Results 1 to 6 of 6



  1. #1
    Banned User ggparallel's Avatar
    Join Date
    Nov 2007
    Posts
    13

    little discovery


    i think it may be usefull to post it also here , http://forums.ps2dev.org/viewtopic.php?t=9273
    Basically , sony is distributing a non encrypted binary ( the second one SCE+ partially signed binary + non signed binary ) for warhawk , the goal is maybe to use the first part SCE + partially signed binary to execute our binary if fisibile, any help or suggestion is very welcome.

    ciao gigi

  2. #2
    Forum Moderator PS3 News's Avatar
    Join Date
    Apr 2005
    Posts
    26,846

    Yep, the Dev Team here has also known about that for quite some time (before the Warhawk hole was plugged if I recall correctly). I have been hounding CJPC to post updates on their findings but perhaps it will come in his "Week 2 Developments" article... unless the RUMOR I heard tonight is true, and we're all surprised with a gift from the GODS before that.

    A few selfs have a LOT of plaintext (they shouldn't) and leftover debugging symbols, ie:
    Code:
    006b:0ca0 20 2a 2a 2a 0a 00 00 2f 64 65 76 5f 68 64 64 30  ***.../dev_hdd0
    006b:0cb0 00 00 00 00 00 00 00 3d 3d 50 41 54 43 48 45 52 .......==PATCHER
    006b:0cc0 3d 3d 20 44 6f 6e 65 20 63 6c 65 61 6e 69 6e 67 == Done cleaning
    006b:0cd0 2e 0a 00 00 00 00 00 3d 3d 50 41 54 43 48 45 52 .......==PATCHER
    006b:0ce0 3d 3d 20 63 61 6c 6c 69 6e 67 20 63 65 6c 6c 44 == calling cellD
    006b:0cf0 69 73 63 47 61 6d 65 47 65 74 42 6f 6f 74 44 69 iscGameGetBootDi
    006b:0d00 73 63 49 6e 66 6f 2e 2e 2e 0a 00 00 00 00 00 3d scInfo.........=
    006b:0d10 3d 50 41 54 43 48 45 52 3d 3d 20 63 65 6c 6c 44 =PATCHER== cellD
    Maybe tomorrow CJPC (or one of the other Devs) will post more here, he's passed out now.

  3. #3
    Banned User ggparallel's Avatar
    Join Date
    Nov 2007
    Posts
    13
    good , do you know if they can confirm that the hypervisor use a different syscall under gameos? Ps: do they also know how to execute self/eboot ( see resistance updates.. ) ? I spent a lot of time doing analisys with a friend maybe it should be good to share some knowledge , i'm pretty sure that this self can lead us to executing our code under gameos .Since I don't know a lot about this forum apart reading the dev discussion forum in order to compare with my findings ( see SCELF structure ) is there a place i can talk with CJPC or other devs ? Thanks a lot ciao gigi

  4. #4
    Forum Moderator PS3 News's Avatar
    Join Date
    Apr 2005
    Posts
    26,846
    The PS3 Devs have their own chatroom (which also includes several PS2Dev people too). I am sure they will be happy to share their findings and exchange info/ideas with you as most isn't published on the Forums here... the best way to join them would be to message CJPC, hacked2123, or NDT in IRC EFnet #PS3News and they will direct you to a private chatroom they all hang out in.

    In case you are not sure how to get to IRC EFnet #PS3News, you can by using the chat client available at http://www.mirc.com and connecting with any EFnet server. Then in your status window just type /join #PS3News and press enter.

    Please keep in mind they are from all over the world (some US, some EU, etc) so they may not respond if you message them right away... so if you idle they will message you when they can, or hopefully one of them will reply here.

  5. #5
    Banned User ggparallel's Avatar
    Join Date
    Nov 2007
    Posts
    13
    hey thanks a lot i left them some messages , hope to be in contact soon . You were talking about few self that is fantastic so i can do a little of comparison ( example : they both point to the same segment of memory meaning the semi-crypted elf + non crypted elf ) can you make a list with links of them? i found only the last patch of warhawk to contain that structure , having more than one is a wonderfull gift!.

    thanks a lot ciao

  6. #6
    Toucan Sam CJPC's Avatar
    Join Date
    Apr 2005
    Posts
    2,174
    Definitely is interesting, we are chatting about it now.

    The best part is, a self, by the book, should not have any plain text. It needs to be stripped, any symbols need to be removed before its even turned over to be "self-ified" (I suppose)