Sponsored Links

Sponsored Links

Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 30



  1. #11
    Junior Member BluEvo's Avatar
    Join Date
    Sep 2005
    Posts
    74
    Sponsored Links
    Sponsored Links
    Quote Originally Posted by cfwprophet View Post
    This is not a attack but i mean you dont understand. Becouse every success on a dev ps3 will be also a seccuss for the retail ps3. So in case the retail con are good secured they have no chanche to study the ps3 and learn more about here internals.

    So even if this is not the success that you and the whole community will wait for it will be a big step in hacking the ps3. And dont forget that the hardware of dev and retail cons are quit the same.
    I suppose your right.

    In addition with what you also mentioned with the PS3 Devs learning more, once the PS3 retails consoles are eventually hacked, which I presume will only be a matter of time , then this will also become useful to everyone.

  2. #12
    Registered User RexVF5's Avatar
    Join Date
    Dec 2007
    Posts
    185
    Sponsored Links
    Sponsored Links
    Quote Originally Posted by XVISTAMAN2005 View Post
    Well this took some time but we have it sorted out, CJPC posted a while back ago that an eboot.bin had been decypted from memory. The bad thing about this is that it is verry difficult to figure out how the file was before it was loaded and to put it back to an executalbe file. Well after HRS and sleepless nights this has been sorted and put in an easy to do map. The following is an example of the the file location offsets located in the elf header. Based on this the file can be rebuilt in a matter of mins.

    NOTE: THIS IS JUST AN EXAMPLE OF HOW IT COULD BE DONE THE MEMORY OFFFSET LOACTIONS CAN CHANGE A BIT FROM FILE TO FILE SO ONE WOULD HAVE TO DOUBLE CHECK THERE MEM DUMP FOR SECTIONS IF THE OFFSET TABLE DOES NOT MATCH UP BUT THIS MAP WAS USED ON 3 DIFFERNT EBOOT.BIN'S SO FAR HOPE THIS EXPLAINS IT A BIT FOR YA.

    thanks to CJPC and IDONE
    Has anyone knowing PPC assembly loaded this into IDA or something similar?

  3. #13
    Registered User tvdbz431's Avatar
    Join Date
    Jun 2006
    Posts
    33
    Sponsored Links
    Sponsored Links
    Just wanted to say thanks and to keep up the good work guys. I myself am in school for computer science and I know first hand how difficult stuff like this can be.

  4. #14
    Registered User steven789's Avatar
    Join Date
    Feb 2008
    Posts
    15
    keep up the good work !

  5. #15
    Senior Member cfwprophet's Avatar
    Join Date
    Jul 2008
    Posts
    1,815

    Smile More Difficult

    Quote Originally Posted by BluEvo View Post
    I suppose your right.

    In addition with what you also mentioned with the PS3 Devs learning more, once the PS3 retails consoles are eventually hacked, which I presume will only be a matter of time , then this will also become useful to everyone.
    Thx but my mentioning goes to that that the retail ps3 cant be hacked without hacking the development ps3 (to this time). If they could not understand how the console work how they should be able to hack it? So ps3 is a little bit different then the other two one. The wii would be hacked via a save game exploit and the common-key.

    With this two things (and a few more) team twiizers could write a hack and sign the hacked save game data with the common-key >> the Twilight Hack was born. But the ps3 is secured against such buffer overflow attacks.If the buffers get be overflowed the console turns off and clears the ram (hope thats right). Hack is dead! Sure there are many ps3 exploits (such as tiff exploit) in the wild but all will be useless.

    So every step on a dev is also a step for retail consoles.Other example: The retail ps3 get be hacked but in case the second encryption layer on disk is still uncracked how do you want to get a use able img? Or if no one knows how to make a pack file from a game to install it on hdd, how do you want to play games from it? It is not only to hack the retail ps3 or to find a hack and tell it every one, so that sony could patch it befor we know for what we could use it or better say WHEN! we could use it. It is also to HAVE something to use with it

    And at last dont forget that we dont know any key for the ps3 so that we could sign the data and make it executeable like it works on the wii.

    The Wii use .elf/.dol what the knowed from the gc.Im not sure but i think the elf/dol from wii will be a little bit different then the one from gc (but im not sure). This made it mor easyer to write a hb elf/dol. The ps3 use self´s, this will be a more secured elf, as idone explained it. Without cracking the self or finding a way to dump the elf out of the self they could not to study it. If some one could hack the retail ps3 what should we do without the ability to alter the data or to write our owen files?

    So there for development on a dev ps3 are also importend like to keep infos such like the hdd encryption (exploit) be underground till we have a way to use it or some one could use it to make something good with it. Like to study, maybe new files, and get more infos about the console self.

    Peace cfwprpht

  6. #16
    Junior Member BluEvo's Avatar
    Join Date
    Sep 2005
    Posts
    74
    Quote Originally Posted by cfwprophet View Post
    Thx but my mentioning goes to that that the retail ps3 cant be hacked without hacking the development ps3 (to this time). If they could not understand how the console work how they should be able to hack it? So ps3 is a little bit different then the other two one. The wii would be hacked via a save game exploit and the common-key.

    With this two things (and a few more) team twiizers could write a hack and sign the hacked save game data with the common-key >> the Twilight Hack was born. But the ps3 is secured against such buffer overflow attacks.If the buffers get be overflowed the console turns off and clears the ram (hope thats right). Hack is dead! Sure there are many ps3 exploits (such as tiff exploit) in the wild but all will be useless.

    So every step on a dev is also a step for retail consoles.Other example: The retail ps3 get be hacked but in case the second encryption layer on disk is still uncracked how do you want to get a use able img? Or if no one knows how to make a pack file from a game to install it on hdd, how do you want to play games from it? It is not only to hack the retail ps3 or to find a hack and tell it every one, so that sony could patch it befor we know for what we could use it or better say WHEN! we could use it. It is also to HAVE something to use with it
    Thanks, I now fully understand what you mean
    Quote Originally Posted by cfwprophet View Post
    And at last dont forget that we dont know any key for the ps3 so that we could sign the data and make it executeable like it works on the wii.
    I never forgot about this, it is the same on the Xbox 360. And if the PS3 key is anything like the Xbox 360 key then the only way anyone could get this is if the PS3 key get leaked (less probable) or gets stolen (more probable but still this event happening is slim to none).
    Quote Originally Posted by cfwprophet View Post
    The ps3 use self´s, this will be a more secured elf, as idone explained it. Without cracking the self or finding a way to dump the elf out of the self they could not to study it. If some one could hack the retail ps3 what should we do without the ability to alter the data or to write our own files?
    I didn't expect anything else from $ony , they maxed out security after the PSP got hacked.

  7. #17
    Senior Member shummyr's Avatar
    Join Date
    Sep 2008
    Posts
    740

    PS3 Eboot Decryption

    I was wondering how do i decrypt a retail eboot?

  8. #18
    Senior Member cfwprophet's Avatar
    Join Date
    Jul 2008
    Posts
    1,815
    You couldnt !!
    The only way was to have a Debug/Test PS3 and the Software Devkit installed on your PC.After that you used both together to optain the decrypted Eboot.bin from Memory.

    But if im not wrong then Sony have patched this and you couldnt get hands on the decrypted executeable anymore.

  9. #19
    Banned User
    Join Date
    Jan 2007
    Posts
    414
    Quote Originally Posted by cfwprophet View Post
    you couldnt get hands on the decrypted executeable anymore.
    Yes this is posted because it's not possible since 2.10 or so. It's only of use for those older selfs.

  10. #20
    Senior Member shummyr's Avatar
    Join Date
    Sep 2008
    Posts
    740
    Quote Originally Posted by cfwprophet View Post
    You couldnt !!
    The only way was to have a Debug/Test PS3 and the Software Devkit installed on your PC.After that you used both together to optain the decrypted Eboot.bin from Memory.

    But if im not wrong then Sony have patched this and you couldnt get hands on the decrypted executeable anymore.
    Quote Originally Posted by idone View Post
    Yes this is posted because it's not possible since 2.10 or so. It's only of use for those older selfs.
    So it is no longer possible to obtain the eboot from the ps3 side, is there a way i can do it on the pc side of things?

 

Sponsored Links
Page 2 of 3 FirstFirst 123 LastLast
Advertising - Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News