Jump to content
Sign in to follow this  

[Tutorial] how to create elfs from process dumps

Recommended Posts

You'll need:

* HxD
* PS4 FileNinja v2.0 (the one with process dump support)
* extreme-modding.de ftp payload (or you can use fileninja but filezilla is a better client for this purpose)
* a brain

Step 1:
Go to your playground of choice (in this case my playground is extreme-modding.de one)
Step 2:
Grab your elf or self that you want to make a forgery of (i'm going to use SysCore for this)
Step 3:
Look closely at the header and pick ONLY the elf header chunk of the file. Note here: the elf header must contain all of it's necessary bytes EXCEPT the last 32!

Step 4:
Add the necessary number of bytes until the file has EXACTLY 0x4000 bytes.
Step 5:
If necessary restart ps4 so you can clean the payload's memory and then start ps4 file ninja.
Step 6:
Go to the process of choice (in this case SceSysCore) by going to Tools->Processes, picking SceSysCore and attaching to the process.
Step 7:
Dump the first process offsets, and ONLY those in the LOWER memory range. Here's my example:

Step 8:
Copy the first segment and add it after the end of the elf forged header. do the same for the other segments.
Step 9:
You have now a forged elf you can use in IDA for analysis.

Some Notes:
* You can use readelf to check on how good your elf looks
* First section has libexec magic. Second section has ORBI magic.

Edited by zecoxao

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

Play-Asia.com - Play-Asia.com: Online Shopping for Digital Codes, Video Games, Toys, Music, Electronics & morePlay-Asia.com - Play-Asia.com: Online Shopping for Digital Codes, Video Games, Toys, Music, Electronics & more