Latest PS3 News Forum Updates

  • News
  • Posts
  • PS3 CFW
  • PS3 Files
  • PS3 Hacks
  • PS3 Help
  • PS3 Releases
  • PS3 Themes
  • PS3 Trophies
  • PS Vita Trophies
oLeatherfacex PS3 Unban and Anti-ban Methods for Console ID and Sign-In - 57m ago
JeoWay Piercings anyone? - 1h ago
JeoWay The Yes/No question thread - 1h ago
JeoWay Hitman absolution PS3 help? - 2h ago
dyceast Copying PS3 with CFW to PS3 with OFW help? - 2h ago
Liongooder Replace hdd and upgrade PS3 cfw help? - 4h ago
racer0018 PS3 Unbricking and Downgrading Service - 4h ago
JeoWay Sony PlayStation Plus: Saints Row: The Third Free for Members - 5h ago
JeoWay Can I create a PS3 hardware flasher help? - 5h ago
pumpkinslayer Rebug 4.30.1, Rebug 4.21.2 / 3.55.4 PS3 CFW REX Editions Arrive - 5h ago
  1. 12-13-2007 #1
    CJPC's Avatar
    CJPC
    CJPC is online now Toucan Sam CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of CJPC has much to be proud of

    Revised PS3 Boot Information

    Our Resident DEVS have revised the PS3 Bootup procedure, with some more interesting information.

    asecure_loader is not at start of the NAND. The first 512KB also is skipped, or actually any 512 block of FF is skipped.

    Furthermore, the asecure_loader differs per box, possibly encrypted with a per-box key. Files of course are not in clear, that suggests that at every step an encryption/decryption is done.

    The boot loader in IDA does not look microcode for IDL, maybe it's encrypted with cpu key (the IBM secure boot/asecure_loader), that can explain also why a NAND dump can be restored only on the PS3 from which it was taken.

    asecure_loader ----> lv0 which start lv1ldr or lv2ldr depending on 0 or other number in NAND FS
    lvldr ----> lv1.self ----> cell_ext_area partition NAND, boot compressed linux kernel for example

    load trvk_prg
    spu_pkg_rvk_verifier.self load trvk_pkg
    lv2ldr load lv2_kernel.self
    spp_verifier.self load default.spp (bluetooth ?)
    isoldr (?)
    appldr (?)
    sc_iso.self (?)
    LV2 KERNEL MODULE ----> spu_token_processor.self
    LV2 KERNEL MODULE ----> aim_spu_module.self
    LV2 KERNEL MODULE ----> mc_iso_spu_module.self
    LV2 KERNEL MODULE ----> me_iso_spu_module.self
    LV2 KERNEL MODULE ----> sv_iso_spu_module.self
    LV2 KERNEL MODULE ----> sb_iso_spu_module.self

    That is just a taste of some interesting information, expect more soon!

    More PlayStation 3 News...

    Reply With Quote Reply With Quote
  3. 01-05-2008 #2
    Ni0b's Avatar
    Ni0b
    Ni0b is offline Registered User Ni0b is on a distinguished road
    If you install a Bootloader from the OtherOS.bld and OtherOS.self does he write himself to the MBR and will be booted before the XMB OS is booted.

    The otheros.bld contains a vmlinux.bin or if u take the original sony bootloader a exoboot.bin- its a gzipped archiv and can be recreated by this way.

    I tested that.

    The Petit-Bootloader is a modification of the standart kboot-bootloader.
    Are their any possibilities to create an own Bootloader who is able to boot the XMB with special parameters?

    Can the XMB get surrounded by VMBRs (special Rootkits)?

    Reply With Quote Reply With Quote
  4. 01-05-2008 #3
    hacked2123's Avatar
    hacked2123
    hacked2123 is offline Junior Member hacked2123 is a glorious beacon of light hacked2123 is a glorious beacon of light hacked2123 is a glorious beacon of light hacked2123 is a glorious beacon of light hacked2123 is a glorious beacon of light
    Will mess with this soon, sorry I haven't been around on irc; having trouble finding my ssh information and shell.

    Reply With Quote Reply With Quote
  5. 01-05-2008 #4
    Siptang's Avatar
    Siptang
    Siptang is offline Registered User Siptang is on a distinguished road
    hey hacked2123.

    i guess i have things to read here.

    Reply With Quote Reply With Quote

Tags for this Thread