PS4 PKG Tools, Passcodes, Fingerprint Keys, Trilithium & WebMAF PS4 SDK
We've seen some leaks of Sony's PS4 SDK alongside recent developments with the homebrew PS4SDK, and today PlayStation 4 developer vapour (aka xxmcvapourxx) shared several handy PS4 tools including WebMAF's make_package_file to create PS4 PKG files with the included passcode which he states (if you have the correct files inside) will get an nice exploit running!
Download: WebMAF_SDK_PS4.zip (96.4 MB) / Trilithium-PS4-SDK-1.0.4.zip (41.5 MB) / PublishingTools_for_NonGame-0_85_0_1548.msi (4.1 MB) / resolver-demo.jpg (Mirror - 134.3 MB) via B7U3 C50SS / Mirrors from jimbo11 / PS4_SDK_Tools.rar (134 MB - Mirror)
Here's the log from IRC, as follows:
[vapour] guess cturt gone off the scene oh damn
[HelsAngel] what do you mean
[vapour] well i've messaged him on twitter few times but not reply i have something for him...i gave him a few goodies a while back..
[HelsAngel] ah maybe hes taking a small break
[ZiL0G80] give me kernel exploit i have code exec too
[fearface_] On another note, I have two broken SAA-001, whoever pays for the shipping can have them
[vapour] why would you need a kernal i gave him a key already that will help him out...
[droogie] I'll take them both
[vapour] it's all in the documents i gave him
[droogie] fearface_: I'll take them off your hands
[droogie] vapour: mind sharing?
[vapour] no sorry only people i know...
[vapour] i trust
[vapour] and if you want sharing ask cturt
[fearface_] droogie: Can you arrange shipping from Zurich, I can give you the pick up address and you organise DHL/FedEx or whatever is the chepeast.
[vapour] HelsAngel can you do me a favour when he comes on ask him to reply to my email on twitter ive sent him a new link..
[HelsAngel] i could say yes but chances of me forgetting are high
[vapour] its fine thanks
[vapour] i'll give it to zecoxao and he can give it to others
[HelsAngel] i bet he will be back though and reply to you
[vapour] im sure he will.thanks
[vapour] so here is the pkg passcode to protect files : 2GHPoQlC60u2fknmepZ2W7K5fPPK_eC if you want the bat files to decrypt and encrypt pkg it's a 32bit ascii
[vapour] i think it's useless i dont need them anymore..
[vapour] but you can find a exploit from this.
[HelsAngel] oh nice one
[vapour] you might as well have the passcode fingerprint key for the ps4 bd rom 91751ddbdf9606c618a1ede59138bab486d03556fae858f1cb d678ff633273fd
[droogie] do you have the key for the encrypted flash ?
[vapour] that's the only key's ive got so far sorry i dont.
[fearface_] Thanks for sharing!
[HelsAngel] yeah thanks alot
[vapour] no worries i dont need them any more.
[vapour] with the publishing tool that will help you out alot.
[HelsAngel] i bet all the stuff will in the right hands
[HelsAngel] which arent mine
[vapour] the make_package_file bat in webmaf will help you create pkg on retail/production/debug with the passcode if you have the correct files inside you will get an nice exploit when running
[HelsAngel] but how can you install a made pkg on a retail ps3 as it stands now
[HelsAngel] proxy install?
[ZiL0G80] yeeh thanks
[vapour] yes proxy or get a spare bd rom use the publishing tool and create that way
[vapour] it will generate a passcode and key
[HelsAngel] wouldnt know how to use bd rom i bet burning a bdr wont work with that but proxy yeah thats very nice
[HelsAngel] hopefully see movian on ps4 thanks to this
[vapour] yeah it be great to have movian on ps4 so i dont have to use plex all the time...
[HelsAngel] how does the br rom method work if you can share that
[vapour] you would need to create a package in the publishing tool,create a passcode under package 1 let it verify on the disc then it will burn automatic it will create a passcode and key for the bdrom.retail/production/debug
[HelsAngel] ah so a normal bdr would work?
[HelsAngel] oh wow thats convenient
[vapour] it's like ps3 building a pkg the publishing tool does it all,sfo,trophy
[vapour] all you need to do is use the key above to encrypt the eboot.
[HelsAngel] yeah but ps3 wouldnt boot a bdr i think
[vapour] put it all in publishing tool let it do it bussiness once burned insert and launch.
[vapour] no it wont just using it as an example
[vapour] building pkg
[HelsAngel] so whats stopping games from being done like this
[HelsAngel] im guessing disc encryption
[droogie] vapour: neat, so you've been essentially able to create pkg's, sign them, and execute the pkg on the ps4 ?
[droogie] are you limited to an older firmware or anything ?
[vapour] yes if you look in webmaf folder you will see cryptsettings.exe
[vapour] the only firmware i tried was on 2.00 not above cause i havent had time to update
[droogie] how are you installing the pkg's ?
[HelsAngel] proxy install he said earlier
[droogie] will have to re-read backlog, gotta go catch a flight
[droogie] will have to toy with this later once i get home
[droogie] thanks vapour
[HelsAngel] yeah this seems promising
[fearface_] have a good flight, droogie
[vapour] make sure you use cryptsettings with encrypt.bat file
[vapour] all the good stuff and documentation all in that file.
[vapour] im off to bed now i'll be back in the afternoon.
[Ezio] proxy install doesn't work anymore on ps4 since 2.00
[droogie] and I'm assuming since older consoles can't get onto PSN to initiate a pkg download, it's no longer possible at all?
[droogie] ah ok, oh well
[HelsAngel] and if you fake the pup?
[HelsAngel] since thats the only thing that still downloads
[Tyrant-] hasta la
[ZiL0G80] btw: passcode mentioned by vapour is wrong (2GHPoQlC60u2fknmepZ2W7K5fPPK_eC) it is 2GHPo-QlC60u2fknmepZ2W7K5fPPK_eC viz. files\conf_ini.gp4
[ZiL0G80] btw2 i cant install EP9009-CUSA00061_00-WEBMAF000DEFAULT_INI.pkg by proxy on fw 1.76
[SonyUSA] i have fw 1.71
[SonyUSA] what does that pkg do?
[SonyUSA] im willing to try
[ZiL0G80] btw3 nptitle.dat is missing you can compile only debug package and eboot.bin and .prx files are corrupted
[ZiL0G80] btw4 NPTitleID=CUSA00061_00
[ZiL0G80] wil be probaly banned in next fw
[SonyUSA] why what is that title id?
[SonyUSA] sorry im new the ps4 stuff
[SonyUSA] the webmaf sdk has to be installed?
[SonyUSA] to run custom pkg?
[ZiL0G80] you cant install webmafsdk by proxy you cant compile working .pkg - useless
[SonyUSA] can you author a bdrom with the tools like he said with the webmafsdk?
[ZiL0G80] idont have blueray writer
[SonyUSA] yeah me either lol
[SonyUSA] how did you trigger a pkg download?
[SonyUSA] with no psn access?
[SonyUSA] oh by the pup?
[ZiL0G80] no game pinball
[SonyUSA] oh i see, is there a way to flush updates? i have both of those free pinball games
[ZiL0G80] dont know try backup to usb then delete something then restore
[ZiL0G80] it work on vite
[SonyUSA] they are probably out of date anyway im sure
[SonyUSA] where did you get that webmaf sdk pkg from?
[SonyUSA] and you used pr0xy 3.3?
[ZiL0G80] from WebMAF_SDK_PS4.zip
[ZiL0G80] yoused charles
[SonyUSA] oh duh i see it, 63MB
[SonyUSA] the patch has to be larger than the pkg doesnt it?
[ZiL0G80] btw this .pkg is packed with different passcode you cant unpack by sony tools
[SonyUSA] whats the point of loading the sdk pkg though?
[ZiL0G80] i have faked update .json then size doesnt matter
[ZiL0G80] no point just try
[SonyUSA] what does the pkg do
[SonyUSA] is it like debugger?
[SonyUSA] when you run it?
[ZiL0G80] dont know
[SonyUSA] oh lol
[SonyUSA] oh but look
[SonyUSA] if you open the make full w/ ini bat
[SonyUSA] it says it wont work for production
[SonyUSA] you probably gotta make a non default.ini pkg
[SonyUSA] ya that worked
[SonyUSA] but i dont know how to proxy load it
[SonyUSA] it puts it in /packages/ps4/full/
[Fimo] SonyUSA: you have to use skfu skfu.xxx
[SonyUSA] i have that tool, does ps4 auto-fw update?
[SonyUSA] i just downloaded it like 30 seconds ago lol
[SonyUSA] is there a writeup for the proxy install trick?
[Fimo] yes you have some videos on youtube
[SonyUSA] ok, do you know how to spoof the json for the update size?
[Fimo] when you see a .pkg on the PSN, you have to route it on your own webserver I think
[SonyUSA] ohh wait, you're right nptitle.dat is missing
[SonyUSA] it didnt compile it after all
[ZiL0G80] SonyUSA: yeh you can make only one .pkg but if you decrypt it with sony tools there is not valid eboot.bin -] probably dont work on ps4
[SonyUSA] you mean the pkg included in the zip?
[SonyUSA] this document says nptitle.dat is only needed if you require PSN services
[ZiL0G80] make_package_full_ini_ps4.bat compile other no
[SonyUSA] yeah but
[SonyUSA] can you edit the makefile to exclude nptitle.dat?
[ZiL0G80] webmafsdk probably dont work without
More PlayStation 4 News...
Please make use it ? From Pkgs to install games on Ps4 ?
Amazing works, thanks
This tool mastering ps4 games on bdr ?
patience bra... let it sink into the world... give it a month or 2 or 3 MAYBE much much longer great news though
very nice work, thanks
YAY! Finally all my hard work avoiding updating my PS4 has paid off!
Also, if someone could make me able to use links, that would be great!
Wow. what a goldmine this SDK is. it allows not only you to make .PKG's for the PS4 to be able to READ but in a way that it can / will read! also I noticed after taking a little poking around the second zip and there's a folder with a file called DebugMenu.js in the path that goes like this.
\Trilithium-PS4-SDK-1.0.4\Trilithium-PS4-SDK-1.0.4\Samples\hls_player\js\app there are 3 files here: the ones in my attachment.
Also! This solves the play-go ISSUE!!!
Oh and one more thing I've mirrored the files in a special way.
Here's a mirror that won't be taken down easily
resolver-demo.jpg (134.3 MB)
Here's a video tutorial on how to open it and make some of the same types of special archives!
Hide the real files so file hosting company's won't take it down. The program for making these files is available in the video description via a picture link LOL. but you don't need the program to open it up 'specially.
Steps to opening it. ON WINDOWS.
Right click the picture with hidden archive. (The .png / .jpg / picture)
Go to.. "Open with"...
Go to, more.
Browse even more programs to open this type of file with.
Click browse. browse for WinRAR / WinZip or something like that (it's main executable).
Refer to my friend's video for a tutorial on how to make your own hidden archives so the scene can profit!
NOTE: let's not get carried away this is still a topic about the SDK. not what I just wrote. if you have any questions about this method of hiding things inside pictures go to my friends video linked above.
thanks, but I have not yet figured out what this tool is.
you can make a video tutorial with a game? I did not understand what is ?
really great work and thanks alot