Sponsored Links

Sponsored Links

Page 22 of 87 FirstFirst ... 1220212223243272 ... LastLast
Results 211 to 220 of 861



  1. #211
    Senior Member Bartholomy's Avatar
    Join Date
    Jan 2011
    Posts
    836
    Sponsored Links
    Sponsored Links
    I got what you mean, don't worry. When you have unencrypted eboot, what you do? Keys are 3.6 , or 3.7. RE adapt them for work, is what their dongle + tool do. Actually, just TUHTA could do something with unencrypted eboots, not you, nor me

  2. #212
    Senior Member barrybarryk's Avatar
    Join Date
    Oct 2010
    Posts
    1,082
    Sponsored Links
    Sponsored Links
    On the blu ray the eboot is encrypted, probably with a custom key we've very little chance of getting, but the PS3 has the decryption key because appldr has to decrypt it before running it.

    so after opening it, the copy in RAM is UNENCRYPTED, in RAM the eboot will be completely 100% decrypted otherwise it wont run! it's just a case of cleaning the dump and re signing it with the 3.55 keys.

    and you'll find quite a few people around here know at least how to sign an eboot lol

  3. #213
    Junior Member jesterking1's Avatar
    Join Date
    Oct 2011
    Posts
    51
    Sponsored Links
    Sponsored Links
    yep, this will further advance the cfw scene.

  4. #214
    Senior Member Bartholomy's Avatar
    Join Date
    Jan 2011
    Posts
    836
    Sponsored Links
    Sponsored Links
    Absolutely agree. The problem is, as you said: where is the decrypted eboot? We don't have it. That's why this tool is needed. Surely do a decrypt encrypt, not a separate process.

    Reason because we cannot play with 3.6+ games, and why we want jb2 or wait TUHTA. So i repeat, upload eboot coming directly from indonesian BDRs is pointless. You want to manipulate it during the ram passage? Uhm, interesting.

    But i can tell you, eboot goes on ram as is, 3.6. It's modified, worst. So what you find on ram, is a strange code, something either owning 3.6 keys you cannot decrypt.
    Last edited by Bartholomy; 10-23-2011 at 03:16 PM Reason: Automerged Doublepost

  5. #215
    Senior Member barrybarryk's Avatar
    Join Date
    Oct 2010
    Posts
    1,082
    appldr will decrypt it for us! Have you any idea what you're talking about? You do understand that all encrypted code has to be decrypted before it is executed. The appldr key in their FW will be the public key to their private key that they encrypted the eboot with, when the PS3 runs the game appldr will use THEIR KEY to decrypt it as it loads it into memory to be run.

    So if you dump the ram you get a 100% completely free of all keys, clean as a whistle, decrypted eboot buried in the dump and because its a 3.55 FW dumping RAM shouldn't be an issue.

    Yes uploading their encrypted eboots seems pointless for now but there are numerous comparisons that can be done with them so it helps.

    Maybe I'm not making this clear enough. On blu ray eboot is encrypted. In RAM eboot is decrypted.. we can dump ram on 3.55, we cant on 3.56+

    That's why this is different, it's a decrypted 3.60+ eboot somewhere we have access, it's just a case of grabbing it.

  6. #216
    Senior Member Ezio's Avatar
    Join Date
    Aug 2011
    Posts
    355
    As I said before, the eboots are special fself, the eboot of driver san francisco has a debug header but the self is encrypted, so you cannot decrypt it. The eboot of pes 2012 is completely encrypted. We cannot do anything if before we didn't get the dongle and at least a special bd.
    I got an elf from driver san francisco eboot, I could create so an eboot.bin, but I'm sure it won't work because the elf I got is yet encrypted.

  7. #217
    Senior Member barrybarryk's Avatar
    Join Date
    Oct 2010
    Posts
    1,082
    I mean taking the dump with a dongle and the special bd of the game.

  8. #218
    Contributor easy2boy's Avatar
    Join Date
    Nov 2009
    Posts
    12
    If this dongle is real one so i should buy one whatever tomorrow is the CFW but at least i respect the team work there for bringing life the ps3 scene.

    thanks a lot for all the great work guys

  9. #219
    Banned User
    Join Date
    Feb 2011
    Posts
    278
    I tried that Sniper eboot and it doesn't work.

  10. #220
    Senior Member syphonlord's Avatar
    Join Date
    Jan 2010
    Posts
    152
    some extra info from math...
    Code:
    <Mathieulh> I kinda figured how it works already
    <Mathieulh> they patched lv1 and lv2
    <Mathieulh> and they have lv2 to check if the self keyset is 0x10 or higher
    <Mathieulh> if so it's sent to lv1 through a separate hypercall than hvsc99
    <Mathieulh> which sends the self or part of it to the usb hw
    <Mathieulh> which performs some crypto
    <Mathieulh> and returns a decrypted result to lv1
    <Mathieulh> at least that's what I got out of a few minutes of debugging
    
    <Mathieulh> I am pretty sure the keys are on the dongle
    <Hewman> as in debug eboots?
    <Mathieulh> 3.60+ app keys

 

Sponsored Links

Page 22 of 87 FirstFirst ... 1220212223243272 ... LastLast
Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News