Sponsored Links

Sponsored Links

Page 1 of 2 12 LastLast
Results 1 to 10 of 17



  1. #1
    Contributor titanmkd's Avatar
    Join Date
    Jan 2010
    Posts
    29
    Sponsored Links

    Post How to Build GeoHot PS3 Exploit Easily from Kernel Build to Exploit Run

    Sponsored Links
    Tested on Yellow Dog Linux 6.2 (developer install) but should work on any linux distribution. (Yellow Dog Linux 6.2 DVD link: [Register or Login to view links])

    Required before before to start this tutorial:

    1) Have a working internet connection (to download exploit and kernel source).
    2) Have at least 60MB of hard disk free for /boot/ (required to install new kernel).
    3) Have at least 1GB of hard disk free for /usr/src/ (required for kernel source build).
    4) Have done the PS3 hardware with a push button connected to a PIC/FPGA... to send a pulse of 40ns on the Memory Bus Controller. (else the exploit will run infinitely and lockup everything until hard reset).

    Step1 building the kernel and booting on it:

    1) Launch a shell and logon as root user using "su -" (required later to install kernel ...)
    2) Download Linux Kernel 2.6.25(linux-2.6.25.tar.bz2) and the exploit in /usr/src/
    3) Extract kernel and exploit in /usr/src/
    4) Change directory to kernel directory source and use PS3 default config for kernel.
    5) Build the kernel.
    6) Install the kernel in /boot/
    7) Install the kernel modules (required to build the exploit).
    8) 8) Add new kernel config to kboot config using 720p fullscreen mode (/boot/etc/kboot.conf).
    9) Reboot on newly built kernel 2.6.25 (type reboot in shell)
    When kboot: appear click on keyboard "Tab" until you see kernel 2.6.25 and click on enter.
    If X server cannot be launched click on cancel or NO, in any case use shell with Ctrl+Alt+F1 and logon as root.

    Step2 building and launching the exploit:

    1) Change directory to Exploit directory and Build it (write make).
    2) Run the exploit.
    3) When "PRESS THE BUTTON IN THE MIDDLE OF THIS" appear push button connected to a PIC/FPGA... to send a pulse of 40ns on the Memory Bus Controller.

    Step1 shell script building the kernel and booting on it:

    File step1.sh:

    [Register or Login to view code]

    Step2 shell script building and launching the exploit:

    File step2.sh

    [Register or Login to view code]

    All scripts can also be downloaded.
    Attached Files Attached Files

  2. #2
    Forum Moderator PS3 News's Avatar
    Join Date
    Apr 2005
    Posts
    28,168
    Sponsored Links
    Sponsored Links
    Thanks for making this handy and detailed guide titanmkd and +Rep to you!

  3. #3
    Senior Member TUHTA's Avatar
    Join Date
    Sep 2008
    Posts
    323
    Sponsored Links
    Sponsored Links
    Nice handly tutorial!! Rep+ to you! But what about harware part? And what to do when we ran step 2? where it will dump or how?

  4. #4
    Contributor titanmkd's Avatar
    Join Date
    Jan 2010
    Posts
    29
    Quote Originally Posted by TUHTA View Post
    Nice handly tutorial!!Cool!Rep+ to you! But what about harware part?And what to do when we ran step 2? where it will dump or how?and e.t.c.
    Yes sorry about hardware part I missed it requires PS3 Fat only because Linux is not anymore supported on PS3 slim

    In fact after step2 you can effectively dump what you want but it requires to modify the exploit.c to add full dump of hv for example

    It can be done by hand in exploit.c:
    at end of void install_hypercall() function after

    [Register or Login to view code]

    add something like:

    [Register or Login to view code]

    And it should display a dump of a part of Hypervisor Call Table ... (to see the dump launch dmesg) and give feedback

  5. #5
    Senior Member adrianc1982's Avatar
    Join Date
    May 2008
    Posts
    428
    titanmkd so this means you now have a dump and are sharing with the devs? I was following the inter-dev relationships thread but saw this one and by the looks you already runned successfully the exploit. If you have run the exploit congrats and thanks for investing your time/money/console.

  6. #6
    Senior Member TUHTA's Avatar
    Join Date
    Sep 2008
    Posts
    323
    and... that's ok... but what about hardware that we need to do exploit? i mean SPI flasher or something! And how to do it?

  7. #7
    Contributor playforfun's Avatar
    Join Date
    Jul 2009
    Posts
    50

    Thumbs Up

    cool tutorial but i don't really want to open my original 60gb JP

    maybe, if one of my friend would like sell me his 40gb blue ray killer, i want try this.

    yep, his ps3 have 3 time blue ray drive changed but each time, the drive is dead

  8. #8
    Contributor Assignator98's Avatar
    Join Date
    Jan 2010
    Posts
    47

    Thumbs Up

    Wow this is a great guide and +rep.

  9. #9
    Contributor titanmkd's Avatar
    Join Date
    Jan 2010
    Posts
    29
    Quote Originally Posted by adrianc1982 View Post
    titanmkd so this means you now have a dump and are sharing with the devs? I was following the inter-dev relationships thread but saw this one and by the looks you already runned successfully the exploit. If you have run the exploit congrats and thanks for investing your time/money/console.
    No, I have no dump because:

    1) My PS3 is an old FAT PS3 still under extended warranty (and i'm sure in 6 month the BlueRay lens will be dead and I could change freely my PS3 for a new one).
    2) I have not done the hardware to generate the glitch.

    I'm very interested in any dumps (to disassemble it) for those who have done the little hardware and dumped the memory ...

    Best Regards

    TitanMKD

  10. #10
    Senior Member TUHTA's Avatar
    Join Date
    Sep 2008
    Posts
    323
    i can't start your step1.sh and step.2 just open up it in console and its so quickly going closed

 

Sponsored Links

Page 1 of 2 12 LastLast
Advertising - Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News