private void button6_Click(object sender, EventArgs e) { if (textBox2.Text != null && selectedProcess != null && pList != null) { try { byte[] bytes = File.ReadAllBytes(textBox2.Text); Process process = pList.FindProcess(selectedProcess); PS4.LoadElf(process.pid, bytes); label1.Text = "Elf Loaded"; } catch (Exception) { label1.Text = "Error"; MessageBox.Show("Unable to Load ELF"); } } else { MessageBox.Show("Select a Process First"); } }
static void Main(string[] args) { PS4RPC ps4 = new PS4RPC("192.168.1.107"); ps4.Connect(); ProcessList pl = ps4.GetProcessList(); foreach (Process p in pl.processes) { Console.WriteLine(p.name); } Process p = pl.FindProcess("SceShellCore"); ProcessInfo pi = ps4.GetProcessInfo(p.pid); ulong executable = 0; for (int i = 0; i < pi.entries.Length; i++) { MemoryEntry me = pi.entries[i]; if (me.prot == 5) { Console.WriteLine("executable base " + me.start.ToString("X")); executable = me.start; break; } } byte[] b = ps4.ReadMemory(p.pid, executable, 256); Console.Write(HexDump(b)); ulong stub = ps4.InstallRPC(p.pid); ProcessInfo pi = ps4.GetProcessInfo(p.pid); MemoryEntry vme = pi.FindEntry("libSceLibcInternal.sprx", true); // dissasemble libSceLibcInternal.sprx to get these offsets (4.05) int sys_getpid = (int)ps4.Call(p.pid, stub, vme.start + 0xE0); Console.WriteLine("sys_getpid: " + sys_getpid); int time = (int)ps4.Call(p.pid, stub, vme.start + 0x4430, 0); Console.WriteLine("time: " + time); ps4.Disconnect(); Console.ReadKey(); }
private void btConnect_Click(object sender, EventArgs e) { try { ps4 = new PS4DBG(tbIPAddress.Text); ps4.Connect(); ProcessList pl = ps4.GetProcessList(); p = pl.FindProcess("SceShellUI"); ProcessMap pi = ps4.GetProcessMaps(p.pid); executable = 0; for (int i = 0; i < pi.entries.Length; i++) { MemoryEntry me = pi.entries[i]; if (me.prot == 5) { Console.WriteLine("executable base " + me.start.ToString("X")); executable = me.start; break; } } stub = ps4.InstallRPC(p.pid); sceRegMgrGetInt_addr = executable + 0x3D55C0; sceRegMgrGetStr_addr = executable + 0x846B00; sceRegMgrGetBin_addr = executable + 0x848640; sceRegMgrSetInt_addr = executable + 0x848FB0; sceRegMgrSetStr_addr = executable + 0x84CFF0; sceRegMgrSetBin_addr = executable + 0x848650; if (ps4.IsConnected) { toolStripStatusLabel1.Text = "Connected to " + tbIPAddress.Text + ". Click Get Users"; btGetUsers.Enabled = true; } } catch (Exception ex) { MessageBox.Show(ex.Message.ToString(), "Something went wrong and it's probably your fault ;-P"); } }
private void ELF_BGWorker_DoWork(object sender, System.ComponentModel.DoWorkEventArgs e) { try { Invoke((MethodInvoker) delegate { CurrentStatus_Label.ForeColor = Color.RoyalBlue; CurrentStatus_Label.Text = $"Sending {ELF}.elf to {IP_TextBox.Text}:{Port_TextBox.Text}..."; }); byte[] elf = File.ReadAllBytes(ELF_File); Process process = pList.FindProcess(selectedProcess); ps4.LoadElf(process.pid, elf); Thread.Sleep(1000); Invoke((MethodInvoker) delegate { CurrentStatus_Label.ForeColor = Color.LimeGreen; CurrentStatus_Label.Text = $"{ELF}.elf injected successfully!"; }); } catch (Exception ex) { if (ex.HResult == -2147467259) { Invoke((MethodInvoker) delegate { CurrentStatus_Label.ForeColor = Color.Red; CurrentStatus_Label.Text = $"{ELF}.elf injection failed!"; }); } else { MessageBox.Show(ex.Message, ex.Source, MessageBoxButtons.OK, MessageBoxIcon.Hand); } } }
static void Main(string[] args) { Registry r = new Registry(); // Put your PS4 IP address here ps4 = new PS4DBG("192.168.1.85"); ps4.Connect(); ProcessList pl = ps4.GetProcessList(); p = pl.FindProcess("SceShellUI"); ProcessMap pi = ps4.GetProcessMaps(p.pid); executable = 0; for (int i = 0; i < pi.entries.Length; i++) { MemoryEntry me = pi.entries[i]; if (me.prot == 5) { Console.WriteLine("executable base " + me.start.ToString("X")); executable = me.start; break; } } stub = ps4.InstallRPC(p.pid); sceRegMgrGetInt_addr = executable + 0x3ADF80; sceRegMgrGetStr_addr = executable + 0x81BC20; sceRegMgrGetBin_addr = executable + 0x81D6A0; sceRegMgrSetInt_addr = executable + 0x81DFB0; sceRegMgrSetStr_addr = executable + 0x821A10; sceRegMgrSetBin_addr = executable + 0x81D6B0; int outValue = 0; // A number from 1 to 16 int userNumber = 1; ulong errorCode = 0; string outString = null; byte[] psnAccountId = null; // Put your PSN account id here. Two different methods for obtaining your PSN account id: // // 1. It's string you see when exporting (from an activated PS4) save data in the usb folder but byte reversed. Example: PS4\savedata\0102030405060708 (reversing it you get 0807060504030201) // 2. On a computer delete your browser cache. Press Ctrl+Shift+I to open the developer tools. // Browse the PSN store on your computer and log in to your account. // Some of the JSON files the browser downloads contain an "accountId" field. It's a decimal number. Just convert it to hex and reverse the bytes. psnAccountId = new byte[] { 0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01 }; errorCode = SetBinNative((uint)r.KEY_account_id(userNumber), psnAccountId, Registry.SIZE_account_id); //errorCode = GetBinNative((uint)r.KEY_account_id(userNumber), out psnAccountId, Registry.SIZE_account_id); string text = "np"; errorCode = SetStrNative((uint)r.KEY_NP_env(userNumber), text, (uint)text.Length); //errorCode = GetStrNative((uint)r.KEY_NP_env(userNumber), out outString, Registry.SIZE_NP_env); Console.WriteLine("SCE_REGMGR_ENT_KEY_USER_01_16_NP_env {0} - {1}", userNumber, outString); errorCode = SetIntNative((uint)r.KEY_login_flag(userNumber), 6); //errorCode = GetIntNative((uint)r.KEY_login_flag(userNumber), out outValue); Console.WriteLine("SCE_REGMGR_ENT_KEY_USER_01_16_login_flag {0} - {1}", userNumber, outValue); ps4.Disconnect(); Console.ReadKey(); }