Sponsored Links

Sponsored Links

PSGroove Payload Updated with PS3 LV2 Peek and Poke SysCalls


Sponsored Links
230w ago - Update: tifozi1 has made available an updated PSGroove v1.1 (LV2 Peek and Poke SysCalls) USBTinymkii patched hex code now, tidusnake666 has shared PSGroove 1.1 for ATAVRXPLAIN users, farenheit has posted a hex code for ATAVRUSBRF01 hardware and an LED Fix, and evilsperm has made available an PSGroove v1.1 All Pack too!

Yesterday it was reported that a PSGroove update was incoming, and today it has arrived for PlayStation 3 users.

The PSGroove payload has now been updated with patches to add lv2 peek and poke syscalls along with an analysis of the payload.

This is great new indeed, as it will allow for proper memory dumps which in turn will enable much wider inspection of inner working of PS3.

Download: PSGroove v1.1

To quote from the notes: "A programmed dongle won't enumerate properly on a PC, so don't worry about that.

This branch has a modified payload that adds peek and poke syscalls to the lv2 kernel. A userspace application can use these syscalls to dump out the entire memory space of the kernel, or patch the kernel as it is running.

Unfortunately, because the free toolchain/sdk is not ready, we can't distribute an application to do the dumping, so you will have to make your own.

The lv2 kernel starts at 0x8000000000000000

Peek
•Syscall 6.
•r3 is a 64 bit address to read
•A 64 bit value will be returned in r3

Poke
•Syscall 7.
•r4 is a 64 bit value
•r3 is the address to write that value to

A userspace application can use these syscalls to dump out the entire memory space of the kernel, or patch the kernel as it is running.

Unfortunately, because the free toolchain/sdk is not ready, we can't distribute an application to do the dumping, so you will have to make your own.

The lv2 kernel starts at 0x8000000000000000 Peek Syscall 6. r3 is a 64 bit address to read. A 64 bit value will be returned in r3. Poke Syscall 7. r4 is a 64 bit value. r3 is the address to write that value to."



Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter, Facebook and drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene and PlayStation 4 scene updates and fresh homebrew PS3 Downloads. Enjoy!

Comments 72 Comments - Go to Forum Thread »

• Please Register at PS3News.com or Login to make comments on Site News articles.
 
#72 - Transient - 228w ago
Transient's Avatar
Quote Originally Posted by DMagic1 View Post
Thanks. This is for the 12Mhz right?

Yup. I have the 12MHz board from DIYGadget and it works perfectly with it: diygadget.com/mini-usb-development-board-pic-18f2455.html

#71 - DMagic1 - 228w ago
DMagic1's Avatar
Quote Originally Posted by Transient View Post
See the file attached below.


Thanks. This is for the 12Mhz right?

#70 - Transient - 228w ago
Transient's Avatar
Quote Originally Posted by DMagic1 View Post
Can someone, or is there a compile for the PIC 18F2455?

See the file attached below.

#69 - fl0nk - 228w ago
fl0nk's Avatar
PSGroove 1.1 Patched OpenKubus Hexfile.

#68 - eittocs - 228w ago
eittocs's Avatar
Quote Originally Posted by sekemc View Post
Just a heads up using the exploit running using a TI-84 on 60 GB launch PS3, causes the inability to not use any ps1/ps2 functions such as manage memory cards, or even to start a game as it doesn't appear on the XMB, until after the system is rebooted without executing the exploit. Not sure if the payload can be changed to still allow these?


Did you compile it for TI-84 plus or find it somewhere?

#67 - wither - 228w ago
wither's Avatar
Is that PowerPC assembly language that we will be dumping?

#66 - DMagic1 - 228w ago
DMagic1's Avatar
Can someone, or is there a compile for the PIC 18F2455?

#65 - Maniac2k - 228w ago
Maniac2k's Avatar
For those who want to give it self a try and dump different memory regions here is some source code which dumps the lvl2 kernel.
You can adjust the startpos and endpos variables to dump different regions.

My idea is to start a game and then creating a memory dump, to get the decrypted elf from the memory. Does anyone have a hint at which address a should have a look?

[Register or Login to view code]


#64 - rd8719 - 228w ago
rd8719's Avatar
Can any one make a psgroove 1.1 hex for blackcat with fixed LEDs. I tried the Evilsperm hex but only the red led works, the blue led doesn't turn on

#63 - Field - 228w ago
Field's Avatar
The Minimus USB? Is that the Maximus AVR USB one? Oh just checking on the net now lol it is the Minimus USB. There is also a Maximus AVR USB device too.

Both devices use the Atmel AT90USB162 hex. 'PSGroove all patched 1.1' contains the atusbkey.hex which should work. Teensy 1.0/blackcat version might work too.

I'll be getting my Maximus tomorrow, so will be trying that one [well actually the one with the Apploader Payload that AerialX released - though note the Backup Manager doesn't work with that version as yet]

If you want to use the Backup Manager, make sure you get the patched version. Evilsperm does a good job at porting the hex across. Good luck mate.

 

Sponsored Links

Sponsored Links







Advertising - Affiliates - Contact Us - PS3 Downloads - PS3 Forums - Privacy Statement - Site Rules - Top - © 2015 PlayStation 3 News

Sponsored Links