A few days we reported to you about Graf_Chokolo working on SELF/SPRX decryption, today he has just released his PSGroove port which allows you to decrypt a SELF files and send the data VIA ethernet to your PC!
Guys, i promised to you to make my SELF decrypter public. I just uploaded it Let me first explain how it works.
I used only HV calls in my code because i wanted to learn how to decrypt SELFs without GameOS. The decryption and decompression of SELFs is done by isolated module appldr which is prepared and loaded by lv1_undocumented_function_99. After appldr is loaded it sends a message and waits for your instructions to decrypt some encrypted segments. When the message arrives i pass encrypted segment data to appldr through shared memory and it decrypts the passed data. When the decryption is done the payload sends the decrypted data over network to my PC and i capture it with tcpdump
I’m using IDA to analyze the decrypted code. First i extract the decrypted segments from pcap dump and load them at right addresses into IDA. I created a shell script to make segment extraction from pcap dumps easier. Virtual addresses of decrypted segments you will find in ELF header.
The target group of this release are again advanced programers among you. The goal of this release is not to give you a tool for SELF decryption but to show you how it can be done So, feel free to ask me any questions about my code. I will support everyone who wants to port my code and create more user-friendly GameOS applications for SELF decryption because i do not intend to write any GameOS tools I’m more interested in HV reversing
My SELF decrypter is not able to decrypt games and NPDRMs yet but i’m working on it I think you will have enough SELFs now to reverse
I will document my findings about SELF decryption on my HV page in the next days.
Download the payload @ his Github page HERE.