Latest PS3 News Forum Updates

  • News
  • Posts
  • PS3 CFW
  • PS3 Files
  • PS3 Hacks
  • PS3 Help
  • PS3 Releases
  • PS3 Themes
  • PS3 Trophies
  • PS Vita Trophies
PS3 News PS3 CPU / GPU still too hot help? - 8m ago
Neo Cyrus PS3 Fan Control Utility v0.3 for 4.31 and 4.40 CFW CEX is Released - 2h ago
Ek2112 Introductions: Hello Everyone, I'm New at PS3News.com! - 3h ago
predprey Fixing Tales of Graces F for PS3 CFW 3.55 - 3h ago
flaviud PSN Games Decrypted for PS3 Custom Firmware 3.55 by DUPLEX! - 4h ago
karpof PS3 DVDROM can i remarry help? - 6h ago
panosp does anybody know when does rogero 4.41 come? - 8h ago
dekaspace Replacement blu-ray, fixed mechanism won't read help? - 9h ago
windrider42 PS3 CECH-2504A Jailbreak help? - 10h ago
ZerotakerZX What GTA 4 CFW U Using? - 13h ago
  1. 01-27-2010 #1
    shummyr's Avatar
    shummyr
    shummyr is offline Senior Member shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of

    Dumping Level 2 Code

    How do you dump Code from Lvl2 on a ps3 test, like if you wanted to look at any data or anything?

    Reply With Quote Reply With Quote
  3. 01-27-2010 #2
    CJPC's Avatar
    CJPC
    CJPC is offline Toucan Sam CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of
    You can not dump out LV2 (the kernel) - that memory area is protected, on a TEST, and even on a TOOL without internal files.

    Reply With Quote Reply With Quote
  4. 01-27-2010 #3
    rickylyh's Avatar
    rickylyh
    rickylyh is offline Registered User rickylyh has much to be proud of rickylyh has much to be proud of rickylyh has much to be proud of rickylyh has much to be proud of rickylyh has much to be proud of rickylyh has much to be proud of rickylyh has much to be proud of rickylyh has much to be proud of rickylyh has much to be proud of rickylyh has much to be proud of rickylyh has much to be proud of
    if we could do it, ps3 is hacked...

    Reply With Quote Reply With Quote
  5. 01-27-2010 #4
    shummyr's Avatar
    shummyr
    shummyr is offline Senior Member shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of shummyr has much to be proud of
    i was curious because i wanted to dump data from a disc.

    Reply With Quote Reply With Quote
  6. 01-27-2010 #5
    CJPC's Avatar
    CJPC
    CJPC is offline Toucan Sam CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of
    If you want to dump data from a disk, you can use cellftp.self, load it up on your console in Debug mode, and then you can copy the files out to app_home.

    Reply With Quote Reply With Quote
  7. 04-05-2010 #6
    CodeKiller's Avatar
    CodeKiller
    CodeKiller is offline Senior Member CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of

    Lightbulb

    I'm just wondering: you can run unsigned code on test/debug, but no lv2 dump? Why not using the hv-exploit to gain full access in gameos? The excuse to run it in linux is that retail models can run unsigned codes only in otheros. But what about the test/debug units?

    Reply With Quote Reply With Quote
  8. 04-05-2010 #7
    ekrboi's Avatar
    ekrboi
    ekrboi is offline Senior Member ekrboi has a reputation beyond repute ekrboi has a reputation beyond repute ekrboi has a reputation beyond repute ekrboi has a reputation beyond repute ekrboi has a reputation beyond repute ekrboi has a reputation beyond repute ekrboi has a reputation beyond repute ekrboi has a reputation beyond repute ekrboi has a reputation beyond repute
    If I'm not mistaken.. there is no otheros on the debug/test units.. so no exploit..

    Reply With Quote Reply With Quote
  9. 04-05-2010 #8
    CodeKiller's Avatar
    CodeKiller
    CodeKiller is offline Senior Member CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of CodeKiller has much to be proud of
    Quote Originally Posted by ekrboi View Post
    If I'm not mistaken.. there is no otheros on the debug/test units.. so no exploit..
    no, they have (up to fw3.20).. but that's not the interesting part. You can run unsigned (aka homebrew) codes in gameos which can include the exploit. And then if you make dump (in gameos), it should contains the uncrippled lv2.

    Reply With Quote Reply With Quote
  10. 04-05-2010 #9
    ruger1234's Avatar
    ruger1234
    ruger1234 is offline Registered User ruger1234 is on a distinguished road
    Quote Originally Posted by CodeKiller View Post
    no, they have (up to fw3.20).. but that's not the interesting part. You can run unsigned (aka homebrew) codes in gameos witch can include the exploit. And then if you make dump (in gameos), it should contains the uncrippled lv2.
    I think you are exactly right. I can not imagine OtherOS being needed to exploit the "deallocation+glitching combo" vulnerability on a TEST.

    On the Xbox 360 we had the same situation way back when kernel 4532/4548 first were found vulnerable i 2007. Linux was needed to run the exploit on retail boxes (to get the fuseset with the CPU key). On XDKs (devkits) it was not really needed, but many people stilled used the Linux approach since it was simple. However there are also XEXs today that exploit the same vulnerability without the need for Linux.

    My explaination above is a bit oversimplified of course. For those who wonders unsigned shaders were used to write to memory in the first place on the Xbox 360. That made it possible to get control of the instruction pointer, which in turn made it possible to load Linux.

    Linux was only an environment in which the fuseset reading could easily be done afterwards.

    On the XDKs shaders were not needed to pull of the exploit. An XEX could do the exploit directly and read the fuseset.

    Still many people used the retail tools on XDKs and used shaders to load Linux, and then used Linux as a platform to get the fuseset.


    Last edited by ruger1234; 04-05-2010 at 12:02 PM Reason: Automerged Doublepost
    Reply With Quote Reply With Quote