A tool for deriving PKG packet encryption keys for ps4 written in c++
| 1 | #pragma once |
| 2 | |
| 3 | #include <cstdint> |
| 4 | #include <map> |
| 5 | #include <string> |
| 6 | #include <vector> |
| 7 | |
| 8 | namespace ShadPKG::Patcher { |
| 9 | |
| 10 | // PSN Bypass Patch Types |
| 11 | enum class PatchType { |
| 12 | NOP, // Replace with NOP (0x90) |
| 13 | RET_ZERO, // Return 0 (xor eax, eax; ret) |
| 14 | RET_ONE, // Return 1 (mov eax, 1; ret) |
| 15 | JMP_ALWAYS, // Change conditional jump to unconditional |
| 16 | SKIP_CALL, // Skip function call |
| 17 | CUSTOM // Custom byte replacement |
| 18 | }; |
| 19 | |
| 20 | struct PatchEntry { |
| 21 | std::string name; |
| 22 | std::string description; |
| 23 | uint64_t offset; // Offset in file |
| 24 | std::vector<uint8_t> original; // Original bytes (for verification) |
| 25 | std::vector<uint8_t> patched; // Patched bytes |
| 26 | PatchType type; |
| 27 | bool applied = false; |
| 28 | }; |
| 29 | |
| 30 | struct GamePatchSet { |
| 31 | std::string gameId; // e.g., "CUSA00265" |
| 32 | std::string gameName; // e.g., "Minecraft" |
| 33 | std::string version; // e.g., "01.00" |
| 34 | std::vector<PatchEntry> patches; |
| 35 | }; |
| 36 | |
| 37 | class PSNBypass { |
| 38 | public: |
| 39 | PSNBypass(); |
| 40 | ~PSNBypass() = default; |
| 41 | |
| 42 | // Load eboot.bin for patching |
| 43 | bool loadEboot(const std::string &path); |
| 44 | |
| 45 | // Save patched eboot.bin |
| 46 | bool saveEboot(const std::string &outputPath); |
| 47 | |
| 48 | // Auto-detect game and apply appropriate patches |
| 49 | bool autoDetectAndPatch(); |
| 50 | |
| 51 | // Apply specific patch set |
| 52 | bool applyPatchSet(const GamePatchSet &patchSet); |
| 53 | |
| 54 | // Apply single patch |
| 55 | bool applyPatch(const PatchEntry &patch); |
| 56 | |
| 57 | // Verify patch can be applied (check original bytes) |
| 58 | bool verifyPatch(const PatchEntry &patch); |
| 59 | |
| 60 | // Search for PSN-related function signatures |
| 61 | std::vector<uint64_t> findPSNFunctions(); |
| 62 | |
| 63 | // Search for specific string references (LEA/pointers) |
| 64 | std::vector<uint64_t> findStringReferences(uint64_t stringOffset); |
| 65 | |
| 66 | // Search for specific byte pattern |
| 67 | std::vector<uint64_t> searchPattern(const std::vector<uint8_t> &pattern, |
| 68 | const std::vector<uint8_t> &mask = {}); |
| 69 | |
| 70 | // Get available patch sets |
| 71 | static std::vector<GamePatchSet> getAvailablePatchSets(); |
| 72 | |
| 73 | // Get Minecraft-specific patches |
| 74 | static GamePatchSet getMinecraftPatches(const std::string &version); |
| 75 | |
| 76 | // Generate options.txt for Minecraft PSN bypass |
| 77 | static std::string generateMinecraftOptions(); |
| 78 | |
| 79 | // Patch a specific offset with custom bytes |
| 80 | bool patchOffset(uint64_t offset, const std::vector<uint8_t> &bytes); |
| 81 | |
| 82 | private: |
| 83 | std::vector<uint8_t> ebootData_; |
| 84 | std::string loadedPath_; |
| 85 | bool isLoaded_ = false; |
| 86 | |
| 87 | // Known PSN function signatures (x86-64) |
| 88 | static const std::vector<std::pair<std::string, std::vector<uint8_t>>> |
| 89 | psnSignatures_; |
| 90 | |
| 91 | // Helper to create NOP sled |
| 92 | static std::vector<uint8_t> createNopSled(size_t size); |
| 93 | |
| 94 | // Helper to create return 0 stub |
| 95 | static std::vector<uint8_t> createReturnZero(); |
| 96 | |
| 97 | // Helper to create return 1 stub |
| 98 | static std::vector<uint8_t> createReturnOne(); |
| 99 | }; |
| 100 | |
| 101 | } // namespace ShadPKG::Patcher |
| 102 |