ALERT!
Click here to register with a few steps and explore all our cool stuff we have to offer!
Home
Upgrade
Credits
Help
Search
Awards
Achievements
 4691

Create PS4 ELFs from PlayStation 4 Process Dumps Guide by Zecoxao

by Snow - 10-13-2016 - 04:18 PM
#1
Introduction: 

Wassup guys, so today PS4 Developer Zecoxao has shared a new tutorial out to the community on How to Create ELFs from Process Dumps. To quote his guide, here it is!

You'll need: Step 1:

Go to your playground of choice (in this case my playground is extreme-modding.de one)

Step 2:

Grab your ELF or SELF that you want to make a forgery of (i'm going to use SysCore for this)

Step 3:

Look closely at the header and pick ONLY the elf header chunk of the file. Note here: the ELF header must contain all of it's necessary bytes EXCEPT the last 32!

[Image: dzpybjl-png.1263]

Step 4:

Add the necessary number of bytes until the file has EXACTLY 0x4000 bytes.

Step 5:

If necessary restart PS4 so you can clean the payload's memory and then start PS4 file ninja.

Step 6:

Go to the process of choice (in this case SceSysCore) by going to Tools->Processes, picking SceSysCore and attaching to the process.

Step 7:

Dump the first process offsets, and ONLY those in the LOWER memory range. Here's my example:

[Image: lyrenso-png.1264]

Step 8:

Copy the first segment and add it after the end of the ELF forged header. Do the same for the other segments.

Step 9:

You have now a forged elf you can use in IDA for analysis.

Some Notes:
  • You can use readelf to check on how good your ELF looks.
  • First section has libexec magic. Second section has ORBI magic.
MAJOR Thanks to @Zec for sharing this amazing tutorial with everyone in the scene!

Cheers, Snow!
Have any questions? Feel free to PM me! / Knowledge is Power
Reply
#2
Thank you for sharing this tutorial, It will help me and other members out a lot. :yus:
Are you a guest to this site? Click the image below and sign up today!
[Image: FTYbRmR.gif]
Reply
#3
Thank you for your friend
Reply
#4
Thanks, for the knowledge and the tutorial nice work!
Reply

Users browsing: 1 Guest(s)