zecoxao shared a handy guide on how to create PS4 ELFs from PlayStation 4 process dumps.
Here is it for those interested, to quote: How to Create ELFs from Process Dumps
- PS4 FileNinja v2.0 (the one with process dump support)
- Extreme-modding.de ftp payload (or you can use FileNinja but FileZilla is a better client for this purpose)
- a brain
Go to your playground of choice (in this case my playground is extreme-modding.de one)
Grab your ELF or SELF that you want to make a forgery of (i'm going to use SysCore for this)
Look closely at the header and pick ONLY the elf header chunk of the file. Note here: the ELF header must contain all of it's necessary bytes EXCEPT the last 32!
Add the necessary number of bytes until the file has EXACTLY 0x4000 bytes.
If necessary restart PS4 so you can clean the payload's memory and then start PS4 file ninja.
Go to the process of choice (in this case SceSysCore) by going to Tools->Processes, picking SceSysCore and attaching to the process.
Dump the first process offsets, and ONLY those in the LOWER memory range. Here's my example:
Copy the first segment and add it after the end of the ELF forged header. Do the same for the other segments.
You have now a forged elf you can use in IDA for analysis.
- You can use readelf to check on how good your ELF looks.
- First section has libexec magic. Second section has ORBI magic.
Thanks to @zecoxao for sharing this tutorial with other PS4 developers!