Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.
Not open for further replies.
Hello PSXHAX, today PlayStation 4 Developer Zecoxao has conveyed a new tutorial on how to decrypt and dump PS4 games (EBOOT, PRX, SPRX).

Previously, he made a tutorial on How to Dump and Decrypt Usermodules, which is a continuation on this topic he brings today.

There was a mistake on the tutorial, but @zecoxao had got it fixed, so everything should be okay now. Lets jump straight into this tutorial. :)

To roughly quote Zecoxao's Tutorial: [Tutorial] How to Decrypt and Dump Games (EBOOT, PRX and SPRX)



Compile the payload with the correct commands. Specifically for The Playroom (CUSA00001):
decrypt_and_dump_self("/mnt/sandbox/pfsmnt/CUSA00001-app0/eboot.bin", "/mnt/usb0/eboot.bin");
decrypt_and_dump_self("/mnt/sandbox/pfsmnt/CUSA00001-app0/sce_module/libc.prx", "/mnt/usb0/libc.prx");
decrypt_and_dump_self("/mnt/sandbox/pfsmnt/CUSA00001-app0/sce_module/libSceFios2.prx", "/mnt/usb0/libSceFios2.prx");
decrypt_and_dump_self("/mnt/sandbox/pfsmnt/CUSA00001-app0/sce_sys/about/right.sprx", "/mnt/usb0/right.sprx");
2. Start the game.
3. Minimize the game (PS Button)
4. Access elf loader
5. Let it load all the way until stage 5 and stabilize
6. Plug the usb stick or hdd on the rightmost port, near PS4 logo
7. Load the payload:
socat - TCP:my.ps4.ip:5052
socat -u FILE:path/to/DumpFile TCP:my.ps4.ip:5053
8. when it finishes loading (user return 0) unplug the stick or hdd and check inside. you should have the files in elf format on the root

PS: This is a continuation to the previous tutorial "dump and decrypt usermodules"
PSS: Do not forget that the games decryption require ABSOLUTE PATH due to rif management.
Backing up Retail Games to Fake Pkg's (6.72 or Lower)

Finally, from zecoxao comes a brief guide on How to Validate Your ELFs Decrypted Using MMAP Trick

To quote: Special Thanks to Anonymous for helping me with this, and to softstar for providing the ELFs.

You'll need:
  • An FTP Payload with CUSTOM DECRYPT command (you can compile it from scene-collective github repo)
  • A target file (I've chosen 5.05's SceShellCore for this) in both encrypted and decrypted state.
  • Filezilla
  • Hashing tool (I use WSL with sha256sum tool)
Step 1: Send FTP Payload
Step 2: Grab the encrypted SceShellCore (at /system/vsh/)
Step 3: Use custom DECRYPT command (in filezilla, this can be found in Server->Indicate personalized command...)
Step 4: Grab decrypted SceShellCore (same location but now DECRYPT is toggled ON)
Step 5: Hash the decrypted elf (sha256sum SceShellCore.elf)
Step 6: Compare it with the FIRST 0x20 bytes that look like random data. If they match, your elf is OK, if they don't match, retry to download the elf with DECRYPT toggled on until it matches.

This concludes the tutorial. Some pics:
How to Validate Your ELFs Decrypted Using MMAP Trick.png

How to Validate Your ELFs Decrypted Using MMAP Trick 2.png

Decrypting and Dumping PS4 Games (EBOOT & SPRX) Guide by Zecoxao.jpg



Staff Member
Thanks for sharing the guide here my pink flamingo... aka @HydrogenNGU :kissingheart:

PS: Your vCard that appears below all articles you submit can be edited to include an author image, your hobbies, links to NGU, whatever you'd like to share about yourself with the viewers here.
Not open for further replies.