Sponsored Links

Sponsored Links

Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17



  1. #11
    Contributor B7U3 C50SS's Avatar
    Join Date
    Oct 2013
    Posts
    13
    Sponsored Links

    Thanks, Man!

    Sponsored Links
    It means something to be recognized.

  2. #12
    VIP Member JeoWay's Avatar
    Join Date
    Jun 2013
    Posts
    342
    Sponsored Links
    Sponsored Links
    Never used MFW Builder

    Looks cool, same with the custom user tasks that you can add

    I may try this out and see what kind of tasks I can add to it

  3. #13
    Senior Member SuperSaiyen's Avatar
    Join Date
    Apr 2007
    Posts
    81
    Sponsored Links
    Sponsored Links
    I used the older MFW builder v.0.2.1 to build a cfw 3.15 quite a while back. Does this newer version add any additional features i can patch onto v.3.15 ofw? From what i see in the docs- Patch VSH to Run unsigned app's (3.xx&4.xx), and [3.xx&4.xx] Add "Install Package Files icon to the XMB Game Category [3.xx&4.xx] Add "/app_home" icon to the XMB Game Category.

    Seems it might be better to redo my mfw3.15 with this newer MFW builder 1.0? Any insight appreciated.

  4. #14
    Forum Moderator PS3 News's Avatar
    Join Date
    Apr 2005
    Posts
    27,721

    PS3MFW Builder 1.0.0 (Our MFW 1.0.0) Build 2.0.0 is Released

    Following up on the previous updates, PlayStation 3 developers RedDot-3ND7355 and B7U3 C50SS have now released PS3MFW (PS3 Modified Firmware) Builder 1.0.0 Build 2.0.0 followed by v0.2.0.2 and Update 3 dubbed Our MFW 1.0.0 with an Installer and the changes outlined below.

    Download: [Register or Login to view links] / [Register or Login to view links] / [Register or Login to view links] / [Register or Login to view links] (Hermes stuff inside) by Smhabib / [Register or Login to view links] / [Register or Login to view links] (Fixed it now to work with new routines) by haxxxen / [Register or Login to view links] / [Register or Login to view links] / [Register or Login to view links] by RedDot-3ND7355 via B7U3 C50SS / [Register or Login to view links] by haz367

    To quote: Hey Everyone! Its me RedDot and im back with my team again to release you this new build of PS3MFW Builder 1.0.0!

    We managed to find all the bugs about the repack/unpack/keys/tasks! Just follow them as respected and everything WILL be fine.

    This is TRULY stable, and if you patch the right features you will NOT get brick/or whatsoever... I also recommend you have a minimum requirement of knowledge on modding





    I hope the video helped A LOT. Credits to all the dev's that made this project possible and finished supposedly. But of course we will maybe continue to add features if new updates are released! So keep an eye on that updater.

    Credits

    Original dev's
    ->KaKaRoto
    ->CodeMonkeys

    Newer Version dev's
    ->Anonymous Developers
    ->RedDot-3ND7355
    ->B7U3 C50SS
    ->ToughtMechanic

    All people that helped A LOT!
    ->RazorX (For sum tasks & updater)
    ->Haz367 (For pin-pointing problems & many tasks)
    ->Habib (For allowing us to use his patterns for tasks)
    ->Naewhert (For his tools)
    ->toolboy2012 (For sharing his awesome work with us)
    ->Arachetous (For a special task)
    ->And all other people that i may had forgotten :P

    List of all features for 4.xx

    Patch to allow running of unsigned app's
    Patch to add ReactPSN online/offline
    Patch to allow Debug pkg installation
    Patch SysValue's (PS2 Related)
    Patch to fix removing act.dat on boot!
    Patch for ingame screenshots!
    Patch RSOD Bypass!

    Patch lv0 ldr's
    Patch lv0 CoreOS ECDSA Check&Descrambling of LV1LDR!
    Patch lv0 using Rebug/ITA DEX!
    Patch lv0 for Cobra Features!
    Patch lv1 for many features!
    Patch lv1 Mmap out!
    ...

    Patch lv2 for peek&poke
    Patch lv2 for POC! (only 4.50)
    Patch lv2 for hermes payload!
    Patch lv2 for syscalls!
    Patch lv2 for QA Flag!
    And many more!
    ...

    Patch nas_plugin for debug pkg's&installation of retail pkg's
    Patch the core_os spu's&spp
    Patch default.spp for otheros! (must include otheros of lv1!)
    Patch XMB for IPF&APPHOME! (includes xmb plugin mods)
    Patch PUP for Cobra files! OMG
    And there is a lot more options in the builder

    From haz367 comes PS3MFW Builder 0.2.0.0 Incl Cobracrapper 446/453 Task set for 446 Cobra MFW.

    Download: [Register or Login to view links]

    PS: updated oldfart-lv0 task to incl Rebug-ITA/DEX style... and Cobra compatible lv0 patching: pastie.org/8580065
    Code:
    #!/usr/bin/tclsh
    #
    # ps3mfw -- PS3 MFW creator
    #
    # Copyright (C) RedDot-3ND7355 (For making this task!)
    # Copyright (C) B7U3 C50SS (For compiling)
    # Copyright (C) ElmerFudd (For the codes [Python])
    #
    # This software is distributed under the terms of the GNU General Public
    # License ("GPL") version 3, as published by the Free Software Foundation.
    #
    
    # Priority: 2
    # Description: [4.xx] Patch LV0 Incl Patching out 4.xx CoreOS ECDSA LV0-Loaders checks!
    
    # Option --label: Enable LV0 Patching [4.xx] Only!
    # Option --patch_lv0-my-way: [4.xx] Patch lv0 using habib's patterns and Patch 4.xx CoreOS ECDSA ldrs checks! - ***DEFAULT***!
    # Option --patch_lv0-my-way3: [4.4x 4.46] Patch lv0 using Rebug/ITA DEX style! - lv1ldr-eid0 check-brickfix [LV2DKernel not incl]!
    # Option --patch_lv0-my-way4: [4.5x] Patch lv0 using Rebug/ITA DEX Style **UPDATED** 4.5x LV1LDR EID0 c2dex Patch!
    # Option --patch_lv0-my-way5: [4.46-4.53] [4.xx]] Patch lv0 for Cobra Features! Compatible with Cobra lv2krn [4.46 and 4.53]!
    
    # Type --label: label
    # Type --patch_lv0-my-way: boolean
    # Type --patch_lv0-my-way3: boolean
    # Type --patch_lv0-my-way4: boolean
    # Type --patch_lv0-my-way5: boolean
    
    namespace eval ::patch_lv0 {
    
        array set ::patch_lv0::options {
    	    --label ""
    		--patch_lv0-my-way true
    		--patch_lv0-my-way3 false
    		--patch_lv0-my-way4 false
    		--patch_lv0-my-way5 false
        }
    
        proc main { } {
            set self "lv0"
    
    		::patch_lv0::Patch_Lv0_***** $::CUSTOM_COSUNPKG_DIR
        }
    
    	proc Patch_Lv0_***** {path} {
    		#unpack the CORE_OS, extract lv0 routine and patch!
    	    ::unpack_coreos_files
            catch_die {::extract_lv0 $::CUSTOM_COSUNPKG_DIR "lv0"} \
    		"ERROR: Could not extract LV0"
    		::patch_lv0::Patch_Lv0_Nigga $path
    					
    	}
    	
        proc patch_elf {elf} {               
            catch_die {::patch_elf $elf $::patch_lv0::search $::patch_lv0::offset $::patch_lv0::replace} \
            "Unable to patch self [file tail $elf]"
        }
    	
    	proc patch_self { self } {
                ::modify_lv0_file $self patch_lv0::patch_elf
            }
    
    	proc Patch_Lv0_Nigga {path} {
    		
    		log "Applying LV0 patches...."
    		
    		if {$::patch_lv0::options(--patch_lv0-my-way)} {
    					
    			log "Patching 4.xx lv1ldr..."            
    			set self "lv1ldr.self"
    			set file [file join $path $self]
    			set ::SELF $self	
    		
            set ::patch_lv0::search  "\x12\x09\x45\x09\x24\xff\xc0\xd0"
            set ::patch_lv0::replace "\x40\x80\x00\x03\x35\x00\x00\x00"
    	    set ::patch_lv0::offset 0
    
    		::modify_self_file $file ::patch_lv0::patch_elf
    		
    		debug "Patching 4.xx LV1LDR ECDSA CHECKS......"
    			
                set ::patch_lv0::search  "\x0C\x00\x01\x85\x34\x01\x40\x80\x1C\x10\x00\x81\x3F\xE0\x02\x83"
                set ::patch_lv0::replace "\x0C\x00\x01\x85\x34\x01\x40\x80\x1C\x10\x00\x81\x40\x80\x00\x03"
    	        set ::patch_lv0::offset 0
    
    			::modify_self_file $file ::patch_lv0::patch_elf
    		
    		log "Patched lv1ldr"
    		    log "Patching 4.xx lv2ldr..."
    			set self "lv2ldr.self"
    			set file [file join $path $self]
    			set ::SELF $self	
             
    		debug "Part 1"
            set ::patch_lv0::search  "\x33\x04\x99\x00"
            set ::patch_lv0::replace "\x40\x80\x00\x03"
    		set ::patch_lv0::offset 0
    		
    		::modify_self_file $file ::patch_lv0::patch_elf
    		
    		debug "Part 2"
    		set ::patch_lv0::search  "\x33\x03\x9c\x00"
            set ::patch_lv0::replace "\x40\x80\x00\x03"
    		set ::patch_lv0::offset 0
    
    		::modify_self_file $file ::patch_lv0::patch_elf
    		
    		debug "Patching 4.xx LV2LDR ECDSA CHECKS....."	
                
                set ::patch_lv0::search  "\x0C\x00\x01\x85\x34\x01\x40\x80\x1C\x10\x00\x81\x3F\xE0\x02\x83"
                set ::patch_lv0::replace "\x0C\x00\x01\x85\x34\x01\x40\x80\x1C\x10\x00\x81\x40\x80\x00\x03"
    		    set ::patch_lv0::offset 0
    
    			::modify_self_file $file ::patch_lv0::patch_elf
    
    		log "Patched lv2ldr"
    		    log "Patching 4.xx isoldr..."     		
    			set self "isoldr.self"
    			set file [file join $path $self]
    			set ::SELF $self		
                
    		debug "Part 1"
            set ::patch_lv0::search  "\x33\x7e\x2e\x00"
            set ::patch_lv0::replace "\x40\x80\x00\x03"
    	    set ::patch_lv0::offset 0
    
    		::modify_self_file $file ::patch_lv0::patch_elf
    			            
    		debug "Part 2" 
            set ::patch_lv0::search  "\x33\x7d\x31\x00"
            set ::patch_lv0::replace "\x40\x80\x00\x03"
    	    set ::patch_lv0::offset 0
    			
            ::modify_self_file $file ::patch_lv0::patch_elf
    		
    		debug "Patching 4.xx ISOLDR ECDSA CHECKS......"		
                
                set ::patch_lv0::search  "\x0C\x00\x01\x85\x34\x01\x40\x80\x1C\x10\x00\x81\x3F\xE0\x02\x83"
                set ::patch_lv0::replace "\x0C\x00\x01\x85\x34\x01\x40\x80\x1C\x10\x00\x81\x40\x80\x00\x03"
    	        set ::patch_lv0::offset 0
    
    			::modify_self_file $file ::patch_lv0::patch_elf
    		
    		log "Patched isoldr"
    			log "Patching 4.xx appldr..."
    			set self "appldr.self"
    			set file [file join $path $self]
    			set ::SELF $self
    			
    			debug "Part 1"
                set ::patch_lv0::search  "\x04\x00\x2a\x03\x18\x04\x80\x81\x34\xff\xc0\xd0\x34\xff\x80\xd1"
                set ::patch_lv0::replace "\x40\x80\x00\x03\x18\x04\x80\x81\x34\xff\xc0\xd0\x34\xff\x80\xd1"
    	        set ::patch_lv0::offset 0
    
    			::modify_self_file $file ::patch_lv0::patch_elf  
    			
    			debug "Part 2"
                set ::patch_lv0::search  "\x58\x24\x88\x90"
                set ::patch_lv0::replace "\x40\x80\x00\x10"
    	        set ::patch_lv0::offset 0
    			
                ::modify_self_file $file ::patch_lv0::patch_elf
    			
    			debug "Part 3"
                set ::patch_lv0::search  "\x33\x7c\x54\x80"
                set ::patch_lv0::replace "\x40\x80\x00\x03"
    	        set ::patch_lv0::offset 0
    			
                ::modify_self_file $file ::patch_lv0::patch_elf
    			
    			debug "Part 4"
                set ::patch_lv0::search  "\x12\x11\x62\x09\x24\xff\xc0\xd0"
                set ::patch_lv0::replace "\x48\x20\xc1\x83\x35\x00\x00\x00"
    	        set ::patch_lv0::offset 0
    			
                ::modify_self_file $file ::patch_lv0::patch_elf
    			
    			debug "Part 5"
                set ::patch_lv0::search  "\x33\x7b\xc5\x00"
                set ::patch_lv0::replace "\x40\x80\x00\x03"
    	        set ::patch_lv0::offset 0
    			
                ::modify_self_file $file ::patch_lv0::patch_elf
    			
    			log "Patched appldr"
    			
    			debug "Patching LV0 4.xx ldrs ECDSA CHECKS !"
    			set ::patch_lv0::search  "\x0C\x00\x01\x85\x34\x01\x40\x80\x1C\x10\x00\x81\x3F\xE0\x02\x83"
                set ::patch_lv0::replace "\x0C\x00\x01\x85\x34\x01\x40\x80\x1C\x10\x00\x81\x40\xE80\x00\x03"
    	        set ::patch_lv0::offset 0
    
    			::modify_self_file $file ::patch_lv0::patch_elf
    	    }
    
            if {$::patch_lv0::options(--patch_lv0-my-way3)} {
    					
    			log "Patching 4.4x lv1ldr Rebug Style...."            
    			set self "lv1ldr.self"
    			set file [file join $path $self]
    			set ::SELF $self	
    		
            set ::patch_lv0::search  "\x12\x09\x45\x09\x24\xff\xc0\xd0"
            set ::patch_lv0::replace "\x40\x80\x00\x03\x35\x00\x00\x00"
    	    set ::patch_lv0::offset 0
    
    		::modify_self_file $file ::patch_lv0::patch_elf
    		
    		debug "Patching 4.4x lv1ldr eid0 c2dex check!"
    			
                set ::patch_lv0::search  "\x3F\x83\x15\x05\x33\x0C\x6A\x80\x20\x00\x04\x83\x34\x00\x2B\xB0"
                set ::patch_lv0::replace "\x3F\x83\x15\x05\x40\x80\x00\x03\x20\x00\x04\x83\x34\x00\x2B\xB0"
    	        set ::patch_lv0::offset 0
    
    			::modify_self_file $file ::patch_lv0::patch_elf
    		
    		log "Patched lv1ldr"
    		    log "Patching 4.xx lv2ldr..."
    			set self "lv2ldr.self"
    			set file [file join $path $self]
    			set ::SELF $self	
             
    		debug "Part 1"
            set ::patch_lv0::search  "\x33\x04\x99\x00"
            set ::patch_lv0::replace "\x40\x80\x00\x03"
    		set ::patch_lv0::offset 0
    		
    		::modify_self_file $file ::patch_lv0::patch_elf
    		
    		debug "Part 2"
    		set ::patch_lv0::search  "\x33\x03\x9c\x00"
            set ::patch_lv0::replace "\x40\x80\x00\x03"
    		set ::patch_lv0::offset 0
    
    		::modify_self_file $file ::patch_lv0::patch_elf
    
    		log "Patched lv2ldr"
    		    log "Patching 4.xx isoldr..."     		
    			set self "isoldr.self"
    			set file [file join $path $self]
    			set ::SELF $self		
                
    		debug "Part 1"
            set ::patch_lv0::search  "\x33\x7e\x2e\x00"
            set ::patch_lv0::replace "\x40\x80\x00\x03"
    	    set ::patch_lv0::offset 0
    
    		::modify_self_file $file ::patch_lv0::patch_elf
    			            
    		debug "Part 2" 
            set ::patch_lv0::search  "\x33\x7d\x31\x00"
            set ::patch_lv0::replace "\x40\x80\x00\x03"
    	    set ::patch_lv0::offset 0
    			
            ::modify_self_file $file ::patch_lv0::patch_elf
    		
    		log "Patched isoldr"
    			log "Patching 4.xx appldr..."
    			set self "appldr.self"
    			set file [file join $path $self]
    			set ::SELF $self
    			
    			
    			debug "Part 1"
                set ::patch_lv0::search  "\x58\x24\x88\x90"
                set ::patch_lv0::replace "\x40\x80\x00\x10"
    	        set ::patch_lv0::offset 0
    			
                ::modify_self_file $file ::patch_lv0::patch_elf
    			
    			debug "Part 2"
                set ::patch_lv0::search  "\x33\x7c\x54\x80"
                set ::patch_lv0::replace "\x40\x80\x00\x03"
    	        set ::patch_lv0::offset 0
    			
                ::modify_self_file $file ::patch_lv0::patch_elf
    			
    			debug "Part 3"
                set ::patch_lv0::search  "\x12\x11\x62\x09\x24\xff\xc0\xd0"
                set ::patch_lv0::replace "\x48\x20\xc1\x83\x35\x00\x00\x00"
    	        set ::patch_lv0::offset 0
    			
                ::modify_self_file $file ::patch_lv0::patch_elf
    			
    			debug "Part 4"
                set ::patch_lv0::search  "\x33\x7b\xc5\x00"
                set ::patch_lv0::replace "\x40\x80\x00\x03"
    	        set ::patch_lv0::offset 0
    			
                ::modify_self_file $file ::patch_lv0::patch_elf
    			
    			log "Patched appldr"
    	    }
    
                if {$::patch_lv0::options(--patch_lv0-my-way4)} {
    					
    			log "Patching 4.5x lv1ldr Rebug Style"            
    			set self "lv1ldr.self"
    			set file [file join $path $self]
    			set ::SELF $self	
    		
            set ::patch_lv0::search  "\x12\x09\x45\x09\x24\xff\xc0\xd0"
            set ::patch_lv0::replace "\x40\x80\x00\x03\x35\x00\x00\x00"
    	    set ::patch_lv0::offset 0
    
    		::modify_self_file $file ::patch_lv0::patch_elf
    		
    		debug "Patching 4.5x LV1LDR **UPDATED** EID0 c2dex Check!"
    			
                set ::patch_lv0::search  "\x3F\x83\x15\x05\x33\x0C\x7C\x80\x20\x00\x04\x83\x34\x00\x2B\xB0"
                set ::patch_lv0::replace "\x3F\x83\x15\x05\x40\x80\x00\x03\x20\x00\x04\x83\x34\x00\x2B\xB0"
    	        set ::patch_lv0::offset 0
    
    			::modify_self_file $file ::patch_lv0::patch_elf
    		
    		log "Patched lv1ldr"
    		    log "Patching 4.4x lv2ldr..."
    			set self "lv2ldr.self"
    			set file [file join $path $self]
    			set ::SELF $self	
             
    		debug "Part 1"
            set ::patch_lv0::search  "\x33\x04\x99\x00"
            set ::patch_lv0::replace "\x40\x80\x00\x03"
    		set ::patch_lv0::offset 0
    		
    		::modify_self_file $file ::patch_lv0::patch_elf
    		
    		debug "Part 2"
    		set ::patch_lv0::search  "\x33\x03\x9c\x00"
            set ::patch_lv0::replace "\x40\x80\x00\x03"
    		set ::patch_lv0::offset 0
    
    		::modify_self_file $file ::patch_lv0::patch_elf
    
    		log "Patched lv2ldr"
    		    log "Patching 4.xx isoldr..."     		
    			set self "isoldr.self"
    			set file [file join $path $self]
    			set ::SELF $self		
                
    		debug "Part 1"
            set ::patch_lv0::search  "\x33\x7e\x2e\x00"
            set ::patch_lv0::replace "\x40\x80\x00\x03"
    	    set ::patch_lv0::offset 0
    
    		::modify_self_file $file ::patch_lv0::patch_elf
    			            
    		debug "Part 2" 
            set ::patch_lv0::search  "\x33\x7d\x31\x00"
            set ::patch_lv0::replace "\x40\x80\x00\x03"
    	    set ::patch_lv0::offset 0
    			
            ::modify_self_file $file ::patch_lv0::patch_elf
    		
    		log "Patched isoldr"
    			log "Patching 4.xx appldr..."
    			set self "appldr.self"
    			set file [file join $path $self]
    			set ::SELF $self
    			
    			debug "Part 1"
                set ::patch_lv0::search  "\x04\x00\x2a\x03\x18\x04\x80\x81\x34\xff\xc0\xd0\x34\xff\x80\xd1"
                set ::patch_lv0::replace "\x40\x80\x00\x03\x18\x04\x80\x81\x34\xff\xc0\xd0\x34\xff\x80\xd1"
    	        set ::patch_lv0::offset 0
    
    			::modify_self_file $file ::patch_lv0::patch_elf  
    			
    			debug "Part 2"
                set ::patch_lv0::search  "\x58\x24\x88\x90"
                set ::patch_lv0::replace "\x40\x80\x00\x10"
    	        set ::patch_lv0::offset 0
    			
                ::modify_self_file $file ::patch_lv0::patch_elf
    			
    			debug "Part 3"
                set ::patch_lv0::search  "\x33\x7c\x54\x80"
                set ::patch_lv0::replace "\x40\x80\x00\x03"
    	        set ::patch_lv0::offset 0
    			
                ::modify_self_file $file ::patch_lv0::patch_elf
    			
    			debug "Part 4"
                set ::patch_lv0::search  "\x12\x11\x62\x09\x24\xff\xc0\xd0"
                set ::patch_lv0::replace "\x48\x20\xc1\x83\x35\x00\x00\x00"
    	        set ::patch_lv0::offset 0
    			
                ::modify_self_file $file ::patch_lv0::patch_elf
    			
    			debug "Part 5"
                set ::patch_lv0::search  "\x33\x7b\xc5\x00"
                set ::patch_lv0::replace "\x40\x80\x00\x03"
    	        set ::patch_lv0::offset 0
    			
                ::modify_self_file $file ::patch_lv0::patch_elf
    			
    			log "Patched appldr"
    			}
    
                if {$::patch_lv0::options(--patch_lv0-my-way5)} {
    					
    			log "Patching LV0 ldrs 4.46 and 4.53 -- Only Compatible for COBRA 7.0 and it's Features!"            
    			set self "lv1ldr.self"
    			set file [file join $path $self]
    			set ::SELF $self	
    		
            set ::patch_lv0::search  "\x12\x09\x45\x09\x24\xff\xc0\xd0"
            set ::patch_lv0::replace "\x40\x80\x00\x03\x35\x00\x00\x00"
    	    set ::patch_lv0::offset 0
    
    		::modify_self_file $file ::patch_lv0::patch_elf
    		
    		
    		log "Patched lv1ldr"
    		    log "Patching 4.46 and 4.53 lv2ldr..."
    			set self "lv2ldr.self"
    			set file [file join $path $self]
    			set ::SELF $self	
             
    		debug "Part 1"
            set ::patch_lv0::search  "\x33\x04\x99\x00"
            set ::patch_lv0::replace "\x40\x80\x00\x03"
    		set ::patch_lv0::offset 0
    		
    		::modify_self_file $file ::patch_lv0::patch_elf
    		
    		debug "Part 2"
    		set ::patch_lv0::search  "\x33\x03\x9c\x00"
            set ::patch_lv0::replace "\x40\x80\x00\x03"
    		set ::patch_lv0::offset 0
    
    		::modify_self_file $file ::patch_lv0::patch_elf
    
    		log "Patched lv2ldr"
    		    log "Patching 4.46 and 4.53 isoldr for Cobra 7.0"     		
    			set self "isoldr.self"
    			set file [file join $path $self]
    			set ::SELF $self		
                
    		debug "Part 1"
            set ::patch_lv0::search  "\x33\x7e\x2e\x00"
            set ::patch_lv0::replace "\x40\x80\x00\x03"
    	    set ::patch_lv0::offset 0
    
    		::modify_self_file $file ::patch_lv0::patch_elf
    			            
    		debug "Part 2" 
            set ::patch_lv0::search  "\x33\x7d\x31\x00"
            set ::patch_lv0::replace "\x40\x80\x00\x03"
    	    set ::patch_lv0::offset 0
    			
            ::modify_self_file $file ::patch_lv0::patch_elf
    		
    		log "Patched isoldr"
    			log "Patching 4.46 and 4.53 appldr..."
    			set self "appldr.self"
    			set file [file join $path $self]
    			set ::SELF $self
    			
    			debug "Part 1"
                set ::patch_lv0::search  "\x04\x00\x2a\x03\x18\x04\x80\x81\x34\xff\xc0\xd0\x34\xff\x80\xd1"
                set ::patch_lv0::replace "\x40\x80\x00\x03\x18\x04\x80\x81\x34\xff\xc0\xd0\x34\xff\x80\xd1"
    	        set ::patch_lv0::offset 0
    
    			::modify_self_file $file ::patch_lv0::patch_elf  
    			
    			debug "Part 2"
                set ::patch_lv0::search  "\x58\x24\x88\x90"
                set ::patch_lv0::replace "\x40\x80\x00\x10"
    	        set ::patch_lv0::offset 0
    			
                ::modify_self_file $file ::patch_lv0::patch_elf
    			
    			debug "Part 3"
                set ::patch_lv0::search  "\x33\x7c\x54\x80"
                set ::patch_lv0::replace "\x40\x80\x00\x03"
    	        set ::patch_lv0::offset 0
    			
                ::modify_self_file $file ::patch_lv0::patch_elf
    			
    			debug "Part 4"
                set ::patch_lv0::search  "\x12\x11\x62\x09\x24\xff\xc0\xd0"
                set ::patch_lv0::replace "\x48\x20\xc1\x83\x35\x00\x00\x00"
    	        set ::patch_lv0::offset 0
    			
                ::modify_self_file $file ::patch_lv0::patch_elf
    			
    			debug "Part 5"
                set ::patch_lv0::search  "\x33\x7b\xc5\x00"
                set ::patch_lv0::replace "\x40\x80\x00\x03"
    	        set ::patch_lv0::offset 0
    			
                ::modify_self_file $file ::patch_lv0::patch_elf
    			log "Patched appldr"
    			}
    			
    		log "Done LV0 patches...."
    		#Import lv0 routine and repack coreOS!
    		catch_die {::import_lv0 $::CUSTOM_COSUNPKG_DIR "lv0"} "ERROR: Could not extract LV0"
    	    ::repack_coreos_files
    	}
    }
    Update: From RedDot-3ND7355: It would seem that i forgot to put create_tar2 instead of "create_tar" for the modify_devflash_files2 My bad.. there isn't any problem in the task itself... its in the base!

    Now I updated the builder! Build: 0.2.0.2 now out.

    From tiefputin2: From ps3dev channel on efnet, if someone can make a tcl:
    Code:
    [01:13] <mysis> game_ext_plugin - original bytes: 41 9e 00 1c 2f 83 00 03 , patched bytes: 41 9e 00 28 2f 83 00 03
    [01:13] <mysis> tested it with my retail disc of naruto ultimate ninja storm 1
    It should make sfo editing for remote play obsolete... and make disc games without sfo-enabled remote play-attribute flag finally work

    From toolboy2012: Hi All, OK, fixes are done for the tcl version of the 'patch_file{}' and 'patch_file_multi{}' routines (called by the "patch_elf{}" func)

    ....so as I was saying before, you can use the modified function as is, if you don't need to mask any bytes/bits off, and the speed will not be changed..if anything the way I fixed it up is a bit faster, as I read the entire file into memory, then do the data searches, as the routine as it was before, read in '1' byte at a time from the file, so the routine was constantly accessing the hard drive non-stop until the function completed....

    So when calling 'patch_elf{}' now, you just need to set a local var named 'mask' to either 0 or "" if not using it, as it's a required param to the function. If you need to actually set a mask, then actually set the mask string to the mask value....

    As I said, when using the 'mask', the search will be much much slower, not too bad on small files, but for large files like the 'lv2_kernel' (3MB), the search takes 3mins. or more for each pattern match...

    So I'm going to show a quick example below, for those may be a bit confused how this works:

    1) Going to show an example for the patch "SysCall36 4.xx CFW part 2/3" (as in my scripts, part 2/3 & 3/3 I used the MASK setup)

    2) In this example, I'm showing you the IDA disassem. for this section of the 'lv2_kernel' where the part 2/3 & 3/3 patches are,
    comparing the disassem. for OFW 3.55, 4.46, & 4.55...

    3) at the very bottom of this example, you can see the 3 'search strings', of the op-code patterns corresponding to each OFW version... when you look at them lined up above each other, you can see the op-codes that are identical, and where the differences are...

    4) You can then look at the last string which is the 'mask', the "\xFF" byte in the real search will be AND'd with it's corresponding op-code byte, so in other words, if you need to 'ignore' where the differences are, then set those bytes or individual bits, in the mask, to "0"... hopefully this makes sense? if not, I can try to post another example?

    (like I said, I'm working on a new 'patchtool.exe' now, hopefull this week it will be done, which should tremendously speed up our binary 'patching' time, makes much more sense to search/patch with a tool, rather than doing all that pattern matching/searching in TCL, as this stuff is where TCL is tremendously slow!)
    Code:
    -------- OFW 3.55 ------
    
    seg001:800000000007AF58 FB BF 00 40                 std       r29, 0x40(r31)
    seg001:800000000007AF5C 4B F9 3F ED                 bl        sub_800000000000EF48
    seg001:800000000007AF60 54 63 06 3E                 clrlwi    r3, r3, 24
    seg001:800000000007AF64 2F 83 00 00                 cmpwi     cr7, r3, 0
    seg001:800000000007AF68 41 9E 00 20                 beq       cr7, loc_800000000007AF88 # *** syscall 36 pt 2/3 ***
    seg001:800000000007AF6C E8 61 01 38                 ld        r3, 0x280+var_148(r1)
    seg001:800000000007AF70 4B FF F4 ED                 bl        sub_800000000007A45C
    seg001:800000000007AF74 54 63 06 3E                 clrlwi    r3, r3, 24
    seg001:800000000007AF78 2F 83 00 00                 cmpwi     cr7, r3, 0
    seg001:800000000007AF7C 41 9E 00 20                 beq       cr7, loc_800000000007AF9C # *** syscall 36 patch 3/3 ***
    seg001:800000000007AF80 80 61 00 7C                 lwz       r3, 0x280+var_204(r1)
    
    ----- OFW 4.46 -----
    
    seg001:8000000000059AE8 FB BF 00 40                 std       r29, 0x40(r31)
    seg001:8000000000059AEC 4B FA A2 A5                 bl        sub_8000000000003D90
    seg001:8000000000059AF0 54 63 06 3E                 clrlwi    r3, r3, 24
    seg001:8000000000059AF4 2F 83 00 00                 cmpwi     cr7, r3, 0
    seg001:8000000000059AF8 41 9E 00 70                 beq       cr7, loc_8000000000059B68 # ** syscall 36 patch 2/3 ***
    seg001:8000000000059AFC E8 61 01 88                 ld        r3, 0x300+var_178(r1)
    seg001:8000000000059B00 4B FF F3 31                 bl        sub_8000000000058E30
    seg001:8000000000059B04 54 63 06 3E                 clrlwi    r3, r3, 24
    seg001:8000000000059B08 2F 83 00 00                 cmpwi     cr7, r3, 0
    seg001:8000000000059B0C 41 9E 00 70                 beq       cr7, loc_8000000000059B7C # *** syscall 36 - patch 3/3 ***
    seg001:8000000000059B10 38 61 00 70                 addi      r3, r1, 0x70
    .....
    
    ------ OFW 4.55 ------
    
    seg001:800000000005A2E0 FB BF 00 40                 std       r29, 0x40(r31)
    seg001:800000000005A2E4 4B FA 9A AD                 bl        sub_8000000000003D90
    seg001:800000000005A2E8 54 63 06 3E                 clrlwi    r3, r3, 24
    seg001:800000000005A2EC 2F 83 00 00                 cmpwi     cr7, r3, 0
    seg001:800000000005A2F0 41 9E 00 AC                 beq       cr7, loc_800000000005A39C # *** syscall 36 patch 2/3 ***
    seg001:800000000005A2F4 E8 61 01 88                 ld        r3, 0x300+var_178(r1)
    seg001:800000000005A2F8 4B FF F2 A9                 bl        sub_80000000000595A0
    seg001:800000000005A2FC 54 63 06 3E                 clrlwi    r3, r3, 24
    seg001:800000000005A300 2F 83 00 00                 cmpwi     cr7, r3, 0
    seg001:800000000005A304 41 9E 00 AC                 beq       cr7, loc_800000000005A3B0 # *** syscall 36 patch 3/3 ***
    seg001:800000000005A308 38 61 00 70                 addi      r3, r1, 0x70
    ......
    
    #	set search  "\x54\x63\x06\x3E\x2F\x83\x00\x00\x41\x9E\x00\x20\xE8\x61\x01\x38"	;# -- OFW 3.55 --
    #	set search  "\x54\x63\x06\x3E\x2F\x83\x00\x00\x41\x9E\x00\x70\xE8\x61\x01\x88"	;# -- OFW 4.46 --
    #	set search  "\x54\x63\x06\x3E\x2F\x83\x00\x00\x41\x9E\x00\xAC\xE8\x61\x01\x88"	;# -- OFW 4.55 --
    	set mask    "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\x00\x00\xFF\xFF\xFF\x0F" ;# <-- mask off the bits/bytes to ignore
    NOTE: When ever you need to USE a MASK, the size of the 'search' and 'mask patterns MUST be exact multiples
    of 4-bytes (32-bits), in order to make that search as FAST as I could. So you have to count the bytes in any of your
    search strings where you want to use the mask... if you need to add bytes on to make it an even amount, but don't actually want those added bytes to be 'included in the pattern match, then just make them any value, and set their corresponding values in the MASK to be '\x00'!!

    i.e., in the example I showed above, the 'search' and 'mask' strings are 16-bytes in total length (ie 4 total count of '4-byte' chunks).

    From haz367: whop, that's a pro way right there... it wasn't a difficult one, the updated 455 sysc36 part3,4 (from Reddot's fork) to find manually this time, it won't beat your way of doing it tho... hmm that IDA is interesting
    Code:
    catch_die {::patch_elf $elf $search 0 $replace} "Unable to patch self [file tail $elf]"     
    			log "lv2-syscall 4.55 Part 3 Updated pattern!"
    			
    			set search "\xFB\xBF\x00\x40\x4B\xFA\x9A\xAD\x54\x63\x06\x3E"
    append search "\x2F\x83\x00\x00\x41\x9E\x00\xAC\xE8\x61\x01\x88"
    append search "\x4B\xFF\xF2\xA9\x54\x63\x06\x3E\x2F\x83\x00\x00"
    append search "\x41\x9E\x00\xAC\x38\x61\x00\x70\x4B\xFF\x68\x15"
    
    set replace "\xFB\xBF\x00\x40\x4B\xFA\x9A\xAD\x54\x63\x06\x3E"
    append replace "\x2F\x83\x00\x00\x60\x00\x00\x00\xE8\x61\x01\x88"
    append replace "\x4B\xFF\xF2\xA9\x54\x63\x06\x3E\x2F\x83\x00\x00"
    append replace "\x60\x00\x00\xAC\x38\x61\x00\x70\x4B\xFF\x68\x15"
    Awesome work toolboy!

    Finally, from haxxxen: Just another thanks to you guys and toolboy2012, for making builder working again. it really works smoothly though i am using a modified version without cos auto repack and with selfrebuilder. maybe i will get isorebuilder also working next...

    If i can recall right, there was already a demand of it, but after this forced latest ofw release i've took the chance and created once again a rebug spoofer update task. it will only update the spoofer for rebug mode and it will work for all versions 3.55.4 - 4.46.1.

    Only problem is, it will not work as it is for the updated official ps3mfw builder and gives this "cannot find blabla.self.self" error. with my builder mod and selfrebuilder it works great, so maybe you can take a look at it RedDot-3ND7355 to make it fully working with your updated one and scetool. i have run it on all rebug versions, but only have flashed 4.21.2, so no guarantee for the others, but they also should work fine.

    The task itself makes usage of the updated jailbait spoof task from euss, so it will spoof every entry in version.txt/index.dat and it will not update upl.xml. all other notes are remarked in the task, so it is selfexplanatory. it only includes the latest 4.55 version and a fun spoof of mine and can easily be updated.

    And here my log for 4.46.1 (debug enabled): http://www.ps3news.com/forums/attach...chmentid=37180

    Just a minor note on this, if you modify version.txt file with ps3mfw builder, the encoding changes to dos instead of unix. it works fine this way, but maybe there is a possibility to leave the encoding unchanged? ahh, and please ignore this rebug mode drex version. i have left it and it is only for personal usage...

    Found now the problem. seems rebug have confused some things in their latest builds 4.41 and 4.46 some different question, but anybody knows what this secrect On/Off option from sysinfo is? it was medo from cmp who told me about it some time ago, but he also didn't know what it does. to get it, go under settings into system-settings->systeminformation hold L1+L2+R1+R2 and press select. there comes a On/Off message and it is turned off after every reboot.

    Update #2: PS3MFW Builder 1.0.0 (Build 0.2.2.0) Official Installer Release!

    RedDot-3ND7355 and B7U3 C50SS are back to share the latest update for their PS3MFWBuilder (linked above). For those that don't recall, this tiny GUI allows users to build their own custom firmwares by ticking a few boxes.

    As if the creation process wasn't simple enough, that ease now extends to the installation too. Build 0.2.2.0 now includes a well-designed Windows installer to walk new users through the process. The one curious omission not found in this update is the ability to create firmwares with the 4.60 payload.

    However, the developers do say that a revision is on the way to solve that shortcoming. Unless you know what you're doing, this is the kind of app to use at your own risk. Even though the building procedure is noob-friendly, any modified firmware installation technically has the potential to brick your system.

    Just for fun's sake, the PUPs you make cannot be used for downgrading and do not run on OFW above 3.55.

    Update #3: Update 3 of the Install Our MFW Builder.exe (linked above). This time we've updated the PS3MFW Builder have automatic configuration for your data folder which holds the keys and your TEMP folder as well!!

    So settings are auto-corrected via install FROM simply installing. This includes your TEMP and data folder as stated before. Happy Building!!

    About PS3MFW Builder:

    Description

    For those that don't recall, this tiny GUI allows users to build their own custom firmwares by ticking a few boxes. As if the creation process wasn't simple enough, that ease now extends to the installation too. Build 0.2.2.0+ now includes a well-designed Windows installer to walk new users through the process.

    Unless you know what you're doing, this is the kind of app to use at your own risk. Even though the building procedure is noob-friendly, any modified firmware installation technically has the potential to brick your system. The PUPs you make cannot be used for downgrading and do not run on OFW above 3.55.

    Our Goal

    Make people enjoy a better privacy from Sony, we do not support anti-piracy, tho the ps3 patches included in the tasks are capable of bypassing security to do so. I am truly sorry for that -Endless

    Features
    Code:
    Features by your hard workers in the ps3 scene!
    
    - Protect Privacy
    
    Save your identity & info! Protect your private information from Sony, such as your bank information and more!
    
    - Create fw in a moment!
    
    Easy Process.. Make a CFW/MFW or any other fw in a flash! Distribute them at your own risks! Creating has never been this easy! Magic one click away!  Since automatic settings, you can now build your .PUP's without worrying!
    
    Our Features
    
    - LV0
    
    Patching of lv0 to revoke security!
    
    - LV1
    
    Patching of lv1 for more access!
    
    - LV2
    
    Patching of lv2 for more access!
    
    - IPF
    
    Install package files added for your needs of apps!
    
    - Security
    
    Better security from being hacked and more!
    
    - Privacy
    
    Protect your identity/credentials from Sony!
    
    - Piracy
    
    Unprotect your downloaded games!
    
    - VSH
    
    VSH patches for your needs of games!
    
    - More
    
    Extra patches for more awesome features!
    The Team

    KaKaRoto - Founder
    Code Monkeys - Founder
    RedDot-3ND7355 - Developer
    B7U3 C50SS - Developer
    PSX Members - Contributors
    Habib - Contributor

    Update #4: Our team has just released a new update for the installer of PS3MFW Builder v1 which includes the latest build: 2.2.1! This new build has been set to fill your settings automatically for your needs and now installs on your C drive directly to remove errors such as black screen & packing errors!

    PS3MFW updated for 4.65

    * Default set for 4.65 basic/vanilla fully patched PUP like any Rogero, default HABIB:

    1. MADE OUT OF 4.65 OFW
    2. HAVE INSTALL PACKAGE FILES AND APP_HOME
    3. HAVE REACTPSN COMPATIBILITY
    4. PATCHED LV0 TO DISABLE COREOS ECDSA CHECK
    5. PATCHED LV2 TO ADD PEEK/POKE SUPPORT and MORE
    6. PATCHED LV1 TO DISABLE LV2 PROTECTION
    7. PATCHED LV1 TO ADD PEEK/ POKE SUPPORT and THE USUAL FOR DOWNGRADE
    8. IT CAN RUN GAMES SIGNED WITH KEYS UPTO 4.65
    9. CAN BE UPDATED OVER ANY CFW.
    10. CAN BE UPDATED OVER 3.55 OFW
    11.A. BYPASS BT/BD UPL.XML PATCH FOR HARDWARE DOWNGRADE
    11.B !!NEW NOBT/BD PATCH NOT ADDED!! >> Added the LV1 NoBD Patch from Zecoxao, Select from Lv1 tasklist if REQUIRED
    12. RSOD BYPASS (Not ENABLED by DEFAULT! -- Select if REQUIRED!)
    13. REACTPSN OFFLINE PATCH ADDED
    14. BETTER SYSTEM STABILITY
    15. PSP REMASTER SUPPORT ADDED
    16. QA FLAG ENABLED BY DEFAULT IF PS3 WAS QA ON 3.55
    Code:
    Patching Screenshot Option
    Part 1
    Executing command ::patch_elf $elf $search 0 $replace
    patched offset: 0x1850b5
    Part 2
    Executing command ::patch_elf $elf $search 0 $replace
    patched offset: 0x186cf1
    Done vsh.self patches for screenshots
    Patching vsh.self.elf to allow running of unsigned applications!
    Part 1 --  4.6x
    Executing command ::patch_elf $elf $search 0 $replace
    patched offset: 0x5ee660
    Patching vsh.self.elf to allow running of unsigned applications!
    Part 2
    Executing command ::patch_elf $elf $search 0 $replace
    patched offset: 0x244bcc
    Patching vsh.self.elf 4.60 to allow debug pkg installs
    Executing command ::patch_elf $elf $search 0 $replace
    patched offset: 0x23ff4c
    Patching vsh.self.elf for ReactPSN ONLINE/OFFLINE
    Updated pattern for 4.65
    Part 1
    Executing command ::patch_elf $elf $search 0 $replace
    patched offset: 0x2455a4
    Part 2
    Executing command ::patch_elf $elf $search 0 $replace
    patched offset: 0x24502c
    Rebuilding self file vsh.self.self
    Self successfully rebuilt
    
    ******** Running task: "patch_lv0.tcl" **********
    Skipping unpacking coreos, allready done
    Applying LV0 patches....
    Skipped extracting of lv0 ldr's, allready did
    Patching 4.xx lv1ldr...
    patched offset: 0x6ee0
    Rebuilding self file lv1ldr.self.self
    Self successfully rebuilt
    Patching 4.xx LV1LDR ECDSA CHECKS......
    patched offset: 0x6f48
    Rebuilding self file lv1ldr.self.self
    Executing command makeself2 $in $out MySelfHdrs
    Removed -a because it dosent need it
    Executing command shell ${::SCETOOL2} -0 SELF -1 $MyCompressed -s $skipsection -2 $MyKeyRev -3 $MyAuthID -4 $MyVendorID -5 $MySelfType  -A $MyAppVersion -6 $MyFirmVersion -8 $MyCtrlFlags -9 $MyCapabFlags -z $ZlibCompressLevel -e $in $out
    Executing shell scetool2 -0 SELF -1 FALSE -s FALSE -2 00 -3 1FF0000008000001 -4 00000000FF000000 -5 LDR -A 0004006500000000 -6 0000000000000000 -8 0000000000000000000000000000000000000000000000000000000000000000 -9 0000000000000000000000000000000000000000000000780000000000000000 -z -1 -e C:/Users/urmomindebutt/AppData/Local/Temp/PS3MFW/PS3MFW-MFW/update_files/CORE_OS_PACKAGE/lv1ldr.self.elf C:/Users/urmomindebutt/AppData/Local/Temp/PS3MFW/PS3MFW-MFW/update_files/CORE_OS_PACKAGE/lv1ldr.self.self
    Self successfully rebuilt
    Patched lv1ldr
    Patching 4.xx lv2ldr...
    Part 1
    patched offset: 0x22b8
    Rebuilding self file lv2ldr.self.self
    Self successfully rebuilt
    Part 2
    patched offset: 0x2aa0
    Rebuilding self file lv2ldr.self.self
    Self successfully rebuilt
    Patching 4.xx LV2LDR ECDSA CHECKS.....
    patched offset: 0x47e8
    Rebuilding self file lv2ldr.self.self
    Self successfully rebuilt
    Patched lv2ldr
    Patching 4.xx isoldr...
    Part 1
    patched offset: 0x36c0
    Rebuilding self file isoldr.self.self
    Self successfully rebuilt
    Part 2
    patched offset: 0x3ea8
    Rebuilding self file isoldr.self.self
    Self successfully rebuilt
    Patching 4.xx ISOLDR ECDSA CHECKS......
    patched offset: 0x2898
    Rebuilding self file isoldr.self.self
    Self successfully rebuilt
    Patched isoldr
    Patching 4.xx appldr...
    Part 1
    patched offset: 0x1ce0
    Rebuilding self file appldr.self.self
    Self successfully rebuilt
    Part 2
    patched offset: 0x1fa8
    Rebuilding self file appldr.self.self
    Self successfully rebuilt
    Part 3
    patched offset: 0x3da4
    Rebuilding self file appldr.self.self
    Self successfully rebuilt
    Part 4
    patched offset: 0x56d8
    Rebuilding self file appldr.self.self
    Self successfully rebuilt
    Part 5
    patched offset: 0x78b0
    Rebuilding self file appldr.self.self
    Self successfully rebuilt
    Patching LV0 4.xx ldrs ECDSA CHECKS !
    patched offset: 0x5740
    Rebuilding self file appldr.self.self
    Executing command shell ${::SCETOOL2} -0 SELF -1 $MyCompressed -s $skipsection -2 $MyKeyRev -3 $MyAuthID -4 $MyVendorID -5 $MySelfType  -A $MyAppVersion -6 $MyFirmVersion -8 $MyCtrlFlags -9 $MyCapabFlags -z $ZlibCompressLevel -e $in $out
    Executing shell scetool2 -0 SELF -1 FALSE -s FALSE -2 00 -3 1FF000000C000001 -4 00000000FF000000 -5 LDR -A 0004006500000000 -6 0000000000000000 -8 0000000000000000000000000000000000000000000000000000000000000000 -9 0000000000000000000000000000000000000000000000780000000000000000 -z -1 -e C:/Users/urmomindebutt/AppData/Local/Temp/PS3MFW/PS3MFW-MFW/update_files/CORE_OS_PACKAGE/appldr.self.elf C:/Users/urmomindebutt/AppData/Local/Temp/PS3MFW/PS3MFW-MFW/update_files/CORE_OS_PACKAGE/appldr.self.self
    Self successfully rebuilt
    Patched appldr
    Done LV0 patches....
    
    ******** Running task: "patch_lv1.tcl" **********
    Patch core OS Hash check core os for 4.6x
    Added by RedDot-3ND7355
    patched offset: 0x2dfa70
    Patching LV1 hypervisior to remove LV2 protection for 4.6x
    Added by RedDot ;)
    patched offset: 0x23aab0
    Patching LV1 hypervisor to add peek/poke support for 4.6x
    Added by RedDot-3ND7355
    patched offset: 0x129e4c
    Patching System Manager to disable integrity check
    Fixed by RedDot-3ND7355
    patched offset: 0x23aa9c
    Patching LV1 to enable skipping of ACL checks for all storage devices
    Confirmed Legit by RedDot-3ND7355
    patched offset: 0x7c504
    Patching LV1 hypervisor to allow mapping of any memory area for 4.xx (1006151)
    Feature fixed by RedDot-3ND7355
    OHH MYY GOD! Does he really excist? :laugh:
    patched offset: 0x61ecf
    Rebuilding self file lv1.self.self
    Self successfully rebuilt
    
    ******** Running task: "patch_lv2.tcl" **********
    An extra patch for payload stability -- Updated 4.65 Pattern! :)
    patched offset: 0x2b02bc
    Patching LV2 with SysCall36 4.6x CFW
    Part 1
    Updated 4.6x patterns!
    patched offset: 0x66590
    lv2-syscall 4.6x Part 2
    patched offset: 0x66600
    lv2-syscall 4.65 Part 3 Updated 4.65 pattern!
    patched offset: 0x6a64c
    UPDATED Hermes payload 4.65 LV2
    patched offset: 0x2fd8c8
    Patching LV2 Peek&Poke Part 1
    Updated 4.65 Pattern!
    WARNING: MAY TAKE A WHILE... :banghed:
    patched offset: 0x11560
    Part 2
    Updated for 4.65 -- WARNING: MAY ALSO TAKE A WHILE :P ORLY?
    patched offset: 0x373a4d
    Patching/Disable UPDATED NPDRM ECDSA signature check! 4.65 -- LV2
    Updated 4.65 patterns!
    patched offset: 0x27fddc
    Patching miscs
    Added by RedDot -- same patterns! -- 4.6x! :)
    patched offset: 0x66654
    Part 2 -- 4.6x!
    patched offset: 0x69e64
    Rebuilding self file lv2_kernel.self.self
    Self successfully rebuilt
    
    ******** Running task: "patch_nas_plugin.tcl" **********
    Patching nas_plugin.sprx.elf to allow pseudo-retail pkg installs
    Proved Legit by RedDot-3ND7355
    patched offset: 0x3264
    Habib's patterns!
    Added by RedDot-3ND7355!
    Part 1
    patched offset: 0x24394
    Part 2
    patched offset: 0x2eca8
    Rebuilding self file nas_plugin.sprx.self
    Executing command shell ${::SCETOOL2} -0 SELF -1 $MyCompressed -s $skipsection -2 $MyKeyRev -3 $MyAuthID -4 $MyVendorID -5 $MySelfType  -A $MyAppVersion -6 $MyFirmVersion -8 $MyCtrlFlags -9 $MyCapabFlags -z $ZlibCompressLevel -e $in $out
    Executing shell scetool2 -0 SELF -1 TRUE -s FALSE -2 1C -3 1070000052000001 -4 0000000001000002 -5 APP -A 0004006000000000 -6 0000000000000000 -8 4000000000000000000000000000000000000000000000000000000000000000 -9 00000000000000000000000000000000000000000000007B0000000100020000 -z -1 -e C:/Users/urmomindebutt/AppData/Local/Temp/PS3MFW/PS3MFW-MFW/update_files/dev_flash/dev_flash/vsh/module/nas_plugin.sprx.elf C:/Users/urmomindebutt/AppData/Local/Temp/PS3MFW/PS3MFW-MFW/update_files/dev_flash/dev_flash/vsh/module/nas_plugin.sprx.self
    Self successfully rebuilt
    
    ******** Running task: "patchcombo.tcl" **********
    Patching SPKG ECDSA verifier to disable ECDSA check
    Feature fixed by RedDot-3ND7355 ;)
    Used for a DB OFW Build, Deselect ALL Other Patches!
    patched offset: 0x3154
    Rebuilding self file spu_pkg_rvk_verifier.self.self
    Self successfully rebuilt
    Patching spu token processor!
    Feature Added by RedDot-3ND7355 ;)
    Thanks habib for the patterns!
    patched offset: 0x2b0
    Rebuilding self file spu_token_processor.self.self
    Executing command shell ${::SCETOOL2} -0 SELF -1 $MyCompressed -s $skipsection -2 $MyKeyRev -3 $MyAuthID -4 $MyVendorID -5 $MySelfType  -A $MyAppVersion -6 $MyFirmVersion -8 $MyCtrlFlags -9 $MyCapabFlags -a $MyIndivSeed -z $ZlibCompressLevel -e $in $out
    Executing shell scetool2 -0 SELF -1 FALSE -s FALSE -2 01 -3 1070000023000001 -4 0000000007000001 -5 ISO -A 0004006500000000 -6 0000000000000000 -8 0000000000000000000000000000000000000000000000000000000000000000 -9 0000000000000000000000000000000000000000000000780000000000000000 -a ABCAAD1771EFABFC2B921276FAC2130C37A6BE3FEF82C79F3BA5733FC35A690B08B358F970FA16A3D2FFE2299E841EE4D3DB0E0C9BAEB51BC7DFF10467472F85000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -z -1 -e C:/Users/urmomindebutt/AppData/Local/Temp/PS3MFW/PS3MFW-MFW/update_files/CORE_OS_PACKAGE/spu_token_processor.self.elf C:/Users/urmomindebutt/AppData/Local/Temp/PS3MFW/PS3MFW-MFW/update_files/CORE_OS_PACKAGE/spu_token_processor.self.self
    Self successfully rebuilt
    Patching SPP verifier!
    Feature Added by RedDot-3ND7355 :)
    Thanks habib for the patterns!
    patched offset: 0x12a8
    Rebuilding self file spp_verifier.self.self
    Self successfully rebuilt
    
    ******** Running task: "patch_category_game.tcl" **********
    Patching explore_category_game.sprx.elf to allow install pkg
    Special feature added by RedDot-3ND7355
    4.xx Patch to allow installation of packages! (part 1)
    explore_category_game.sprx
    patched offset: 0xb597c
    Rebuilding self file explore_category_game.sprx.self
    Self successfully rebuilt
    Patched explore_category_game.sprx
    Patching explore_plugin.sprx.elf to allow install pkg
    Special feature added by RedDot-3ND7355
    4.xx Patch to allow installation of packages! (part 2)
    explore_plugin.sprx
    patched offset: 0x1fd910
    Patched explore_plugin.sprx
    Rebuilding self file explore_plugin.sprx.self
    Self successfully rebuilt
    Modded XML: category_game.xml
    
    ******** Completed tasks **********
    Rebuilding self file lv0.self
    Executing command shell ${::SCETOOL2} -0 SELF -1 $MyCompressed -s $skipsection -2 $MyKeyRev -3 $MyAuthID -4 $MyVendorID -5 $MySelfType  -A $MyAppVersion -6 $MyFirmVersion -8 $MyCtrlFlags -9 $MyCapabFlags -z $ZlibCompressLevel -e $in $out
    Executing shell scetool2 -0 SELF -1 FALSE -s FALSE -2 00 -3 1FF0000001000001 -4 00000000FF000000 -5 LV0 -A 0004006500000000 -6 0000000000000000 -8 0000000000000000000000000000000000000000000000000000000000000000 -9 0000000000000000000000000000000000000000000000780000000000000000 -z -1 -e C:/Users/urmomindebutt/AppData/Local/Temp/PS3MFW/PS3MFW-MFW/update_files/CORE_OS_PACKAGE/lv0.elf C:/Users/urmomindebutt/AppData/Local/Temp/PS3MFW/PS3MFW-MFW/update_files/CORE_OS_PACKAGE/lv0.self
    CORE_OS Repacked!
    Custom dev_flash deleted
    spkg's added to list
    pkg's added to list
    img's added to list
    dev_flash 3 added to list
    dev_flash added to list
    
    PKG TAR created
    PUP original build:64266
    Packing Modified PUP 1.PUP_4.65.pup
    Executing shell pkgtool -debug no -action pack -type pup -in {C:\Users\urmomindebutt\AppData\Local\Temp\PS3MFW\PS3MFW-MFW} -out C:/Users/urmomindebutt/Desktop/1.PUP_4.65.pup -buildnum 64266
    Created PUP!
    PS3MFW Builder 1.0.0 (Our MFW 1.0.0) Build 2.0.0 is Released

    PS3MFW Builder 1.0.0 (Our MFW 1.0.0) Build 2.0.0 is Released

    More PlayStation 3 News...
    Attached Thumbnails<br><br> Attached Thumbnails

    poZV3eU.gif   about(1).jpg   about(2).jpg   about(3).jpg   about(4).jpg  
    Attached Files Attached Files

  5. #15
    Senior Member hishamage's Avatar
    Join Date
    Aug 2012
    Posts
    88
    Quote Originally Posted by SuperSaiyen View Post
    I used the older MFW builder v.0.2.1 to build a cfw 3.15 quite a while back. Does this newer version add any additional features i can patch onto v.3.15 ofw? From what i see in the docs- Patch VSH to Run unsigned app's (3.xx&4.xx), and [3.xx&4.xx] Add "Install Package Files icon to the XMB Game Category [3.xx&4.xx] Add "/app_home" icon to the XMB Game Category.

    Seems it might be better to redo my mfw3.15 with this newer MFW builder 1.0? Any insight appreciated.
    Yes.. You can use this to make 3.15 cfw

  6. #16
    Contributor PLAYER 1's Avatar
    Join Date
    Jan 2011
    Posts
    9
    Thanks for this tool, could you add a patch to avoid broken wi-fi check ? that cause blue screen al start up.

  7. #17
    Senior Member SuperSaiyen's Avatar
    Join Date
    Apr 2007
    Posts
    81

    Thumbs Up

    I just used my older version of MFW builder to finally make and install 3.15 cfw. It is pretty awesome in that i still have my original OtherOS YDL6.0 and Zerogame partition which was not affected at all.

    In addition, i was able to install and run an older version of showtime player i was previously unable to install/run. Even better, I was able to install and run One, and play my PS1 backups which i could not do before. I was using my ipod 2g to JB with a PL3 payload before, and i still have to use that boot method if i want multiman 1.16 to still work.

    Been trying to find another backup manager that will work on this cfw, but none either work or ask to update to 3.40+. None of the emulators i've tried seem to work, eg. snes9x, Retroarch (and standalones). FBAnext cfw1.92 ran, but no matter where i locate roms folder, it says it doesn't find any.

    Anyways, I am happy i still have my older emus still on linux, and now have showtime and PS1 player running on cfw. Wish i knew the difference on this lvl1 and lvl2 patched cfw and the PL3 payload as some of my prior Homebrew still only works with the JB method. Not sure if the signing is incorrect or newer fw features called that are not present in 3.15.

    Multiman for example won't work on the cfw alone, as it could never enable BD emulation, no matter what BDemu.pkgs i installed. Think i'll recreate this MFW but spoof it to 3.70 next time just to try installing/running some homebrew that ask for higher than 3.15.

 

Sponsored Links
Page 2 of 2 FirstFirst 12
Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News