Welcome to the final part of my series of post focused on the modding of a PS4 game!
Since we’re approaching the end, allow me to rant a bit about a detail that would’ve saved me a fair amount of time if I knew about it beforehand.
As I already noticed in 2020, PS4 games are encrypted inside .PKG files even once they are installed, and the only way to decrypt them is by booting the game up on the console.
As such, one would think that, in order to mod a PS4 game, we would need to repack the whole Fake PKG and reinstall it each time we modify a file. That’s what I did for my first dozen of tries, and the process was TEDIOUS! Imagine doing the whole process of Part 1 each time a mere file was modified, the waste of time was absolute between the PKG repacking (about 30 minutes), the transfer to USB (5-10 minutes), the actual installation (10 minutes) and finally booting the game up: a whole hour of NOTHING, urgh.
I thought I could finally seek salvation after finding out about PS4 Patch Builder but nope, it was the same, perhaps even worse. In order to use the program I needed a backup of the whole game as a PKG and an Image0 folder with all my modded files, and, for some reason, the program didn’t function if said folder didn’t also have all the other files, which means that I know had the equivalent of two backups occupying my space for nothing! After hitting that Build Package button it would take around half an hour to generate the “Update” PKG so really there wasn’t much benefit to using that method, if not to generate a slightly tinier PKG than before, at the expense of having 3 copies of the game lying on my Hard Drive with no benefits.
Now that this is out of my way, allow me to introduce you to the actual way of modding a PS4 game, the Holy Grail of modding, a technique similar to the Switch’s LayeredFS file replacement: AFR (Application File Redirector)! I will speak exclusively about GoldHEN‘s implementation of it (as a plugin), but it was originally made by theorywrong for the Mira Project.
As its name indicates, while the game is running, AFR replaces the games files with the ones we’ve put in a custom folder, eliminating all needs from repacking the PKG each time we want to edit a file. This method works with disc copies and legit PKGs!
The first thing we need to do is to download the GoldHEN plugins from the GitHub repository. Once downloaded, we need to edit the plugins.ini file to enable the plugins we are going to use, and to tell which games we are going to load the plugins for. As I want to apply the plugins to any game, the file would look like this:
; Note: lines starting with semicolon are for comments.
; Load plugins for any title.
[default]
; Load the AFR plugin
/data/GoldHEN/plugins/afr.prx
; Load plugins only for Playroom.
[CUSA00001]
/data/GoldHEN/plugins/afr.prx
/data/GoldHEN/plugins/no_share_watermark.prxWith the .ini file modified, it’s time to put the plugins.ini file and the plugins folder in your PS4, into the /data/GoldHEN/plugins/ folder (we can do that by USB or by FTP).
Now, we can run GoldHEN and enable the plugins in the Settings > Debug Settings > Plugins > Enable Plugins Loader section.
For each game we want to modify, we simply need to create a folder bearing the game’s TitleID inside of /data/GoldHEN/plugins/AFR, and place all of our modified files here.
If everything was done correctly, we will see the difference each time we boot up the games with AFR enabled.
There are a few ways of distributing our modded data to the public, each with their pros and cons:
- The most user-friendly way would be by repackaging the whole game and uploading the PKG on the internet: anyone with a jailbroken console could install it, but it’s not only expensive in terms of space usage (we upload the whole game), but also obviously clearly illegal (we upload the whole game). I would not recommend using that as an option, especially if you want your mod project to be publicly available.
- Another way would be by generating a custom update so we would only need to distribute the files that we modified through a Fake PKG. Unfortunately, this method requires the user to dump their game and reinstall it as a Fake PKG, which isn’t optimal.
- The best compromise between legality and ease of use would be the AFR we mentionted before: we only need to distribute the edited files, which the user can then copy to their console in the
/data/GoldHEN/plugins/AFR/CUSAXXXXfolder.
- Even better legally, by using Delta Patching tools, such as xdelta or xdelta3, instead of distributing the files directly, you can distribute patches that will modify the original files with the new data, which means the user would have to own their own dump, and that we don’t technically upload any (usable as a standalone) illegal content.
- Another advantage is is that by only distributing the patched part of a file, we can drastically reduce the size of the patch we are going to share! Be warned though, this method requires the user to apply the patches by themselves before obtaining the modded file, and that an xdelta patch (to my knowledge) is applied to a single file, which, in case of a patch that modifies a lot of files,would make us generate the patches one by one, and the user would also need to apply them one by one! (these cons could be solved by making Bash/Powershell/Python… scripts that handle the patching for the user, as xdelta handles CLI with no problem.)
And thus, our long guide finally comes to an end. Now, we are able to jailbreak a ps4 console, dump any game we want, modify its contents (we covered the case of a Unity game) and run the patched contents on the console as easily as possible. Thank you for reading this blog, I will come back for more Sony-oriented romhacking articles soon!