Editing PARAM.PFD
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
[[Category:Software]] | |||
[[ | |||
==Description== | ==Description== | ||
'''PFD''' ('''P'''rotected '''F'''iles '''D'''atabase) are responsible to prevent tampering of other files of the same folder, the only purpose is the security of the folder contents. Contains the cryptographic signatures of other files of the same folder (not all, but the ones that developers decided to be important enought to be secured). | '''PFD''' ('''P'''rotected '''F'''iles '''D'''atabase) are responsible to prevent tampering of other files of the same folder, the only purpose is the security of the folder contents. Contains the cryptographic signatures of other files of the same folder (not all, but the ones that developers decided to be important enought to be secured). | ||
Its used in several paths of the PS3, usually to secure data related with the user profile e.g: | Its used in several paths of the PS3, usually to secure data related with the user profile e.g: | ||
/dev_hdd0/home/0000000*/savedata/SAVEDATA_DIRECTORY/PARAM.PFD <---- in all save game folders | /dev_hdd0/home/0000000*/savedata/SAVEDATA_DIRECTORY/PARAM.PFD <---- in all save game folders | ||
/dev_hdd0/home/0000000*/trophy/NPCOMMID/PARAM.PFD <--- in all | /dev_hdd0/home/0000000*/trophy/NPCOMMID/PARAM.PFD <--- in all trohpy folders | ||
/dev_hdd0/home/0000000*/trophy/_TROPSYS_/PARAM.PFD <---- in the "user trophy index" folder | /dev_hdd0/home/0000000*/trophy/_TROPSYS_/PARAM.PFD <---- in the "user trophy index" folder | ||
Line 35: | Line 31: | ||
Total file size = 96+24+456+31008+1140+44 = 32768 bytes (0x8000) | Total file size = 96+24+456+31008+1140+44 = 32768 bytes (0x8000) | ||
The size of the file is fixed because the number of entries in both '''X table''' & '''Y table''' is 57 (when the entry is not used his position is marked as "not-used"). In the same way... the '''Protected files table''' has an area reserved for a maximun of 114 entries (not used entries are filled with zeroes). As result the file contains the maximun number of possible entries | |||
The size of the file is fixed because the number of entries in both '''X table''' & '''Y table''' is 57 (when the entry is not used | |||
*Useful game saves used in this page as examples | *Useful game saves used in this page as examples | ||
**http://www.gamefaqs.com/ps3/941950-mirrors-edge/saves ( | **http://www.gamefaqs.com/ps3/941950-mirrors-edge/saves (the first one region North America). Mirror: http://www.multiupload.nl/SWJ4Y4H7ER | ||
**http://www.gamefaqs.com/ps3/933123-heavy-rain/saves | **http://www.gamefaqs.com/ps3/933123-heavy-rain/saves | ||
The structure of the PARAM.PFD used in Mirror's edge game save can be considered "rare", this wiki page uses this file for explaining the structure because is perfect to understand how it works, the structure contains all the "problems" not present in "standard" files that can be considered unknown... there are other game saves that can be used (MotoGP10, Heavy rain)... but the list of protected files in heavy rain contains more than 100 files (use heavy rain if you are coding an app as a "stress test") | The structure of the PARAM.PFD used in Mirror's edge game save can be considered "rare", this wiki page uses this file for explaining the structure because is perfect to understand how it works, the structure contains all the "problems" not present in "standard" files that can be considered unknown... there are other game saves that can be used (MotoGP10, Heavy rain)... but the list of protected files in heavy rain contains more than 100 files (use heavy rain if you are coding an app as a "stress test") | ||
Line 104: | Line 43: | ||
Size = 96 bytes | Size = 96 bytes | ||
First, you need to decrypt the | First, you need to decrypt the hashes table itself (you can decrypt them by call ''Decrypt with portability''). The 128-bit key for it is stored at the 0x10 (it is an initialization vector). These bytes are randomly generated when the file is created and never changes after it. | ||
After decrypting the | After decrypting the hash table you can grab a third key from the table at offset 0x48. These bytes are randomly generated. This key is used as HMAC key to authenticate data for Y-table. An empty data gives us a default HMAC hash. | ||
You can decrypt the hash table on your PC too. Grab the second key from page [[Keys]] at section '''sc_iso module 1.00-4.00'''. It will be an AES-128 key, and IV is stored at 0x10 offset in .PFD. The algorithm is AES in CBC mode. | You can decrypt the hash table on your PC too. Grab the second key from page [[Keys]] at section '''sc_iso module 1.00-4.00'''. It will be an AES-128 key, and IV is stored at 0x10 offset in .PFD. The algorithm is AES in CBC mode. | ||
The | The hashes table is encrypted and always changes when the file is updated, is decrypted by vtrm | ||
*Mirror's edge game save '''Encrypted PFD Header''' | *Mirror's edge game save '''Encrypted PFD Header''' | ||
Line 122: | Line 61: | ||
| 0x08 || 0x08 (8 bytes) || 0000000000000003 || '''version''' || Must be 3 | | 0x08 || 0x08 (8 bytes) || 0000000000000003 || '''version''' || Must be 3 | ||
|- | |- | ||
| 0x10 || 0x10 (16 bytes) || 69152C97812B25C52AD4FA18E4B816A8 || ''' | | 0x10 || 0x10 (16 bytes) || 69152C97812B25C52AD4FA18E4B816A8 || '''hashes_table_iv''' || 128-bits initialization vector. Used to en/decrypt '''hashes_table''' | ||
|- | |- | ||
| rowspan="4" style="background-color:#DDDDDD;" | ''' | | rowspan="4" style="background-color:#DDDDDD;" | '''hashes <br /> table''' || 0x20 || 0x14 (20 bytes) || 7C1F5C28A7EE4D3922ADC828E6CD7888980F33B6 || X-Table hash ? || sha1 hmac ? | ||
|- | |- | ||
| 0x34 || 0x14 (20 bytes) || 2394EEE99706774E71912413A7CFDBE5E38E8D0C || | | 0x34 || 0x14 (20 bytes) || 2394EEE99706774E71912413A7CFDBE5E38E8D0C || Protected files table hash ? || sha1 hmac ? | ||
|- | |- | ||
| 0x48 || 0x14 (20 bytes)|| 5BCF880FCB7B59C4C5A3D983904B6CEEDE27152 || ''' | | 0x48 || 0x14 (20 bytes)|| 5BCF880FCB7B59C4C5A3D983904B6CEEDE27152 || '''y_table_hmac_key''' || sha1 hmac | ||
|- | |- | ||
| 0x5C || 0x04 (4 bytes) || AA9C2F85 || ''padding'' || | | 0x5C || 0x04 (4 bytes) || AA9C2F85 || ''padding'' || | ||
Line 175: | Line 114: | ||
From 0x78 to 0x240 | From 0x78 to 0x240 | ||
Size = 456 bytes | Size = 456 bytes | ||
Entry | Entry lenght = 8 bytes | ||
Number of entries = 57 | Number of entries = 57 | ||
Each entry can contain a "file index" (from 0x00 to 0x71... or 1 to 114 in decimal) that is pointing (or is | Each entry can contain a "file index" (from 0x00 to 0x71... or 1 to 114 in decimal) that is pointing (or is asigned) to one of the files in the '''Protected files table'''. How this assignation works is unknown | ||
If the "file index" is 72 (position 115) it means that is pointing out of the '''Protected files table''' (not used) | If the "file index" is 72 (position 115) it means that is pointing out of the '''Protected files table''' (not used) | ||
Line 186: | Line 125: | ||
The table does not fills with entries from top to bottom, usually the first entries are not used (marked as 72) followed by entries with whatever number from 0 to 71 (by now the entries used seems random), and mixed with more 72's entries | The table does not fills with entries from top to bottom, usually the first entries are not used (marked as 72) followed by entries with whatever number from 0 to 71 (by now the entries used seems random), and mixed with more 72's entries | ||
Used entries has a number | Used entries has a number asigned by his position in the table e.g: | ||
*Mirror's edge game save '''X table''' | *Mirror's edge game save '''X table''' | ||
Line 359: | Line 298: | ||
From 0x240 to 0x7B60 | From 0x240 to 0x7B60 | ||
Size = 31008 bytes | Size = 31008 bytes | ||
Entry | Entry lenght = 272 bytes | ||
Number of reserved entries = 114 | Number of reserved entries = 114 | ||
Number of used entries = variable from 1 to 114 | Number of used entries = variable from 1 to 114 | ||
Line 370: | Line 309: | ||
| 0x08 (8 bytes) || 00000000000000** || '''Virtual Index ID ?''' || Valid values from 0x00 to 0x71 (and 0x72 = Not used) | | 0x08 (8 bytes) || 00000000000000** || '''Virtual Index ID ?''' || Valid values from 0x00 to 0x71 (and 0x72 = Not used) | ||
|- | |- | ||
| | | 0x40 (64 bytes) || EXAMPLE.WTF || '''File Name''' || Name of the file included the point and the extension in ASCII (Null-terminated) | ||
|- | |||
| 0x08 (8 bytes) || :Wtf-o0- || '''Unknown?''' || Usually zeroed (crysis2 savedata uses '''CELL''' and heavenly sword '''s:Music''') | |||
|- | |||
| 0x20 (32 bytes) || ????????... || '''Certificate 1 ?''' || Method unknown (Null-terminated). Never change when the file is updated | |||
|- | |- | ||
| | | 0x9C (156 bytes) || ????????... || '''Certificate 2 ?''' || Method unknown (Null-terminated) <---- this probably needs to be divided | ||
|- | |||
| 0x04 (4 bytes) || 1A2B3C4D|| '''File Size''' || in bytes (probably longer, there are lot of zeroes before him) | |||
|- | |- | ||
|} | |} | ||
* | *Note | ||
Certificate: | Certificate: When the file is PARAM.SFO the certificate is longer and maybe uses imput data from "PARAMS" and/or "ACCOUNT_ID" inside PARAM.SFO. Method unknown (Null-terminated) | ||
Each entry can store the signature of one of the files in the folder, there is always an entry used to store the signature of [[PARAM.SFO]], this gives a maximun number of protected files generated by the game of 113. Used entries fills the table from top to bottom, not-used entries are placed at the end of the table filled with zeroes | |||
The first 8 bytes of each entry (Virtual Index ID) works in the same way than the entries in the '''X table''', when not used are marked as "72" and when used are randomnly placed asigning a "file index" to the entry. This "file index" does not matches with the position of the entry in the '''Protected files table''' itself... (e.g: indexed 0x06 is in position 14) | |||
For a theoricall file with alll entries used (114 protected files), half of the "file index" numbers will be spreaded between the '''X table''' (can only contain 57) ant the first 8 bytes of some entries in the '''Protected files table''' (the other 57) | |||
For a | |||
*Mirror's edge game save '''Protected Files Table''' | *Mirror's edge game save '''Protected Files Table''' | ||
Line 467: | Line 409: | ||
From 0x7B60 to 0x7FD4 | From 0x7B60 to 0x7FD4 | ||
Size = 1140 bytes | Size = 1140 bytes | ||
Entry | Entry lenght = 20 bytes (HMAC digest) | ||
Number of entries = 57 | Number of entries = 57 | ||
Is directly related with the '''X table''', both matches in the total number of entries (57) and | Is directly related with the '''X table''', both matches in the total number of entries (57) and wich ones are used (e.g. when the '''X table''' has a entry in position 12... the '''Y table''' has position 12 used) | ||
All the entries contains the same "20 bytes string" that is used as a "default" value for this table, only the used entries contains a different "20 bytes string" (in a theoricall PARAM.PFD with no files listed, the "Y table" would have all his 57 entries with the same string). This "default" string never changes when the file is updated. It is calculated as sha1_hmac(sha1_hmac_key_3, ""); | |||
The '''Y table''' has a repeating pattern so an entry for each potential file with the blank entry (I.E. no file) being represented by the repeating byte pattern. | The '''Y table''' has a repeating pattern so an entry for each potential file with the blank entry (I.E. no file) being represented by the repeating byte pattern. | ||
Line 614: | Line 556: | ||
===How to blank the tables=== | ===How to blank the tables=== | ||
In the header of the file there are 3 hashes that belongs to the 3 tables (X table, protected files table, and Y table). The first step needed to modify the file is to be able to generate this hashes for our "new" | In the header of the file there are 3 hashes that belongs to the 3 tables (X table, protected files table, and Y table). The first step needed to modify the file is to be able to generate this hashes for our "new" modifyed tables... but in fact, this hashes are the "only" thing needed to pwn the whole file security, because we can "clean-up" all the tables (in other words, we dont need to understand how this tables are built, how the protected files signatures are generated, or what this ID's means, because we can erase all this data): | ||
*1.- First is needed to look at "X table" to find an entry marked as 0x72 (not used), then go to the "Y table" and using this same position make a copy of the entry (this will be needed later in step 5 when cleaning-up "Y table" by pasting this value repeatedly) | *1.- First is needed to look at "X table" to find an entry marked as 0x72 (not used), then go to the "Y table" and using this same position make a copy of the entry (this will be needed later in step 5 when cleaning-up "Y table" by pasting this value repeatedly) | ||
*2.- Fill with zeroes the value "Protected files table used entries" (from 0x70 to 0x78) | *2.- Fill with zeroes the value "Protected files table used entries" (from 0x70 to 0x78) | ||
*3.- Fill "X table" with "not-used" | *3.- Fill "X table" with "not-used" entryes (from 0x78 to 0x240... paste 57 times the entry 0000000000000072) | ||
*4.- Fill with zeroes all the "protected files table" (from 0x240 to 0x7B60) | *4.- Fill with zeroes all the "protected files table" (from 0x240 to 0x7B60) | ||
*5.- Fill "Y table" with "not-used" entries (from 0x7B60 to 0x7FD4... paste 57 times the "not used" value for this table copyed previously) | *5.- Fill "Y table" with "not-used" entries (from 0x7B60 to 0x7FD4... paste 57 times the "not used" value for this table copyed previously) | ||
After cleaning-up the tables and regenerating | After cleaning-up the tables and regenerating his hashes, the behaviour of the PS3 when trying to load this "BLANKED.PFD" file can give some possible results: | ||
*File is valid, is loaded, but there is "something" that states this file originally had X "protected files" listed.... but now there is none = epic fail | *File is valid, is loaded, but there is "something" that states this file originally had X "protected files" listed.... but now there is none = epic fail | ||
*File is valid, is loaded, and PARAM.SFO is added to the list of protected files (this is something that seems to happen "by default"), consequently the PARAM.PFD is updated, both files are valid = partial win | *File is valid, is loaded, and PARAM.SFO is added to the list of protected files (this is something that seems to happen "by default"), consequently the PARAM.PFD is updated, both files are valid = partial win | ||
*File is valid, is loaded, no protected files are added to the list = epic win | *File is valid, is loaded, no protected files are added to the list = epic win | ||
It depends of the function that creates/updates the .PFD | It depends of the function that creates/updates the .PFD wich files needs to be added to the list of "protected files" (this is done the first time when the file is created), but probably games can add more files for his game saves | ||
The theory is simple... is a valid file with empty tables, | The theory is simple... is a valid file with empty tables, is something not tested yet, but if somebody finds a way to generate the header hashes... this theory is the next test that worths a try | ||
===The "virtual index"=== | ===The "virtual index"=== | ||
Mirror's edge has a total of 33 "protected files" (listed in the protected files table)... this number matches with the 33 "indexed" numbers that are spreading between "X table" and "protected files table" itself... if we place all the entries from all tables together we can reorder all by using | Mirror's edge has a total of 33 "protected files" (listed in the protected files table)... this number matches with the 33 "indexed" numbers that are spreading between "X table" and "protected files table" itself... if we place all the entries from all tables together we can reorder all by using his ID number in a "virtual index" | ||
{| class="wikitable" | {| class="wikitable" | ||
Line 638: | Line 580: | ||
! Index ID !! Index ID position in "X Table" !! Index ID position in "Protected Files Table" (File Name asociated) !! Y table hash ? (same position than X table) | ! Index ID !! Index ID position in "X Table" !! Index ID position in "Protected Files Table" (File Name asociated) !! Y table hash ? (same position than X table) | ||
|- | |- | ||
| style="background:#6666ff;" | 0x00 | | style="background:#6666ff;" | 0x00 || {{no}} || 28 (SAVTOC1.BIN) || {{no}} (default) | ||
|- | |- | ||
| 0x01 | | 0x01 || 2 || {{No}} || 83C16E92F5F5FAAF19A00810186E82A9313AADAD | ||
|- | |- | ||
| 0x02 | | 0x02 || {{no}} || 22 (SAV18.BIN ) || {{no}} (default) | ||
|- | |- | ||
| 0x03 | | 0x03 || 47 || {{No}} || D5097670CAF4186E89009EF031FD721FE3C3E083 | ||
|- | |- | ||
| 0x04 | | 0x04 || 36 || {{No}} || E81D24D0EF67CDC849260668B2A99F982C545929 | ||
|- | |- | ||
| 0x05 | | 0x05 || {{no}} || 24 (SAV1.BIN ) || {{no}} (default) | ||
|- | |- | ||
| 0x06 | | 0x06 || {{no}} || 14 (SAV0.BIN ) || {{no}} (default) | ||
|- | |- | ||
| 0x07 | | 0x07 || 40 || {{No}} || 4CB48133E388EDBCF0E0AD0DB6CD55020CB03342 | ||
|- | |- | ||
| 0x08 | | 0x08 || {{no}} || 30 (SAV26.BIN ) || {{no}} (default) | ||
|- | |- | ||
| 0x09 | | 0x09 || {{no}} || 31 (SAV27.BIN ) || {{no}} (default) | ||
|- | |- | ||
| 0x0A | | 0x0A || {{no}} || 32 (SAV28.BIN ) || {{no}} (default) | ||
|- | |- | ||
| 0x0B | | 0x0B || 14 || {{No}} || C45F773837AE76FAF3D662974438CE7FD620D2D0 | ||
|- | |- | ||
| 0x0C | | 0x0C || 4 || {{No}} || 28458FC13B00ED44EF5FA5BED55D016E94066099 | ||
|- | |- | ||
| 0x0D | | 0x0D || 15 || {{No}} || 6BE399A6B97F6158C6194ED6C8CC6A1B2AD6ADDB | ||
|- | |- | ||
| 0x0E | | 0x0E || 25 || {{No}} || 41534126B047CE6AADC6606C24766246C4F712D7 | ||
|- | |- | ||
| 0x0F | | 0x0F || 54 || {{No}} || E40D4A3ABB1EEB92A1BEF55B7730AB6BB5CDDB2D | ||
|- | |- | ||
| 0x10 | | 0x10 || 8 || {{No}} || 6B88527E002E78DB1D915573DD44951F0CBE6A3C | ||
|- | |- | ||
| 0x11 | | 0x11 || 26 || {{No}} || 08F26808FB5A47B4E35E71DDAA3167CD5CD08D75 | ||
|- | |- | ||
| 0x12 | | 0x12 || 33 || {{No}} || B08D1FAB5A5FA370B5FF2930024CE7CAC9F08234 | ||
|- | |- | ||
| 0x13 | | 0x13 || 21 || {{No}} || 1B9491E3F006528C387F4A8FAD75455E9780EF0D | ||
|- | |- | ||
| 0x14 | | 0x14 || 11 || {{No}} || EFAF21CD389AC84662601AC5B449AE12CCF739F9 | ||
|- | |- | ||
| 0x15 | | 0x15 || 18 || {{No}} || 933E85E3651EC32C05929CAD2CD23081BC975E9C | ||
|- | |- | ||
| 0x16 | | 0x16 || {{no}} || 25 (SAV23.BIN ) || {{no}} (default) | ||
|- | |- | ||
| 0x17 | | 0x17 || 22 || {{No}} || A69EC11F680BCDC8260CDF38FA47C3FCD1D16495 | ||
|- | |- | ||
| 0x18 | | 0x18 || 29 || {{No}} || 71A20B8F36D2853E4E84AB998AD201A0AC8C629C | ||
|- | |- | ||
| 0x19 | | 0x19 || 19 || {{No}} || 323A62857BAD6BD1D3B1ED8584723CC36C4D915D | ||
|- | |- | ||
| 0x1A | | 0x1A || 32 || {{No}} || 18BA71B3CEC1CCCDAD3395323C4259D72B1EF5E0 | ||
|- | |- | ||
| 0x1B | | 0x1B || 9 || {{No}} || 703F1A6F0A576A8D85E8EB35B30FE5DAB7689988 | ||
|- | |- | ||
| 0x1C | | 0x1C || 39 || {{No}} || 6347B31E98FA9A58195AB5D9ED1548A46CFE6FCE | ||
|- | |- | ||
| 0x1D | | 0x1D || 50 || {{No}} || 49481F76A9C591E03CA1B115D0FC9737A48837A3 | ||
|- | |- | ||
| 0x1E | | 0x1E || 57 || {{No}} || C1CE8AF37CA63059B835B2D6CD64E506B2E55397 | ||
|- | |- | ||
| 0x1F | | 0x1F || 7 || {{No}} || 42CBF8134469B91F541DCF76CC4934E9F6CDEDC6 | ||
|- | |- | ||
| 0x20 | | 0x20 || 53 || {{No}} || 389ED925282AFEC432D2A1F042E0043D0E91F785 | ||
|- | |- | ||
|} | |} | ||
===More brainstorming=== | ===More brainstorming=== | ||
*The | *The maximun number of entries in the '''Protected files table''' (114) is exactly the double than the maximun number of entries in '''X table''' (57) & '''Y table''' (57). Or from other point of view 114 = 57 + 57 | ||
**Seems obvious that there is an "index number" assigned to each "protected file", but | **Seems obvious that there is an "index number" assigned to each "protected file", but his positions are "scrambled" | ||
*The order of the files in the "protected files table" is based | *The order of the files in the "protected files table" is based in his timestamps (not alphabetically, not by size). Or in other words... is related with how the PARAM.PFD was generated for first time | ||
** | **Is the original order when the file was created for first time (based in his timestamps), when the files in the list are updated by the ps3 (his timestamp changes) they keeps his original position. When new files are added to the "protected files list table"... are added to the end of the list, based in his timestamps. | ||
**When several "protected files" | **When several "protected files" has the same timestamp (something very probable because can be generated by the game very fast)... the order is alphabeticall | ||
**So when ordering them, the timestamp is preferent... and when | **So when ordering them, the timestamp is preferent... and when timestamp matches is used his name (alphabetically) | ||
*Indexed files in the '''X table''' has a different number for each one, never repeats, but there is not direct relationship between the number of entries in '''X table''' & '''Y table''' (both are fixed to 57) and the | *Indexed files in the '''X table''' has a different number for each one, never repeats, but there is not direct relationship between the number of entries in '''X table''' & '''Y table''' (both are fixed to 57) and the numer of files listed in the '''Protected files table''' (114)... the most logicall explain if that this 114 "protected files" can be linked to both tables (57 each)... but in fact the only table that stores crypto is the '''Y table''' (limited to 57)... so what trick they used ? hmmmm | ||
*What are this index in the '''X table''' and in the '''Protected files table''' itself?, | *What are this index in the '''X table''' and in the '''Protected files table''' itself?, his positions seems to be random (but the number of indexed files matches with the number of "protected files"), seems like an old school "lucas arts games" anticheat card where you pick 2 values and by mixing them you get the unlock code :D | ||
**Seems to be "jumps" from one table to the other. The files are | **Seems to be "jumps" from one table to the other. The files are readed in order by the ps3 by "jumping" using his "index nº" to locate the next one... "Index nº0" seems to be located always at position 8 in the "X-Table" (offset 0xB8). In most complex PARAM.SFO (e.g: heavy rain, mirror's edge or motogp10/11) the value at this position is replaced by another "index nº" (by now seems random) that is pointing to the "protected files table" index area of each entry (where index nº0 is located). How this "jumps" works is partially unknown and by now is only notable in the first jump | ||
Line 733: | Line 669: | ||
Discussion thread ---> http://www.ps3hax.net/showthread.php?p=392684#post392684 | Discussion thread ---> http://www.ps3hax.net/showthread.php?p=392684#post392684 | ||