elf looks
* First section has libexec magic. Second section has ORBI magic.

Edited by zecoxao
  • Upvote 7

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this