Following last week’s filedump scripts, Zecoxao has shared a series of additional files dumped from PS5 4.03, thanks to work by psxdev/bigboss, he says.

thanks to @psxdev , it should be possible to dump the mapped modules on 4.03 filesystem very soon (but only the read, read write and read execute ones, execute ones aren’t supported yet). additionally, you can map any module at the filesystem and then dump it. more news soon

— Control_eXecute (@notzecoxao) May 22, 2022

From within the PS5 Webkit exploit, on a PS5 Firmware 4.03, Webkit can load in RAM (and therefore decrypt) additional modules from the disk. Once can then most likely dump them from RAM, decrypted.

Script to load additional libraries on PS5 4.03 Webkit exploit

//remember that vm space of webkit changes each execution of the browser.

let handler=malloc(4,1);
let modname=malloc(256,1);
p.writestr(modname,”/wV5dWaoNEP/common_ex/lib/Mono.Data.Sqlite.dll.sprx”);
let ret_loadprx=await chain.syscall(594,modname,0,handler,0);

As a reminder, to get your vm folder (the “wV5dWaoNEP” above) , you have to call some other functions beforehand.

Using this process, Zecoxao has shared some file dumps, here and here.

Decrypted Libraries and looking for PS5 exploits

Decrypted libraries are useful to look into, in particular for people looking for vulnerabilities that could help with privilege escalation on the system. If it is possible to load a library, and call a function with a vulnerability, from within the Webkit context, it is possible to gain higher access to the system, with ultimately the goal to Jailbreak the PS5.

Source: Zecoxao