search

DarkModderVC / PS4JB

More Stable Offline Exploit version of PS4 6.72 Jailbreak.
224 stars 92 forks source link

9.00FW Payloads #51

Open AlexanderQueen opened 2 years ago

AlexanderQueen commented 2 years ago

What type of encoding you used in payload.js?

KiraSlith commented 1 year ago

They've converted the hexadecimal bin into a string of integers by word and stored it as a list, so "e9 66 10 00 00" (the first 5 bytes of the GoldHEN payload) becomes "233,136,16,0,0". It would be helpful if he included a little python script to handle the encoding for us, but he didn't.

So, here's my dirty skiddy arse hack Python script I wrote so I could update the GoldHEN payload. I know it's a disgusting little script and 100% the wrong way to do it, but I don't actually "know" Python as a language, the fact I got something that works and spits it out EXACTLY right in an hour of smashing search engines together like a monkey is nothing short of a miracle. Copy the following into a txt file and rename it to "bin2DM.py"

import binascii

with open("input.bin", 'rb') as in_file:
    content = in_file.read()
formhex = binascii.hexlify(content, b' ', 1)
hexformlist = formhex.split()
decformlist = [int(x, 16) for x in hexformlist]
stringy = ','.join(str(x) for x in decformlist)
out = " payload = [" + stringy + "]"

with open("Output.txt", "w") as out_file:
    out_file.write(out)

Copy your payload to the same folder as the script and rename it input.bin, then run the script. You'll get a txt file named output.txt, this contains bin file reformatted and ready to replace the entire payload = [etc] line for the payload you want to update/replace. Yes, the result will balloon to ~4x the original size thanks to formatting, but as long as you keep the total size of payloads.js under ~2.5mb, you shouldn't get any "low memory" errors.

Note: Though this hasn't given me any trouble, consider DarkModder's "First time every time, no errors" guarantee null and void. I don't know enough about the PS4's insides to say anything like "DarkModder makes his own tweaked binaries" but I've seen weirder before.

KiraSlith commented 1 year ago

I've learned a bit more about python over the past 2 months and redone the script. Instead of creating 6 different copies in RAM, it should stream the file from storage and into RAM for the first half of the conversion, and then stream it back out for the end result. It will also take command line arguments rather than making you fuss with your payloads' names, so you don't have to play the round robin game anymore if you're changing a bunch of payloads.

Copy the following into a txt file and rename it "Bin2DM.py"

import binascii, sys

with open(sys.argv[1], 'rb') as in_file:
    content_in = binascii.hexlify(in_file.read(), b' ', 1)
with open(sys.argv[2], "w") as out_file:
    out_file.write("    payload = [" + ','.join(str(x) for x in [int(x, 16) for x in content_in.split()]) + "]")

The command format is Bin2DM.py [InputFile] [OutputFile] and it will happily accept any extensions you feed it, as well as read and write wherever you want it to. 4eg Python Bin2DM.py G:\PS4\Payloads\GoldHen2.9_900.bin "G:\Your Mom Lol\Golden Henloader 2.9 for PS4 900.txt"

Everything else about the script remains the same. The contents of the output is pre-formatted to make life easier, just replace the entire line (starting with payload = [) for the payload you're updating with the output file's contents. The output will be ~4x the input's size due to how it's formatted. You should never experience a "Low Memory" error if you keep the total size of payloads.js under 2.5mb (it may be fine up to 8mb, I won't guarantee it). Consider the script CC-Attrib.