I was going to write more information on my post, but there wasn't an edit button so here it goes.
I will explain the two main options the program has.
Extract METLDR - This extracts the metldr from your flash dump so you can use this in the metldrpwn exploit and dump your root key. The dump file created by the metldrpwn exploit can then be loaded into the program (METLDR Dump).
CEX -> DEX - This creates a modified flash dump to convert your CEX into a DEX, the dump created can then be used to be flashed back to your PS3.
I assume you are getting those CMAC errors because you are attempting to use the extracted metldr as the metldr dump. These are two completely different files, the METLDR Dump is the dump file produced by the metldrpwn exploit. Could you show me part of your root key so I can get a better understanding of what you're actually loading.
I’m a bit late on the “CEX to DEX” news, but sometimes it’s better to be late, in order to have a good overview of something.
If you’ve been following the PS3 scene sites this week, you’ve probably seen that a new “hack” was released, that has been nicknamed “CEX to DEX”. Later on, PS3 dev naehrwert explained the process on how the information was obtained, although most scene websites failed to make a connection between his quite complex technical explanation and the leak. Most of them treated that as two pieces of unrelated information.
In this article I’ll try to connect the dots, but please bear with me as I am still an external observer of the PS3 scene, being myself stuck in 4.11 (damn you, Uncharted 3!)
Why this is interesting for the end users
Ok, first of all, what is this hack useful for, in other words, what does it do?
Let’s start with the basics. Retail PS3 units (the ones we buy in stores) are codenamed CEX. Debug PS3 units are codenamed DEX. What this hack does is allow any Retail unit (CEX) to be converted into a Debug unit (DEX). A DEX unit lets you, among other things, install a Debug firmware on the PS3 through the recovery menu (you can’t do that on a CEX PS3).
A Debug firmware is interesting because it allows to run official blu rays as well as unsigned content. This means homebrews, but also potentially unsigned official games. In theory a 4.21 Debug firmware could run backups of newer games (3.6+), which is where it gets interesting (currently AFAIK the only way to do that is to use one of the piracy dongles, and it only works for a few games).
There is of course a “catch” to this: 3.6+ games backups would need to be not signed, and such things are not easy to find on the internets (if they can be found at all).
So in theory this release could be good for pirates, and bad for dongles, but practically it doesn’t change much on that front.
However, this opens something new for people who have been on 3.55 CFW and don’t want to upgrade: the possibility to run official 3.6+ Blu rays.
So let me summarize here. A 4.xx Debug firmware can:
run unsigned < 3.55 game backups (those are apparently easy to find) (a 3.55 CFW can do that)
run unsigned eboots (homebrews) (a 3.55 CFW can do that)
run unsigned 3.6+ game backups (a 3.55 CFW can’t do that, but those are impossible to find anyways)
run all official (legit blu ray) games up to 4.xx (a 3.55 CFW can only run up to 3.55! That’s the interesting bit)
Upgrade and downgrade at will between all versions of Debug firmwares
And please don’t quote me on that, as this is just my understanding of what a debug firmware allows, but I can’t confirm this myself as I don’t have a CFW. I’m just gathering the bits of information I’ve read here and there. But my understanding is, a 4.xx debug firmware gives you the best of both OFW and CFW: 3.6+ games and homebrews
What this cannot do
Since in order to convert your console from CEX to DEX, some per-console specific information needs to be obtained directly from your ps3, this is not a magical solution if you are currently stuck on a 3.6+ official firmware. You would still need to downgrade to a 3.55 CFW first (in order to run the tools necessary for the hack) using a hardware chip, and then run the hack from there to install a Debug firmware.
In other words, Going through 3.55 is a necessary step of this hack.
It is also worth noting that by running a Debug unit, you lose access to the PSN (which you can get back by installing a clean flash back).
Ok, let’s do this thing, where are the tools?
Ok, so, if you have a 3.55 console (if not, you need to downgrade, read the paragraph above!), you might want to try and convert your own console into a Debug version. For now, no “easy” tool is available to do this, sadly, and if you mess things up you could end up with a brick (also, do not try to get somebody else to send you their modified Flash, some of the encryption keys involved are specific to each console!). It is strongly recommended that you have a hardware flasher (and a clean dump of your flash) handy in case you mess things up..
If you’re lucky enough to have a 16MB NOR console (that’s the recent PS3 FAT and all PS3 Slim, see details here), you can use the tool C2D by andbey0nd to ease the process. It will build the stuff to flash for you, but you still have to provide the EID root key (obtained with metldrpwn)
If you’re a developer, you might want to download libeeid, and use the sample provided as a base to build your own tool.
But ironically, the easiest way for now seems to follow the linked guide below and do it manually.
This hack was revealed as a leak. It seems obvious (based on his recent blog post) that naehrwert was part of the people working on all the reversing work required to access this information. It is likely that this information was part of a larger scale work, and obviously for these devs the leak was not a good piece of news. I can relate, getting your work leaked at the most inappropriate time is never good. This is probably what pushed later on an “anonymous” dev to publish the work that led to this hack in the first place, in the form of a C library that any dev can now use (libeeid).
Then again, as I described above, I don’t see why this could lead to anymore piracy than there is already on the PS3 (3.6+ games are still “safe” until somebody can publicly decrypt them), so the excuses about this work leading to piracy are probably just words. On the other hand, as naehrwert mentioned, I can picture an army of noobs asking questions on how they can pirate 3.6+ games on DEX machines from now on
The Technical details
So how does that hack work? Ok, I’m trying to dumb that down as much as possible here: there are special locations in the flash memory of the PS3 that indicate if the unit is a Retail machine or a Debug machine. Reading/Writing this information requires to both know where it is located and how to decrypt/encrypt it. How this information was found is what naehrwert explains in his blog post (note: Finding and understanding this required dozens – hundreds? – of hours of reverse engineering of some parts of the PS3 firmware, which also explains why some people are pissed about that leak.).
The information lies in the Appliance Info Manager module, a module in charge of …describing the specs of the current unit, I assume, given its name.
The encryption/decryption keys are all inferred from the eid0 key seeds for this specific module. These key seeds were obtained by reading the metadata of the module, as explained by naehrwert. From there, the whole process explained in the leak is just a series of decrypt / replace / encrypt data, based on the algorithms that were reverse engineered.
The key point here is that the Target ID of the unit is replaced with 0x82 (you’ll see that number a lot in the leaked CEX to DEX hack), which symbolizes a Debug unit. The target ID is a key identifying the type of a unit, as described here (ps3devwiki.com/wiki/Target_ID).
A Target ID is a single byte or hexadecimal identifier that determines what type of console you have.
Known Target ID's
Value Console Type Shortcode Region Code
0x80 TEST AVTest / DECR TEST TEST
0x81 DECR Reference Tool / DECR TOOL TOOL
0x82 DEX Debug / DEX DEX DEX
0x83 CEX Retail Japan CEX J1
0x84 CEX Retail USA CEX UC2
0x85 CEX Retail Europe CEX CEL
0x86 CEX Retail Korea CEX KR2
0x87 CEX Retail United Kingdom CEX CEK
0x88 CEX Retail Mexico CEX MX2
0x89 CEX Retail Australia/New Zealand CEX AU3
0x8A CEX Retail South Asia CEX E12
0x8B CEX Retail Taiwan CEX TW1
0x8C CEX Retail Russia CEX RU3
0x8D CEX Retail China (Never released) CEX CN9
0x8E CEX Retail Hong Kong CEX HK5
0xA0 ARC System Debugger / Arcade ARC ARCADE
The 6th byte in IDPS (can be found in EID0 and EID5, see Flash) represents your Target ID.
Speaking of TargetID, the holy grail of the Debug units is 0×81, the DECR unit which apparently can also decrypt anything we want. Those are suspected to require specific hardware and firmwares however... and the legend says that some scene devs own one.
Until this week, people who legitimately wanted to stay on a Custom Firmware for homebrew reasons could not play recent PS3 games they owned. With such a technique, they now have a possibility to run their 3.6+ blu rays without sacrificing homebrew. As far as I can tell, this does not “bring more piracy to the PS3″, for now. It just allows more legitimate use of the PS3 for honest homebrew users.
Thought this was interesting and wanted to share it ^-^