Category PS4 CFW and Hacks       Thread starter PSXHAX       Start date Feb 9, 2017 at 3:29 AM       8,090       13            
Status
Not open for further replies.
We've seen PS4 UserModules Decryption, PS4 EBOOT / SPRX Decryption, PS4 Game PKG Decryption and PS4 PUP Update Decryption leading up to PlayStation 4 developer @zecoxao's latest Twitter hint on sceSblAuthMgrAuthHeader. o_O

Before you ask (like I was about to :p), @LightningMods has us covered in the PSXHAX Shoutbox reminding us that previously developer CTurt blogged about it briefly in his Hacking the PS4: Part 2 Userland code execution analysis.

To quote: Executable files with kernel access

The following two kernel functions seem to deal with the majority of integrity checks of executable files: sceSblAuthMgrAuthHeader and sceSblAuthMgrIsLoadable.

With kernel code execution, executable files can be directly decrypted on the console, however there isn't much benefit to this over just loading the module and dumping it from userland.

And now we know, and knowing is half the battle... here's to hoping more great PS4 stuff is in the pipeline! :geek:
From Pastebin:
Code:
ERROR: W:\Build\J00739801\sys\internal\modules\sbl\authmgr\authmgr_secure_module.c:verifyHeader(626) mail retval err -37
[KERNEL] ERROR: segment #3 of "/mnt/usb0/hello_world.elf" is not page aligned.
ERROR: found illegal segment header in /mnt/usb0/hello_world.elf.
In summary from @zecoxao, it authenticates the PS4 self header before decrypting it.

Thanks to @Centrino and @spyro2670 for passing this along in the PSXHAX Shoutbox! :love:
sceSblAuthMgrAuthHeader PS4 Executable File Decryption on Console.jpg
 
:idea: Reminder: Those without a Verified Badge yet on Discord to access the private areas we recommend Joining Us! Why? The waiting process takes a week for new Members, and there's a lot we're unable to share on public forums including the latest PS4 PKG Games. 🏴‍☠️

Comments

Status
Not open for further replies.

PSXHAX

Staff Member
Moderator
Contributor
Verified
I know you do! I tried searching the PSDevWiki but didn't see it there and was about to ask until you posted that :D
 

mcmrc1

Senior Member
Contributor
Verified
Marcan has said that the ps4 is not checking if an application is startable or not if i remind me right...

So that it must be really simple to start linux or games because there are no checks...
 

SorenAlke

Developer
Senior Member
Contributor
->With kernel code execution, executable files can be directly decrypted on the console, however there isn't much benefit to this over just loading the module and dumping it from userland.

rofl thats been known for quite some time now
hence usermode emulation

some might even say you cannot even mount this particular file format because u need to read it in before mounting it as its not a raw image and it requires a utility of its own to do so

perhaps base image is read only and your looking in the wrong place for holes....
 
Status
Not open for further replies.
Recent Articles
Sony Introduces PlayStation Indies for PS5 and PS4 with Montage Video
Proceeding the Indie PS5 game Soulborn Alpha Trailer, Sony introduced their PlayStation Indies initiative featuring nine captivating new independent games including Worms Rumble (PS5 / PS4), Haven...
Cyberpunk 2077 4K Footage and New NBA 2K21 Zion PS5 Trailer Video
Since the last batch of PS5 Trailers some 4K gameplay footage of the upcoming RPG Cyberpunk 2077 by CD Projekt Red surfaced with a 2021 tentative release scheduled alongside a new NBA 2K21 PS5...
CTurt on FreeDVDBoot for PS3 / PS4 and Blu-ray BD-J Attacks
Long ago we saw the Original PS4 Jailbreak for 1.76 FW via BadIRET Exploitation (Github Articles), and following his recent FreeDVDBoot PS2 DVD Player Exploit PlayStation 4 developer @CTurt shared...
PS4 Package (PKG) Manager Homebrew Application by Pakee
PlayStation 4 homebrew developer @pakee of Pakee.xyz recently Contacted Us with news of his PS4 Package (PKG) Manager Homebrew Application public release stating: "I made software to manage...
Top