Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.
Status
Not open for further replies.
Proceeding the PS4 FTP Server OpenOrbis PKG, OrbisFTP 1.0 background app supporting all Jailbroken PlayStation 4 firmware versions, the PS4 / PS5 DevKit Leaks and his Guide to Install PSXITArch Linux on PS4 developer Hippie68 recently made available a Bash script that dumps PS4 games via FTP connection over the network... with an 8.00 PS4 TestKit Update PUP / 8.50 PS4 TestKit Update PUP leak 💧 also hitting the PS4Scene alongside a PS4 FPKG to Debug PS4 PKG (DPKG) AIO script dubbed debugpkg by anonymous via @zecoxao on Twitter and a CVE-2021-1879: Use-After-Free in QuickTimePluginReplacement WebKit exploit that was previously patched in PS4 8.50 OFW and after testing confirmed to only work with Safari Web browser. :oops:

Download: ftpdump-main.zip (includes ftpdump.bat) / FTPDump GIT / ftp_server_v1.07.bin (27.1 KB) / PS4 FTP GIT (forked from Scene Collective) / PS4UPDATE-testkit-GEN3-8_008_041.PUP (532.49 MB) / PS4UPDATE-testkit-GEN3-8_508_021.PUP (512.4 MB - PS4 8.508.021 Testkit MD5: F11F80006F6A8C43A237F844282B2E58) / debugpkg.rar (20.38 MB) includes:
  • fpkgtodebugpkg.txt
Code:
put a fpkg in the fpkg folder
convert_nofixelf
may need to set path=%path%;bin in some cases
Spoiler: FTP Server for PS4 and Linux & Changelogs
Above are some related PS4 game dumping articles sorted by date with the oldest first, and from the README.md: FTPDump

Bash script that dumps PS4 games via FTP connection over the network. Requires cURL, GNU Wget, and a PS4 FTP server that supports SELF decryption. For maximum speed, a gigabit cable connection is recommended (but Wi-Fi works, too). For best dumping performance, please use this FTP payload: PS4 FTP.
  • No USB device required
  • No reboots and re-jailbreaking required (keep on dumping!)
  • Automatically replaces encrypted trophies
  • Can extract PKG and PFS image files
  • Supports the updated FTP payload at PS4 FTP for best performance
  • Runs on Windows 10/11 via WSL, Linux, macOS, and anything that can use Bash
Example command:
Code:
$ ./ftpdump 192.168.1.100
General Usage:
Code:
Usage: ftpdump [OPTIONS] HOSTNAME|IP_ADDRESS[:pORT] [OUTPUT_DIRECTORY]
   Or: ftpdump --extract-pfs|--extract-pkg FILE [OUTPUT_DIRECTORY]
1) Insert a disc and install the game. Optional: visit orbispatches.com
to download and install a game patch compatible with your firmware.
2) Start a PS4 FTP server (recommended: PS4 FTP).
3) Press the PS button to leave the browser.
4) Run the game.
5) Run this script.

To dump more installed games, repeat steps 4) and 5).

Before running the script, make sure the game is completely installed.
Should the dumping process get interrupted, please delete partial dumps
before trying again.

Exit the script at any time by pressing CTRL-C.
Code:
Options:
  -a, --app         Dump app data.
      --appdb       Dump app.db file and quit.
  -d, --dlc         Dump DLC data.
      --debug       Print debug information.
      --debug-pfs   Print debug information while extracting a PFS image file.
      --dump PATH   Dump specified FTP file or directory and quit.
                    Directories must end with a slash: "PATH/".
      --extract-pfs PFS_IMAGE_FILE
                    Extract a local PFS image file and quit.
      --extract-pkg PKG_FILE
                    Extract a local PKG file and quit.
  -h, --help        Print usage information.
  -k, --keystone    Dump original keystone.
      --no-decrypt  Do not tell the FTP server to enable SELF decryption.
  -p, --patch       Dump patch data.
  -s, --sflash      Dump sflash0 file and quit.
      --shutdown    Send the SHUTDOWN command and quit. If the FTP server is a
                    payload that understands the command, it will stop running.
      --use-pfs     Instead of downloading files separately, download and
                    extract the PFS image file.
  -v, --verbose     Print the FTP client/server dialog while downloading files.
By default, app, patch, and DLC data will be dumped. If no output directory is specified, the current directory will be used.

The dumps will take place in the following subdirectories:
Code:
CUSAXXXXX-app
CUSAXXXXX-patch
CUSAXXXXX-dlc
CUSAXXXXX-keystone
Optionally, IP address and port can be saved inside the script:
Code:
ip=192.168.xxx.xxx
port=1337
The PC speaker can be used to beep when a dump is complete:
Code:
beep=true
beep_time=60 (in seconds)
beep_interval=3 (in seconds)
Depending on your computer and operating system, you might not have a PC speaker or must enable it first.

Troubleshooting:

You can enable debug messages and/or see cURL's status messages by using options --debug and --verbose.

To compare the dumped directory with a reference dump (e.g. one created by a dumper payload), type:
Code:
diff -r DUMP_DIRECTORY_1 DUMP_DIRECTORY_2
Please note that GoldHEN 2.0's FTP server uses a different decrypting method. Which means some .sprx files may differ due to stripped zeros, but they should be fully functional.

If the script does not run as expected, please report bugs at issues.

For Windows users:

The script runs on Windows 10/11 via WSL.

After having installed WSL, for convenience you could:

Download the ZIP file from GitHub: select the green "Code" button, then "Download ZIP". Extract the ZIP file. In the same folder that has the file "ftpdump", create a batch file named "ftpdump.bat" that has the following content:
Code:
wsl -e ./ftpdump %*
Then, running the script is as simple as this (replace the IP address with your PS4's IP and FTP port):
Code:
ftpdump 192.168.1.100:1337
Other options can be passed, too, for example:
Code:
ftpdump 192.168.1.100:1337 -p --dlc
To save IP and port permanently, open and edit the file "ftpdump" with a text editor that supports Unix format (Notepad should do). Alternatively, you could save them in "ftpdump.bat":
Code:
wsl -e ./ftpdump 192.168.178.100:1337 %*
If Wget is not installed by default, you can install it by opening a Windows command prompt and entering:
Code:
wsl -e sudo apt install wget
For macOS users:

You need to install Wget and update your Bash version, and having GNU dd (part of coreutils) instead of the default macOS dd could improve the overall dumping speed slightly:
Code:
brew install coreutils wget
GNU dd will majorly improve performance when extracting PFS images. After installing Homebrew's Bash, make sure to adjust the shebang (the script's first line) to point to the correct path.

Known Limitations:

Current PS4 FTP servers, which are based on the same code, have some limitations that affect the script's performance:
  • Downloading different SELF files in parallel can corrupt SELF decryption, effectively making downloading in parallel a no-go.
  • Cancelling the download of huge files (which the script employs to speed things up) won't stop the server from sending the rest of the file. The result is reduced network throughput (plus in extreme cases a PS4 performance decrease). Currently this can be worked around if the FTP server supports the custom command KILL (which the script will then call).
  • When decryption is enabled, servers still report the encrypted file size, which can corrupt resuming.
  • Files larger than 4 GiB may not resume properly.
The updated FTP payload at PS4 FTP fixes those issues. Using it is strongly recommended to avoid the network throughput bug and to use option --resume without issues.

Download: ftp.bin (25.1 KB) / GIT

Changelog:

v1.04


FTP payload with bug fixes

PS4 FTP server payload by xvortex/Al-Azif, updated with workarounds and bug fixes. E.g. for better performance with the "ftpdump" script. Changes so far:
  • A custom KILL command kills downloads that otherwise the server would keep sending.
  • Downloading multiple SELF files simultaneously while SELF decryption is enabled won't corrupt them anymore.
  • The FTP server will shutdown itself if port 1337 is already in use.
  • The FTP server reports correct file sizes for encrypted files when decryption is enabled, no longer corrupting resumed downloads.
  • Files larger than 4 GiB now properly resume.
The payload should work on all firmwares. Latest update: 2022-02-07

Cheers to MSZ_MGS via Twitter for the heads-up on this earlier! 🍻

🔥 Also making rounds in the PS4 Scene via Twitter is a PS4 TestKit 8.00 Update PUP via sonyjew that is newer than the previous 7.55 version from the CDPR PS4 DevKit leak 🚰 for use with a PlayStation 4 Debug / TestKit Console... below are some previous articles covering them:

🐞 Finally, below is a CVE-2021-1879: Use-After-Free in QuickTimePluginReplacement WebKit exploit that @zecoxao is seeking to be tested on PS4 8.00 Retail or TestKit consoles, which he states was previously patched in PS4 8.50 OFW according to his Tweets below so it's not advisable to update your PS4 console.

:arrow: Update: Test results are in, according to @zecoxao on Twitter the above Webkit exploit only works with Safari Web browser. :confused:
fpkg to debug pkg AIO by my anonymous friend: debugpkg.rar (20.38 MB)
not sure if i've shared before. very useful for testkit ps4 that are activated. you can convert your fpkg to dpkg and then run the game natively without needing for HEN
not unless you have a ps4 testkit activated
no, this is only for testkit ps4s
it's currently impossible to activate an expired ps5 testkit. sony patched the method on 5.50, so, even if we do have a rtc trick for it it won't work like before because the oldest *** corresponds to 6.50
PS4 FTPDump, TestKit 8.00 Update PUP Leak & More Hit PS4Scene!.jpg
 

Comments

Status
Not open for further replies.
Back
Top