Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.
PS4 CFW and Hacks       Thread starter PSXHAX       Start date Feb 27, 2019 at 3:06 AM       12      
Status
Not open for further replies.
Following the PS4 SELF_Info.exe release and Flat_z's FPKG / SELF Write-up, today with the help of an anonymous friend developer @zecoxao shared via Twitter PS4 SELF and SPKG file format documentation that other PlayStation 4 scene devs can make use of in the course of their work. :geek:

Below are the details that have been added to PSDevWiki.com, to quote: SELF File Format

ORBIS SELFs (and PUP entries) from PS4 have a somewhat different structure from the ones we see on vita and ps3. The structure is documented as follows:

SELF Header Structure

Offset Size Description Notes
0 4 Magic 4F 15 3D 1D
0x4 4 Unknown Always 00 01 01 12
0x8 1 Content Type 1 on Self, 4 on PUP Entry
0x9 1 Product Type 0xC SK, 0xF SL, 0xE SM, 0x8 EBOOT and ELF and SELF, 0x9 SPRX and SDLL and SEXE, can increase by 0x10 increments for each new revision
0xA 2 Padding -
0xC 2 Header Size -
0xE 2 Signature Size Metadata Size?
0x10 4 Size of SELF -
0x14 4 Padding -
0x18 2 Number of Segments 1 SK, 2 SL and Modules, 4 SK Elfs, 6 .selfs, 2 .sdll, 6 .sprx, 6 ShellCore, 6 eboot.bin, 2 sexe
0x1A 2 Unknown Always 0x22
0x1C 4 Padding -
Self Segment Structure

Depending on the number of segments, at 0x20 the following structure follows and presents a size multiple of 0x20.
Code:
typedef struct
{
 unsigned long long flags; // 0x130006 / 0x00040F
 unsigned long long offset;
 unsigned long long encrypted_compressed_size
 unsigned long long decrypted_decompressed_size ;
} SEGMENT_TABLE;
The Flags ID
Code:
enum SegFlags
{
   SF_ORDR = 0x1,    // ordered?
   SF_ENCR = 0x2,    // encrypted
   SF_SIGN = 0x4,    // signed
   SF_DFLG = 0x8,    // deflated
   SF_BFLG = 0x800,  // block segment
};
The Flags Maths
Code:
uint32_t Id()
{
   return Flags >> 20; //0 or 1
}

bool IsOrdered()
{
   return (Flags & 1) != 0;//0 or 1
}

bool IsEncrypted()
{
   return (Flags & 2) != 0;//0 or 2
}

bool IsSigned()
{
   return (Flags & 4) != 0;//0 or 4
}

bool IsCompressed()
{
   return (Flags & 8) != 0;//0 or 8
}

bool IsBlocked()
{
   return (Flags & 0x800) != 0;//0 or 0x800
}
ELF Segment Structure

After this, follows the ELF Header:

PS4 ELF Header.png

Followed by the program header:

PS4 Program Header.png

SCE Special

Just before the start of the metadata a special section exists which contains the following:

Offset Size Description Notes
0 0x8 AuthID -
0x8 0x8 Product Type 0xC SK, 0xF SL, 0xE SM, 0x8 EBOOT and ELF and SELF, 0x9 SPRX and SDLL and SEXE
0x10 0x8 Version_1 -
0x18 0x8 Version_2 -
N.A/0x20 0x20 Content ID Only exists if the self is NPDRM
0x20/0x40 0x20 SHA256SUM -
Footer Signature (Extra)

Additionally, at the bottom, there is likely a footer signature as well as some extra data (relative size)
PS4 SELF & SPKG File Format Documentation Detailed for Scene Devs.jpg
 

Comments

Appreciated. I really wish I could wrap my head around this stuff and figure out the ins and outs of jailbreak and programming so I could release to the public XD

not only that but there comes an overwhelming satisfaction when you are trying to crack something and you try for weeks and weeks until you get it and it's like YEEEESSSS! Overwhelming joy XD

but I've only done it with the odd few passwords and stuff I wish I knew where to start with ps4 hacking lol
 
The problem remains that knowing how to interact with skiboot and host boot without having to use a secondary system but that's what you get with a powervm machine but at least you have your LX86.
 
Status
Not open for further replies.
Back
Top