Category PS4 Jailbreaking       Thread starter PSXHAX       Start date Mar 24, 2020 at 5:26 PM       23,896       28            
While many are patiently awaiting further details on the PS4 6.20 Kxploit in development, today PlayStation 4 scene developers @RedEyeX32 via @zecoxao shared Cipher and Hasher PS4 Backup And Restore (BAR) Kernel Keys while 3226:2143 (aka IDC) documented containers referred to as Envelope Files used in encrypting and signing messages.

Based on the current findings, they were likely introduced around PS4 Firmware FW 3.00 (>2.56 <=3.50), noting that the messages are encrypted using AES128 in CBC mode and signed using a public key.

Download: BAR-master.zip / GIT / PS4 Env Decryptor

Those interested in learning more about the encryption and public keys can check out the related documentation via PSDevWiki.com. :geek:
Backup And Restore Keys (BAR)

*Cipher:
Code:
79 c8 cc c8 89 a1 54 0d 4f 2e 27 bb 61 4f d6 53
*Hasher:
Code:
cd a1 33 a1 0e c8 f5 25  98 22 23 f5 86 1f 02 00
And from the README.md: BAR

backup and restore decrypt (and encrypt?) utility

Credits
  • RedEye32 (for the structs)
  • Zer0xFF (for some improvement in code)
  • PixelButts (for testing)
  • idc (for the hasher key correct size)
  • and to anonymous (for everything you did and have done in the past)
Usage

compile it and simply place it near the archives and run it. it'll produce some blobs. support for bigger blobs is in process...
decrypt the backups made with the backup utility
very similar to what Kakaroto has done on ps3 with his tool
yes. on fpkg backups it'll also backup the licenses associated with them, because they are considered "free" licenses by the system
honestly, none besides grabbing the licenses from demo and beta games
webbrowser_xutil:
Code:
CA 4A 06 AD 3C 09 8D AB 6B 30 97 2C BC 49 00 BD
jsnex_netflixdeckeys: (netfliXDecryptionKeys?)
Code:
51 AE 12 B0 CB D8 EF D3 59 8B C5 11 8D E1 A3 0C
party_config:
Code:
9C 4E E3 E6 DC 82 A1 8A A2 12 33 D5 35 B1 08 EC
Cheers to @HydrogenNGU for the heads-up via Twitter earlier on! 🍻
PS4 Backup And Restore (BAR) Keys & Envelope Files Documented.jpg
 
:idea: Reminder: Those without a Verified Badge yet on Discord to access the private areas we recommend Joining Us! Why? The waiting process takes a week for new Members, and there's a lot we're unable to share on public forums including the latest PS4 PKG Games. 🏴‍☠️

Comments

AkramJuvdibala

Member
Contributor
What is new?
I have ps4 (5.55)
Where is their new Jailbreak ?
 
:idea: Reminder: Those without a Verified Badge yet on Discord to access the private areas we recommend Joining Us! Why? The waiting process takes a week for new Members, and there's a lot we're unable to share on public forums including the latest PS4 PKG Games. 🏴‍☠️

Kraken

Senior Member
Contributor
If I understand this correctly, these keys are used to encrypt/decrypt data (such as log files or remote commands) that are sent from the PS4 to Sony's servers.

Analyzing the logs could show new attack vectors or see what data Sony is collecting from the system. If messages could be encrypted and sent in a way that the PS4 thinks is from Sony, then that could be a new attack vector as well.

There could be interesting homebrew around this too like scripts to turn on the PS4 remotely without PSN.
 

Chumdiddy1

Senior Member
Contributor
Verified
@Kraken
That's the idea I got but not completely sure as I have to tap out once talk turns to keys. I know what keys are and what SAMU keys are but this isn't that.

Still, welcome stuff I'm sure.
 

chrisrlink

Senior Member
Contributor
Verified
going off on what @Kraken said i maybe going off on a limb here but if one day current cfw/kexploit exist and we keep getting the changed env keys couldn't we program a plugin that dumps the system reports sent (Like atmosphere on the switch does) and then send fake reports to sony which will mitigate ps4 bans?
 
Recent Articles
Sega's Game Gear Micro Arrives October 6th in Japan, Demo Video
In line with the Genesis Mini and TurboGrafx-16 Mini, to celebrate their 60th anniversary Sega recently announced plans to launch a Game Gear Micro handheld console scheduled for release on...
PS5 Development Kit (DevKit) Cooling System Revealed in New Patent
According to reports, as manufacturing nears completion and with Sony postponing the unveiling the likelihood of PS5's design leaking early increases... since the initial patent, leaked images and...
PS4 Tools Homebrew WIP Showcase FPKG by xXxTheDarkprogramerxXx
Following his PS4 HEN 2.1.4 Port, PlayStation 4 homebrew developer @TheDarkprograme made available via Twitter a work-in-progress (WIP) PS4 Tools Homebrew Showcase FPKG for PS4 jailbroken console...
BitHunter Tool to Extract / Pull PS4 Game Trophy Data by AlexKalopsia
Proceeding the MyTrophies PS4 Trophy Calculator for use on jailbroken PlayStation 4 consoles running PS4HEN comes BitHunter, which is a Python-based tool to extract / pull information from PS4...
Top