74w ago - This holiday weekend Spanish PlayStation 3 developer
JaicraB has released PS3 Preloader Advance, a rewritten LV2Diag.self that allows restoring the Dev_Flash.bin file (to fix semi-bricked PS3 consoles) and has been tested on JFW DH CFW although it should work on all Custom Firmware he states.
Download:
PS3 Preloader Advance SELF /
PS3 Preloader Advance v2 SELF
To quote, roughly translated: Already available the tool to reset any "/ dev_flash". It is but a program that runs without external modules.
Why we find it being unable to load basic libraries housed in the "/ dev_flash" we must use direct syscalls to the kernel. The compilation is clean STUB external modules, hence it only takes a few KB ...
The function is to load the file "/ dev_usb000/flash1.bin" and write in RAW mode to the "/ dev_flash". But not before mounting the "/ dev_flash" Write mode.
It's simple but effective. There are dangers of bricks, but backup mistake or left unfinished for various reasons.
In principle works in all FIRMS, but mainly is designed to JFW-DH356MA by semibricks problems and instead of HDD when the system stored inside the "/ dev_flash".
But you have backups you can ask of anyone with the same firm or even removing it from the pup and mounting it on a FAT system. Its use is simple.
- In Factory Mode to rename the "Preloader Advance.self" a "Lv2Diag.self" and copy it to USB.
- Within the USB copy at the root of the flash backup named "flash0.bin"
- Connect the USB into the port nearest the reader, and on the system. The LED blinks green. It means that restoring the flash.
- When the process is shut down. Check the log it creates on the USB to be sure.
- It only plays out of the factory mode with the "Lv2Diag.self" step2 flowing through the network.
For more information use and addressed to: www.demonhades.org
Acknowledgments:
MxxxS, My great teacher
Lara, to change and let me sleep at night tinkering...
Demonhades by bud
And the community of demons.
Happy Holidays to all.
PS3 Preloader Advance 2
Bring Preloader version 2 of the Advance.
Improvements:
- Configuration file to select the actions.
- Restore all flashes.
- Make backups of all the flashes.
- Optimization of the code.
- Auto-Exit Service mode.
Operation:
- Be in Service Mode.
- Copy and advance.cfg Lv2Diag.self-in USB
- Modify the file to taste advance.cfg
- Insert the usb backups according to the advance.cfg
- Switch with USB-introduced into the nearest port to the reader.
The Evidence:
CORE- While this well and allow access to the Service mode, this utility will recover all the flash. The change of HDD in a 3.56 version is not a problem on systems with NOR memories. No need to do an UPDATE THROUGH. Good luck!
From
DemonHades, roughly translated:
Good friends demons, the wait has been tedious and frustrating, so jaicrab wants us this gift to the community to wish a Merry Christmas to all those you had a semibrick with the installation of the JMB or a bad installation in the flash.
Steps:
1. Prepare our dongle to put it in service mode (I used my amazebreak, but it any other apparatus to use the downgrader payload). Then enter the port and do the combo usb000 power and eject, will turn itself off the PS3.
2. Download the
JFW-DH 3.56 MA 1.2.1 Service Pack
3. Download of demonisos.net and rename it to flash0.bin
4. Place in the root of the pendrive (flash0.bin), and also put in the root renamed the advance preloader Lv2Diag.self
5. Introduce the stick in the port usb000 (closest to the reader) and turn on the console.
6. The LED will blink green while working on the restoration, when finished will go out alone.
7. For get into the root end of the usb Lv2Diag.self used to exit the service mode (finalized).
8. Ya again have our PS3 alive with the JFW-DH 3.56 MA.
No more, now you can have it back running the PS3 and not afraid to mess up, this system is tested in fat60 (I have bricked mine) and I have it again making war, is valid for any model although format the hdd.
And without further, 1saludo departed JaiCraB MERRY CHRISTMAS and all the demons DemonHades and friends
New user here. Just taking a quick look around for the time being....
Well hell, after the triumphant return of DemonHades (Triumphal say something
If if as you read, the CFW who had to leave for a long time and stubbornness of your dear master demon DH did not go. So without further ado I leave you with the link to download the CFW and its Tolos (Manager, usaveme and others) just say that a certain person once told me that a cfw had to be free, well that's something I do not agree.
But if they wanted their work free jaicrab since all that thought it was demon JFW were wrong and the only themes I jaicrab little more but I think the pup, blipi, the manager, the openpstore mario, is that this is something that would need to see cast long ago that if this was not released at the time were by the manipulations of a certain person.. Links ..
• Usaveme: http://www.putlocker.com/file/B234F8AC37E42573
• Blipi TheGrid Manager: http://www.putlocker.com/file/A8E48E2F05036440
• OpenPStore: http://www.putlocker.com/file/082D657078F7A2DD
• JFW-DH 3.41 V2: http://www.mediafire.com/?j7mude3rd16dtju
• JFW-DH 3.41 V3: http://www.mediafire.com/?7jvvcv6b3tnr9k5
A greeting and farewell dh.org Rest in peace.
PS The v2 is the best work, thanks to jaicrab, blipi, FLIPI. mario, and other people who worked alongside this be for nothing then remained in. CAREFULLY: BOATS AND TEAM I was the most controversial developer in the DH team
To quote, roughly translated: eEID0 Dumper by BlackDeath to JBM 3.55, MA 3.56 and CFW 3.55
Hello friends, after the method of filtration CEX2DEX the team decided to investigate this new field (for some) and not so much for others, that is why we are working to bring you the easiest method to move to Linux without requiring DEX.
Today I present created by the dumper EID0 blackdeath with which we can dump all EID0 or directly CEX first section with only launch a pkg and have connected a USB port on dev_usb000, the instructions are on screen and are easy:
• START: To dump all EID0.
• SQUARE: To dump the first section of EID0 directly (eid0_1st_Section_CEX.bin).
• X (EQUIS): To dump metldr (Encryption) to USB and be prepared to exploit and get the dump of the decrypted metldr in subsequent steps.
If you are in Normal 3.55 cfw release the pkg from video.
BlackDeath says: This latest version now allows you to dump the metldr (encryption) on your console if usais the X button and you will have your ready to dump metldr encryption decryption keys used together with her exploit later.
Tell them to keep working this issue need not linux as the next step is to dump the metldr without having to make so many things in linux but a quick and easy dump.
The eEID0 is necessary for the process dump metldr As you know, and only the first section of eEID0 (That we get directly to this tool) is required for Conversion to a unit DEX / TEST.
No more here I leave the download link, works both on any CFW 3.55 (PEEK | POKE LV2) as in MA:
• http://www.mediafire.com/?eblfgmmwrmjl8sw (Old Version)
• http://www.mediafire.com/?32dca82c31470qa (New Version)
Thanks BlackDeath, Checko, Tito01 and DemonHades
From checko: WIP: A method to dump metldr and eEID root keys without linux, more easy with some little steps .. maybe naehrwert can help you. To quote from his Twitter (via twitter.com/naehrwert/status/226682478373531648 and twitter.com/naehrwert/status/226686257005203456):
Isn't installing linux to get your eid root key a bit of an overkill when you could just use netrpc?!
Or you could compile this pastie.org/4295312, sign it with metldr keys and grab the key/iv from shared LS...
ldr.ld
ENTRY(_start)
SECTIONS
{
. = 0x25800;
.text :
{
*(.text)
}
.data :
{
*(.data)
*(.rodata)
}
.bss :
{
bss = .;
*(.bss)
}
}
#ifndef _TYPES_H_
#define _TYPES_H_
typedef char s8;
typedef unsigned char u8;
typedef short s16;
typedef unsigned short u16;
typedef int s32;
typedef unsigned int u32;
typedef long long int s64;
typedef unsigned long long int u64;
#endif
.text
/* Loader entry. */
.global _start
_start:
/* Setup stack pointer. */
ila sp, 0x3DFA0
/* Well... */
brsl lr, main
_hang:
br _hang
#include "types.h"
void *_memcpy(void *dst, void *src, u32 len);
void main()
{
//Copy eid root key/iv to shared LS.
_memcpy((u8 *)0x3E000, (u8 *)0x00000, 0x30);
//Hang (the PPU should copy the key/iv from shared LS now).
while(1);
}
void *_memcpy(void *dst, void *src, u32 len)
{
u8 *d = (u8 *)dst;
u8 *s = (u8 *)src;
u32 i;
for(i = 0; i < len; i++)
d[i] = s[i];
return dst;
}
Our partner and developer RacingLocura07 (UsaveME) leaves us on this occasion the conf editor ps3, this application allows you to enable or disable patches, plugins or create flags without using a PC, all from the PS3 itself in a simple and fast
Download: http://www.sendspace.com/file/99llgd
Options:
• Displays a list of flags
• Displays list of patch-dynamic
• Displays a list of plugins
• Allows you to export to the root of the usb, the. Cfg file to test it before storing.
List of flags:
• Matheros (direct or normal)
• dumper-ram
• debug
• dev_flash (dumper / restore)
• sc35/36 +8 (more compatible)
• 100% Fan speed (fan at 100%)
Any questions you have you can reply in this thread, thanks to RacingLocura07, tito1, adriansfc92 as Cheko. Conf editor and this works both as the 3.56 MA JBM 3.55
Finally, in related PS3 homebrew news today PsyOil has made available a http://www.psyoil.info/pup/Pup%20down.zip for those interested stating:
On a click of a button a command prompt window will start downloading (from the PS3 Dev Wiki) the PUP to the same directory as the program. Do not delete wget.exe or else the pups will not download!
Its pretty simple, list of firmwares (OFW) on click they download to the directory your placed the two files in.
Now, you're probably wonder why someone would ever need this. I download and delete pups very often, so I made this program to make it a bit easy to find a PUP right away.. Making a CEX/DEX downloader soon.
Update: he has now released the http://www.psyoil.info/pup/cex-sex%20downloader.zip followed by a http://psyoil.info/pup/sexdexcex.zip stating the following:
Once again, I suck at GUI programs. I've made a command prompt version of the same program, where you just enter the name of the firmware version exmp “4.10″ and it starts downloading the firmware on command (4.10p for patch pups) Should I just release that or stick to the ghetto lookin’ GUI?
Shortly following he also made available a http://psyoil.info/pup/Pup%20extractor.zip stating, to quote:
Very simple and straight forward, place pup within the same folder as the extractor! Credit to HSReina for df.exe
Also, I've included a simple command prompt app:
Enter "pu.exe PS3UPDAT.PUP PS3UPDAT" to extract the pup.
Enter "df" to extract Dev_flash from the pup
Enjoy
Here is http://psyoil.info/pup/shop%20converter%20PUP.zip as well by PsyOil with the details below, as follows:
Sony shop PUP, just patched promo_flags/update_flags. anyways, this is just a basic pup that will convert your PS3 into a SHOP Ps3. (not advertising as a jailbreak or a CFW) its just a basic MFW.
Remember after unlocking through security settings, the package installer is NOT for homebrews but only for installing demos. The second PUP is a file that'll convert your SHOP PS3 into a retail PS3. Remember, these still apply! (scei.co.jp/ps3-eula/ps3_eula_en.html)
More PlayStation 3 News...