Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - SilicaAndPina

Pages: [1] 2 3
PS Vita / [Release] [PC TOOL] [Python] depersonalize_devnet
« on: May 02, 2021, 05:36:25 AM »
Removes watermark from Sony Developer PDF's and PUPs


you can run the same file from different users and find that after running this its the same bytes :D
making it possible to share w/o sony knowing where it came from

Blessed Be!!

PS 5 / Get a PS5 Camera Adapter without knowing any serial number!
« on: March 04, 2021, 07:32:01 AM »
1) take an existing serial number, eg: P0418091177309 ( yuno found this one on an ebay listing )
2) add a random number with 1-5 digits to it (lets say 2156), now we have P0418091179465
3) goto
4) say your not a robot

5) enter your newly calculated serial number-

6) fill in your details-

7) click submit and your done- enjoy !

if you receive an email saying there processing your request then you win !

-- Blessed Be~

PS 5 / NpTrophy v2 - PS5 Trophy File extractor!
« on: February 21, 2021, 05:37:47 AM »
I have written a program to extract files out of the PS5's trophy00.ucp file.


PS 5 / Unity for PlayStation 5, and first look at ps5 executables.
« on: February 20, 2021, 02:47:33 AM »
- we found the first ps5 for unity release, its

if u install the right unity version u can install and take a look at the files
extracted files:

It contains compiled SELF binaries that are NOT encrypted "clang version 10.0.0 (PS5 clang version e46d84a8 e46d84a8f26dda5456e992ff595a5a433c322b2e)"
src code, dll verisons of the cg compiler (i think?) and at9tool. some source code, and other neat things :D

- CG Compiler!

- Ps5 SELFS!

(not encrypted!)

- Trophy data files !!!

- Ps5 Codename Found!

- Some src

Found using Silica's UnityBrute (heavily upgraded by Olebeck)  and countless others who threw there network processing power into this.
(yuno's node found it i think?), and 5 terabytes of HTTP Requests :D

btw, it mentions where to find ps5 devnet, its at
still ip locked thou :-:

Reverse Engineering / Re: #ChovyProject - Road to PS1 support
« on: October 17, 2020, 07:28:06 AM »
I disagree with this idea.
DATA.PSP start 0x150 have 0x410 bytes unknown data,  I fill random data here, it doesn't effect game run.
and some pocketstation supported game release on psn before psv release.
eg ff8 pkg download from psn file date is Wed, 07 Oct 2009 08:39:01 GMT

oh yeah! i totally forgot the PKG's were used before PSV even released (like on PSP and PS3)
thus if it were a flag in DATA.PSP they would have to have either had that right from the start (unlikely.) or update existing PS1 packages
but thats unlikely because Date-Modified header as you imagined.

so its gotta be somewhere else possibly just hardcoded into pspemu and sceshell lol

Reverse Engineering / Re: #ChovyProject - Road to PS1 support
« on: October 17, 2020, 06:43:23 AM »
I don't know, may be list hard-code in psv?
If psn support restore backup to psv it will support.
Eg Final fantasy VIII, Super robot taisen series.

i was thinking maybe some flag in DATA.PSP tbh .. i dont know ..

Reverse Engineering / Re: #ChovyProject - Road to PS1 support
« on: October 17, 2020, 06:12:07 AM »
EdatTest can resign EDAT
PbpResign can resign any PSP PBP from PSN
PrxDecrypt can resign DATA.PSP
PspTest can resign DATA.PSAR Program.cs#L1230
SceEbootGen C# __sce_ebootpbp and __sce_discinfo test generator
VmpTest psx save decryptor and encryptor

Thank you !

btw any idea how the psvita knows if a game supports the PocketStation?

Reverse Engineering / Re: #ChovyProject - Road to PS1 support
« on: October 17, 2020, 05:31:05 AM »
I have successed get PS1 content work on PSV and pocketstation emulator also work. Currently only support EBOOT.PBP from PSN package, because PS1 game iso need lzr compress, currently there is no way to recompress lzr.
1. DATA.PSP need resign with 0x65 kirk key.
2. DATA.PSAR need resign with versionkey.
3. Originally a multi-disc game need __sce_discinfo instead of __sceebootpbp, psv will verify multi-disk signature from vs0:\app\NPXS10028\__sce_discinfo (no private key, can't modify it). bug if __sceebootpbp is provided, the check can be bypassed.

DATA.PSP is a pops emulator loader and DATA.PASR length is hard-code in it and verify the length. DATA.PSP in most game have same code, only DATA.PASR length different, a few games that have other differences, but I’m not sure what they are for.

I have use JP9000-NPJI90001_00-0000000000000001 for seed game, but any psp game can also work.

ps: chovy-gen have a bug, if PSAR size less than 0x1C0000 will gen wrong __sceebootpbp. fix this can get pc engine game work.

next step is found the way to recompress lzr to get normal ps1 iso work.

psx lzr compress different like psp content, that code doesn't work. decompress code can find in

all kirk key can find here

versionkey same as KEYS.BIN

I have only test code written in C#, hard code filename for test, If you wish I can share it.

sorry i accidentally clicked 'modify' on your reply when trying to reply to it then wrote my reply inside it *oops* ... sorry about that ... >_<

anyway, the key there seems to be the same key i found on the psp dev wiki, im just not quite sure how im suppost to sign with it haha

also yes this code would be helpful would be better to understand what your talking about >-<

Reverse Engineering / Re: #ChovyProject - Road to PS1 support
« on: October 17, 2020, 04:37:45 AM »
Wow you actually got games to load?
ive been messing around with POPS for awhile im not exactly sure about how to get version key of a POPS game, my current code was

Code: [Select]
        public unsafe static byte[] GetVersionKeyPs1(Stream pbp)


            pbp.Seek(0x24, SeekOrigin.Begin);
            Int64 PSISOOffset = Convert.ToInt64(readUInt32(pbp));
            pbp.Seek(PSISOOffset, SeekOrigin.Begin);
            pbp.Seek(0x400, SeekOrigin.Current);
            pbp.Seek(0x4, SeekOrigin.Current);
            int key_index, drm_type;

            key_index = readInt32(pbp);
            drm_type = readInt32(pbp);

            pbp.Seek(PSISOOffset + 0x400, SeekOrigin.Begin);
            byte[] pgd_buf = new byte[0x70];
            pbp.Read(pgd_buf, 0x00, pgd_buf.Length);

            byte[] VER_KEY_ENC = new byte[0x10];
            pbp.Read(VER_KEY_ENC, 0x00, VER_KEY_ENC.Length);

            MAC_KEY mkey;
            byte[] VERSION_KEY = new byte[0x10];
            int mac_type;
            if (drm_type == 1)
                mac_type = 1;
                if (key_index > 1)
                    mac_type = 3;
                mac_type = 2;

            sceDrmBBMacInit(&mkey, mac_type);
            sceDrmBBMacUpdate(&mkey, pgd_buf, 0x70);
            bbmac_getkey(&mkey, VER_KEY_ENC, VERSION_KEY);

            return VERSION_KEY;

is this correct?
found KIRK 0x65 but it seems to be an AES key? how do i sign with AES? esp since DATA.PSP seems to have a RSA/EC signature in there ?

As for LZR sign_np actually has a function to LZR compress a buffer. so just use that!

im interested in adding support for this into chovy-sign (its kinda half-done already >_<)

do you have any example code or anything?

dev / Re: Definite proof the SKGleba bricks Vitas !
« on: September 11, 2020, 07:46:36 AM »
A minute of silence for these poor Vitas that will never come back to life.

a reminder for everyone that PSVita's are NOT Cute Girls, so them never coming back to life isnt a cute thing.

Reverse Engineering / Re: CXML format
« on: September 04, 2020, 07:01:12 AM »
Mentioned Issue(s) are Fixed in V3 of CXML Decompiler.

I have released a tool called "default-psn-avatar" awhile back originally just to get the.. default avatar but it has evolved alot since then:
it allows you to do the following:

1) Set avatar back to the default (duh)
2) Remove / Change "Real Name" entry (unrestricted input unlike PS4 or Web)
3) Change PSN Profile colour to ANY 32bit RGB color.
4) Remove Address Information from PSN

Fun stuff:
- If you set ONLY a first name, with no last name ("") then the ps4 profile viewer app will crash upon loading your profile ;P
- If you set your first and last name to a blank space it will appear invisible!
- If you set ONLY your first name to have a bunch of trailing spaces and a single space for last eg: F:"    Silica" M:"" L:" "
due to a rendering bug in the PS4, your name will appear to "move" when its selected in Party Chat.
- Setting an all white background as your cover image and making your profile color all white (#FFFFFF)
makes the page basically unreadable on PS4.

Download it here:

Thanks and Blessed Be~

PS M / [OpenPSS] Sce.PlayStation.Core.dll but its open src.
« on: August 07, 2020, 02:46:18 PM »
There is an essential .NET Mannaged library that EVERY psm game has a reference too.
most of the PSM DLL's are shipped with the game however PlayStation.Core is not.

because of this i decided to "rewrite" the library but with full src.
for Sce.PlayStation.Core essentially this is just like having the actual src code for the file :D

You have to build it using PSM Studio ofc.

see here:

somehow my dll is smaller than the offical one. but whatever,
if you replace it at %SCE_PSM_SDK%\mono\lib\psm with mine you'll see retail games still work np

though i havent tried everything theres a chance it could still be broken somewhere ahah

Blessed Be~

Tutorials / [UNOFFICAL] How to bypass AutoModerator on r/vitahacks
« on: August 05, 2020, 12:12:32 PM »
Okay so you may have noticed that r/vitahacks and other shitty subreddits have an "AutoModerator" that just removes posts based on certain words found within them,

for example on vitahacks if you say "NoNpDrm" it gets automatically removed and you receive a message saying

We do not permit discussion of piracy and piracy related tools for Vita and PSP or questions involving them. Period. This includes if these tools are used for legitimate means. This includes any general question that includes references to these tools. This includes meta questions about this tool and this rule. The reason is less about ethics and more about the association of these topics with low-effort threads that create a burden for the moderating staff. There are other subreddit more dedicated for these low-effort, low-value topics.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.

this is a clear violation of our 1st amendment rights!


1) Open Notepad.exe

2) Type the word

3) Right click the middle of the word

4) Open "Insert Unicode Control Character"

5) Click on "PDF"

6) Now copy paste the word into Reddit or whatever else

it wont be removed now! enjoy your INDEPENDENCE! from the CENSORING COMMUNIST MODERATORS!

Blessed Be~

Kits / Hidden Boot Parameters & Other CP Flags.
« on: August 01, 2020, 05:42:39 AM »
So you may be aware of certain "Boot Parameters" on DevKit as "development_mode" or "memory_size_switch"
what you likely didnt know is that these settings are acturally stored on CP Itself under /work/settings.xml
(you can even dump this file from your devkit uisng psp2ctrl settings-xml C:\path\to\output.xml)

with the recent CP Firmware Dump i could finally take a look at how this works,
and what i found was quite interesting.

as you can clearly see, there is alot more options there than just "development_mode"
you can also see an entry for "kernel:" and "none:" when before i only knew of "bootparam:" and "registry:"

One that caught my eye was "enable_extra_tty" so i gave it a try- using that psp2ctrl command that was discovered earlier by Mathieulh
Code: [Select]
psp2ctrl set-setting integer bootparam:/enable_extra_tty 1and oh! bingo!

More debug output is now printed!

A list of extra (untested) parameters to try are as follows:
(note, ive only tested enable_extra_tty i have NOT tried any of the others, use them at your own risk dont come to me if you break your CP. in theroy you can reset them from CP Recovery thou)
Code: [Select]
and potential strings to put infront of them are
Code: [Select]

As always, Blessed Be. and have a great Lughnasadh

Pages: [1] 2 3