Sponsored Links

Sponsored Links

Page 1 of 45 12311 ... LastLast
Results 1 to 10 of 441



  1. #1
    Senior Member DaedalusMinion's Avatar
    Join Date
    Sep 2010
    Posts
    356
    Sponsored Links

    Thumbs Up Fail0verflow PS3 Tools, GeoHot METLDR Root Key, GT5 Decrypted!

    Sponsored Links
    Update #2: [Register or Login to view links] has now released GeoHot_1st.self (first signed PS3 homebrew on Firmware 3.55) and Lv2diag.self (also Lv2diag.elf in ELF format) stating the following: "...and this is a real self, hello world although it's not NPDRM, so it won't run off the hard drive. shouts to the guys who did PSL1GHT. without you, I couldn't release this. first piece of homebrew you can run, put in service mode, put on usb stick, boot."

    Next up, [Register or Login to view links] has released PUPView BETA, to quote roughly translated: "PUPView is a GUI application used to view and extract the contents of the PUP update files for the PlayStation 3. At the moment it will only permit you to extract, but I also have plans to simplify the creation of new PUP files thanks to the new keys released "

    In other PS3 hacking news today, KaKaRoToKs has released a PS3 PUP Packing Tool, a PS3 OFW to CFW Script and Fix_TAR for PS3 Packages, and superG has released Gpup v1.00 (Win32 PUP Extractor/Packer) (Gpup v1.00 ELF) alongside Gpup v1.00 (Linux PUP Extractor/Packer).

    In more news, DeViL303 announced that TeaM-Acid1C has a PS3 Hybrid PUP WIP which installs on Retail PlayStation 3 consoles and is currently offering it to select testers, inf1 posted a [Register or Login to view links] on IRC, fisacom made available a Hedit Automated Build Script and pojiku shared a PS3 EBOOT Decrpyter Frontend for Unself (Includes Unself + Keys).

    Finally, [Register or Login to view links] has made available both a PS3 SPU emulator and their 27C3 PS3 NOR flasher tweeting the following about them: "our SPU emulator, works fine on most loaders: [Register or Login to view links]. Pushed a repo with the PS3 NOR flasher stuff we used at 27C3: [Register or Login to view links] (sadly you need to adapt it to your own board)" and NORalizer with the PS3 NOR test points is available.

    Update: [Register or Login to view links] and others now have Tales of Graces F, Need for Speed: Hot Pursuit, Gran Turismo 5, and Harry Potter And The Death Hallows Part1 working with rewritten v3.50 PS3 Game EBOOT files on Firmware 3.41 for PlayStation 3 JailBreak users! To quote:
    This guide requires you to have some knowledge of how the SELF and ELF file formats are laid out. I don't have a quick tool to do this for me, but it takes maybe 5 minutes of my time to do it by hand.

    1. Open EBOOT.BIN in a hex editor of your preference.
    2. In EBOOT.BIN, look at the SELF control info, if you see anything resembling the game titleid, it's an NPDRM SELF and this guide won't work, give up.
    3. Use readself on EBOOT.BIN to get information about the encrypted metadata sections.
    4. Unself EBOOT.BIN eboot.elf
    5. Open eboot.elf in a hex editor of your preference.
    6. In eboot.elf, go to every encrypted metadata section (now decrypted), copy its data, and replace the encrypted data in EBOOT.BIN.
    7. In EBOOT.BIN, change SELF header to indicate it's FSELF.
    8. In EBOOT.BIN, change SELF section headers that are marked as encrypted to say they are not encrypted.
    9. If the game is a newer SDK version (like GT5, which is 3.50), in EBOOT.BIN, find the .sys_proc_param segment and change the SDK version to something earlier, such as 3.41. This will probably cause crashes in games that actually use newer SDK features that are not available in earlier SDK versions.
    10. Save EBOOT.BIN
    11. Cross fingers, run game, hope it works.
    Since the 27C3 Conference the PS3 has been completely hacked with a variety of PS3 decrypters and PS3 keys made available, and today [Register or Login to view links] has [Register or Login to view links] their Beta PS3 Tools along with GeoHot releasing the PS3 METLDR root key and GT5 for PlayStation 3 finally being decrypted!

    Downloads: PS3 Tools / PS3 Tools (GIT Dump) / PS3 Tools (MAC) by MrKai / PS3 Firmware Toolbox v1.0 and PS3 Firmware Toolbox v1.1 by Chossy / PS3 Tools (Win32) by user / PS3 3.15 / 3.41 / 3.50 lv2 app/iv keys / PS3 3.55 lv1 key / PS3 3.55 lv1 iv / C Arrays by RMS / PS3 Decryption Pack, PS3 Decryption Pack r1, PS3 Decryption Pack r2, PS3 Decryption Pack r3, PS3 Decryption Pack r4, PS3 Decryption Pack r5, and PS3 Decryption Pack r6 from Xtse / NFS Hot Pursuit PS3 3.41 Working EBOOT.BIN / PS3 Key List.xls / [Register or Login to view links] / PS3 Keys / [Register or Login to view links] / How to Decrypt PS3 EBOOT.BIN or SELF Files in Windows

    [Register or Login to view links] also released SCEkrit and SCEkrit v1.01 which can be useful in obtaining the need 'private' keys for signing PS3 homebrew followed by SCEkrit (Win32) via Nicksasa. So, who wants to sign application SELFs?

    app-priv-rev1: 00 3d e8 01 67 d2 f0 e9 d3 0f 21 45 14 4a 55 8d 11 74 f5 41 0c

    SCEkrit, a tool for obtaining private Sony keys: [Register or Login to view links]

    PS3 METLDR Root Key:

    erk: C0 CE FE 84 C2 27 F7 5B D0 7A 7E B8 46 50 9F 93 B2 38 E7 70 DA CB 9F F4 A3 88 F8 12 48 2B E2 1B
    riv: 47 EE 74 54 E4 77 4C C9 B8 96 0C 7B 59 F4 C1 4D
    pub: C2 D4 AA F3 19 35 50 19 AF 99 D4 4E 2B 58 CA 29 25 2C 89 12 3D 11 D6 21 8F 40 B1 38 CA B2 9B 71 01 F3 AE B7 2A 97 50 19

    R: 80 6E 07 8F A1 52 97 90 CE 1A AE 02 BA DD 6F AA A6 AF 74 17
    n: E1 3A 7E BC 3A CC EB 1C B5 6C C8 60 FC AB DB 6A 04 8C 55 E1
    K: BA 90 55 91 68 61 B9 77 ED CB ED 92 00 50 92 F6 6C 7A 3D 8D
    Da: C5 B2 BF A1 A4 13 DD 16 F2 6D 31 C0 F2 ED 47 20 DC FB 06 70

    ~geohot

    props to fail0verflow for the asymmetric half. no donate link, just use this info wisely. i do not condone piracy. if you want your next console to be secure, get in touch with me. any of you 3. it'd be fun to be on the other side.

    [Register or Login to view links] also stated the following: "No plans for CFW, and btw PSJailbreak team already won the signed PUP contest. Or me if you believe in 3.21OO

    Although I do have other plans possibly, perhaps a 3.55 hello world by the end of the day. Hell, perhaps I'll go out and buy GT5 just to show off homebrew and GT5.

    Perhaps CFW isn't the way to go, we can create official apps, aside from piracy purposes (which I despise), why do we need a CFW? How about something like Cydia for the PS3?"

    Summary of what each PS3 Tool does:
    • makepkg: Creates PKG files
    • makeself: Creates SELF files (from ELF's)
    • norunpack: Extracts data from a NOR flash dump (like the PS3 Flash)
    • puppack: Make Playstation Update Files (PUP)
    • pupunpack: Unpacks PUP Files
    • readself: Reads SELF and echos information about it
    • sceverify: Check and Confirm Sony files
    • unpkg: Decrypt and extract PKG files
    • unself: Changes a SELF back to an ELF

    From [Register or Login to view links], who also noted he found the PSP Master Keys on the PS3 via IRC today: here are how some start : d76aa478... (HMAC key), 428a2f98... (AES key), 004080c01b5b9b... (AES key), 9802c4e6ec... (AES key) And so on... Want kirk keys? 1. Go to /dev_flash/pspemu/release/emulator_drm.sprx, decrypt it 2. get spu_handler.isoself, decrypt, grab keys. 3. Profit

    Here for the sake of it, isoldr keys:

    PS3 1.00-3.30 isoldr keys:

    erk: 8860D0CFF4D0DC688D3223321B96B59A777E6914961488E070 48DAECB020ECA4
    riv: C82D015D46CF152F1DD0C16F18B5B1E5

    PS3 3.55 isoldr keys:

    erk: BDB74AA6E3BA2DC10B1BD7F17198399A158DBE1FA0BEA68C90 FCACBE4D04BE37
    riv: 0207A479B1574F8E7F697528F05D5435

    Keys I grabbed off 1.00 appldr: revision 0 keys used in from 0.80 to 0.92:

    erk-rev0 95F50019E7A68E341FA72EFDF4D60ED376E25CF46BB48DFDD1 F080259DC93F04
    riv-ev0 4A0955D946DB70D691A640BB7FAECC4C

    Revision 1 keys used from 0.95 to 3.31 and in updaters:

    erk-rev1 79481839C406A632BDB4AC093D73D99AE1587F24CE7E69192C 1CD0010274A8AB
    riv-rev1 6F0F25E1C8C4B7AE70DF968B04521DDA

    Unknown keys, seem not to be in use:

    erk-unk1 4F89BE98DDD43CAD343F5BA6B1A133B0A971566F770484AAC2 0B5DD1DC9FA06A
    riv-unk1 90C127A9B43BA9D8E89FE6529E25206F

    erk-unk2 AAC20B5DD1DC9FA06A90C127A9B43BA9D8E89FE6529E25206F 8CA6905F46148D
    riv-unk2 7D8D84D2AFCEAE61B41E6750FC22EA43

    erk-unk3 D91166973979EA8694476B011AC62C7E9F37DA26DE1E5C2EE3 D66E42B8517085
    riv-unk3 DC01280A6E46BC674B81A7E8801EBE6E

    erk-unk4 F9EDD0301F770FABBA8863D9897F0FEA6551B09431F6131265 4E28F43533EA6B
    riv-unk4 A551CCB4A42C37A734A2B4F9657D5540

    Extra keys grabbed from 3.55 appldr:

    C1E6A351FCED6A0636BFCB6801A0942DB7C28BDFC5E0A053A3 F52F52FCE9754E
    E0908163F457576440466ACAA443AE7C

    838F5860CF97CDAD75B399CA44F4C214CDF951AC795298D71D F3C3B7E93AAEDA
    B2E924D182BB0D69844ADC4ECA5B1F14

    C109AB56593DE5BE8BA190578E7D8109346E86A11088B42C72 7E2B793FD64BDC
    15D3F191295C94B09B71EBDE088A187A

    6DFD7AFB470D2B2C955AB22264B1FF3C67F180983B26C01615 DE9F2ECCBE7F41
    24BD1C19D2A8286B8ACE39E4A37801C2

    erk-rev7: 945B99C0E69CAF0558C588B95FF41B232660ECB017741F3218 C12F9DFDEEDE55
    riv-rev7: 1D5EFBE7C5D34AD60F9FBC46A5977FCE

    2C9E8969EC44DFB6A8771DC7F7FDFBCCAF329EC3EC070900CA BB23742A9A6E13
    5A4CEFD5A9C3C093D0B9352376D19405

    F69E4A2934F114D89F386CE766388366CDD210F1D8913E3B97 3257F1201D632B
    F4D535069301EE888CC2A852DB654461

    29805302E7C92F204009161CA93F776A072141A8C46A108E57 1C46D473A176A3
    5D1FAB844107676ABCDFC25EAEBCB633

    A4C97402CC8A71BC7748661FE9CE7DF44DCE95D0D58938A59F 47B9E9DBA7BFC3
    E4792F2B9DB30CB8D1596077A13FB3B5

    9814EFFF67B7074D1B263BF85BDC8576CE9DEC914123971B16 9472A1BC2387FA
    D43B1FA8BE15714B3078C23908BB2BCA

    BB31DF9A6F62C0DF853075FAA65134D9CE2240306C1731D1F7 DA9B5329BD699F
    263057225873F83940A65C8C926AC3E4

    8E737230C80E66AD0162EDDD32F1F774EE5E4E187449F19079 437A508FCF9C86
    7AAECC60AD12AED90C348D8C11D2BED5

    F9EDD0301F770FABBA8863D9897F0FEA6551B09431F6131265 4E28F43533EA6B
    A551CCB4A42C37A734A2B4F9657D5540

    From [Register or Login to view links] on the PS3 Toolbox contents: Here is a little pre-compiled windows toolkit for your decryption needs. All yet available keys are included! credits: geohot, ooPo, mathieulh, waninkoko

    This kit contains cygwin compiled versions of tools made by the above mentioned devs. Thanks for the keys, too. I did some slight changes on decrypt-self to support key files. Source code is included...

    Usage:

    decrypt-self.exe
    Code:
    	decrypts self files
    	Usage: decrypt-self {self file} {elf file} {key file} {fix}	
    	self file: file you want to decrypt
    	elf file: your output file
    	key file: use one of the included (e.g. "315.appkey")
    	               all x**.appkey files are unknown fw numbers
    	               find out on your own :)
    	fix: 0 (zero)
    read-self.exe
    Code:
    	shows self info
    	Usage: read-self {self file}
    	self file: file you want to decrypt
    rebuild-self.exe
    Code:
    	rebuild self?
    	Usage: rebuild-self {self file} {elf file}
    pup_unpack.exe
    Code:
    	unpack pup  files (get core_os_package.pkg, etc.)
    	Usage: pup_unpack {filename} {directory}
    	filename: your pup
    	directory: destination for pup contents
    fwpkg.exe
    Code:
    	decrypt pkgs (you extracted with pup_unpack)
    	Usage: fwpkg {mode} {input file} {output file}
    	Mode:  - e: Encrypt PKG
    	          - d: Decrypt PKG
    	input file: your crypted pkg
    	output file: decrypted output
    coreos_tool.exe
    Code:
    	extracts/rebuilds the decrypted CORE_OS_PACKAGE
    	Pack CoreOS  : coreos_tool p {output pkg} {files...}
    	Unpack CoreOS: coreos_tool u {decrypted CORE_OS_PACKAGE.pkg}
    key files:
    Code:
    	first 32 bytes: erk
    	last 16 bytes: riv
    From [Register or Login to view links] on GT5 PS3 decryption:

    thx to geohot metldr keys i was able to find 3.5 - appldr key, decrypted vsh.self and pne of 3.50 keys game with it, its real!

    PS3 3.50 keys:

    erk: 94 5b 99 c0 e6 9c af 05 58 c5 88 b9 5f f4 1b 23 26 60 ec b0 17 74 1f 32 18 c1 2f 9d fd ee de 55
    riv: 1d 5e fb e7 c5 d3 4a d6 0f 9f bc 46 a5 97 7f ce

    PS3 3.41 keys:

    erk: 83 8f 58 60 cf 97 cd ad 75 b3 99 ca 44 f4 c2 14 cd f9 51 ac 79 52 98 d7 1d f3 c3 b7 e9 3a ae da
    riv: 7f db b2 e9 24 d1 82 bb 0d 69 84 4a dc 4e ca 5b

    From inf on IRC: I've found 3.41/3.50 keys but 3.55 not working for me, should be.
    Code:
    A0 9B 58 A6 12 B9 F4 C1 34 51 A1 B8 1C 94 AB F8 
    42 3E D7 6A 96 27 1A 72 23 94 F0 DD 04 2B A2 CA 
    A4 1A 56 71 77 A8 B5 00 23 5C 74 49 58 42 BF 20
    From [Register or Login to view links]:

    PS3 3.55 keys:

    PS3 Keys: extracted from appldr v3.55:

    erk-000: 95F50019E7A68E341FA72EFDF4D60ED376E25CF46BB48DFDD1 F080259DC93F04
    iv-000: 4A0955D946DB70D691A640BB7FAECC4C

    erk-001: 79481839C406A632BDB4AC093D73D99AE1587F24CE7E69192C 1CD0010274A8AB
    iv-001: 6F0F25E1C8C4B7AE70DF968B04521DDA

    erk-002: 4F89BE98DDD43CAD343F5BA6B1A133B0A971566F770484AAC2 0B5DD1DC9FA06A
    iv-002: 90C127A9B43BA9D8E89FE6529E25206F

    erk-003: C1E6A351FCED6A0636BFCB6801A0942DB7C28BDFC5E0A053A3 F52F52FCE9754E
    iv-003: E0908163F457576440466ACAA443AE7C

    erk-004: 838F5860CF97CDAD75B399CA44F4C214CDF951AC795298D71D F3C3B7E93AAEDA
    iv-004: 7FDBB2E924D182BB0D69844ADC4ECA5B

    erk-005: C109AB56593DE5BE8BA190578E7D8109346E86A11088B42C72 7E2B793FD64BDC
    iv-005: 15D3F191295C94B09B71EBDE088A187A

    erk-006: 6DFD7AFB470D2B2C955AB22264B1FF3C67F180983B26C01615 DE9F2ECCBE7F41
    iv-006: 24BD1C19D2A8286B8ACE39E4A37801C2

    erk-007: 945B99C0E69CAF0558C588B95FF41B232660ECB017741F3218 C12F9DFDEEDE55
    iv-007: 1D5EFBE7C5D34AD60F9FBC46A5977FCE

    erk-008: 2C9E8969EC44DFB6A8771DC7F7FDFBCCAF329EC3EC070900CA BB23742A9A6E13
    iv-008: 5A4CEFD5A9C3C093D0B9352376D19405

    erk-009: F69E4A2934F114D89F386CE766388366CDD210F1D8913E3B97 3257F1201D632B
    iv-009: F4D535069301EE888CC2A852DB654461

    erk-010: 29805302E7C92F204009161CA93F776A072141A8C46A108E57 1C46D473A176A3
    iv-010: 5D1FAB844107676ABCDFC25EAEBCB633

    erk-011: A4C97402CC8A71BC7748661FE9CE7DF44DCE95D0D58938A59F 47B9E9DBA7BFC3
    iv-011: E4792F2B9DB30CB8D1596077A13FB3B5

    erk-012: 9814EFFF67B7074D1B263BF85BDC8576CE9DEC914123971B16 9472A1BC2387FA
    iv-012: D43B1FA8BE15714B3078C23908BB2BCA

    erk-013: 95F50019E7A68E341FA72EFDF4D60ED376E25CF46BB48DFDD1 F080259DC93F04
    iv-013: 4A0955D946DB70D691A640BB7FAECC4C

    erk-014: 79481839C406A632BDB4AC093D73D99AE1587F24CE7E69192C 1CD0010274A8AB
    iv-014: 6F0F25E1C8C4B7AE70DF968B04521DDA

    erk-015: 4F89BE98DDD43CAD343F5BA6B1A133B0A971566F770484AAC2 0B5DD1DC9FA06A
    iv-015: 90C127A9B43BA9D8E89FE6529E25206F

    erk-016: C1E6A351FCED6A0636BFCB6801A0942DB7C28BDFC5E0A053A3 F52F52FCE9754E
    iv-016: E0908163F457576440466ACAA443AE7C

    erk-017: 838F5860CF97CDAD75B399CA44F4C214CDF951AC795298D71D F3C3B7E93AAEDA
    iv-017: 7FDBB2E924D182BB0D69844ADC4ECA5B

    erk-018: C109AB56593DE5BE8BA190578E7D8109346E86A11088B42C72 7E2B793FD64BDC
    iv-018: 15D3F191295C94B09B71EBDE088A187A

    erk-019: 6DFD7AFB470D2B2C955AB22264B1FF3C67F180983B26C01615 DE9F2ECCBE7F41
    iv-019: 24BD1C19D2A8286B8ACE39E4A37801C2

    erk-020: 945B99C0E69CAF0558C588B95FF41B232660ECB017741F3218 C12F9DFDEEDE55
    iv-020: 1D5EFBE7C5D34AD60F9FBC46A5977FCE

    erk-021: 2C9E8969EC44DFB6A8771DC7F7FDFBCCAF329EC3EC070900CA BB23742A9A6E13
    iv-021: 5A4CEFD5A9C3C093D0B9352376D19405

    erk-022: F69E4A2934F114D89F386CE766388366CDD210F1D8913E3B97 3257F1201D632B
    iv-022: F4D535069301EE888CC2A852DB654461

    erk-023: 29805302E7C92F204009161CA93F776A072141A8C46A108E57 1C46D473A176A3
    iv-023: 5D1FAB844107676ABCDFC25EAEBCB633

    erk-024: A4C97402CC8A71BC7748661FE9CE7DF44DCE95D0D58938A59F 47B9E9DBA7BFC3
    iv-024: E4792F2B9DB30CB8D1596077A13FB3B5

    erk-025: 9814EFFF67B7074D1B263BF85BDC8576CE9DEC914123971B16 9472A1BC2387FA
    iv-025: D43B1FA8BE15714B3078C23908BB2BCA

    erk-026: BB31DF9A6F62C0DF853075FAA65134D9CE2240306C1731D1F7 DA9B5329BD699F
    iv-026: 263057225873F83940A65C8C926AC3E4

    erk-027: 8E737230C80E66AD0162EDDD32F1F774EE5E4E187449F19079 437A508FCF9C86
    iv-027: 7AAECC60AD12AED90C348D8C11D2BED5

    erk-028: F9EDD0301F770FABBA8863D9897F0FEA6551B09431F6131265 4E28F43533EA6B
    iv-028: A551CCB4A42C37A734A2B4F9657D5540

    PS3 Keys: extracted from appldr v3.55 (Duplicates Removed):

    erk-000: 95F50019E7A68E341FA72EFDF4D60ED376E25CF46BB48DFDD1 F080259DC93F04
    iv-000: 4A0955D946DB70D691A640BB7FAECC4C

    erk-001: 79481839C406A632BDB4AC093D73D99AE1587F24CE7E69192C 1CD0010274A8AB
    iv-001: 6F0F25E1C8C4B7AE70DF968B04521DDA

    erk-002: 4F89BE98DDD43CAD343F5BA6B1A133B0A971566F770484AAC2 0B5DD1DC9FA06A
    iv-002: 90C127A9B43BA9D8E89FE6529E25206F

    erk-003: C1E6A351FCED6A0636BFCB6801A0942DB7C28BDFC5E0A053A3 F52F52FCE9754E
    iv-003: E0908163F457576440466ACAA443AE7C

    erk-004: 838F5860CF97CDAD75B399CA44F4C214CDF951AC795298D71D F3C3B7E93AAEDA
    iv-004: 7FDBB2E924D182BB0D69844ADC4ECA5B

    erk-005: C109AB56593DE5BE8BA190578E7D8109346E86A11088B42C72 7E2B793FD64BDC
    iv-005: 15D3F191295C94B09B71EBDE088A187A

    erk-006: 6DFD7AFB470D2B2C955AB22264B1FF3C67F180983B26C01615 DE9F2ECCBE7F41
    iv-006: 24BD1C19D2A8286B8ACE39E4A37801C2

    erk-007: 945B99C0E69CAF0558C588B95FF41B232660ECB017741F3218 C12F9DFDEEDE55
    iv-007: 1D5EFBE7C5D34AD60F9FBC46A5977FCE

    erk-008: 2C9E8969EC44DFB6A8771DC7F7FDFBCCAF329EC3EC070900CA BB23742A9A6E13
    iv-008: 5A4CEFD5A9C3C093D0B9352376D19405

    erk-009: F69E4A2934F114D89F386CE766388366CDD210F1D8913E3B97 3257F1201D632B
    iv-009: F4D535069301EE888CC2A852DB654461

    erk-010: 29805302E7C92F204009161CA93F776A072141A8C46A108E57 1C46D473A176A3
    iv-010: 5D1FAB844107676ABCDFC25EAEBCB633

    erk-011: A4C97402CC8A71BC7748661FE9CE7DF44DCE95D0D58938A59F 47B9E9DBA7BFC3
    iv-011: E4792F2B9DB30CB8D1596077A13FB3B5

    erk-012: 9814EFFF67B7074D1B263BF85BDC8576CE9DEC914123971B16 9472A1BC2387FA
    iv-012: D43B1FA8BE15714B3078C23908BB2BCA

    erk-026: BB31DF9A6F62C0DF853075FAA65134D9CE2240306C1731D1F7 DA9B5329BD699F
    iv-026: 263057225873F83940A65C8C926AC3E4

    erk-027: 8E737230C80E66AD0162EDDD32F1F774EE5E4E187449F19079 437A508FCF9C86
    iv-027: 7AAECC60AD12AED90C348D8C11D2BED5

    erk-028: F9EDD0301F770FABBA8863D9897F0FEA6551B09431F6131265 4E28F43533EA6B
    iv-028: A551CCB4A42C37A734A2B4F9657D5540

    From [Register or Login to view links]: "We (fail0verflow) discovered and released two things:

    * An exploit in the revocation list parsing, enabling us to dump a bunch of loaders, and thus their decryption keys
    * A humongous screwup by Sony, enabling us to calculate their private signing keys for all of those loaders, and thus sign anything to be loaded by those loaders

    We used these techniques to obtain encryption, public, and private keys for lv2ldr, isoldr, the spp verifier, the pkg verifier, and the revocation lists themselves. We could've obtained appldr, (the loader used to load games and apps), but chose not to, since we are not interested in app-level stuff and that just helps piracy. We didn't have lv1ldr, but due to the way lv1 works, we could gain control of it early in the boot process through isoldr, so effectively we also had lv1 control.

    With these keys we could decrypt firmware and sign our own firmware. And since the revocation is useless and the lame "anti-downgrade" protection is also easily bypassed, this already enables hardware-based hacks and downgrades forever. Basically, homebrew/Linux on every currently manufactured PS3, through software means now, and through hardware means (flasher/modchip) forever, regardless of what Sony tries to do with future firmwares.

    The root of all of the aforementioned loaders is metldr, which remained elusive. Then Geohot announced that he had broken into metldr (with an exploit, analogous to the way we exploited lv2ldr to get its keys) and was thus able to apply our techniques one level higher in the loader chain. He has released the metldr keyset (with the private key calculated using our attack), but not the exploit method that he used.

    The metldr key does break the console's security even more (especially with respect to newer, future firmwares - and thus also piracy of newer games), and also makes some things require less workarounds. Geohot clearly did a good job finding an exploit in it, but considering a) he used our key recovery attack verbatim, and b) he found his exploit right after our talk, so he was clearly inspired by something we said when we explained ours, I think we deserve a little more credit than we're getting for this latest bit of news.

    There's still bootldr and lv0, which are used at the earliest point during the PS3 boot process. These remain secure, but likely mean little for the PS3 security at this stage"











    Fail0verflow PS3 Tools, GeoHot METLDR Root Key, GT5 Decrypted!

    Fail0verflow PS3 Tools, GeoHot METLDR Root Key, GT5 Decrypted!

    Fail0verflow PS3 Tools, GeoHot METLDR Root Key, GT5 Decrypted!

    More PlayStation 3 News...
    Attached Files Attached Files

  2. #2
    Senior Member barrybarryk's Avatar
    Join Date
    Oct 2010
    Posts
    1,082
    Sponsored Links
    Sponsored Links
    nice find man + Rep

  3. #3
    Junior Member Sagarp14's Avatar
    Join Date
    Apr 2009
    Posts
    24
    Sponsored Links
    Sponsored Links
    Very nice. I feel in the coming month or 2 we will see the ps3 scene explode with new hacks and homebrew. Maybe even a little CFW? Who knows. I just like to know that there's being progress made.

  4. #4
    Registered User ps3xbox360's Avatar
    Join Date
    Jan 2011
    Posts
    3
    Sponsored Links
    Sponsored Links
    how come when i use the unself progem with my ubuntu i get a error.

    no key found
    perror: No such file or directory

    where do i put the keys?

    i know some one will say ''it is not for you'' but i still like to see how thngs work

  5. #5
    Registered User DarkSora17's Avatar
    Join Date
    Mar 2008
    Posts
    19

    Rant: Sony Never 'Lost'

    So, before this starts, I apologize in advance for offending anyone.

    We've had quite the year.

    Let's veer away from all the commotion about fail0verflow for now. First, the games. The PS3 had MANY good games this year, including the end of one of Sony's major franchises, God of War (which may be debatable). They made a sum of money, increased sales, and released the PS3 move. Overall, Sony did something that they should've: focused. They increased the size of their market, and to whom they are selling games to. It should have been a sure thing, right?

    Of course not. They began to take advantage of the buyers. They began to devise new terms of agreements that were so despicably controlling that every time they gave a new update, more and more freedoms that came with the PS3 were stripped away, and left with a skeleton of the PS3's former self. But what caused Sony's constant barrage of updates and 'security patches' was caused by us. The users. The base of PS3News, PS3Hacks, and any other site focusing on the hacking of the PS3. Don't get me wrong, I am ridiculously excited about everything that is going to happen. I am an enthusiast myself. But I understand what I am doing and take full responsibility for it, regardless of what others say. I'll get back to what I mean by this in time.

    We had almost lost all hope for hacking the PS3. Almost nothing was properly understood about how the system worked, but only because the best minds didn't look at it. `Then, for no apparent reason other than fame, GeoHot came into the scene and vowed to hack the PS3. And he did. He unlocked the ability to get all of the data needed to find a way to run unsigned code. As soon as he did this, Sony released an update to block OtherOS. Which was wrong. One hundred percent WRONG. But tell me, would you have any other choice to protect the security of your device if only a fraction of your buyers use that feature. It's true, you promised that when you sold it to them, but you also promised utmost quality and volume of games. Pirating a system takes that away. So in reality, Sony had very few options.

    Now, all of a sudden, people get up in arms about Sony (or $ony, as so many of you love to put it) just wanting to take your money and never care about what you really want. Allow me to readjust that point of view. When my PS3's laser died, I called Sony and got a hold of a member in a matter of minutes. I told them what was happening, and all they did was ask for my information. Then, I got a box in the mail where I was supposed to send my PS3 to them. Within a week, I got a brand new, fully functioning PS3. The ordeal took 2 weeks in total. But of course, this was before GeoHot.

    Then came the PSJailbreak. An exploit that used GeoHot's exploit to run unsigned code. It came with the promise to run games off of an external and it delivered. But then came the flurry of updates to seal the exploit, and remove users of PSJailbreak from PSN. Again, people felt offended that they weren't allowed to break the law and accused Sony of 'take take take and never give,' to put it bluntly. This is stupid. Am I to believe that if I am to come into your house, screw your wife, you wouldn't get angry and get me out (and off)?

    From then, the scene looked as if it was going to die. But, a hacker's conference was coming up, which was supposed to bring a heavy amount of news. And it did. It brought hope of running unsigned code in new updates. It promised complete control of the PS3, more control than before Sony took away OtherOS. And when all this information came out, everyone, and I mean EVERYONE, claimed that Sony has 'lost'. This makes me laugh. What is it that Sony lost? The battle against piracy? Because they lost that long ago. The battle against taking away the user's freedoms? We put that on ourselves.

    The point of this entire written piece is this: Sony never 'lost' anything. In order for them to lose something, they had to have it in the first place. And the only thing I can think of Sony losing is loyalty. But let's be honest. None of us ever gave Sony that when buying the PS3. We were waiting every day to hear news that someone had hacked the PS3. We would hope it would be quicker than the 360, simply because the security was supposed to be the same. But it took longer than expected. Fanboyism doesn't count in this case.

    "Sony took away freedoms of the PS3"
    To some of you, this might apply. But fewer than you might think. If you're on this site, you were expecting piracy. With OtherOS, you had the ability to install Linux, and do almost everything you ever needed. But like I said, I am one hundred percent responsible for my actions. I came to this site to look for news about piracy, but also interesting tidbits of news regarding everything PS3. But some of you wanted to hack the PS3 for other reasons that I can't even begin to comprehend. And I'm okay with that. But don't change your tune.

    All that being said, I'm extremely excited for what's to come from Fail0verflow.

    But that's because I'm getting news I'm expecting.

  6. #6
    Senior Member inginear's Avatar
    Join Date
    Feb 2010
    Posts
    355
    argh! i really wish that i had a ps3 to develop with. this release is definitely a milestone for the scene. oh well, back to psp developing until i get a ps3 that has 3.41 or earlier.

  7. #7
    Contributor datalogger's Avatar
    Join Date
    Sep 2010
    Posts
    61

    The deal is DONE!

    Of course I don't care much for that last comment.

    With someone like that on ''the other side'' things would be very, very difficult

  8. #8
    Registered User is0mick's Avatar
    Join Date
    Jan 2010
    Posts
    27

    PS3 Master Key

    Geohot just posted the ps3 signing keys...
    Last edited by is0mick; 01-02-2011 at 04:59 PM Reason: Automerged Doublepost

  9. #9
    Registered User Fejwin's Avatar
    Join Date
    Oct 2010
    Posts
    25
    cool stuff! Now I'm gonna start coding for ps3!

  10. #10
    Registered User Beamsbox's Avatar
    Join Date
    Nov 2010
    Posts
    6
    Fantastic explosion of knowledge! Everyone saddled up for the ride?

 

Sponsored Links

Page 1 of 45 12311 ... LastLast
Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News