Jump to content

How to validate your elfs decrypted using mmap trick


Recommended Posts

Special Thanks to Anonymous for helping me with this, and to @softstarfor providing the elfs
You'll need:
An FTP Payload with CUSTOM DECRYPT command (you can compile it from scene-collective github repo)
A target file (i've chosen 5.05's SceShellCore for this) in both encrypted and decrypted state.
Hashing tool (i use WSL with sha256sum tool)

Step1: Send FTP Payload
Step2: Grab the encrypted SceShellCore (at /system/vsh/)
Step3: Use custom DECRYPT command (in filezilla, this can be found in Server->Indicate personalized command...)
Step4: Grab decrypted SceShellCore (same location but now DECRYPT is toggled ON)
Step5: Hash the decrypted elf (sha256sum SceShellCore.elf)
Step6: Compare it with the FIRST 0x20 bytes that look like random data. If they match, your elf is OK, if they don't match, retry to download the elf with DECRYPT toggled on until it matches.

This concludes the tutorial

added 7 minutes later

some pics:

  • Like 2
Link to comment
Share on other sites

Great tutorial, bro ;)

  • Like 2
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...