Latest PS3 News Forum Updates

**thaihung** · 02-09-2009

Hi all,

I'm trying decompile make_package_npdrm.exe with ida/hexrays to understand how sony make a pkg. Does anyone try this before?

**Beast** · 02-09-2009

pkg is like a zip file but only for sony PS3.

with a hex i dont know if you can understand something

i think if you unassemble it, you can see better how this soft work.

**jd200** · 02-09-2009

you can see the file on a mac as a box icon file so im assuming its been made on a mac the pkg files.

**PS3 News** · 02-09-2009

Here are some threads on PS3 PKG files, in case you haven't seen them yet:

http://www.ps3news.com/forums/playst...ure-57073.html

http://www.ps3news.com/forums/playst...ile-94137.html

**d4ny** · 02-09-2009

I suggest you should take into consideration that make_package_npdrm.exe creates packages not protected by drm. So, these packages are runable only on test units and there could be much more differences between npdrm and retail packages than we can imagine.

However, I wish you good luck.

**thaihung** · 02-10-2009

Thank for all advise. Anyway I still trying

and will post the result (if any) there.

**F4b10** · 02-10-2009

the pkg files should be encrypted so i don't know if you could obtain something useful...anyway good luck ^^

**Beast** · 02-10-2009

i think maybe a windows app for compress or convert file someone want to put in his console

and indeed, this file can create pkg but not signed so if no one know how we can make a signed pkg, propose programm for ps3 risk to be hard

good luck for your investigation

**Zerotacg** · 02-16-2009

I did take a look at it and how it does decrypt the files.
The Filestructure of the pkg it self is more or less already known so I don't go into that.

As for the decrypting (only works on files generated with make_package_npdrm).

Code:

  // some pseudo code
  // everything in big endian
  char key[16]; // from offset 0x60-0x6f
  char buffer[64];
  uint64 data_size; // offset 0x28
  
  buffer[00..07] = key[00..07];
  buffer[08..15] = key[00..07];
  buffer[16..23] = key[8..15];
  buffer[24..31] = key[8..15];
  buffer[32..59] = 0;
  
  char data[data_size];
  char hash[20];

  for(uint32 offset = 0; offset < data_size; offset += 16)
  {
    buffer[60..63] = offset / 16;  // zero indexed number of the row to decrypt
    hash = sha1(buffer);
    // xor the first 16 Bytes of the Hash with the row
    data[(0..15) + offset] ^= hash[0..15];
  };

To put it in words, it takes a key, adds a row number and uses the sha1 hash of it to decrpyt the data.
I didn't look to much into it but it does compute the sha1 hash of the header and stuff as well, didn't look to much into which part of the header exactly was used though.
Still the problem is make_package_npdrm can't decrypt non-dev packages.

BTW: I'm sure I'm not the first one finding it, but as nobody mentioned it so far.

Code:

make_package_npdrm --informal-help

**internetfloozy** · 02-25-2009

Any progress on this... I haven't had time to do much digging myself but i got IDA installed so I might pick thro a couple of the other .exe files on the 1.60 sdk and see if anything else stands out.

Latest PS3 News Forum Updates

Decompile make_package_npdrm ?

re