Things have been moving at a fast rate on the PS5 scene. A few days after we started seeing library file dumps for the PS5, developer flat_z has just shared an IDA plugin to load PS5 elf files (PS5 binaries) for reverse-engineering purposes.

What’s IDA PS5 .elf plugin

IDA (Interactive DIsassembler) is a popular piece of software used to reverse engineer executables/Binaries for multiple platforms. IDA is very popular among hobbyists, in part because it runs on an interesting “freemium” premise: older versions of the tool are freeware, while the latest and greatest is commercial.

The latest Freeware version of IDA can be downloaded from the official site. Technically that is version 7.7 however, while this plugin released by flat_z is for version 7.5, so you might have to dig that one out if you run into incompatibilities.

IDA lets you disassemble binaries from multiple platforms, supporting the addition of new platform through plugins, which is exactly what this release is about.

In other words, if you happen to have PS5 4.03 elf files lying around, this plugin should help you reverse engineer them, and dig for potential vulnerabilities in the PS5 firmware.

How to use the IDA PS5 plugin:

From the readme:

Instructions

• Put all files into their corresponding directories by keeping this directory’s structure.
• Use 64-bit IDA and standard ELF64 for x86-64 (Unknown) [elf64.dll] when loading .elf/.prx file.
• Apply any kernel options that you use usually.
• If you see warning Unsupported or unknown image type, then press Yes, thus ignoring it.
• Wait till plugin complete its own work. I use many heuristics to locate a lot of useful information within .elf file, so please be patient.
• Ignore all possible warnings that may happen during processing. Some of structures are getting updates from one version of SDK to another, that may cause warnings as well until they will be fully supported.
• If you want to add new symbols or edit existing ones, then update file cfg/ps5_symbols.txt and til/prospero.til optionally.

Known bugs

• Need to update some structures, e.g. sceProcessParam, to reflect more fields that it may take.
• Need to parse exception handler sections properly because their format was changed since PS4. Could be useful to tweak function boundaries even more.

P.S. PRs with bug fixes and improvements are welcome.

Download IDA PS5 elf plugin

You can download the required files from flat_z’s github here.

Source: flat_z