Sponsored Links

Sponsored Links

Page 1 of 12 12311 ... LastLast
Results 1 to 10 of 114



  1. #1
    Registered User Karl69's Avatar
    Join Date
    Feb 2010
    Posts
    32
    Sponsored Links

    PS JailBreak Mod Code Sniffed via USB, Logged and Examined

    Sponsored Links
    A few days ago PS JailBreak was reverse-engineered, and today Descrambler sniffed the USB traffic and shared the log.

    I don't know that much about the USB protocol, but I think this is what happens:

    - The PSJailbreak is inserted
    - It connects with the host (PS3) and sends 09 02 12 00 01 00 00 80 + all the bytes from the first packet starting at 0008 up to 00EFF.
    - The stack is overwritten and the PS3 jumps into code from the packet
    - The Atmega sends a "USB Disconnect command"
    - The last three steps are repeated four times

    - It connects with the host and sends 09 02 4D 0A 01 01 00 80 + the bytes from the second packet starting at 0008 up to 0A4C
    - The stack is overwritten and the PS3 jumps into code from the packet
    - The Atmega sends a "USB Disconnect command"
    - The last three steps are repeated twice.

    Voilą... The PS3 is in "Debug Mode".

    Apparently the third and fourth byte of the after the 09 02 are the numbers of bytes to be sent. At least this goes for the second log (4D 0A->0A4D bytes)...
    Code:
    The first 8 bytes are from the usb protocol left [09 02 ... ]
    
    The code will be pushed four times onto ps3 usb stack:
    
    00000: 09 02 12 00 01 00 00 80 FA 09 04 00 00 00 FE 01 
    00010: 02 00 00 00 00 00 00 00 FA CE B0 03 AA BB CC DD 
    00020: 38 63 F0 00 38 A0 10 00 38 80 00 01 78 84 F8 06 
    00030: 64 84 00 70 38 A5 FF F8 7C C3 28 2A 7C C4 29 2A 
    00040: 28 25 00 00 40 82 FF F0 38 84 00 80 7C 89 03 A6 
    00050: 4E 80 04 20 00 00 00 00 00 00 00 00 00 00 00 00 
    00060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
    00070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
    00080: 7C 08 02 A6 F8 21 FF 61 FB 61 00 78 FB 81 00 80 
    00090: FB A1 00 88 FB C1 00 90 FB E1 00 98 F8 01 00 B0 
    000A0: 3B E0 00 01 7B FF F8 06 7F E3 FB 78 64 63 00 05 
    000B0: 60 63 0B 3C 7F E4 FB 78 64 84 00 70 60 84 01 AC 
    000C0: 38 A0 04 FA 4B 97 BF 59 7F E3 FB 78 64 63 00 05 
    000D0: 60 63 0B 3C 38 63 00 20 4B 9D 22 01 7F E3 FB 78 
    000E0: 64 63 00 05 60 63 0B 3C 7F E4 FB 78 64 84 00 2E 
    000F0: 60 84 B1 28 38 63 00 10 F8 64 01 20 7F E5 FB 78 
    00100: 64 A5 00 70 60 A5 01 50 80 65 00 00 28 03 00 00 
    00110: 41 82 00 18 80 85 00 04 7C 63 FA 14 90 83 00 00 
    00120: 38 A5 00 08 4B FF FF E4 48 00 05 88 F8 21 FF 51 
    00130: 7C 08 02 A6 FB C1 00 A0 FB E1 00 A8 FB A1 00 98 
    00140: F8 01 00 C0 3B C0 07 D0 3B E0 00 C8 4B 90 A9 B8 
    00150: 00 04 90 E0 E8 82 0F 08 00 04 90 E4 E8 7C 00 20 
    00160: 00 04 90 E8 F8 64 00 00 00 04 F0 A8 48 00 1A 9D 
    00170: 00 2A AF C8 4B DA 5B 80 00 04 ED 18 38 80 00 00 
    00180: 00 04 ED 1C 90 83 00 00 00 04 ED 20 4E 80 00 20 
    00190: 00 3B A8 90 01 00 00 00 00 05 05 D0 38 60 00 01 
    001A0: 00 05 05 D4 4E 80 00 20 00 00 00 00 38 60 00 01 
    001B0: 4E 80 00 20 48 00 02 78 48 00 01 EC 80 00 00 00 
    001C0: 00 05 0C A8 80 00 00 00 00 33 E7 20 80 00 00 00 
    001D0: 00 05 10 32 80 00 00 00 00 05 0B 7C 80 00 00 00 
    001E0: 00 05 0B 8C 80 00 00 00 00 05 0B 9C 80 00 00 00 
    001F0: 00 05 0B D4 80 00 00 00 00 33 E7 20 80 00 00 00 
    00200: 00 05 0C 1C 80 00 00 00 00 33 E7 20 80 00 00 00 
    00210: 00 05 0C 78 80 00 00 00 00 33 E7 20 80 00 00 00 
    00220: 00 05 0C 84 80 00 00 00 00 33 E7 20 00 00 00 00 
    00230: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
    00240: 00 00 00 00 F8 21 FF 81 7C 08 02 A6 F8 01 00 90 
    00250: 38 80 00 00 38 A0 00 01 48 08 1D B1 80 A3 00 08 
    00260: 38 60 00 00 3C 80 AA AA 60 84 C0 DE 7C 04 28 40 
    00270: 41 82 00 08 38 60 FF FF 7C 63 07 B4 E8 01 00 90 
    00280: 7C 08 03 A6 38 21 00 80 4E 80 00 20 F8 21 FF 81 
    00290: 7C 08 02 A6 F8 01 00 90 38 80 00 00 48 08 1D 99 
    002A0: 38 81 00 70 38 A0 00 00 F8 A4 00 00 38 C0 21 AA 
    002B0: B0 C4 00 00 38 C0 00 00 B0 C4 00 06 38 C0 00 01 
    002C0: 78 C6 F8 06 64 C6 00 05 60 C6 0B AC 38 E0 00 00 
    002D0: 48 08 1C CD 38 60 00 00 E8 01 00 90 7C 08 03 A6 
    002E0: 38 21 00 80 4E 80 00 20 38 60 00 00 39 60 00 FF 
    002F0: 44 00 00 22 2C 03 00 00 40 82 00 1C 38 60 00 01 
    00300: 78 63 F8 06 64 63 00 05 60 63 0B BC 38 80 00 01 
    00310: 90 83 00 10 4E 80 00 20 F8 21 FF 31 7C 08 02 A6 
    00320: F8 01 00 E0 FB E1 00 C8 38 81 00 70 48 16 2E 81 
    00330: 3B E0 00 01 7B FF F8 06 67 FF 00 05 63 FF 0B BC 
    00340: E8 7F 00 00 2C 23 00 00 41 82 00 0C 38 80 00 27 
    00350: 48 01 17 E9 38 80 00 27 38 60 08 00 48 01 13 9D 
    00360: F8 7F 00 00 E8 81 00 70 4B FF C5 F9 E8 61 00 70 
    00370: 38 80 00 27 48 01 17 C5 E8 7F 00 00 4B FF C6 0D 
    00380: E8 9F 00 00 7C 64 1A 14 F8 7F 00 08 38 60 00 00 
    00390: EB E1 00 C8 E8 01 00 E0 38 21 00 D0 7C 08 03 A6 
    003A0: 4E 80 00 20 F8 21 FF 61 7C 08 02 A6 FB 81 00 80 
    003B0: FB A1 00 88 FB E1 00 98 FB 41 00 70 FB 61 00 78 
    003C0: F8 01 00 B0 7C 9C 23 78 7C 7D 1B 78 3B E0 00 01 
    003D0: 7B FF F8 06 7F A3 EB 78 7F E4 FB 78 64 84 00 05 
    003E0: 60 84 10 28 38 A0 00 09 4B FF C5 CD 28 23 00 00 
    003F0: 40 82 00 34 67 FF 00 05 63 FF 0B BC 80 7F 00 10 
    00400: 28 03 00 00 41 82 00 20 E8 7F 00 00 28 23 00 00 
    00410: 41 82 00 14 E8 7F 00 08 38 9D 00 09 4B FF C5 45 
    00420: EB BF 00 00 7F A3 EB 78 48 25 A2 38 7C 08 02 A6 
    00430: F8 21 FE 61 FB 61 00 78 FB 81 00 80 FB A1 00 88 
    00440: FB C1 00 90 FB E1 00 98 F8 01 01 B0 7C 7D 1B 78 
    00450: 7C 9E 23 78 3B E0 00 01 7B FF F8 06 EB 82 96 00 
    00460: EB 9C 00 68 EB 9C 00 18 EB 62 0F 08 E9 3D 00 18 
    00470: 81 29 00 30 79 29 84 02 2C 09 00 29 40 82 00 58 
    00480: E8 9C 00 10 78 85 C1 E4 78 A5 46 20 2C 05 00 FF 
    00490: 41 82 00 18 60 84 00 03 F8 9C 00 10 38 60 00 06 
    004A0: 90 7E 00 00 48 00 00 14 60 84 00 02 F8 9C 00 10 
    004B0: 38 60 00 2C 90 7E 00 00 80 BC 00 04 E8 9C 00 08 
    004C0: E8 7B 00 00 7D 23 2A 14 F9 3B 00 00 48 02 B1 C1 
    004D0: 48 00 00 C4 7F A3 EB 78 7F C4 F3 78 4B FF D9 B1 
    004E0: 7F FD FB 78 67 BD 00 05 63 BD 0B D0 80 7D 00 00 
    004F0: 80 BC 00 04 7C 63 2A 14 90 7D 00 00 E8 9C 00 10 
    00500: 78 85 C1 E4 78 A5 46 20 2C 05 00 FF 40 82 00 88 
    00510: E8 7B 00 00 38 80 00 00 38 C0 00 00 7C E3 22 14 
    00520: 80 A7 00 00 7C C6 2A 78 38 84 00 04 28 24 04 00 
    00530: 40 82 FF EC 80 7D 00 00 78 C6 07 C6 7C C6 1B 78 
    00540: 38 60 00 00 90 7D 00 00 7F E7 FB 78 64 E7 00 05 
    00550: 60 E7 0F 70 E8 67 00 00 28 23 00 00 41 82 00 38 
    00560: 38 E7 00 10 7C 23 30 40 40 82 FF EC E8 A7 FF F8 
    00570: E8 FB 00 00 80 65 00 00 28 03 00 00 41 82 00 18 
    00580: 80 85 00 04 7C 63 3A 14 90 83 00 00 38 A5 00 08 
    00590: 4B FF FF E4 38 60 00 00 EB 61 00 78 EB 81 00 80 
    005A0: EB A1 00 88 EB C1 00 90 EB E1 00 98 E8 01 01 B0 
    005B0: 38 21 01 A0 7C 08 03 A6 4E 80 00 20 F8 21 FF 51 
    005C0: 7C 08 02 A6 FB C1 00 A0 FB E1 00 A8 FB A1 00 98 
    005D0: F8 01 00 C0 3B C0 0F A0 3B E0 00 C8 4B FB 9B 98 
    005E0: A0 55 6F 3D 00 2C B8 FD 80 00 00 00 00 05 0F B8 
    005F0: 8C 0A 94 8C 00 0D 99 B1 80 00 00 00 00 05 0F E0 
    00600: A2 BC 1A 56 00 05 2A DC 80 00 00 00 00 05 10 04 
    00610: 6B 70 28 02 00 02 00 17 80 00 00 00 00 05 0F D4 
    00620: 00 00 00 00 00 00 00 00 00 30 53 54 38 60 00 82 
    00630: 00 5F 3F C0 38 60 00 01 00 5F 3F C4 4E 80 00 20 
    00640: 00 00 00 00 00 02 ED 0C 3B A0 00 01 00 00 00 00 
    00650: 00 22 B8 88 5F 74 6F 6F 00 22 B8 8C 6C 32 2E 78 
    00660: 00 22 B8 90 6D 6C 23 72 00 22 B8 94 6F 6F 74 00 
    00670: 00 00 00 00 00 0D 68 B8 5F 74 6F 6F 00 0D 68 BC 
    00680: 6C 32 2E 78 00 0D 68 C0 6D 6C 23 72 00 0D 68 C4 
    00690: 6F 6F 74 00 00 00 00 00 2F 64 65 76 5F 62 64 76 
    006A0: 64 00 6D 6F 64 00 00 00 00 00 00 00 00 00 00 00 
    006B0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    006C0: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    006D0: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    006E0: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    006F0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00700: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00710: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00720: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00730: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00740: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00750: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00760: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00770: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00780: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00790: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    007A0: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    007B0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    007C0: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    007D0: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    007E0: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    007F0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00800: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00810: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00820: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00830: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00840: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00850: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00860: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00870: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00880: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00890: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    008A0: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    008B0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    008C0: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    008D0: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    008E0: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    008F0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00900: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00910: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00920: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00930: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00940: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00950: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00960: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00970: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00980: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00990: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    009A0: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    009B0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    009C0: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    009D0: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    009E0: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    009F0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00A00: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00A10: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00A20: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00A30: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00A40: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00A50: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00A60: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00A70: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00A80: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00A90: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00AA0: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00AB0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00AC0: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00AD0: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00AE0: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00AF0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00B00: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00B10: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00B20: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00B30: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00B40: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00B50: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00B60: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00B70: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00B80: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00B90: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00BA0: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00BB0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00BC0: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00BD0: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00BE0: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00BF0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00C00: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00C10: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00C20: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00C30: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00C40: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00C50: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00C60: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00C70: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00C80: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00C90: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00CA0: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00CB0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00CC0: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00CD0: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00CE0: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00CF0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00D00: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00D10: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00D20: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00D30: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00D40: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00D50: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00D60: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00D70: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00D80: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00D90: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00DA0: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00DB0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00DC0: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00DD0: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00DE0: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00DF0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00E00: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00E10: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00E20: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00E30: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00E40: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00E50: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00E60: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00E70: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00E80: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00E90: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00EA0: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00EB0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    00EC0: EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6 
    00ED0: 38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00 
    00EE0: 38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00 
    00EF0: EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90 
    
    After that they push this two times on the stack to run the code via disconnect/reconnect usb devices on the bus.
    
    00000: 09 02 4D 0A 01 01 00 80 01 09 04 00 00 00 FE 01 
    00010: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    00020: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    00030: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    00040: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    00050: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    00060: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    00070: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    00080: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    00090: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    000A0: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    000B0: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    000C0: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    000D0: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    000E0: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    000F0: 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 
    00100: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    00110: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    00120: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    00130: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    00140: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    00150: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    00160: 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 
    00170: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    00180: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    00190: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    001A0: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    001B0: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    001C0: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    001D0: 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 
    001E0: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    001F0: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    00200: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    00210: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    00220: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    00230: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    00240: 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 
    00250: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    00260: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    00270: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    00280: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    00290: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    002A0: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    002B0: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    002C0: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    002D0: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    002E0: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    002F0: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    00300: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    00310: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    00320: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    00330: 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 
    00340: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    00350: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    00360: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    00370: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    00380: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    00390: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    003A0: 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 
    003B0: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    003C0: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    003D0: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    003E0: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    003F0: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    00400: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    00410: 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 
    00420: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    00430: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    00440: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    00450: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    00460: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    00470: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    00480: 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 
    00490: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    004A0: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    004B0: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    004C0: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    004D0: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    004E0: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    004F0: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    00500: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    00510: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    00520: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    00530: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    00540: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    00550: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    00560: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    00570: 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 
    00580: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    00590: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    005A0: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    005B0: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    005C0: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    005D0: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    005E0: 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 
    005F0: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    00600: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    00610: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    00620: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    00630: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    00640: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    00650: 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 
    00660: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    00670: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    00680: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    00690: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    006A0: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    006B0: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    006C0: 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 
    006D0: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    006E0: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    006F0: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    00700: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    00710: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    00720: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    00730: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    00740: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    00750: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    00760: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    00770: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    00780: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    00790: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    007A0: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    007B0: 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 
    007C0: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    007D0: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    007E0: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    007F0: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    00800: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    00810: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    00820: 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 
    00830: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    00840: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    00850: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    00860: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    00870: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    00880: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    00890: 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 
    008A0: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    008B0: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    008C0: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    008D0: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    008E0: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    008F0: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    00900: 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 
    00910: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    00920: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    00930: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    00940: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    00950: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    00960: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    00970: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    00980: 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 
    00990: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    009A0: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    009B0: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    009C0: 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 
    009D0: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 
    009E0: 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 
    009F0: 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 
    00A00: FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 
    00A10: 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 
    00A20: 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    00A30: 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 
    00A40: 00 FE 01 02 00 09 04 00 00 00 FE 01 02 
    
    That's all, folks.
    Repost in binary (Thanks Disane) The first 8 bytes are from the usb protocol left [09 02 ... ]

    http://www.ps3news.com/forums/attach...chmentid=21111

    ASCII binary (Thanks xCoder)

    http://www.ps3news.com/forums/attach...chmentid=21116

    Here's an improved disassembly by crazyc.

    http://www.ps3news.com/forums/attachment.php?attachmentid=2111

    PS JailBreak Mod Code Sniffed via USB, Logged and Examined

    More PlayStation 3 News...
    Attached Files Attached Files

  2. #2
    Registered User peppino's Avatar
    Join Date
    Aug 2010
    Posts
    7
    Sponsored Links
    Sponsored Links
    So a simple ATMEGA164A + VUSB (software emulation usb) and the jb is done!!! Maybe...

  3. #3
    Registered User Maniac2k's Avatar
    Join Date
    May 2007
    Posts
    39
    Sponsored Links
    Sponsored Links
    As long as the timing is not essential for the JB to work, this log should be enough to implement our own JB. The zener diodes are only needed to get the data lines to 3.3V. USB power is 5V and the data lines operate with 3.3V. But most devices works fine with 5V on the data lines also.

  4. #4
    Contributor HZoooof's Avatar
    Join Date
    Nov 2009
    Posts
    13
    Nice ... hopfully my friend ... but ! what should we do with this codes now ? Shall we make a jailbreak ourselves ? my best wishes.

  5. #5
    Registered User Karl69's Avatar
    Join Date
    Feb 2010
    Posts
    32
    Can't this be emulated with a USB cable connected to the PC like the Playstation2 "x-port" cable?

  6. #6
    Member tmaster's Avatar
    Join Date
    Mar 2006
    Posts
    58
    This could be easy emulated for the psp or pc. Now that we know what to send. next need to make sure of the timing and hardware info if needed at all.

  7. #7
    Junior Member hacked2123's Avatar
    Join Date
    Nov 2006
    Posts
    665

    Unhappy

    Quote Originally Posted by Maniac2k View Post
    As long as the timing is not essential for the JB to work, this log should be enough to implement our own JB.
    The zener diodes are only needed to get the data lines to 3.3V. USB power is 5V and the data lines operate with 3.3V. But most devices works fine with 5V on the data lines also.
    Even if we can replicate the PSJB's boot sequence you do not know how the debug's xml is being to passed to the system. The 8bytes are just code, not data; even if we a successful in replicating it, we may not know for sure if its working.

  8. #8
    Junior Member hacked2123's Avatar
    Join Date
    Nov 2006
    Posts
    665
    Can anyone definitely say we've ruled out possible PSJailbreak devices below?

    Rooted Android Device
    PSP /w CFW
    Jailbroken iOS Device

  9. #9
    Registered User Maniac2k's Avatar
    Join Date
    May 2007
    Posts
    39
    Is this log complete? Since it starts with a configuration descriptor and not with a device descriptor.

    However this configuration descriptor means:
    09 - Length of the descriptor in bytes
    02 - configuration descriptor
    12 00 - Total length of endpoint an device descriptors
    01 - number of interfaces
    00 - configuration value
    00 - configuration index
    80 - device is bus powered
    FA - power consumption in 2mA steps

    The next 9 bytes are an interface descriptor.

    I'm just reformatting the log and try to understand whats going on there. The 64 bit from gamefreax doesn't appear exactly in the log.

    @hacked2123: Shouldn't it be enough to do the same the original PSJB does? I think, if the log is complete everythin it does should be there.
    Last edited by Maniac2k; 08-28-2010 at 06:20 PM

  10. #10
    Registered User thering's Avatar
    Join Date
    Dec 2009
    Posts
    18
    None of these have been ruled out, and I know there are people currently working on doing this on a PSP. As tmaster said, timing/hardware info may still be barriers devs will need to work to overcome. From what I understand, multiple hardware ids may need to be emulated.
    Last edited by thering; 08-28-2010 at 06:33 PM

 

Sponsored Links
Page 1 of 12 12311 ... LastLast
Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News