SceSblAuthMgrAuthHeader: PS4 Executable File Decryption on Console

We've seen PS4 UserModules Decryption, PS4 EBOOT / SPRX Decryption, PS4 Game PKG Decryption and PS4 PUP Update Decryption leading up to PlayStation 4 developer @zecoxao's latest Twitter hint on sceSblAuthMgrAuthHeader.

Before you ask (like I was about to ), @LightningMods has us covered in the PSXHAX Shoutbox reminding us that previously developer CTurt blogged about it briefly in his Hacking the PS4: Part 2 Userland code execution analysis.

To quote: Executable files with kernel access

The following two kernel functions seem to deal with the majority of integrity checks of executable files: sceSblAuthMgrAuthHeader and sceSblAuthMgrIsLoadable.

With kernel code execution, executable files can be directly decrypted on the console, however there isn't much benefit to this over just loading the module and dumping it from userland.

And now we know, and knowing is half the battle... here's to hoping more great PS4 stuff is in the pipeline!
From Pastebin:

ERROR: W:\Build\J00739801\sys\internal\modules\sbl\authmgr\authmgr_secure_module.c:verifyHeader(626) mail retval err -37
[KERNEL] ERROR: segment #3 of "/mnt/usb0/hello_world.elf" is not page aligned.
ERROR: found illegal segment header in /mnt/usb0/hello_world.elf.

In summary from @zecoxao, it authenticates the PS4 self header before decrypting it.

Thanks to @Centrino and @spyro2670 for passing this along in the PSXHAX Shoutbox!

 

[spotanjo3]

What firmware then? Don't tell me that it is 1.76 for now.

 

[MerlinJr]

Noone tries to work on anything but 1.76. Dev's love living in the past

 

[abzii]

Progress is really happening the past month huh...console prices dropping and before you know it a cfw

 

[games1]

To wait for something from this Cturt, the guy will not release anything, did not release the secret the first time, do you think he will release now?