[Tut] PS3 Self/Sprx Reversing

[Slynk]

So I'll start this off by saying, I don't know much at all about reversing and I'd really like everyone's help to flesh out this tutorial. I'll provide what I have found so far and I encourage other's to give their knowledge of reversing. Any knowledge of reversing will be helpful, it doesn't have to be specific to the PS3. IDA knowledge is also helpful. So the tutorial:

Must obtain:

• IDA Pro 5.2 or higher. (Buy it or borrow a friend's copy <.<)
• Ppcaltivec Plugin
• Package Unpacker (Or what ever you prefer, this will extract the eboot from the .pkg and extract the .elf from the eboot)
• Something to reverse (.pkg, .self (homebrew), .elf (unencrypted self)

[===Installing IDA Pro===]
Run the exe and follow the instructions.

After the install, navigate to the install directory.

extract the contents of "ppcaltivec_plugin_v1.6_for_ida_v5.6.zip" to the plugins directory.

Done!

[===Setting up PS3 PKG Tool===]
Extract the contents of PS3_PKG_Tool_V0.5.rar to a dirctory of your choosing.

Double Click PS3_PKG_Tool_v0.5

Type 0, ENTER

Type 1, ENTER to install MinGW (take note of the install directory)

Choose Use pre-packaged repository catalogues.

I'm not sure which components are necessary but I ticked C++ compiler, MSYS Basic System, and MinGW Developer Toolkit.

It will take a bit of time to download and install everything.

Once complete, choose option 2, then 3, then 4, then 5.

Complete!

[===Unpacking .pkg===]
Move the .pkg in question to the PS3 PKG Tool folder.

Load PS3 PKG Tool and choose option 3.

Type n, ENTER

Type the name of the pkg, ENTER, ENTER, ENTER

Done! You should have the contents of the pkg in the PS3 PKG Tool directory.

[===Extracting Elfs from Homebrew EBOOT.BINs===]
Move the EBOOT.BIN to the PS3 PKG Tool directory.

Load PS3 PKG Tool and choose option 4.

Type n, ENTER, ENTER, ENTER

Afterward, you can exit the app safely. You should have an elf called working.elf in your PS3 PKG Tool directory!

[===Loading the Elf into IDA Pro===]
Load up IDA Pro Advance (32 or 64 bit, doesn't matter)

Click [Go]

File->Open

Select the .elf

Select ELF in the top box.

In the Processor type drop down box, select: PowerPC ppc

click set, then OK

Wait a little bit while it works with your file.

Done!

---------------------------------------------
That's all I've got so far. Please contribute. ^^

[daniboy92]

Can you give me a link for IDA Pro v5.2? I don't find them, please send me at MP.
Thanks!

[user]

also try kakarotoks jumptable analyzer plugin, it works great most of the times

next you should look for the TOC, set it in ida and re-analyze.

[Slynk]

*gasp* Someone contributed to this after.... *counts*.... 5 months of me posting this lol.

Never heard of his plugin, I'll definitely have to give it a look. I just downloaded a bunch of assembly and IDA books last night so I'll see about playing around with it.

[afiser]

fyi, the latest version of IDA has the altivec plugin built-in