THREAD: PS4Lib - (4.05/4.55/5.05) | Real Memory Editing | [SERVER/CLIENT] | v1.1
  1. 02-07-2018, 06:55 PM
    BISOON's Avatar
    BISOON
    Maggbot timeout!
    BISOON's Avatar
    BISOON
    Maggbot timeout!
    536
    Posts
    10,912
    Reputation
    Apr 2014
    NextGenUpdate
    Hello everybody after a while being away for a long time Smile

    Recently I got my PS4 (4.05) and thanks for everyone who spent his effort to make this happen on 4.5 and also we will not forget who is working on useful things for this community.
    I spent the past two days looking for PS4API to control over the app memory using desktop tools/rtms, and unfortunately I got some but seems not worked with me or not stable enough (I am not underestimating their work, I really respect what they have done) also no new commits or updates on their projects for a long time.

    As I promised you guys I've finished the client side library in c# to make it easy for people who interested in making RTM tools. also demo app included for demonstration.

    A Brief Examples:

    Instantiate the PS4API object:
    PS4API PS4 = new PS4API();


    Connect to target:
    PS4.ConnectTarget("192.168.0.0");


    Disconnect from target:
    PS4.DisconnectTarget();


    Attach to game process:
    PS4.AttachProcess();


    Detach Process:
    PS4.DetachProcess();


    Notify:
    PS4.Notify(222, "Hello World!");


    Write to memory:
    PS4.SetMemory(0x0000000000000000, new byte[]{0x00,0x00});


    Read from memory:
    byte[] buffer = PS4.GetBytes(0x0000000000000000, Cool Man (aka Tustin);


    Extension Class Examples:
    Spoiler:

    Reading


    Read and return an signed integer 16,32 or 64 bits:

    Int16 var16 = PS4.Extension.ReadInt16(0x000000000);
    Int32 var32 = PS4.Extension.ReadInt32(0x000000000);
    Int64 var64 = PS4.Extension.ReadInt64(0x000000000);


    Read and return an unsigned integer 16,32 or 64 bits:

    UInt16 var16 = PS4.Extension.ReadUInt16(0x000000000);
    UInt32 var32 = PS4.Extension.ReadUInt32(0x000000000);
    UInt64 var64 = PS4.Extension.ReadUInt64(0x000000000);


    Read and return float(s):

    float varFloat = PS4.Extension.ReadFloat(0x000000000);
    float[] varFloats = PS4.Extension.ReadFloats(0x000000000, 3);


    Read and return double:

    double vardouble = PS4.Extension.ReadDouble(0x000000000);


    Read and return string:

    string varstring = PS4.Extension.ReadString(0x000000000);


    Writing


    Write an signed integer 16,32 or 64 bits:

    PS4.Extension.WriteInt16(0x000000000, 0x1122);
    PS4.Extension.WriteInt32(0x000000000, 0x11223344);
    PS4.Extension.WriteInt64(0x000000000, 0x112233445566778Cool Man (aka Tustin);


    Write an unsigned integer 16,32 or 64 bits:

    PS4.Extension.WriteUInt16(0x000000000, 0x1122);
    PS4.Extension.WriteUInt32(0x000000000, 0x11223344);
    PS4.Extension.WriteUInt64(0x000000000, 0x112233445566778Cool Man (aka Tustin);


    Write float(s):

    PS4.Extension.WriteFloat(0x000000000, 1.25f);
    PS4.Extension.WriteFloats(0x000000000, new float[]{1.0f, 2.0f, 3.0f});


    Write double:

    PS4.Extension.WriteDouble(0x000000000, 1.7E+3);


    Write string:

    PS4.Extension.WriteString(0x000000000, "Hello World!");






    GUI:
    You must login or register to view this content.



    * I added the Extension class from PS3Lib by You must login or register to view this content. for two reasons, first is to save my time, second is to make it easy for people who already familiar with that awesome lib.




    TODO:

    • more system functions.
    • Improve TCP communications.
    • Improve memory allocation.
    • multi-users.
    • process dump
    • process list
    • debugger


    Changelogs:
    Spoiler:

    PS4API - SERVER

    Spoiler:

    1.1
    - More process name (default_mp.elf, eboot.bin etc)
    - Fixed attach problem

    1.0
    initial version

    PS4Lib - CLIENT

    Spoiler:

    1.0
    initial version




    Open sourced PS4 Tools created using PS4Lib.dll:
    Spoiler:


    • PS4API for NetCheat You must login or register to view this content.
    • GTA5 Native Caller You must login or register to view this content.
    • Orbis Assembler You must login or register to view this content.
    • PS4 Notification tool by Vultra You must login or register to view this content.




    Bugs:
    Only one bug, if I try to read more than 1000000 length the browser got crashed, due the memory allocation in the server. it will be fixed soon.
    feel free to comment below any bugs to fix. also your feedback is valuable. <3




    You must login or register to view this content.
    You must login or register to view this content.
    You must login or register to view this content.
    You must login or register to view this content.








    Credits:

    CTurt -> the SDK.
    Specter -> exploit implementation.
    IDC, xvortex, 2much4u, iMCSx
    All of You reader, supporter, haters, ...etc
    and who else I missed (feel free to message me for the Credits)
    Last edited by BISOON ; 06-09-2018 at 04:49 PM. Reason: 5.05

  2. The Following 36 Users Say Thank You to BISOON For This Useful Post:

    , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

  3. 03-06-2018, 07:21 PM
    ndscrub123's Avatar
    ndscrub123
    Save Point
    ndscrub123's Avatar
    ndscrub123
    Save Point
    7
    Posts
    10
    Reputation
    Aug 2014
    NextGenUpdate
    so i walked in to this post now iam interested what does this do sorry be a scrub
  4. 03-10-2018, 05:04 PM
    AlkOOzy's Avatar
    AlkOOzy
    Gobble
    AlkOOzy's Avatar
    AlkOOzy
    Gobble
    2
    Posts
    10
    Reputation
    Jan 2014
    NextGenUpdate
    Nice Upside Down Happy good work
  5. 03-11-2018, 03:15 AM
    204
    Posts
    20,557
    Reputation
    May 2010
    NextGenUpdate
    can't write more than 0x200 / 512 bytes with PS4.Extension.WriteBytes, is that normal? :/
  6. 03-11-2018, 06:35 PM
    BISOON's Avatar
    BISOON
    Maggbot timeout!
    BISOON's Avatar
    BISOON
    Maggbot timeout!
    536
    Posts
    10,912
    Reputation
    Apr 2014
    NextGenUpdate
    Originally Posted by EROOTIIK View Post
    can't write more than 0x200 / 512 bytes with PS4.Extension.WriteBytes, is that normal? :/


    I need more info to see if it's normal or not, please .
  7. The Following User Thanked BISOON For This Useful Post:


  8. 03-11-2018, 09:24 PM
    204
    Posts
    20,557
    Reputation
    May 2010
    NextGenUpdate
    Originally Posted by BISOON View Post
    I need more info to see if it's normal or not, please .


    Looks like your server can't handle an array bigger than 512 bytes length when using WriteMemory / WriteBytes, it writes the 512 first bytes only.
  9. 03-12-2018, 10:08 AM
    BISOON's Avatar
    BISOON
    Maggbot timeout!
    BISOON's Avatar
    BISOON
    Maggbot timeout!
    536
    Posts
    10,912
    Reputation
    Apr 2014
    NextGenUpdate
    Originally Posted by EROOTIIK View Post
    Looks like your server can't handle an array bigger than 512 bytes length when using WriteMemory / WriteBytes, it writes the 512 first bytes only.


    Yes, I restricted this to make sure the server will not crash, so you can divide your buffer into chunks and send them.
    #define MAX_PAYLOAD_LENGTH 512 // in commandHandlers.h

    example:

    int chunkSize = 512;
    byte[] buffer = new byte[1024]; //1024 > chunkSize
    int loop = (int)Math.Ceiling((decimal)buffer.Length / chunkSize);
    ulong offset = 0x2255; //example of offset/address
    for (int i = 0; i < loop; i++)
    {
    int start = (i * chunkSize);
    byte[] chunkToWrite = buffer.Skip(start).Take(chunkSize).ToArray();
    //PS4.Extension.WriteBytes(offset + (ulong)start, chunkToWrite);
    // or
    //PS4.SetMemory(offset + (ulong)start, chunkToWrite);
    }


    I know it's overhead, I will fix the server side soon.
    usually, we write less than 512 otherwise we need the above code and send multiple packets.
    Thanks for your feedback.
    Last edited by BISOON ; 03-12-2018 at 10:10 AM.

  10. The Following 2 Users Say Thank You to BISOON For This Useful Post:

    ,

  11. 03-12-2018, 09:24 PM
    204
    Posts
    20,557
    Reputation
    May 2010
    NextGenUpdate
    Originally Posted by BISOON View Post
    Yes, I restricted this to make sure the server will not crash, so you can divide your buffer into chunks and send them.
    #define MAX_PAYLOAD_LENGTH 512 // in commandHandlers.h

    example:

    int chunkSize = 512;
    byte[] buffer = new byte[1024]; //1024 > chunkSize
    int loop = (int)Math.Ceiling((decimal)buffer.Length / chunkSize);
    ulong offset = 0x2255; //example of offset/address
    for (int i = 0; i < loop; i++)
    {
    int start = (i * chunkSize);
    byte[] chunkToWrite = buffer.Skip(start).Take(chunkSize).ToArray();
    //PS4.Extension.WriteBytes(offset + (ulong)start, chunkToWrite);
    // or
    //PS4.SetMemory(offset + (ulong)start, chunkToWrite);
    }


    I know it's overhead, I will fix the server side soon.
    usually, we write less than 512 otherwise we need the above code and send multiple packets.
    Thanks for your feedback.


    Thanks for your code Smile
  12. The Following User Thanked EROOTIIK For This Useful Post:


  13. 03-13-2018, 04:42 AM
    ioritree's Avatar
    ioritree
    Haxor!
    ioritree's Avatar
    ioritree
    Haxor!
    39
    Posts
    150
    Reputation
    Jan 2013
    NextGenUpdate
    have any new compiled ps4api payload for 4.05 or 4.55 ?
    or No 'exploit host' required ver.
  14. 03-13-2018, 05:30 AM
    1
    Posts
    10
    Reputation
    Nov 2013
    NextGenUpdate
    Good work and thanks for your hard work