Online Connections

From PS4 Developer wiki
Jump to navigation Jump to search

See also PS5 Online Connections.

PS Store Activation[edit | edit source]

URLs[edit | edit source]

PS Store content activation is often refered to as NP KDC.

On PS3, PSP and PS Vita:

On PS4, the servers files are:

  • /tcap.m for acttype 1 and 3
  • /tcdp.m for acttype 2 and 4
  • /tkdp.m for acttype 5 and 6

Usage on PS3, PSP and PS Vita:

  • cap should be Console Activation Point. Posting loginid, password (or epassword) and consoleid to tcap.m returns act.dat file.
  • cdp = Console Deactivation Point. Same as cap but the console removes the act.dat from the console after this is executed.
  • kdp = ?Key Download/Drop Point?. RIF files are obtained from here

Image And Video[edit | edit source]

Image API[edit | edit source]

Sony servers provide an API to convert any image available on internet to another file format. Here is an example: 

https://image.api.np.km.playstation.net/images/?format=png&w=4096&h=2160&image=https://pbs.twimg.com/profile_images/785892918645129216/1bmhzm0t.jpg

https://image.api.np.km.playstation.net/dis/images/?format=png&w=4096&h=2160&image=https://pbs.twimg.com/profile_images/785892918645129216/1bmhzm0t.jpg

Supported arguments are:

  • image (mandatory): URL to the image
  • format: "png" or "jpg"
  • w: width in pixel. It is limited to 4096.
  • h: height in pixel. It is limited to 2160.

The maximum size may be 8847360 pixels (4096 times 2160).

Apollo 2[edit | edit source]

General Content Image (PNG)[edit | edit source]

Format for image:

Example for image:

Free Content Media (JPG and MP4)[edit | edit source]

Format for general image:

Format for screenshot:

  • https://apollo2.dl.playstation.net/cdn/<Publisher ID>/<NP Title ID>/FREE_CONTENT<Media Hash>/PREVIEW_SCREENSHOT<Index>_<NP Title ID Hash>.jpg
  • Index is an incremental decimal number starting from 1.

Format for general video:

Format for preview video:

  • https://apollo2.dl.playstation.net/cdn/<Publisher ID>/<NP Title ID>/FREE_CONTENT<Media Hash>/PREVIEW_<Preview Video Type>_VIDEO_<Content ID Hash>.mp4
  • Preview Video Type can be TRAILER, GAMEPLAY or THEME.

Example for general image:

Example 2 for screenshot:

Example for general video:

Example for trailer video:

Example for gameplay video:

Example for theme video:

PSP and PS Vita Asia PS Store Images Server[edit | edit source]

Format for image:

Example: http://as.dl.playstation.net/as/NPHA80057_00/ENG/SC_ASIA_ENG_01.jpg

Games and applications[edit | edit source]

PlayStation 4 games and applications induce connection to internet to download updates, be downloaded in the case of contents bought on the PlayStation store, and some specific games use more connections for online gaming or diverse additional contents.

  • See PKG files for more examples of known links.

Title Database JSON[edit | edit source]

Format:

Example:

Game Base Descriptive Files[edit | edit source]

The listed files are non-exhaustive as there may be more images, more descriptive files involved depending on the application.

Icon[edit | edit source]

Format:

Example:

Pronunciation[edit | edit source]

Format:

Example:

Background Image[edit | edit source]

Format:

Example:

Background Music[edit | edit source]

Format:

Example:

Game Base JSON[edit | edit source]

Format 1:

Format 2:

  • "p" instead of "f"

Example 1:

Example 2:

Game Base PKG[edit | edit source]

Format 1:

  • http://gs2.ww.prod.dl.playstation.net/gs2/appkgo/prod/<NP Title ID>/<Revision>/f_<Hash>/f/<Content ID><Suffix>.pkg
  • It can be derived from the JSON URL by removing ".json" and appending "<Suffix>.pkg".
  • Suffix can be blank or "_n" where n is a decimal digit representing the chunk number.

Format 2:

  • "p" instead of "f"

Example 1:

Example 2:

Game Update XML[edit | edit source]

Contains link to the Delta Package if it exists, the PlayGo Manifest XML and the JSON.

Format:

Example:

Game Update JSON[edit | edit source]

Contains links to the chunks of PKG files for the non-cumulative patch.

Format:

Example:

Game Update Change Information XML[edit | edit source]

Format:

Example:

Game Update PlayGo Manifest XML[edit | edit source]

Contains information on how the package should be downloaded and installed.

Format:

Example:

Game Update PKG[edit | edit source]

Format:

  • http://gs2.ww.prod.dl.playstation.net/gs2/ppkgo/prod/<NP Title ID>/<Patch Revision>/f_<Hash>/f/<Content ID>-A<Application Version>-V<Version><Suffix>.pkg
  • It can be derived from the JSON url by removing ".json" and appending "<Suffix>.pkg".
  • Suffix can be blank or "-DP" for a Delta Package (i.e. a Cumulative Patch) or "_n" where n is a decimal digit representing the chunk number.

Example of a single non-cumulative update PKG:

Example of a single Delta Package update PKG:

Example of chunks of non-cumulative update PKG:

Additional Content JSON[edit | edit source]

Format:

Example:

Additional Content PKG[edit | edit source]

Format:

Example:

Additional Content PKG Digest[edit | edit source]

Format:

Example:

Planet Side 2[edit | edit source]

The Planet Side 2 game on PS4 hosted some files on a server owned by Sony. Most URLs had the prefix 

http://pls.patch.station.sony.com/patch/sha/

Rocket League[edit | edit source]

See Bugs.

Final Fantasy XIV: A Realm Reborn[edit | edit source]

Final Fantasy XIV: A Realm Reborn, whose Title ID is CUSA00285 for Europe, CUSA00288 for USA and CUSA00301 for Japan, is an online game available on PS3, PS4 and PS5.

See also the official website, patchnote logs.

PS3 version[edit | edit source]

Support for the PlayStation®3 version of FINAL FANTASY XIV ended at the start of early access for FINAL FANTASY XIV: Stormblood on Friday, June 16, 2017. As thanks to the players for supporting FINAL FANTASY XIV, Square Enix has been upgrading licenses for the PlayStation®3 version to the PlayStation®4 version automatically. However, players who already possess a license for the PlayStation®4 version are not eligible for an upgrade. Upon completing the upgrade process, a PlayStation®4 system is required to play FINAL FANTASY XIV. See https://na.finalfantasyxiv.com/lodestone/topics/detail/e9fbafe97c1042d749b57ca57cfd8ee1cc02518c.

Free trial[edit | edit source]

There exists a free trial of Final Fantasy XIV for PS4 and PS5 on PS Store.

The free trial lets you play for as long as you want for free, but with limitations. You are only being able to play through Stormblood, with social limitations, etc.

PlayStation Plus[edit | edit source]

You do not need a subscription to PlayStation Plus to be able to play FFXIV Online. It does, however, need a subscription to the game itself.

You can theoretically get a 30-day trial by registering on Square Enix website:

Unusual update system[edit | edit source]

The game Final Fantasy XIV: A Realm Reborn tries to download an update patch before starting the game, instead of the official PKG way. Since 2018-09-04, the updates are not provided anymore in the ZIPATCH format but in the official PS4/PS5 PKG format. See https://na.finalfantasyxiv.com/lodestone/news/detail/2b63219b37d83601618341b5a7876d9a6c72a774. However, when executing the PS4 game with no update or an old version of the application, the ZIPATCH version is still requested by a call to server, although probably no answer is returned since the server files have likely been removed. The first patch version using the official PS4 system seems to be version 7.06, dated 2018-08-22, for CUSA00285, CUSA00288 and CUSA00301, requiring at least PS4 System Software version 5.55.

The game patch downloader uses HTTP not HTTPS so packets can be hijacked using a HTTP proxy or DNS.

Example with CUSA00285[edit | edit source]

After inserting for the first CUSA000285 disc in a PS4, information tells that it is version 1.00 and size 107KB.

After launching the game without internet connection and under a PSN account without PS Plus, it displays: 

Unable to complete version check.
[20013][-214323327]

Then the game size becomes 38.19GB.

After launching the game without internet connection and under a local PS4 account, it displays: Sign in to PlayStation Network to use network features (NP-31730-4)

Official Sony title patch URL: http://gs-sec.ww.np.dl.playstation.net/plo/np/CUSA00285/164f85d343834aede6b9fec33120cb1fb74289174c65a5f6b689ed8d87130043/CUSA00285-ver.xml

Current latest game version is 10.88 and requires PS4 System Software version 12.00. Some older versions can be found on:

Example with CUSA00288[edit | edit source]

Official Sony title patch URL: http://gs-sec.ww.np.dl.playstation.net/plo/np/CUSA00288/a8511a86e5c175f42c0a476b7bf1487d981bf715d3ffa0bb912ef1ebcac6180c/CUSA00288-ver.xml

Current latest game version is 10.88 and requires PS4 System Software version 12.00. Some older versions can be found on:

vercheck.dat[edit | edit source]

The game executable downloads a file named vercheck.dat from 

https://web.archive.org/web/20171226083441/http://patch-bootver.ffxiv.com/http/ps4/ffxivneo_release_boot_eu/2014.04.02.0000.0000/ffxivpatch/02cbcb27/ffxivpatch/02cbcb27/vercheck.dat

The content looks like a network transmission header: 

--477D80B1_38BC_41d4_8B48_5273ADB89CAC
Content-Type: application/octet-stream
Content-Location: ffxivpatch/02cbcb27/metainfo/D2014.04.02.0000.0000.http
X-Patch-Length: 62171712

62171712	62915700	3	3	2017.12.06.0000.0001	http://patch-dl.ffxiv.com/boot/02cbcb27/D2017.12.06.0000.0001.patch
--477D80B1_38BC_41d4_8B48_5273ADB89CAC--

and from the URL 

https://web.archive.org/web/20171209090142/http://patch-bootver.ffxiv.com/http/ps4/ffxivneo_release_boot_eu/2014.04.02.0000.0000/?time=2014-04-04-11

we have an older version dumped: 

--477D80B1_38BC_41d4_8B48_5273ADB89CAC
Content-Type: application/octet-stream
Content-Location: ffxivpatch/02cbcb27/metainfo/D2014.04.02.0000.0000.http
X-Patch-Length: 62171712

62171712	62915700	3	3	2017.11.24.0000.0001	http://patch-dl.ffxiv.com/boot/02cbcb27/D2017.11.24.0000.0001.patch
--477D80B1_38BC_41d4_8B48_5273ADB89CAC--

as well as from 

https://web.archive.org/web/20170104080948/http://patch-bootver.ffxiv.com/http/ps4/ffxivneo_release_boot_eu/2014.04.02.0000.0000/?time=2014-04-04-11

where the version is even older: 

--477D80B1_38BC_41d4_8B48_5273ADB89CAC
Content-Type: application/octet-stream
Content-Location: ffxivpatch/02cbcb27/metainfo/D2014.04.02.0000.0000.http
X-Patch-Length: 55610720

55610720	56493172	3	3	2016.12.08.0000.0001	http://patch-dl.ffxiv.com/boot/02cbcb27/D2016.12.08.0000.0001.patch
--477D80B1_38BC_41d4_8B48_5273ADB89CAC--

The vercheck.dat file contains the URL to download the .patch file.

patch file[edit | edit source]

The patch is in ZIPATCH format. The patch may be RSA signed, but maybe the downloader executable or the checker is vulnerable to buffer overflows or other vulnerabilities.

There seem to be a CRC32 hash in the ZIPATCH header and a sha1 hash in the version file for download integrity.

Tools for patch file download[edit | edit source]

query {
  files {
    name
  }
  repositories {
    id
    slug
    name
    description
    versions {
      versionString
      firstOffered
      lastOffered
			id
      repository {
        slug
        name
        id
      }
    }
  }
  patches {
  		isActive
 			id
 			url
   		size
    	firstSeen
    	firstOffered
    	lastSeen
      lastOffered
    	hashType
    	hashBlockSize
    prerequisitePatches {
      patch {
        url
      }
    }
      repository {
        slug
        name
        id
      }
    }
}

Tools for patch file analysis[edit | edit source]

Other tools[edit | edit source]

TV and Video Service Applications[edit | edit source]

See also Media Services and Internet Browser.

As on the PS3, TV/Video_Services can be directly installed to the console, seperately from browsing the PS store.

As a side reference, on PlayStation 3 (WebMAF), the user-agent of TV & Video applications used to be mostly "Mozilla/5.0 (PlayStation 3) AppleWebKit/531.3 (KHTML, like Gecko) SCEE/1.0 Nuanti/2.0 whilst on PS4 it is mostly Mozilla/5.0 (PlayStation 4) AppleWebKit/531.3 (KHTML, like Gecko) SCEE/1.0 Nuanti/2.0.

SnagFilms[edit | edit source]

See Bugs.

VidNow[edit | edit source]

See Bugs.

Commerce related[edit | edit source]

PS Store Content Icons[edit | edit source]

Format:

Example:

Remarks:

  • 00_09_000 represents the version of the Chihiro/Kamaji PS Store.

Unsorted[edit | edit source]

ps4-eb servicelist.xml[edit | edit source]

It is a white/black list for unknown usage.

Content: 

 <?xml version="1.0" encoding="UTF-8"?>
 <servicelist version="1.0" platform="ps4">
   <service name="SNS001" default="allow">
   </service>
   <service name="SNS002" default="allow">
   </service>
   <service name="SNS003" default="allow">
   </service>
   <service name="SNS004" default="allow">
   </service>
   <service name="SNS005" default="deny">
     <allow country="jp"/>
   </service>
   <service name="SYS001" default="allow">
     <deny country="de"/>
   </service>
 </servicelist>

ps4-eb applaunchlink.xml[edit | edit source]

It is a white/black list for unknown usage.

Content: 

 <?xml version="1.0" encoding="UTF-8"?>
 <applaunchlink version="1.0">
   <system_info min_system_ver="01.700.000"/>
   <title_black_list>
   </title_black_list>
 </applaunchlink>

Network connections by the System[edit | edit source]

User-agent Header Host
btest/1.0 libhttp/1.50 (PlayStation 4) POST /networktest/post_128 HTTP/1.1

GET /networktest/get_2m HTTP/1.1

post.net.playstation.net

get.net.playstation.net

Download/1.00 libhttp/1.50 (PlayStation 4)
Download/1.00 libhttp/1.61 (PlayStation 4) 		GET /update/ps4/list/us/ps4-updatelist.xml HTTP/1.1
GET /update/ps4/list/eu/ps4-updatelist.xml HTTP/1.1 		fus01.ps4.update.playstation.net
feu01.ps4.update.playstation.net
SystemLogger/1.0 (PlayStation 4 1.501) libhttp/1.50 (PlayStation 4)
SystemLogger/1.0 (PlayStation 4 1.610) libhttp/1.61 (PlayStation 4) 		GET /update/ps4/list/us/ps4-updatelist.xml HTTP/1.1
GET /update/ps4/list/eu/ps4-updatelist.xml HTTP/1.1 		fus01.ps4.update.playstation.net
feu01.ps4.update.playstation.net
close /update/ps4/image/2014_0528/sys_ce90f2e9274e4614ffde6934e08e4b6e/PS4UPDATE.PUP?dest=eu /update/ps4/image/2014_0528/rec_7f84e2f63d1f6a5b4348bb528b35f2d7/PS4UPDATE.PUP?dest=eu deu01.ps4.update.playstation.net
CONNECT ps4updptl.eu.np.community.playstation.net:443 ps4updptl.eu.np.community.playstation.net
PS4TitleMetadata/1.00 libhttp/1.50 (PlayStation 4) GET /tmdb2/CUSA00080_00_4ED0D1374CB128AC8E277C9A3145505220D6D93A/CUSA00080_00.json HTTP/1.1

GET /tmdb2/CUSA00129_00_44DB6A4F9C773AF95F0D697E14652EABC80BAEFB/CUSA00129_00.json HTTP/1.1
GET /tmdb2/CUSA00001_00_C32A667A087A40C2AD1889435907AA4B0D9DBA1F/CUSA00001_00.json HTTP/1.1

tmdb.np.dl.playstation.net
Mozilla/5.0 (PlayStation 4 1.51) AppleWebKit/536.26 (KHTML, like Gecko) CONNECT themis.dl.playstation.net:443 HTTP/1.1 themis.dl.playstation.net:443
Mozilla/5.0 (PlayStation 4 1.51) AppleWebKit/536.26 (KHTML, like Gecko) CONNECT sf.api.np.km.playstation.net:443 HTTP/1.1 sf.api.np.km.playstation.net:443
CONNECT asm.np.community.playstation.net:443 HTTP/1.1 asm.np.community.playstation.net
Mozilla/5.0 (PlayStation 4 1.51) AppleWebKit/536.26 (KHTML, like Gecko) CONNECT artcdnsecure.ribob01.net:443 HTTP/1.1 artcdnsecure.ribob01.net:443
Mozilla/5.0 (PlayStation 4 1.51) AppleWebKit/536.26 (KHTML, like Gecko) CONNECT api-p014.ribob01.net:443 HTTP/1.1 api-p014.ribob01.net:443
Mozilla/5.0 (PlayStation 4 1.51) AppleWebKit/536.26 (KHTML, like Gecko) CONNECT apicdn-p014.ribob01.net:443 HTTP/1.1 apicdn-p014.ribob01.net:443
CONNECT it-prof.np.community.playstation.net:443 HTTP/1.1 it-prof.np.community.playstation.net
CONNECT ps4updptl.eu.np.community.playstation.net:443 HTTP/1.1 ps4updptl.eu.np.community.playstation.net
CONNECT fswitch.dl.playstation.net:443 fswitch.dl.playstation.net

nonretail:

Port usage[edit | edit source]

ps3 side reference

Generic Port usage[edit | edit source]

Protocol Port(s) Usage Remarks
UDP 1-1023 System reserved local ports
TCP 80 PSN Shop / USB/BT headsets http web
TCP 443 PSN Shop https web ssl
TCP 1935 PSN generic
TCP/UDP 3478 Session Traversal Utilities for NAT / Simple Traversal of UDP Through NAT (STUN)
TCP/UDP 3478-3480 NP matching 2 utility default PSN Generic / PS Home
TCP 4000 groupMessaging Crossplatform Integration
TCP 8540-8579 System reserved local ports
TCP 8550 Deci Daemon
TCP over UDP-P2P 9293-9310 System reserved local ports
UDP-P2P virtual 32768-49999 Ephemeral ports
UDP-P2P virtual 32768-65535 System reserved local ports
TCP 49152-65535 Ephemeral ports
TCP over UDP-P2P 49152-65535 Ephemeral ports
UDP 49152-65535 Ephemeral ports
TCP over UDP-P2P 40000-65535 System reserved local ports

PlayStation 4 Discovery and Wake-up Utility[edit | edit source]

See PlayStation 4 Discovery and Wake-up Utility.

Tools[edit | edit source]

  • SKFU's Pr0xy
  • WireShark
  • CharlesProxy
  • Archive.org wayback machine allows to list every file it has archive for a specific subdomain by going to https://web.archive.org/web/*/<DOMAIN>/*. The same can be achieved in command line by installing the waybackpy python library and typing waybackpy --url <DOMAIN> --user_agent "ua" --known_urls > <DOMAIN>.txt.
  • To bruteforce subdomains of a server:
ffuf -u https://FUZZ.playstation.net -w subdomains-top1million-5000.txt -mc 200,301,302,403

Example: 

$ffuf -u https://FUZZ.dl.playstation.net -w subdomains-top1million-5000.txt -mc 200,301,302,403

        /'___\  /'___\           /'___\       
       /\ \__/ /\ \__/  __  __  /\ \__/       
       \ \ ,__\\ \ ,__\/\ \/\ \ \ \ ,__\      
        \ \ \_/ \ \ \_/\ \ \_\ \ \ \ \_/      
         \ \_\   \ \_\  \ \____/  \ \_\       
          \/_/    \/_/   \/___/    \/_/       

       v1.1.0
________________________________________________

 :: Method           : GET
 :: URL              : https://FUZZ.dl.playstation.net
 :: Wordlist         : FUZZ: subdomains-top1million-5000.txt
 :: Follow redirects : false
 :: Calibration      : false
 :: Timeout          : 10
 :: Threads          : 40
 :: Matcher          : Response status: 200,301,302,403
________________________________________________

zeus                    [Status: 403, Size: 381, Words: 13, Lines: 11]
doc                     [Status: 403, Size: 919, Words: 91, Lines: 20]
as                      [Status: 403, Size: 379, Words: 13, Lines: 11]
poseidon                [Status: 403, Size: 385, Words: 13, Lines: 11]
ares                    [Status: 403, Size: 381, Words: 13, Lines: 11]
e1                      [Status: 403, Size: 379, Words: 13, Lines: 11]
cma                     [Status: 403, Size: 380, Words: 13, Lines: 11]
codex                   [Status: 403, Size: 382, Words: 13, Lines: 11]
:: Progress: [4989/4989] :: Job [1/1] :: 1663 req/sec :: Duration: [0:00:03] :: Errors: 4970 ::

Guides[edit | edit source]



Reverse Engineering
Dumps & Strings
Dumps
Strings
Communication
USB
Wifi/LAN
Keys, Commands & Digests
Emulation
General
Compatibility Lists
Manuals
System Modules
System libraries
Retrieved from "https://www.psdevwiki.com/ps4/index.php?title=Online_Connections&oldid=295610"