Endless Paradigm

Full Version: How to Decrypt a Firmware Eboot
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
This tutorial is for V1, and the real name to this tutorial is: How to Obtain a PSAR dump from an EBOOT. :D I will expand on this later on.

Spoiler for Notes:
What's an EBOOT

An eboot is like a .exe file in Windows. It is read by the PSP, and can be executed from the XMB. Within that eboot has files compiled into a file called a PSAR. The PSAR is encrypted and can be opened, read and loaded from.

What's a PSAR

It's basically everything that isn't the EBOOT. The EBOOT is only required to launch the app. The PSAR contains all the files which are encrypted and can only be read by apps.

How are PSARs Obtained?

PSARs have to be extracted from the eboot, and then decrypted. Once decrypted, the PSAR is opened up, and the files contained within it is dumped to the MS.

What's Sigcheck?

Sigcheck is probably shot for signature check. Anyways, sigcheck is specific to a PSP, and it is created to a file when it is being flashed to the PSP during an update. If a file with sigcheck is flashed to a PSP, other than which it came from, it will brick that PSP.

What's the difference between encrypted and decrypted files?

The difference is that encrypted files could only be read. They cannot be edited in any way. It's just like a firmware for an iPod, or anything else. It's only can be dumped, and readable. Decrypted files are files that has their encryption removed, and its pretty much open-season on them.
To dump a PSAR, you need the latest PSARDUMPER. This could usually be found on dark-alex.org but other devs can release their own PSARDUMPERS. The latest, you can find here.

1)Once downloaded, extract the folder to /PSP/GAME or the kernel-based folder for homebrew. (GAME380, GAME4xx, GAME5xx, etc.)
2)Download the firmware eboot that you want to dump/decrypt. When you get that, extract it to the root of your MS. There is no need to rename it.
3)Disconnect USB Connection, and go to GAME > MemoryStick and launch the PSARDUMPER.

4)When loaded, you will be greeted with 3 options: (These 3 options always exist in a PSARDUMPER regardless)

-Press cross to dump encrypted with sigcheck and decrypted reboot.bin
-Press circle to dump encrypted without sigcheck and decrypted reboot.bin.
-Press square to decrypt all.

The first option to dump encrypted with sigcheck means that the files in the PSAR will just be dumped as is. They can only be used for analysis. They cannot be edited or flashed to the PSP. Flashing encrypted files with sigcheck WILL brick your PSP.

The second option to dump encrypted without sigcheck means that the files will be dumped encrypted. However, they will not have the sigcheck along with them. Encrypted files still cannot be edited. However, without the sigcheck, they allow to be flashed to a PSP without the risk of a brick.

The last option just decrypts everything.

___________________________________________________________________________________

5)Based on the explanations above, choose your option. The PSARDUMPER will begin to read the eboot file, and dump/decrypt them according to your choice. When done, the app will exit to the XMB.

6)Re-enable USB Mode. The dumped/decrypted files will be stored in the 'F0' folder on the root of your MS. (Where the eboot file is) Simply copy that folder anywhere to save it.

7)The F0 folder has the same structure as a PSP's flash0 will so it will be easier to find specific files. In Addition, a log for the dump will be saved. (The same thing you saw on the screen during the dump)

8)You're done, have fun.

Moar Stuff: If you want to make a theme or use anything that uses files from flash0, they MUST be decrypted unless otherwise. (For themes, they must be decrypted regardless. You don't want sigchecked files bricking everyone else's PSP now 'eh) For some apps like the 3.71 fatmsmod.prx patch, it can use encrypted files without sigcheck. Just know that encrypted files take less space because they aren't "deflated" by the PSARDUMPER while being dumped. However, decrypted files are deflated giving them a bigger size over encrypted files.
so PSAR = source code? :D
boogschd Wrote:so PSAR = source code? :D

Encrypted source code :P

It's an archive any way you put it.
I willl look into this when i am less busy! thanks man!! there are many people asking arround about psardumper,. meself ,. i have never got psardumper to work,.;p!! mucho thanks!!
demonchild Wrote:
boogschd Wrote:so PSAR = source code? :D

Encrypted source code :P

It's an archive any way you put it.

ohz Madwin
Vegetano1 Wrote:I willl look into this when i am less busy! thanks man!! there are many people asking arround about psardumper,. meself ,. i have never got psardumper to work,.;p!! mucho thanks!!

No problem. PSARDUMPER just looks confusing at first because of all the terminology. But it doesn't take much learning. Like stealing candy from a baby. It takes a couple tries before you get it right. :P

Really, if it wasn't for PSARDUMPERS in the first place, wee probably won't be having custom firmwares to begin with.
Reference URL's