Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.

SceSblAuthMgrAuthHeader: PS4 Executable File Decryption on Console

PS4 CFW and Hacks       Thread starter PSXHAX       Start date Feb 9, 2017 at 3:29 AM       13      
Status
Not open for further replies.
We've seen PS4 UserModules Decryption, PS4 EBOOT / SPRX Decryption, PS4 Game PKG Decryption and PS4 PUP Update Decryption leading up to PlayStation 4 developer @zecoxao's latest Twitter hint on sceSblAuthMgrAuthHeader. o_O

Before you ask (like I was about to :p), @LightningMods has us covered in the PSXHAX Shoutbox reminding us that previously developer CTurt blogged about it briefly in his Hacking the PS4: Part 2 Userland code execution analysis.

To quote: Executable files with kernel access

The following two kernel functions seem to deal with the majority of integrity checks of executable files: sceSblAuthMgrAuthHeader and sceSblAuthMgrIsLoadable.

With kernel code execution, executable files can be directly decrypted on the console, however there isn't much benefit to this over just loading the module and dumping it from userland.

And now we know, and knowing is half the battle... here's to hoping more great PS4 stuff is in the pipeline! :geek:
From Pastebin:
Code: 
ERROR: W:\Build\J00739801\sys\internal\modules\sbl\authmgr\authmgr_secure_module.c:verifyHeader(626) mail retval err -37
[KERNEL] ERROR: segment #3 of "/mnt/usb0/hello_world.elf" is not page aligned.
ERROR: found illegal segment header in /mnt/usb0/hello_world.elf.
In summary from @zecoxao, it authenticates the PS4 self header before decrypting it.

Thanks to @Centrino and @spyro2670 for passing this along in the PSXHAX Shoutbox! :love:
sceSblAuthMgrAuthHeader PS4 Executable File Decryption on Console.jpg
 
Click to expand...
PSXHAX
PSXHAX
Live in Your World, HAX in Ours!
Hello World! I've been reporting on Sony PlayStation hacking news since 2000 and started PSXHAX in 2014 to cover PlayStation (PSX), PlayStation 2 (PS2), PlayStation 3 (PS3), PlayStation 4 (PS4), PlayStation Portable (PSP), PlayStation Vita (PS Vita), PlayStation TV (PS TV) and next-gen PlayStation 5 (PS5) platforms along with anything else of interest.

Click on my UserName author link above and you'll be able to view a curated list of all the articles I've contributed thus far to PSXHAX.COM.

If you enjoy gaming and would like to write (unpaid) for this site, Contact Us and we'll be happy to have ya join our Authors! :)

Comments

I know you do! I tried searching the PSDevWiki but didn't see it there and was about to ask until you posted that :D
 
Marcan has said that the ps4 is not checking if an application is startable or not if i remind me right...

So that it must be really simple to start linux or games because there are no checks...
 
->With kernel code execution, executable files can be directly decrypted on the console, however there isn't much benefit to this over just loading the module and dumping it from userland.

rofl thats been known for quite some time now
hence usermode emulation

some might even say you cannot even mount this particular file format because u need to read it in before mounting it as its not a raw image and it requires a utility of its own to do so

perhaps base image is read only and your looking in the wrong place for holes....
 
Status
Not open for further replies.

PSXHAX Categories

PS4 Jailbreak Status
PS5 Jailbreak Status

Latest Forum Topics

Share This Page

Back
Top