170w ago - Just a few days after kakarotoksreleased a kernel module to dump out the PS3 Hypervisor and Bootloader someone named Ps3 Memory Dump from GeoHot's blog did just that, and has leaked it publically as pictured below.
The included ReadMe file acknowledges is0mick's recent Atmega8 port, however, it curiously attempts to flame other PS3 News Devs despite using their code to make the HV dump... go figure, eh?
Preliminary examination of the leaked dump is currently underway by both Devs and end-users alike, with a few noteworthy findings thus far as follows:
• IDA entry point looks like 0x10190 is interesting address.
• Code starts at 0x00203000 according to my analysis.
I found some functions which aren't documented:
And below are some screen highlights from chipsy and yellowsnow. Thanks in advance to ALL who continue to publically share their findings with the PS3 scene!
Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!
But only if LV2 maps to the same areas of memory every time. Otherwise it would be a nice puzzle to put back together
Again - the hard power off is necessary to get an image from a state where the system is actually running normally (cause that's what we're interested in). On a soft shutdown / reboot it will alter the contents of memory and might perform some "housekeeping" (although I'm pretty sure that it won't clear all the memory).
One method to strip linux to its bare minimum would be to build a kernel that only contains the modules necessary for the dumping process (no bluetooth, networking etc) and put the dumping software into the initrd to run as the init process. This could be combined into a single image (like kboot / petitboot already does) and stored in flash instead of kboot / petitboot. It would then have to write the dump to an USB attached disk containing for example an ext3 partition.
OK - good point. Cooling would only be needed if the RAM was to be removed from the system (which it can't in this particular case since it isn't socketed).
Sadly you are gravely mistaken. The day Mathieulh first ran around announcing and tweeting it CJPC gave him that opportunity on MSN, more than once, and he not only refused to share any lv2 dump details but also told CJPC (as he did like a hypocrite before with the lv0/lv1 dumps he didn't do himself) to "do it yourself" so he definitely has no intention of helping others dump their own.
Mathieulh did, however, tell CJPC they plan to post some information dragged out slowly over the course of several months (extending their "bragging period" in attempt to make themselves feel important) so this is why many PS3 Devs are now sitting back and letting them do all the work, as it appears that is the way GeoHot and Mathieulh want it.
To anyone still wishing to pursue GeoHot's coldboot ramblings, I suggest you read einzwei's thread as it seems he's one of few able to see through them.
Yes, that's the "negative" point. Or we must recode the linux, so it uses the HDD/VRAM/whatever instead of the XDR-RAM...
But after dumping a big part of the RAM, the PS3 could still get really hacked... That little part doesn't matter much. As I said a linux which uses VRAM/HDD/whatever but RAM/... instead of the XDR-RAM, will be just great!!!
@tridentsx: A hard poweroff won't clear the RAM, if you keep the RAM at a very low temperature (-50�C)...
Exactly my point. No need to hurry all the time in the world. That was why I was skeptical about doing the power off since that would potentially clear the memory. As soon as that machine has power the memories will refresh them self keeping their content.