Sponsored Links

Sponsored Links

Page 7 of 11 FirstFirst ... 56789 ... LastLast
Results 61 to 70 of 108



  1. #61
    Forum Moderator PS3 News's Avatar
    Join Date
    Apr 2005
    Posts
    28,060
    Sponsored Links
    Sponsored Links
    Quote Originally Posted by Lazy Boy View Post
    So ETA of the dump is Sunday?
    Well, today is Wednesday and CJPC plans to work some more on it, so it really depends on how quickly he is able to get it done. If he does it later today, then there is a good chance they could surface publically before Sunday so we'll see how things go.
    Quote Originally Posted by Progeria View Post
    you'll release a dump of it, so others can try crack it? man that will be nice..

    but can all great crackers, without a ps3, also give it a shot? or do you need a ps3 for it?
    Yes, you do not need a PS3 once you have the dumps... anyone with the time and talent can use IDA (on their PC) and xorloser's PS3 plug-ins to begin reverse-engineering the code and looking for "interesting" things.
    Quote Originally Posted by dante995 View Post
    Is this mean that homebrew will come out soon?
    Probably not likely, as reversing the HV dumps is extremely tedious and time-consuming so if anything good comes out of it chances are it will be a ways off... but the more people working on it, the better of course!

    As I mentioned in another thread, one of the areas CJPC is seeking to examine from the dump is the boot flag data, as he is interested in being able to convert his Service Mode PS3 to a Debug one, or better yet Retail PS3 consoles to Debug units optimistically.

  2. #62
    Junior Member NaTaS69's Avatar
    Join Date
    Feb 2010
    Posts
    30
    Sponsored Links
    Sponsored Links
    Cool news. Keep the updates coming.

  3. #63
    Contributor SiZMiK's Avatar
    Join Date
    Apr 2007
    Posts
    68
    Sponsored Links
    Sponsored Links
    excellent news, good luck with it.

    It's all a bit exciting

  4. #64
    Contributor Progeria's Avatar
    Join Date
    Jan 2010
    Posts
    16
    Quote Originally Posted by PS3 News
    Yes, you do not need a PS3 once you have the dumps... anyone with the time and talent can use IDA (on their PC) and xorloser's PS3 plug-ins to begin reverse-engineering the code and looking for "interesting" things.
    great! with all those talented scene and ind crackers i bet HV will get a hard time..

    will be fun to follow when dumps get released

    edit: good timing for the ida and ida sdk releases that got released not so soon ago
    Last edited by Progeria; 02-10-2010 at 02:26 PM

  5. #65
    Banned User veggav's Avatar
    Join Date
    Feb 2008
    Posts
    80
    Quote Originally Posted by PS3 News View Post
    Probably not likely, as reversing the HV dumps is extremely tedious and time-consuming so if anything good comes out of it chances are it will be a ways off... but the more people working on it, the better of course!

    As I mentioned in another thread, one of the areas CJPC is seeking to examine from the dump is the boot flag data, as he is interested in being able to convert his Service Mode PS3 to a Debug one, or better yet Retail PS3 consoles to Debug units optimistically.
    You are the most patient guy on earth, boss. It's the third time I see this kind of question this week.

  6. #66
    Forum Moderator PS3 News's Avatar
    Join Date
    Apr 2005
    Posts
    28,060
    Quote Originally Posted by veggav View Post
    You are the most patient guy on earth, boss. It's the third time I see this kind of question this week.
    Actually, CJPC gets my vote for that... this PS3 exploit is SUPER annoying to get the timing just right so that it triggers but doesn't crash the PS3 (which means restarting each time).

    Even bushing from the Wii hacking scene agrees ([Register or Login to view links]), to quote:
    I used an FPGA (Spartan3E starter kit) to do this — but for some reason, I was unable to get 40ns pulses to have any effect whatsoever. I kept stretching the pulse width until it started affecting execution — by the time I had the exploit working, my pulse width was approx 200us — yes, that’s 20,000 times the length of the suggested glitch. Did anyone else run into this problem?

    This hack is fairly annoying to get working, in the sense that you spend a lot of time mashing a button. It’s also not horribly great for the hardware — you’re briefly overdriving a bus-driver transistor inside the Cell, and you’re probably doing a little bit of damage each time you do it. It may not matter in the long run, but it just feels wrong.

    I’ve been able to also trigger the exploit by pulling the Vref on one of the XDR chips down to ground — on the whole, it seems slightly less reliable than the RQ2 glitch, but it’s a lot easier on the hardware and a slightly easier place to solder to.

    I think the biggest issue affecting reliability is the timing of the glitch, so I’m putting my effort into fixing that — I think I’ve found a signal I can abuse for the purpose.
    The advantage of using the SX28 is that it can trigger the exploit a lot quicker, however, the patience comes into play when it doesn't actually work most of the time.

    For example, the HTAB entries take around [51.748028] time was 0x12afa9, 0x1b per, 0, which is like 1/5 reboots.. most of the time its 0xfc000 so a a bit faster but harder to glitch.

    In layman's terms, CJPC has done more button-pushing and PS3-resetting in the last 2-3 days than most people have in the last 2-3 years.

  7. #67
    Toucan Sam CJPC's Avatar
    Join Date
    Apr 2005
    Posts
    2,174
    Yeah the biggest problem is really the fact that the exploit itself is well a glitch. I mean, the hardware works perfectly, I can get it to start to exploit the box within 20 seconds of trying , every time.

    The problem is, 90/100 times the exploit crashes / locks up the ps3 / errors , resulting in the need to reboot, and restart.

    Once the exploit is planted, then we start running our own kernel module to dump out the real memory. The way we we're doing it is well, unreliable and prone to massive corruption (not to mention slow)

    [Register or Login to view code]

    (it looks better in a Hex Editor!)

    But, with dumping memory to a file you run into other issues. You can't just use FileI/O in a kernel module any more, and you can't access lv1_peek from user mode either, so you need to make some additional code to handle it, which is what were working on now - although I'm open to any suggestions to get it done faster, its such a pain after your kernel module crashes, and having to reboot and re-exploit the PS3!
    Attached Thumbnails<br><br> Attached Thumbnails

    exploit_success.jpg  

  8. #68
    Senior Member mushy409's Avatar
    Join Date
    Oct 2008
    Posts
    329
    I bet he has blisters like walnuts on his fingers!

    Good job guys, the PS3 is going to be THE console to own this year. The bank has been broken, now for the safe

  9. #69
    Contributor moshebe's Avatar
    Join Date
    Mar 2008
    Posts
    33

    Thumbs Up

    Great news guys, keep up the good work !

  10. #70
    Contributor njenge's Avatar
    Join Date
    Jul 2008
    Posts
    13

    Cool

    Great news, hope this can lead us to heaven.

 

Sponsored Links

Page 7 of 11 FirstFirst ... 56789 ... LastLast
Advertising - Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News