Category PS4 CFW and Hacks       Thread starter PSXHAX       Start date Feb 9, 2017 at 3:29 AM       7,923       13            
Status
Not open for further replies.
We've seen PS4 UserModules Decryption, PS4 EBOOT / SPRX Decryption, PS4 Game PKG Decryption and PS4 PUP Update Decryption leading up to PlayStation 4 developer @zecoxao's latest Twitter hint on sceSblAuthMgrAuthHeader. o_O

Before you ask (like I was about to :p), @LightningMods has us covered in the PSXHAX Shoutbox reminding us that previously developer CTurt blogged about it briefly in his Hacking the PS4: Part 2 Userland code execution analysis.

To quote: Executable files with kernel access

The following two kernel functions seem to deal with the majority of integrity checks of executable files: sceSblAuthMgrAuthHeader and sceSblAuthMgrIsLoadable.

With kernel code execution, executable files can be directly decrypted on the console, however there isn't much benefit to this over just loading the module and dumping it from userland.

And now we know, and knowing is half the battle... here's to hoping more great PS4 stuff is in the pipeline! :geek:
From Pastebin:
Code:
ERROR: W:\Build\J00739801\sys\internal\modules\sbl\authmgr\authmgr_secure_module.c:verifyHeader(626) mail retval err -37
[KERNEL] ERROR: segment #3 of "/mnt/usb0/hello_world.elf" is not page aligned.
ERROR: found illegal segment header in /mnt/usb0/hello_world.elf.
In summary from @zecoxao, it authenticates the PS4 self header before decrypting it.

Thanks to @Centrino and @spyro2670 for passing this along in the PSXHAX Shoutbox! :love:
sceSblAuthMgrAuthHeader PS4 Executable File Decryption on Console.jpg
 

Comments

Status
Not open for further replies.

PSXHAX

Staff Member
Moderator
Contributor
Verified
I know you do! I tried searching the PSDevWiki but didn't see it there and was about to ask until you posted that :D
 

mcmrc1

Senior Member
Contributor
Verified
Marcan has said that the ps4 is not checking if an application is startable or not if i remind me right...

So that it must be really simple to start linux or games because there are no checks...
 

SorenAlke

Senior Member
Contributor
->With kernel code execution, executable files can be directly decrypted on the console, however there isn't much benefit to this over just loading the module and dumping it from userland.

rofl thats been known for quite some time now
hence usermode emulation

some might even say you cannot even mount this particular file format because u need to read it in before mounting it as its not a raw image and it requires a utility of its own to do so

perhaps base image is read only and your looking in the wrong place for holes....
 
Status
Not open for further replies.
Recent Articles
PS5 DualSense: New Wireless PlayStation 5 Game Controller Unveiled!
We've seen PS5 developer pictures of DualShock 5 (DS5) Controllers followed by the PS5 Hardware Specs, and today Sony officially unveiled images of the PS5 DualSense new wireless PlayStation 5...
Call of Duty: Modern Warfare Season 3 PS4 Exclusive Content and Trailer
Since their CoD: MW2 PS4 Campaign Remastered publisher Activision in conjunction with developer Infinity Ward announced details on the exclusive PlayStation 4 content in Modern Warfare Season 3...
Sony Reveals New PlayStation Now Games for April 2020
Joining the ranks of the latest PlayStation Now games for April 2020 are Marvel's Spider-Man, Just Cause 4 and The Golf Club 2019 for PS Now members. :cool: Below you'll find additional details...
Indie PlayStation 5 Game Soulborn Alpha Trailer by Pixelmad Studios
Proceeding the Godfall PS5 and Outriders PS5 trailers, Indie game Publisher Pixelmad Studios made available a Soulborn Alpha Trailer video of their upcoming PlayStation 5 openworld RPG adventure...
Top