PS4 News on Facebook! PS4 News on Twitter! PS4 News on YouTube! PS4 News RSS Feed!

Closed Thread
Page 1 of 3 12 ... LastLast

 
 
  1. #1

    Thumbs Up Eboot.bin Elf Memory Offsets Mapped

    Well this took some time but we have it sorted out, CJPC posted a while back ago that an eboot.bin had been decypted from memory. The bad thing about this is that it is verry difficult to figure out how the file was before it was loaded and to put it back to an executalbe file. Well after HRS and sleepless nights this has been sorted and put in an easy to do map. The following is an example of the the file location offsets located in the elf header. Based on this the file can be rebuilt in a matter of mins.

    Note: This is just an example of how it could be done the memory offset loactions can change a bit from file to file so one would have to double check there mem dump for sections if the offset table does not match up but this map was used on 3 differnt eboot.bin's so far hope this explains it a bit for ya.

    thanks to CJPC and IDONE
    Attached Thumbnails<br><br> Attached Thumbnails

    0001.jpg  

  2. #2
    Join Date
    Jan 2007
    Posts
    414
    Many thanks to CJ for all the hints,..without we may have never gotten a good nights sleep again

  3. #3
    Join Date
    Apr 2005
    Posts
    5,280

    Smile

    Nice work guys and is much appreciated.

  4. #4
    Join Date
    Jul 2008
    Posts
    1,815
    Nice work

    To clarify for me... this is a memory map of a/the eboot.bin with that the file could be extracted/converted to a executeable .elf file?

    Sounds very interesting. Could this lead into hombrew .elf´s?

  5. #5
    Join Date
    Jan 2007
    Posts
    414
    Quote Originally Posted by cfwprophet View Post
    Nice work

    To clarify for me... this is a memory map of a/the eboot.bin with that the file could be extracted/converted to a executeable .elf file?

    Sounds very interesting. Could this lead into hombrew .elf´s?
    This an example of where the elf would be loaded into memory upon execution and the offsets the data was stored before being launched.

    eboot.bin is just a renamed self, and a self is just a more secure elf.

    It doesn't have anything to do with homebrew. To be more specific this is used to properly rebuild a decrypted elf from a self launched into memory, and sadly is no good for retail consoles.

  6. #6
    Join Date
    Jul 2008
    Posts
    1,815
    aahhh... ok, thx for teaching me.

    It is not good for retail cons becouse after rebuild the digital signing would be missing, right?

    If all will be fine than i will get a dev ps3 and could do some test

  7. #7
    you got it after loading the image in to memory the reatil signing is removed the only thing you can do after the rebuild is sign it or a dev unit which then the file will run.

  8. #8
    Join Date
    Sep 2005
    Posts
    74
    Nice work guys!

    Shame this is useless for now to all retail consoles, it's as if Sony built THE unhackable machine

  9. #9
    Join Date
    Jul 2008
    Posts
    1,815
    This is not a attack but i mean you dont understand. Becouse every success on a dev ps3 will be also a seccuss for the retail ps3. So in case the retail con are good secured they have no chanche to study the ps3 and learn more about here internals.

    So even if this is not the success that you and the whole community will wait for it will be a big step in hacking the ps3. And dont forget that the hardware of dev and retail cons are quit the same.

  10. #10
    Join Date
    Apr 2005
    Posts
    29,962

    Cool

    In all the drama from the HDD stuff, I just realized I never said THANKS for sharing this with Debug users here to XVISTAMAN2005 and idone!

    PS: I'm going to STICKY this thread for awhile, so others can find it.

 
Closed Thread
Page 1 of 3 12 ... LastLast

 
 
 

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •