Join Us and become a Member for a Verified Badge on Discord to access private areas with the latest PS4 FPKGs.
Category PS4 CFW and Hacks       Thread starter PSXHAX       Start date Sep 13, 2016 at 11:27 PM       9,281       3            
Status
Not open for further replies.
Many moons ago the PS3 Controller EEPROM (Electrically Erasable Programmable Read-Only Memory) was dumped, and moving to the PlayStation 4 generation following zecoxao's recent PS4 SFlash Guide comes a PS4 EEPROM Dumper to (you guessed it :coffee:) dump the console's EEPROM Non-Volatile Storage data.

Download: eeprom.7z (5.39 KB) / eeprom.7z (Mirror)

Below are some related replies from totallynotzecoxao as Twitter tends to blow balls at times with partial embeds:
From Pastebin.com:
Code:
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <stdint.h>
#include <inttypes.h>


#include <machine/_types.h>
#include <unistd.h>
#include <errno.h>
#include <assert.h>
#include "kmain.h"

#include <arpa/inet.h>
#include <netinet/in.h>

#include <signal.h>

#include <machine/cpufunc.h>

#include <sys/_stdint.h>
#include <sys/sysent.h>
#include <sys/_types.h>
#include <sys/syscall.h>
#include <sys/socket.h>
#include <sys/mman.h>
#include <sys/sysctl.h>
#include <sys/ptrace.h>
#include <sys/errno.h>
#include <sys/proc.h>
#include <sys/param.h>
#include <sys/types.h>
#include <sys/user.h>
#include <sys/mutex.h>
#include <sys/lock.h>
#include <sys/sysproto.h>
#include <sys/uio.h>
#include <sys/wait.h>
#include <machine/reg.h>

#include <ps4/standard_io.h>
#include <ps4/kernel.h>
#include <ps4/register.h>
#include <ps4/socket.h>
#include <ps4/stream.h>
#include <ps4/type.h>

#include <sce/kernel.h>


#define IP(a, b, c, d) (((a) << 0) + ((b) << 8) + ((c) << 16) + ((d) << 24))
#define TCP_NODELAY 1



int main(int argc, char **argv)
{
    void *sceSblACMgrIsVideoplayerProcess;
    //char *sceSblRCMgrIsAllowDisablingAslr;
    char *mem;
    char *mem2;
 
    int64_t ret;
    int r;
    //char *dump;

    printf("uid: %zu\n", getuid());
    ps4KernelCall(ps4KernelPrivilegeEscalate);
    //ps4KernelCall(ps4KernelDebugEnable);  //causing uid 1 and crash
    printf("uid: %zu\n", getuid());

    sceSblACMgrIsVideoplayerProcess = (void *)ps4KernelCall(ps4KernelDlSym, "sceSblACMgrIsVideoplayerProcess");
    //sceSblRcMgrIsAllowDisablingAslr = (void *)ps4KernelCall(ps4KernelDlSym, "sceSblRcMgrIsAllowDisablingAslr");
 
    mem = malloc(64);
    memset(mem, 0x90, 64);
    strcpy(mem, "Hello World!");

    printf("mem: %p: %s\n", mem, mem);
    ps4StandardIoPrintHexDump(mem, 48);
    r = ps4KernelExecute((void *)kmain1, mem, &ret, NULL);
    printf("mem: %p: %s\n", mem, mem);
    ps4StandardIoPrintHexDump(mem, 48);
    printf("[K1] r: %i, ret: %"PRIxPTR"\n", r, ret);

    ps4KernelCall(ps4KernelMemoryCopy, sceSblACMgrIsVideoplayerProcess, mem, 32);
    ps4StandardIoPrintHexDump(mem, 48);

    r = ps4KernelExecute((void *)kmain2, mem, &ret, NULL);
    printf("[K2] r: %i, ret: %"PRIxPTR"\n", r, ret);

    ps4KernelCall(ps4KernelMemoryCopy, sceSblACMgrIsVideoplayerProcess, mem, 32);
    ps4StandardIoPrintHexDump(mem, 48);

    r = ps4KernelExecute((void *)kmain3, mem, &ret, NULL);
    printf("[K3] r: %i, ret: %"PRIxPTR"\n", r, ret);

    ps4KernelCall(ps4KernelMemoryCopy, sceSblACMgrIsVideoplayerProcess, mem, 32);
    ps4StandardIoPrintHexDump(mem, 48);

/* Create socket for TCP-Dump */

    struct sockaddr_in server;

    server.sin_len = sizeof(server);
    server.sin_family = AF_INET;
    server.sin_addr.s_addr = IP(192, 168, 1, 65);
    server.sin_port = htons(9023);
    memset(server.sin_zero, 0, sizeof(server.sin_zero));
    int sock = socket(AF_INET, SOCK_STREAM, 0);
    connect(sock, (struct sockaddr *)&server, sizeof(server));
 
    int flag = 1;
    setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, (char *)&flag, sizeof(int));
 
/* Dump E^2prom with banks and blocks :) */

    int64_t (*icc_nvs_read) (uint64_t bank_id,uint64_t block_id,uint64_t offset,uint64_t size,uint8_t *data_ptr) = (void *) 0xFFFFFFFF82639CD0;

    uint8_t buffed[0x10];
    int bank;
    int block;
    int h = 0;
    int u;

    printf("    [+] Enter the bank id you wish to dump with:");
    scanf("%d",&bank);
    printf("         [+] Enter the block id you wish to dump with:");
    scanf("%d",&block);
 
    if(block == 0){
        u == 0x3000;
    }
    else if(block == 1){
        u = 0x1000;
    }
    else if(block == 2){
        u = 0x800;
    }
    else if(block == 3){
        u = 0x800;
    }
    else if(block == 4){
        u = 0x3000;
    }
    else if(block > 4 || block < 0){
        printf("invalid block id, try using 0-4\n");
    }
    if(bank > 1 || bank < 0){
        printf("invalid bank id, try using 0-1\n");
    }
    else if(bank <= 1 && bank >= 0 && block <= 4 && block >= 0){
        printf("        [+] Dumping via icc_nvs_read with bank id:%d and block id:%d\n", bank, block);
        for(h=0;h<u;h=h+0x10){
            int64_t retz = ps4KernelCall(icc_nvs_read,bank, block, h, 0x10, buffed);
            if(retz == -1)perror("icc_nvs_read");
            else if (retz == 0){
                send(sock,buffed,0x10,0);
            }
        }
    }

/* Close sockets and free the mapped memory */
close(sock);
free(mem);


return EXIT_SUCCESS;
Download: syscon_die.jpg (13.76 MB)
Download: ps4_syscon.tif (209 MB)
PS4 SysCon Renesas Image: PS4 SysCon Chip Optical EFD / EDF Stitch
To quote from @zecoxao in the Tweet above: It seems that ps4 syscon is a custom Renesas RL78/G13 (100 pin) and it looks like superslim is also one of those.
Thanks to both and @mcmrc1 and @toni1988 for the news tip in the PSXHAX Shoutbox!
PS4 EEPROM Dumper.jpg
 

Comments

Status
Not open for further replies.
Status
Not open for further replies.
Recent Articles
PS5 Error Codes and PlayStation 5 Error Code Database with Fixes
Happy Thanksgiving for those in the US, and following the generic Something Went Wrong PS5 Error Code (CE-107863-5 or E2-00000000) fixes below are some common PS5 Error Codes alongside a...
PS5 System Software / Firmware v2.26 is Now Live, Don't Update!
Last week Sony released PS5 Firmware Update v2.25, and today they just put live PS5 System Software / Firmware v2.26 complete with the official PlayStation 5 Firmware changelog below. :fire: This...
Is It, or Isn't? A PS4 Homebrew Game PKG Written in C++ by NKrapivin
Is it, or isn't? is indeed the latest PS4 homebrew game PKG written in C++ by @nkrapivindev (Nikita Krapivin on Twitter) for use on hacked aka Jailbroken PS4 Consoles that was built with the...
DualSense PS5 Controller on Windows via DS4Windows & DualSense Windows
Since the guide on How To Set Up a DualSense PS5 Controller on PC via Bluetooth or USB we have two more ways to get a DualSense PS5 Controller with Updatable Software running on Windows, the first...
Top