private void button6_Click(object sender, EventArgs e)
{
if (textBox2.Text != null && selectedProcess != null && pList != null)
{
try {
byte[] bytes = File.ReadAllBytes(textBox2.Text);
Process process = pList.FindProcess(selectedProcess);
PS4.LoadElf(process.pid, bytes);
label1.Text = "Elf Loaded";
}
catch (Exception) {
label1.Text = "Error";
MessageBox.Show("Unable to Load ELF");
}
}
else
{
MessageBox.Show("Select a Process First");
}
}
static void Main(string[] args)
{
PS4RPC ps4 = new PS4RPC("192.168.1.107");
ps4.Connect();
ProcessList pl = ps4.GetProcessList();
foreach (Process p in pl.processes)
{
Console.WriteLine(p.name);
}
Process p = pl.FindProcess("SceShellCore");
ProcessInfo pi = ps4.GetProcessInfo(p.pid);
ulong executable = 0;
for (int i = 0; i < pi.entries.Length; i++)
{
MemoryEntry me = pi.entries[i];
if (me.prot == 5)
{
Console.WriteLine("executable base " + me.start.ToString("X"));
executable = me.start;
break;
}
}
byte[] b = ps4.ReadMemory(p.pid, executable, 256);
Console.Write(HexDump(b));
ulong stub = ps4.InstallRPC(p.pid);
ProcessInfo pi = ps4.GetProcessInfo(p.pid);
MemoryEntry vme = pi.FindEntry("libSceLibcInternal.sprx", true);
// dissasemble libSceLibcInternal.sprx to get these offsets (4.05)
int sys_getpid = (int)ps4.Call(p.pid, stub, vme.start + 0xE0);
Console.WriteLine("sys_getpid: " + sys_getpid);
int time = (int)ps4.Call(p.pid, stub, vme.start + 0x4430, 0);
Console.WriteLine("time: " + time);
ps4.Disconnect();
Console.ReadKey();
}
private void btConnect_Click(object sender, EventArgs e)
{
try
{
ps4 = new PS4DBG(tbIPAddress.Text);
ps4.Connect();
ProcessList pl = ps4.GetProcessList();
p = pl.FindProcess("SceShellUI");
ProcessMap pi = ps4.GetProcessMaps(p.pid);
executable = 0;
for (int i = 0; i < pi.entries.Length; i++)
{
MemoryEntry me = pi.entries[i];
if (me.prot == 5)
{
Console.WriteLine("executable base " + me.start.ToString("X"));
executable = me.start;
break;
}
}
stub = ps4.InstallRPC(p.pid);
sceRegMgrGetInt_addr = executable + 0x3D55C0;
sceRegMgrGetStr_addr = executable + 0x846B00;
sceRegMgrGetBin_addr = executable + 0x848640;
sceRegMgrSetInt_addr = executable + 0x848FB0;
sceRegMgrSetStr_addr = executable + 0x84CFF0;
sceRegMgrSetBin_addr = executable + 0x848650;
if (ps4.IsConnected)
{
toolStripStatusLabel1.Text = "Connected to " + tbIPAddress.Text + ". Click Get Users";
btGetUsers.Enabled = true;
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message.ToString(), "Something went wrong and it's probably your fault ;-P");
}
}
private void ELF_BGWorker_DoWork(object sender, System.ComponentModel.DoWorkEventArgs e)
{
try
{
Invoke((MethodInvoker) delegate
{
CurrentStatus_Label.ForeColor = Color.RoyalBlue;
CurrentStatus_Label.Text = $"Sending {ELF}.elf to {IP_TextBox.Text}:{Port_TextBox.Text}...";
});
byte[] elf = File.ReadAllBytes(ELF_File);
Process process = pList.FindProcess(selectedProcess);
ps4.LoadElf(process.pid, elf);
Thread.Sleep(1000);
Invoke((MethodInvoker) delegate
{
CurrentStatus_Label.ForeColor = Color.LimeGreen;
CurrentStatus_Label.Text = $"{ELF}.elf injected successfully!";
});
}
catch (Exception ex)
{
if (ex.HResult == -2147467259)
{
Invoke((MethodInvoker) delegate
{
CurrentStatus_Label.ForeColor = Color.Red;
CurrentStatus_Label.Text = $"{ELF}.elf injection failed!";
});
}
else
{
MessageBox.Show(ex.Message, ex.Source, MessageBoxButtons.OK, MessageBoxIcon.Hand);
}
}
}
static void Main(string[] args)
{
Registry r = new Registry();
// Put your PS4 IP address here
ps4 = new PS4DBG("192.168.1.85");
ps4.Connect();
ProcessList pl = ps4.GetProcessList();
p = pl.FindProcess("SceShellUI");
ProcessMap pi = ps4.GetProcessMaps(p.pid);
executable = 0;
for (int i = 0; i < pi.entries.Length; i++)
{
MemoryEntry me = pi.entries[i];
if (me.prot == 5)
{
Console.WriteLine("executable base " + me.start.ToString("X"));
executable = me.start;
break;
}
}
stub = ps4.InstallRPC(p.pid);
sceRegMgrGetInt_addr = executable + 0x3ADF80;
sceRegMgrGetStr_addr = executable + 0x81BC20;
sceRegMgrGetBin_addr = executable + 0x81D6A0;
sceRegMgrSetInt_addr = executable + 0x81DFB0;
sceRegMgrSetStr_addr = executable + 0x821A10;
sceRegMgrSetBin_addr = executable + 0x81D6B0;
int outValue = 0;
// A number from 1 to 16
int userNumber = 1;
ulong errorCode = 0;
string outString = null;
byte[] psnAccountId = null;
// Put your PSN account id here. Two different methods for obtaining your PSN account id:
//
// 1. It's string you see when exporting (from an activated PS4) save data in the usb folder but byte reversed. Example: PS4\savedata\0102030405060708 (reversing it you get 0807060504030201)
// 2. On a computer delete your browser cache. Press Ctrl+Shift+I to open the developer tools.
// Browse the PSN store on your computer and log in to your account.
// Some of the JSON files the browser downloads contain an "accountId" field. It's a decimal number. Just convert it to hex and reverse the bytes.
psnAccountId = new byte[] { 0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01 };
errorCode = SetBinNative((uint)r.KEY_account_id(userNumber), psnAccountId, Registry.SIZE_account_id);
//errorCode = GetBinNative((uint)r.KEY_account_id(userNumber), out psnAccountId, Registry.SIZE_account_id);
string text = "np";
errorCode = SetStrNative((uint)r.KEY_NP_env(userNumber), text, (uint)text.Length);
//errorCode = GetStrNative((uint)r.KEY_NP_env(userNumber), out outString, Registry.SIZE_NP_env); Console.WriteLine("SCE_REGMGR_ENT_KEY_USER_01_16_NP_env {0} - {1}", userNumber, outString);
errorCode = SetIntNative((uint)r.KEY_login_flag(userNumber), 6);
//errorCode = GetIntNative((uint)r.KEY_login_flag(userNumber), out outValue); Console.WriteLine("SCE_REGMGR_ENT_KEY_USER_01_16_login_flag {0} - {1}", userNumber, outValue);
ps4.Disconnect();
Console.ReadKey();
}