Sponsored Links

Sponsored Links

Results 1 to 9 of 9



  1. #1
    Senior Member shummyr's Avatar
    Join Date
    Sep 2008
    Posts
    740
    Sponsored Links

    Dumping Level 2 Code

    Sponsored Links
    How do you dump Code from Lvl2 on a ps3 test, like if you wanted to look at any data or anything?

  2. #2
    Toucan Sam CJPC's Avatar
    Join Date
    Apr 2005
    Posts
    2,174
    Sponsored Links
    Sponsored Links
    You can not dump out LV2 (the kernel) - that memory area is protected, on a TEST, and even on a TOOL without internal files.

  3. #3
    Banned User rickylyh's Avatar
    Join Date
    Dec 2008
    Posts
    50
    Sponsored Links
    Sponsored Links
    if we could do it, ps3 is hacked...

  4. #4
    Senior Member shummyr's Avatar
    Join Date
    Sep 2008
    Posts
    740
    i was curious because i wanted to dump data from a disc.

  5. #5
    Toucan Sam CJPC's Avatar
    Join Date
    Apr 2005
    Posts
    2,174
    If you want to dump data from a disk, you can use cellftp.self, load it up on your console in Debug mode, and then you can copy the files out to app_home.

  6. #6
    Senior Member CodeKiller's Avatar
    Join Date
    Nov 2009
    Posts
    130

    Lightbulb

    I'm just wondering: you can run unsigned code on test/debug, but no lv2 dump? Why not using the hv-exploit to gain full access in gameos? The excuse to run it in linux is that retail models can run unsigned codes only in otheros. But what about the test/debug units?

  7. #7
    Senior Member ekrboi's Avatar
    Join Date
    Oct 2009
    Posts
    78
    If I'm not mistaken.. there is no otheros on the debug/test units.. so no exploit..

  8. #8
    Senior Member CodeKiller's Avatar
    Join Date
    Nov 2009
    Posts
    130
    Quote Originally Posted by ekrboi View Post
    If I'm not mistaken.. there is no otheros on the debug/test units.. so no exploit..
    no, they have (up to fw3.20).. but that's not the interesting part. You can run unsigned (aka homebrew) codes in gameos which can include the exploit. And then if you make dump (in gameos), it should contains the uncrippled lv2.

  9. #9
    Contributor ruger1234's Avatar
    Join Date
    Mar 2008
    Posts
    23
    Quote Originally Posted by CodeKiller View Post
    no, they have (up to fw3.20).. but that's not the interesting part. You can run unsigned (aka homebrew) codes in gameos witch can include the exploit. And then if you make dump (in gameos), it should contains the uncrippled lv2.
    I think you are exactly right. I can not imagine OtherOS being needed to exploit the "deallocation+glitching combo" vulnerability on a TEST.

    On the Xbox 360 we had the same situation way back when kernel 4532/4548 first were found vulnerable i 2007. Linux was needed to run the exploit on retail boxes (to get the fuseset with the CPU key). On XDKs (devkits) it was not really needed, but many people stilled used the Linux approach since it was simple. However there are also XEXs today that exploit the same vulnerability without the need for Linux.

    My explaination above is a bit oversimplified of course. For those who wonders unsigned shaders were used to write to memory in the first place on the Xbox 360. That made it possible to get control of the instruction pointer, which in turn made it possible to load Linux.

    Linux was only an environment in which the fuseset reading could easily be done afterwards.

    On the XDKs shaders were not needed to pull of the exploit. An XEX could do the exploit directly and read the fuseset.

    Still many people used the retail tools on XDKs and used shaders to load Linux, and then used Linux as a platform to get the fuseset.
    Last edited by ruger1234; 04-05-2010 at 12:02 PM Reason: Automerged Doublepost

 

Sponsored Links

Advertising - Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News