I hope everyone is doing well out there. I have seen some very exciting developments over the course of the last couple of days, and would like to add my own contribution.
If you remember, the 2 interesting points from the SCE file format analysis were:
- SCE header has a "file size" type field that was ALWAYS 0x7bf bytes smaller than the real file size.
- In the ELF portion of the file, the Section Header Table offset (Elf64_Off, e_shoff) was pointing to a non-existant location in the file.
Well, these were NOT really coincidental as our friends at $ony would like us to believe. Here is what it boils down to:
- The "file size" type field (I will call it ELF RealSHT Offest from now on) is really the "Real offset of the Section Header Table in the SELF file".
- Between the OtherOS.self file and the Updater.SCE files, the Section Header Tables look EXACTLY the same.
- I also compiled a simple C program on my PS3 to output an ELF64 image. The SHTs look _very_ similar.
So, here's some editorial about these findings. In my opinion, $ony is trying to obfuscate things by re-arranging standard file formats and changing pointers and such. This is a typical case of "security through obscurity" and can only be maintained if people are not looking _deep_ into the data in front of them.
At the end of the day, they had a limited amount of time to _customize_ the PS3 and its ecosystem before launch. They also cannot invest in a totally new architecture and supporting bits, simply due to monetary and project timeline constraints. This is very typical of software/hardware development projects.
Do we know exactly what is in these files? Not yet. Do we know more than what we knew 2 months ago? ABSOLUTELY. I think if we go at this pace, it won't be long before we get some very interesting results.
Just keep one thing in mind: This is purely for fun. It is almost like solving a puzzle, no more, no less.