Mr Gas showcases decrypted vita game savedata on Vita 3.60
Vita Scene hacker MrGas surfaced today with a screenshot of what appears to be a decrypted (then re-encrypted) Save Data for PS vita game Final Fantasy X HD remaster on the PS Vita. This has several big implications for the PS Vita scene.
Mr Gas confirmed this breakthrough was made possible thanks to the recent release of Henkaku, the native PS Vita 3.60 hack from team molecule. The possibility to decrypt and reencrypt PS Vita games could allow for a few interesting things.
SaveData decryption to lead to local cheats in Vita games
Decrypted savedata could lead to editors for cheatcodes on the PS Vita. With a bit of hex-edit magic, people could be able to trick their games. The typical stuff to get infinite lives, better gear, more coins, you name it.
Arguably, this might even be used to trick things such as online features. Could you trick a game that would in return trick Sony’s servers and give you all trophies for a given game? Although this might sound appealing to some gamers, be warned that Sony does not respond kindly to people who use hacks/cheats to trick their online system (including, but not restricted to, the trophies)
SaveData decryption/encryption could help find more exploits in Vita games
Being able to peek and poke inside video games savedata is how lots of console hacking has happened historically. Savedata exploits were the main vector of usermode exploits on the PSP, including on the Vita’s PSP emulator, which is how things such as VHBL are typically enabled (except in a few occasions including the recent VHBL bubble trick). On the 3DS, game-based exploits are also pretty frequent, such as SuperMysteryChunkhax and other game exploits.
It’s worth noting however that such things were easier in the days of the PSP, where savedata was generally not encrypted uniquely per console. As such, sharing game exploits was easy, but nowadays a reencrypted save game would only work on the console it was created with. So a way to “inject” the savedata on other people’s Vita would be needed, which requires another exploit. On the 3DS, such chicken-egg situation led to the concept of “secondary exploit”: you need another, primary, exploit before you can install this game exploit. On the 3DS, action replay powersaves are typically used to reencrypt the Data for one’s console.
It will be interesting to see where this takes us to. Mr gas hasn’t stated any release data, nor has he said he would ever release his work. It’s nevertheless interesting here to see that HENkaku is sparkling interest in the Vita scene at a rarely seen rate, and to see that some veterans of the scene are still actively engaged. In the meantime, you can feast your eyes on the screenshot from MrGas:
PS Vita save decrypted
source: Mr Gas
Maybe the playtime is a hint at a release date. I’ll keep a ear out for September 25th.
Nah i dont think it will take so long
Way to go mrgas!
mr. gas you sure are throwing the best smelling gas ever! 😀
decrypt games too man! you’re the best! and if you are reading this, please say something on the comments section of this post! 🙂
Something
insert *well it’s something* meme
Your not the organic gas…..are u mr. Gas 🙂
Finally, the Vita scene is taking off. I think its due to the fact Sony has officially killed the Vita, so it’s up to the scene to give it a second life.
I think it goes without saying that before we even get any closer to decrypting Vita games, so-dumb (aka sony) will have released a hot fix, and then a patch, and then another patch to patch the patched files and the hotfix – everything brought to you by so-dumb and labeled as “stability updates”.
I mean, seriously, we all know where this leads to and what’s bound to happen – game decryption and then bring all game files together, and finally apply the ISO container treatment. Voilá, there’s your pirated game. I’m glad someone managed to create a homebrew environment for the latest Vita firmware, but I’m *very* sure so-dumb will do something on their end like re-enforcing crypto-algorithm to “protect” digital games from psn.
Summing it all up, I think it’s time for the Vita hacking scene to catch up before so-dumb makes their next move.
Never before have we had a usermode exploit like this. This isn’t PSM anymore, this is an actual userland exploit and all it would take is to find ONE, just ONE kernel exploit and BOOM, the Vita is cracked open. We are so close, yet so far. Sony can release all the updates they want, but the second a kernel exploit is found on 3.60, it will be much easier to find exploits for later firmwares. The game of cat and mouse has begun.
Aww yea, one step closer to backup loading! I’ve had my Vita since launch and am thrilled to see it’s hacking progress this much this fast!
henkaku site is down, any alternatives for self hosting the exploit before sony throws an update our way?
HENkaku’s website is not down.
Did you try: https://henkaku.xyz/ ? Because I just did and it’s (still) up.
Changing your DNS should fix the issue… Or you can install node and run henkaku-local (from github, just search).
Good luck.
I actually want to cheat, but for FFX-2, which doesn’t even have online, as I don’t find the combat to be as good as FFX’s, and the enemies are quite tough for me.
We are witnessing how PS Vita’s security is cracking and falling apart piece by piece, day by day and to be honest… it’s amazing!!!
Truth to be told I enjoyed my 2 PS Vita systems a lot throughout the years, games like Soul Sacrifice (and later Delta), Persona 4 Golden, Killzone Mercenary, Gravity Rush among others gave me hundreds of hours of fun.
But sadly the vita never became a thing among the overall gaming community, and after the first ( and not even second) batch of AAA games, they became extinct like the dinossaurs, I still played a lot of great indie games, among some PSP and PS1 games, and had fun with VHBL once in a while but the real potential was killed by Sony themselves, even reminding us every 2 months that updates served to kill PSP exploits and remove no longer supported apps only, I ended up selling on of my Vitas and GIFTING the other one to a very good friend after 4 years full of Sony’s deceptions…
Today ladies and gentleman we become whole again, I will be buying another Vita and I’m EXCITED again, we see a new era reborn with HENkaku and I love it 🙂
Same! I’ve owned one since launch. *** shame that there haven’t been many worthwhile exclusives since around fall of 2014…
That being said I never owned a PSP until recently, and yes it’s also hacked. Has a huge selection of games, really enjoying it!
Would love to see CFW come out of this someday. I don’t even care about Vita backups, just the ability to normally turn on my Vita, and load up some emulators. That would be cool 🙂
Is there any chance Mr. Gas could provide us with some kind of briefing or tutorial on how he decrypted and reincrypted the save file?
I assume by blind knowledge that the decryption string is somewhere in the eboot of the actual game files, and by linking it with the save file header, you can decrypt the actual save and reincrypt it through IDA, but I’m totally not sure where to start…
some sort of hexadecimal string perhaps in the eboot, save file itself, or another file, such as “id” which is on the root of ux0_
soon !
Thanks, man! Really appreciate all of your hard work and your contributions to the scene. This is awesome stuff!
Lmao henkaku IS a kernel exploit and pirating is actually already possible considering that installed homebrews launch without verifying licenses.
And people have been dumping and decrypting Vita games for the last few months now. If it were just a matter of launching the dumps as a homebrew game people would be pirating left and right by now.
Ah, now this is where things start to get REALLY interesting. Editing and resigning save data could hopefully lead to the sort of exploits where we can hijack the PSP and PS1 emus using HENkaku, meaning the potential to do everything the older firmwares can but on 3.60. Backup loading would be nice because I have about 12 retail games, the downside being they’re quite large so I’d need one of those horrifically expensive 64GB Vita memory cards to make use of it.
Still, exploited savedata on retail Vita game cart brings the possibility of an unblockable exploit not bound to a specific firmware version. Unless they, for example, make game updates mandatory before launching all Vita titles. Which would be super dumb, but this IS Sony we’re talking about so you never know… all just guesses but seriously, very impressed with Mr. Gas’s handiwork here.
МР,yesss yesss!!МР,Good luck!
Now it’s time to finally cheat that “Lightning Dodge” and 0.0.0 Chocobo race. Though not impossible it still needs a lot of patience and I jave none nowadays.
Hoping for a Bruteforce PSP resigner!
Vita*
Yeah! Thats my thought m8 – I used this on my CFW PS3 to use the save games from my main account without the risk of getting it banned.