(adsbygoogle = window.adsbygoogle || []).push({}); With PS4 of FW 5.05, I'd like to extract the game EBOOT.elf.
If you can extract it, IDAPro can analyze the address and offset, so I'd love to do it.
However, I can not find a way to extract EBOOT.elf in 5.05.
Could anyone tell me?

Oh shit I was about to ask a very similar question myself but in regards to the IDA Freeware 7.0 where I’m looking for a plug-in - I’ve found some for IDA Pro but I don’t really know how to make them work... or if it’s even possible with the freeware version?


To *sorta* answer your question... when you make a backup of a game the eboot is decrypted during the backup process

You can also use PS4Cheater to find addresses in the eboot

For example, suppose that when analyzing BO3, my PS4 was 5.05, there was no payload that can extract ELF.
Although there was information that DumpFile 455.bin could be retrieved, there was no volunteer who created DumpFile 505.bin

So I decided to use Dumper.bin to retrieve normal EBOOT.BIN.
there is the following method "showip".

You must login or register to view this content.

Clicking on "DATA XREF: sub_769810" in this will switch to the screen below.

You must login or register to view this content.

Since ”CODE XREF: sub_769810+48C↑j” is written just above showip, it moves to that point.

You must login or register to view this content.

I think this 0x769810 is the address of showip.
Since this address is the address in EBOOT.BIN, it will be different value when viewed in PS4.
In the case of PS 4, the address of the shared memory has to be shifted.
(+ 0x10000 for PS3)

Does anyone know the shared memory size of PS4?