Page 9 of 9 FirstFirst ... 789
Results 81 to 90 of 90



  1. #81
    Banned User kakashigr's Avatar
    Join Date
    Feb 2010
    Posts
    5

    Arrow

    Here is jaicrab's key finder hexedited in english. I just don't know spanish and I used google translate..

    Everything makes sense except this "Mensaje" thing which translates to "Message".. I guess this means something else huh?
    Attached Files Attached Files

  2. #82
    Member dondolo's Avatar
    Join Date
    Jan 2009
    Posts
    170
    Quote Originally Posted by kakashigr View Post
    Here is jaicrab's key finder hexedited in english. I just don't know spanish and I used google translate..

    Everything makes sense except this "Mensaje" thing which translates to "Message".. I guess this means something else huh?
    i just wrote the word "mensaje" in wikipedia, then i transalted to english.. it means MESSAGE well done, thank you kikishigr

  3. #83
    Forum Moderator PS3 News's Avatar
    Join Date
    Apr 2005
    Posts
    26,869
    Quote Originally Posted by dondolo View Post
    well done, thank you kikishigr
    Agreed, and +Rep for the effort in doing it kakashigr! I have updated the Site News with it as well.

  4. #84
    Banned User kakashigr's Avatar
    Join Date
    Feb 2010
    Posts
    5
    Quotes from twitter:
    @Mathieulh I have a hard time believing they'd use only HMAC to sign PUPs. Unless they're totally retarded. Which could be, for all I know.

    @marcan42 It's not actually, but I have no idea why geohot isn't showing up. The hmac key to resign pups is in software_update_plugin.sprx

    @marcan you can swap the pup's tarballs to have the 3.21 vsh on top of the 3.15 coreos, then swap the tarball with sysconf_plugin.sprx.

    @marcan42 that's how geohot's "cfw" is done, though I have never seen the point in such a hack, it could be stopped by sony in next updates.

    @marcan42 they are, the pups are just containers, the files in them are then signed but you can swap one signed file for another

    @marcan42 what was much more stupid of them was to put the key in a vsh's prx rather than in the application loader.

    @marcan42 of course the tarballs and the updater self inside the pups are all encrypted with the self crypto and have a stronger signature.
    So the whole point of this keyfinder is moot.

    Does this file also reside inside the update PUPs? And if so, inside which .pkg (from the tar) is it in?

  5. #85
    Toucan Sam CJPC's Avatar
    Join Date
    Apr 2005
    Posts
    2,174
    Quote Originally Posted by kakashigr View Post
    Does this file also reside inside the update PUPs? And if so, inside which .pkg (from the tar) is it in?
    Well - the file does yes, inside one of the dev_flash PKG's (with pretty much, all of the rest of the dev_flash contents)

  6. #86
    Senior Member tragedy's Avatar
    Join Date
    Mar 2009
    Posts
    135
    Quote Originally Posted by kakashigr View Post
    So the whole point of this keyfinder is moot.
    Not really. Until someone finds a way of decoding self/sprx files, we can't look at what's inside this sprx to check if the HMAC code is there or not.

  7. #87
    Banned User kakashigr's Avatar
    Join Date
    Feb 2010
    Posts
    5
    Well, I guess using the memory exploit you can have access to these files and from what I understand they are decoded (or are able to be decoded by using metldr or coldboot attack on lv2).

  8. #88
    Forum Moderator PS3 News's Avatar
    Join Date
    Apr 2005
    Posts
    26,869

    Arrow

    Quote Originally Posted by kakashigr View Post
    Quotes from twitter:
    Here are a few more related Twitter updates:
    @marcan42 I agree with you, and I predict that the hybrid fw was premature... flashing nand with mem patched hv, rather than a pup.

    @RichDevX But, couldn't we change the pup that detects it?

    @Omega191 it's also very simple to detect hybrid fw...

    @Omega191 it's not a pup issue, the hard coded version numbers would be different. VSH/PRXs would be much newer than the kernel/hv

    @Omega191 it can be checked with a single syscall, which is also available to games

  9. #89
    Registered User tjay17's Avatar
    Join Date
    Apr 2010
    Posts
    421
    Hopefully those twitter messages will help and hopefully something will be found out soon.

  10. #90
    Registered User sapperlott's Avatar
    Join Date
    Nov 2009
    Posts
    129
    Quote Originally Posted by kakashigr View Post
    Well, I guess using the memory exploit you can have access to these files and from what I understand they are decoded (or are able to be decoded by using metldr or coldboot attack on lv2).
    Reading George's blog entry about the wallpaper hack, it seems that he has patched the HV to allow him to access the flash from OtherOS. That way he has easy access to the files in the flash.

 


 
Page 9 of 9 FirstFirst ... 789

Tags for this Thread