Long time scene member Barthen has shared (via CelesteBlue) an explanation on how higher firmware PS4 games could be slightly modified and repackaged to run on a (hacked) PS4 4.05.

Piracy is a thing on hacked PS4s 4.05, but is currently limited to older games. Any games that requires a firmware higher than 4.05 cannot be pirated at the moment.

• Related: How to get your hands on a PS4 running 4.05 or lower

The explanation was published on pastebin, and according to Barthen’s writeup, all there is to do is to patch two locations of the binary, then repackage the game. And, of course, bad news for Sony, it would only take one group to do it once for a given game, and then release it on the usual warez channels for everyone to pirate.

This would of course not work for games that actually require functionality from newer firmwares (per opposition to games that just set it as an arbitrary requirement).

Other hackers have mentioned that spoofing the firmware version directly on a hacked PS4 would be a much more efficient way to achieve the same result.

The full writeup below:

How to lower the firmware requirement in ELF and PRX files

---

---

Example of lowering the firmware required for files compiled with the leaked 4.50 SDK (tested on 4.05) hex editing some bytes:

1. In the ELF section called “sce_process_param” we patch the reversed sdk version (there should only be one instance of the pattern):
search for “01 81 50 04” and replace with “31 80 50 03”

2. In the ELF section called “sceversion” we patch the sdk version (multiple instances of the pattern will be found):
search for “04 50 81 01” and replace with “03 50 80 31”

3. Resign it with flatz’s make_fself.py or add it to a PKG with cfwprophet’s Fake_PKG_Generator

4. Profit

5. A side effect of this is that if someone is able to dump games on higher firmwares (ex. 5.05) it SHOULD be possible to play those games in lower firmwares (ex 4.05) with this method, unless the games uses functionality added on newer SDKs

Barthen has confirmed to me that he is behind the finding, and credits cfwprophet for providing him with some of the tools that have been necessary for the investigation.

In his words:

I just took two ELF samples, one generated with the 3.50 SDK, and the other with the 4.50 SDK.

I stripped the files from all symbols and debug info (to make them the smallest possible).

I then took every section & segment apart and compared them with one another.

I found several differences but only those on the pastebin seem relevant for proper execution.

CelesteBlue has also stated that similar techniques have been used on PS3 and PSP in the past.

Again, although this appears to work with simple files compiled with the leaked Sony SDK, there’s no full confirmation at this point that this will work with actual commercial games. It’s very likely however that people will give this a try very soon and confirm whether this works or not.

Source: via CelesteBlue