PS3HEN resigning Eboots to hen but goes back to xmb.

[Charles_n_town]

I just remembered about the "watermark" in edats. edats are encrypted with the version at the bottom. if you were to hex edit the watermark, it will corrupt the edat. the watermark is usually how you can tell which app was used to make it iirc the point being that you'll corrupt the file if you try editing it while it's still encrypted. you should be able to decrypt it to an elf, edit, then reencrypt as 3.55, which I guess is useable on hen.

 

[esc0rtd3w]

Is he resigning an edat or an eboot though? From what I remember, edat can be encrypted/decrypted using the edat tool, which also works on OFW. EDAT is generally not an elf file (from my limited experience), but can be. The only example I seen was an spu elf as a bink loader that I played with a while ago that can launch custom spu elf on OFW encrypted as an edat.

I'm on my phone now so I can't remember exactly what tool names were.

Not sure how helpful this comment is

 

[Charles_n_town]

Is he resigning an edat or an eboot though? From what I remember, edat can be encrypted/decrypted using the edat tool, which also works on OFW. EDAT is generally not an elf file (from my limited experience), but can be. The only example I seen was an spu elf as a bink loader that I played with a while ago that can launch custom spu elf on OFW encrypted as an edat.

I'm on my phone now so I can't remember exactly what tool names were.

Not sure how helpful this comment is

Eboot. I was using an edat as an example, since they have a readable watermark in their encrypted state. I wanted to point out that changing it while it's encrypted will corrupt the file. I think that's what the op did to his eboot.

 

[larry12222]

Is he resigning an edat or an eboot though? From what I remember, edat can be encrypted/decrypted using the edat tool, which also works on OFW. EDAT is generally not an elf file (from my limited experience), but can be. The only example I seen was an spu elf as a bink loader that I played with a while ago that can launch custom spu elf on OFW encrypted as an edat.

I'm on my phone now so I can't remember exactly what tool names were.

Not sure how helpful this comment is

nah im tryna resign a eboot to make it run on HEN.. im sort of confused about the socat thing u told me to paste a command but not how to get socat etc. i tried looking for socat i came across devil101 video about it but it was more of a showcase with no links.

Is he resigning an edat or an eboot though? From what I remember, edat can be encrypted/decrypted using the edat tool, which also works on OFW. EDAT is generally not an elf file (from my limited experience), but can be. The only example I seen was an spu elf as a bink loader that I played with a while ago that can launch custom spu elf on OFW encrypted as an edat.

I'm on my phone now so I can't remember exactly what tool names were.

Not sure how helpful this comment is

if i remember i downloaded this guy version of a old HEN_EBOOT_RESIGNER and it worked

but his links are dead.

if anyone keeps a database of any HEN resigners that would be really helpful

 

[Charles_n_town]

Not sure myself. It's been a long time since I was messing with game encryption files on the PS3. Could be wrong, but I'm pretty sure you don't need two apps to do a resigning. An eboot.bin is considered a self file btw. And, it sounds like you have to resign as 3.55, not 4.21 or anything else. The header contains info about the file iirc, including which key it was signed with.

Edit: btw, use scetool gui to see this information. Remember, It must be encrypted.

 

[larry12222]

Not sure myself. It's been a long time since I was messing with game encryption files on the PS3. Could be wrong, but I'm pretty sure you don't need two apps to do a resigning. An eboot.bin is considered a self file btw. And, it sounds like you have to resign as 3.55, not 4.21 or anything else. The header contains info about the file iirc, including which key it was signed with.

Edit: btw, use scetool gui to see this information. Remember, It must be encrypted.

alright will do

Not sure myself. It's been a long time since I was messing with game encryption files on the PS3. Could be wrong, but I'm pretty sure you don't need two apps to do a resigning. An eboot.bin is considered a self file btw. And, it sounds like you have to resign as 3.55, not 4.21 or anything else. The header contains info about the file iirc, including which key it was signed with.

Edit: btw, use scetool gui to see this information. Remember, It must be encrypted.

this is what the working one has but it has to decrypt to work.

 

[esc0rtd3w]

nah im tryna resign a eboot to make it run on HEN.. im sort of confused about the socat thing u told me to paste a command but not how to get socat etc. i tried looking for socat i came across devil101 video about it but it was more of a showcase with no links.


if i remember i downloaded this guy version of a old HEN_EBOOT_RESIGNER and it worked

but his links are dead.

if anyone keeps a database of any HEN resigners that would be really helpful

There is a version of socat here
https://github.com/PS3Xploit/pett/tree/master/files/test/debug/socat

Just update the batch file or make a new one, or use command line from socat folder.

Other builds are available, but thats the one I used for testing.

 

[Charles_n_town]

this is what the working one has but it has to decrypt to work. View attachment 44230

no, it has to be encrypted. like this, go to show file info. it says the working version is using 3.40:

 

[esc0rtd3w]

Here is the batch file i use for socat (mostly log-socat-logger-reciever.cmd). It logs to [socatXX.txt] with XX incrementing from 0 for each dump. A new dump filename is made each time starting from the last one, automatically.

@echo off


set LOGNAME=socat
set INCREMENT=0
set LOGFILE=%LOGNAME%%INCREMENT%.txt

:CHECKLOG
if exist %LOGFILE% (
  set /a INCREMENT+=1
  set LOGFILE=%LOGNAME%%INCREMENT%.txt
  goto CHECKLOG
)

:START
echo SOCAT LOG>>%LOGFILE%
echo --------->>%LOGFILE%
echo.>>%LOGFILE%

echo.
echo Dumping UDP on port 18194 to %LOGFILE%...
echo.
socat -lu stdout udp-recv:18194,reuseaddr | tee %LOGFILE%

Here is a zip with everything: https://www.mediafire.com/file/9w915vqcn1v6gzg/socat.zip/file

 

[Charles_n_town]

Here is the batch file i use for socat (mostly log-socat-logger-reciever.cmd). It logs to [socatXX.txt] with XX incrementing from 0 for each dump. A new dump filename is made each time starting from the last one, automatically.

@echo off


set LOGNAME=socat
set INCREMENT=0
set LOGFILE=%LOGNAME%%INCREMENT%.txt

:CHECKLOG
if exist %LOGFILE% (
  set /a INCREMENT+=1
  set LOGFILE=%LOGNAME%%INCREMENT%.txt
  goto CHECKLOG
)

:START
echo SOCAT LOG>>%LOGFILE%
echo --------->>%LOGFILE%
echo.>>%LOGFILE%

echo.
echo Dumping UDP on port 18194 to %LOGFILE%...
echo.
socat -lu stdout udp-recv:18194,reuseaddr | tee %LOGFILE%

Here is a zip with everything: https://www.mediafire.com/file/9w915vqcn1v6gzg/socat.zip/file

View attachment 44239

Judging from the content id being some sort of cobra manager or something, I don't think he resigned it incorrectly. The 3.55 one seems good too. I think it's simply incompatible like those games that required ghidra or ida to reverse engineer syscalls, rather than just doing a simple resigning. I'm thinking the op would have to modify the source code. Could be wrong though.

 

[larry12222]

Here is the batch file i use for socat (mostly log-socat-logger-reciever.cmd). It logs to [socatXX.txt] with XX incrementing from 0 for each dump. A new dump filename is made each time starting from the last one, automatically.

@echo off


set LOGNAME=socat
set INCREMENT=0
set LOGFILE=%LOGNAME%%INCREMENT%.txt

:CHECKLOG
if exist %LOGFILE% (
  set /a INCREMENT+=1
  set LOGFILE=%LOGNAME%%INCREMENT%.txt
  goto CHECKLOG
)

:START
echo SOCAT LOG>>%LOGFILE%
echo --------->>%LOGFILE%
echo.>>%LOGFILE%

echo.
echo Dumping UDP on port 18194 to %LOGFILE%...
echo.
socat -lu stdout udp-recv:18194,reuseaddr | tee %LOGFILE%

Here is a zip with everything: https://www.mediafire.com/file/9w915vqcn1v6gzg/socat.zip/file

View attachment 44239

thank you appericiate it

no, it has to be encrypted. like this, go to show file info. it says the working version is using 3.40:

View attachment 44232

here

Judging from the content id being some sort of cobra manager or something, I don't think he resigned it incorrectly. The 3.55 one seems good too. I think it's simply incompatible like those games that required ghidra or ida to reverse engineer syscalls, rather than just doing a simple resigning. I'm thinking the op would have to modify the source code. Could be wrong though.

i can decrypt it and add or replace stuff in the elf. but theres no way to encrypt it as a HEN eboot, it will encrypt with TrueAncaster resigner and i think thats why it doesnt work.

 

[Charles_n_town]

Odd that the eboot.elf is the same size as the eboot.bin. I'm not sure if using no compression makes a difference or not. Put it in hxd and see if it starts with ELF.

 

[larry12222]

Judging from the content id being some sort of cobra manager or something, I don't think he resigned it incorrectly. The 3.55 one seems good too. I think it's simply incompatible like those games that required ghidra or ida to reverse engineer syscalls, rather than just doing a simple resigning. I'm thinking the op would have to modify the source code. Could be wrong though.

i can decrypt it and add or replace stuff in the elf. but theres no way to encrypt it as a HEN eboot, it will encrypt with TrueAncaster resigner and i think thats why it doesnt work.

Odd that the eboot.elf is the same size as the eboot.bin. I'm not sure if using no compression makes a difference or not. Put it in hxd and see if it starts with ELF.

 

[esc0rtd3w]

i can decrypt it and add or replace stuff in the elf. but theres no way to encrypt it as a HEN eboot, it will encrypt with TrueAncaster resigner and i think thats why it doesnt work.

View attachment 44243

Placing EBOOT.ELF into root of ESSSE resigner should work AFAIK. You can try using aldostools or TrueAncestor to sign it as 4.xx and then resign that one with ESSSE with 3.55 keys by placing the EBOOT.BIN in root folder. I can try it when I get home. I haven't done that in a while, so I can't remember exactly the steps.

EDIT: Can also use scetool with a specific command but I dont know it off the top of my head right now.

EDIT2: Try this command line (change ID with yours --np-content-id=) and rename final EBOOT.HEN to EBOOT.BIN. I found this in old chat log from @Joonie

scetool -v --sce-type=SELF --compress-data=TRUE --skip-sections=FALSE --key-revision=04  --self-auth-id=1010000001000003 --self-app-version=0001000000000000 --self-add-shdrs=TRUE --self-vendor-id=01000002 --self-type=NPDRM --self-fw-version=0003004000000000 --np-license-type=FREE --np-content-id=EP0001-BLES01337_00-WEEEEEEEEEEEEEEJ --np-app-type=EXEC --np-real-fname=EBOOT.BIN --encrypt EBOOT.ELF EBOOT.HEN

EDIT3: or try one of these

scetool -v --sce-type=SELF --compress-data=TRUE --skip-sections=FALSE --key-revision=04 --self-auth-id=1010000001000003 --self-app-version=0001000000000000 --self-add-shdrs=TRUE --self-vendor-id=01000002 --self-type=NPDRM --self-fw-version=0003004000000000 --np-license-type=FREE --np-content-id=UP0001-BB0011111_00-0000111122223333 --np-app-type=EXEC --np-real-fname=EBOOT.BIN --encrypt EBOOT.ELF EBOOT.HEN

scetool -v --sce-type=SELF --compress-data=TRUE --skip-sections=FALSE --key-revision=04  --self-auth-id=1010000001000003 --self-app-version=0001000000000000 --self-add-shdrs=TRUE --self-vendor-id=01000002 --self-type=NPDRM --self-fw-version=0003004000000000 --np-license-type=FREE --np-content-id=UP0001-HTSS00003_00-0000000000000000 --np-app-type=EXEC --np-real-fname=EBOOT.BIN --encrypt EBOOT.ELF EBOOT.HEN

scetool --sce-type=SELF --compress-data=TRUE --skip-sections=FALSE --key-revision=04  --self-auth-id=1010000001000003 --self-app-version=0001000000000000 --self-add-shdrs=TRUE --self-vendor-id=01000002 --self-type=APP --self-fw-version=0003004000000000 --encrypt EBOOT.ELF EBOOT.BIN

 

[larry12222]

Placing EBOOT.ELF into root of ESSSE resigner should work AFAIK. You can try using aldostools or TrueAncestor to sign it as 4.xx and then resign that one with ESSSE with 3.55 keys by placing the EBOOT.BIN in root folder. I can try it when I get home. I haven't done that in a while, so I can't remember exactly the steps.

EDIT: Can also use scetool with a specific command but I dont know it off the top of my head right now.

EDIT2: Try this command line (change ID with yours --np-content-id=) and rename final EBOOT.HEN to EBOOT.BIN. I found this in old chat log from @Joonie

scetool -v --sce-type=SELF --compress-data=TRUE --skip-sections=FALSE --key-revision=04  --self-auth-id=1010000001000003 --self-app-version=0001000000000000 --self-add-shdrs=TRUE --self-vendor-id=01000002 --self-type=NPDRM --self-fw-version=0003004000000000 --np-license-type=FREE --np-content-id=EP0001-BLES01337_00-WEEEEEEEEEEEEEEJ --np-app-type=EXEC --np-real-fname=EBOOT.BIN --encrypt EBOOT.ELF EBOOT.HEN

EDIT3: or try one of these

scetool -v --sce-type=SELF --compress-data=TRUE --skip-sections=FALSE --key-revision=04 --self-auth-id=1010000001000003 --self-app-version=0001000000000000 --self-add-shdrs=TRUE --self-vendor-id=01000002 --self-type=NPDRM --self-fw-version=0003004000000000 --np-license-type=FREE --np-content-id=UP0001-BB0011111_00-0000111122223333 --np-app-type=EXEC --np-real-fname=EBOOT.BIN --encrypt EBOOT.ELF EBOOT.HEN

scetool -v --sce-type=SELF --compress-data=TRUE --skip-sections=FALSE --key-revision=04  --self-auth-id=1010000001000003 --self-app-version=0001000000000000 --self-add-shdrs=TRUE --self-vendor-id=01000002 --self-type=NPDRM --self-fw-version=0003004000000000 --np-license-type=FREE --np-content-id=UP0001-HTSS00003_00-0000000000000000 --np-app-type=EXEC --np-real-fname=EBOOT.BIN --encrypt EBOOT.ELF EBOOT.HEN

scetool --sce-type=SELF --compress-data=TRUE --skip-sections=FALSE --key-revision=04  --self-auth-id=1010000001000003 --self-app-version=0001000000000000 --self-add-shdrs=TRUE --self-vendor-id=01000002 --self-type=APP --self-fw-version=0003004000000000 --encrypt EBOOT.ELF EBOOT.BIN

they are not working. nothing seems to work. thanks for the help anyway

 

[Charles_n_town]

what exactly are you trying to do? a simple resigning?

 

[larry12222]

what exactly are you trying to do? a simple resigning?

im trying to change something in the eboot which iv show if u go up a little. and its when i encrypt it with anything that allows me to encrypt but when i try encrypting it. (4.20+) black screen and when im resigning to 3.55 it will take me back to xmb. iv tried reisgning the sfo to the same as the homebrew i m trying to sort out everything should be the same.. i just tried it with the working eboot and takes me back to xmb, i know you cant backspace or add stuff in a eboot or it gets corrupted.. its when i edit the elf it stops working. iv done it before so im confused. it works on cfw fine but not on hen

 

[esc0rtd3w]

So i assume it works in its original form, without modifications, signed with 3.55 keys? The problem comes after you make edits only?

Edit: your modified one works on CFW?

I would do as suggested and use debug mode for hen and get a socat log and post it here.

 

[larry12222]

what exactly are you trying to do? a simple resigning?

this eboot that work on hen

Working Eboot: https://tinyurl.com/4h9b6eud
Working Eboot.elf: https://tinyurl.com/hshrjn7a

this is what i want to edit. works on cfw but not on HEN. even with the unedited one when i resign it it goes back to xmb.

 

[larry12222]

So i assume it works in its original form, without modifications, signed with 3.55 keys? The problem comes after you make edits only?

Edit: your modified one works on CFW?

I would do as suggested and use debug mode for hen and get a socat log and post it here.

i got debug setup for hen but confused how to connect socat