Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.
PS4 Help       Thread starter Fre4kz       2      
Status
Not open for further replies.

Fre4kz

Member
Contributor
Hello,

I hope you can help me or have a hint.

I have a PS4 Slim CUH-2216a with firmware 8.03
I know that there is currently no jailbreak for this firmware!
Nevertheless, I wanted to deal with this topic.

That's why I disassembled the PS4, unsoldered the NOR chip (MX25L25635FZ2I-10G) and dumped it via hardware. The sflash0 dump is exactly 32MB - 0x20000000 bytes in size (read out several times!).

Then I created an Ubuntu 18.04 VM with VirtualBox so that I can mount the 500GB HDD. For this I extracted the eap_hdd_key into the keys.bin with the hdd_script.py V3 from the flash0 dump.

Up to this point there were no error messages. I also have the BwE PS4 NOR Validator. Have the NOR dump checked again. Here, too, everything seems to be right.

Then I tried to mount the HDD with cryptmount. I have it with both ioffset
Code:
************************************************** *******
# / etc / cryptmount / cmtab - encrypted filesystem information for cryptmount
# try 'man 8 cryptmount' or 'man 5 cmtab' for more details

user {
    dev = / dev / sda27
    dir = / ps4hdd
    flags = user, nofsck
    fstype = ufs mountoptions = ro, noatime, noexec, ufstype = ufs2
    cipher = aes-xts-plain64
    ivoffset = 111669149696
    keyfile = / home / ps4hdd / Desktop / ps4 / keys.bin
    keyformat = raw
}
************************************************** *******
as well as without ioffset tried
Code:
************************************************** *******
# / etc / cryptmount / cmtab - encrypted filesystem information for cryptmount
# try 'man 8 cryptmount' or 'man 5 cmtab' for more details

user {
    dev = / dev / sda27
    dir = / ps4hdd
    flags = user, nofsck
    fstype = ufs mountoptions = ro, noatime, noexec, ufstype = ufs2
    cipher = aes-xts-plain64
    keyfile = / home / ps4hdd / Desktop / ps4 / keys.bin
    keyformat = raw
}
************************************************** *******
Nevertheless I get the following error message:
Code:
sudo cryptmount -m user
[cryptmount-mount]: / ps4hdd: wrong fs type, bad option, bad superblock on / dev / mapper / user, missing codepage or helper program, or other error.
The HDD works without any problems in the PS4, so I first rule out a defective partition.

UFS Explorer Pro under Win 10 also only brings garbage data after the encrypted one.
Code:
Cipher algorithm: AES
Cipher block chaining: XTS
"Salt" method: Plain number, 64bit
Key length: 256
Block size: 512
Secret Key: key.bin code in HEX
Where am I wrong or what am I doing wrong?

Thanks for help!
 
Solution
I believe you need to hex edit the keys.bin file and write it backwards. I ran into this problem when I was installing Linux on internal hdd.

Example if it says
Code:
01 23 45 67
It would be
Code:
76 54 32 10
That fixed my issue. Hope it helps ya.
I believe you need to hex edit the keys.bin file and write it backwards. I ran into this problem when I was installing Linux on internal hdd.

Example if it says
Code:
01 23 45 67
It would be
Code:
76 54 32 10
That fixed my issue. Hope it helps ya.
 
Solution
Status
Not open for further replies.
Back
Top