Jump to content

zecoxao

Super Admin
  • Content count

    876
  • Donations

    $6.00 
  • Joined

  • Last visited

  • Days Won

    78

zecoxao last won the day on May 9

zecoxao had the most liked content!

About zecoxao


  • User Group: Super Admin


  • Rank: Posting Freak


  • Post Count: 876


  • Post Ratio: 0.61


  • Total Rep: 1,331


  • Member Of The Days Won: 78


  • Joined: 08/02/2014


  • Been With Us For: 1445 Days


  • Last Activity:


  • Currently:


Clubs

Profile Information

  • Gender
    Not Telling

Recent Profile Visitors

4,473 profile views
  1. zecoxao

    Mounting PS3 hdd on newer Linux kernels

    @sguerrini97 would it be possible to upload a vm with UFS rw support? something small, like what @3141card did, with easy to use scripts i think it'd be nice and much less time consuming than compiling the stuff ourselves
  2. and this is the 4.55 kernel where the script is based (i tested the idc on one of my dumps and it didn't work so i'm also sharing this) https://www.sendspace.com/file/mtydoc
  3. @3141card has given me permission to share this, as well. it is a RE script of 4.55 kernel by himself (the base being used here is the kernel's base without KASLR, 0xFFFFFFFF82200000, so rebase your own kernel in IDA before doing this.) Contains comments, defined globals, function symbols and other things. in a total of about 20000 functions, 12747 (64%) are defined. I didn't have luck using it with IDA 6.8 and below so i assume this only works with IDA 7. Enjoy added 2 minutes later link (forgot about it lol) https://www.sendspace.com/file/qknbez
  4. Since @3141card has agreed to let these databases be released to the general public. Link: https://www.sendspace.com/file/5b9jw4 Contains LV1 and LV2 memory dump databases with several comments, constructors, destructors, documented syscalls, etc. Extremely useful for emulation research and/or exploit research
  5. zecoxao

    [Release] ARZL_decompress

    This executable decompresses ARZL binaries for the ps4, like the compressed eap kernel. This SHOULD also work on vita but i'm not sure about it. Download Link: https://www.sendspace.com/file/liris4
  6. zecoxao

    Happy Birthday Abkarino

    Happy birthday
  7. zecoxao

    Games Database (Minimal Firmware Required)

    Apologies for the necro bump, but since there's a new ksploit floating around i figured i might change < 2.00 games as green to < 4.06 games as green
  8. zecoxao

    Happy birthday zecoxao!

    fuck you @GregoryRasputin thanks guys
  9. read the instructions again please: 1. load wb and start code execution, wait till its waiting for payload 2. press ps button 3. run the game 4. send the payload containing the path to the eboot inside the mounted folder in pfsmnt 5. collect your modules/eboot on usb0/any other output path that's how you prevent out of memory errors (this also happens with elfs)
  10. go to that line and follow the instructions there.
  11. use https://github.com/idc/PS4-SDK
  12. there are tutorials that do this for you here. https://playstationhax.xyz/forums/topic/3271-tutorial-how-to-decrypt-and-dump-games-ebootprx-and-sprx/ https://playstationhax.xyz/forums/topic/3104-tutorial-how-to-bypass-pfs-protection-entirely/ but this is deprecated. i released on twitter a payload that allows to play any game without eboot_plugin patch
  13. If any of you has any difficulty in running this tutorial, just use this payload instead and follow these steps on 1.76: https://www.sendspace.com/file/v81sn4 1. load wb and start code execution, wait till its waiting for payload 2. press ps button 3. run the game 4. send the payload containing the path to the eboot inside the mounted folder in pfsmnt 5. collect your modules/eboot on usb0/any other output path
  14. Requirements: Minecraft Patch Kernel Hooks Payload CUSA00265 decrypted eboot named as eboot_dec.bin CUSA00265 filesystem (minus sce_modules) The Playroom encrypted sce_modules Playground that supports Code Exec and Elf Loader / Extreme-modding.de playground / etc Filezilla Client (Transfer mode MUST be binary) NetCat Socat Tutorial: 1- Create Folder in data folder named app2 (with ftp payload, binary mode always, NOT ascii) 2- Put in Folder original sce_modules from playroom (encrypted, not modified) 3- Put eboot_plugin in folder 4- Put eboot_dec.bin (from game we want to use, in this case, Minecraft Trial CUSA00265) 5- Put game files and folders (from game we want to use) 6- Reboot to clean memory from previous ftp payload patches 7- Execute kernel_hook payload (socat -u FILE:kernel_hooks TCP:my.ps4.ip:5054). Note that this is hitodama 8- Run listener to grab logs (nc my.ps4.ip 5088). You should see some logs on it 9- Minimize browser with PS Button 10- Run Playroom. Instead of the usual app, Minecraft Trial version should show up. Notes: This is only a POC, so treat it as such Most games SHOULD work with this method, but each and everyone of them will require a "patch" (i call it like that because it's the file that allows the eboot to run) Additionally, games that require modules besides libc and/or libSceFios2 will most likely not work, at least for now. Homebrew DOES work with this method, but as you can see from the SDKs available (the open source ones) there is no Graphics API whatsoever. This method however supports hitodama compiled ELFs. As for credits/source code, we're still discussing the best way to release this without any lawsuit from Sony (not that they're very interested in 1.76 but whatever...) The next game that we're working on is P.T. Some people are also working on homebrew. Hopefully that'll happen soon, but until then, STOP ASKING! In the meantime, maybe there'll be a source release on how to do the eboot_plugin "patches". Just be patient Video:
×