1. Private keys can not be calculated for any firmware> = 3.56, and are NOT in any site, which for some are private (only the Sony has, and if we make a mistake it was thanks to them which they applied the algorithm So encryption of data and a few mathematical operations could calculate the private keys).
2. IF you can create a CFW 3.61, the only obstacle is to get the public keys, which can be drawn SI, with varying degrees of difficulty but you can. Each loader is encrypted with a private key and decrypted with the corresponding public key. But the lowest level loader in a FW is encrypted and decrypted with the root key, which is invariably because the root public key used to decrypt the loader is located in the metldr (obviously, the metldr will have to have the public key to decrypt the loader) and metldr NOT be updated in any way, so that the root key can not be changed from one version to another firmware because it is sad if any.
So if you want to create a CFW of 3.61, changing the LV2 to add new features, we have to go hacking the chain of loaders to get on. Example:
More or less this is the chain of loaders (do not know if there is some small variation in FW 3.61).
METLDR, as I said, NO you can update.
METLDR LV0LDR decode the root key (LV0LDR loader is the lowest level, if we do not have to METLDR) and executes it.
LV0LDR LV0 decode the LV0-key (this key if you can change between versions of firmware as LV0LDR SI is upgradeable and can therefore LV0 encrypt a private key and update LV0LDR to decode it with the new corresponding public key) and runs.
Decrypts LV0 LV1LDR ....
LV2 LV2LDR decrypts the lv2-key and executes it.
Therefore, if you want a CFW, we need to decipher LV0LDR (with the root key, which geohot public and will never change), change LV0LDR change LV0 decryption key (the change of a key that is capable of decoding a LV0 encrypted with a private key that we DO know ... that private key? anyone, as if we generate a key), encrypt LV0LDR with the root key, and we can modify LV0 to our liking and is now LV0 deciphered with a different public key, which we know the private key. And so we change the whole chain to LV2, modify and recifrarlo with the new key we've chosen.
Well, that's the way broadly told (when I say encrypt / decrypt, I do not mean the contents of the loaders, because it works with AES encryption and symmetric and there is no question of public / private key, but I mean really at the head of such loaders, for signature, which uses RSA keys is where public / private partnerships, with the sole purpose of checking that these loaders have NOT been changed).
In the case of FW 3.61 the track is a bit more complex as there are RSA public key and AES keys that are easy to obtain, but hey, there are methods to obtain, there are people who have them, and therefore it is not impossible .
Now, we must take into account that a CFW can be installed only if the console is in a FW 3.55 or lower, because higher versions will make use of a new updater, which verifies the upgrade package (internal data the PUP, so I understand) by checking with new firms (which had not previously existed and are now mandatory) which we have neither the public nor the private key (the public can take, but privately we can forget and here no no chain so we can prevent this ... the updater is a separate application of FW and no longer has to do with the above explained).
Said this last, some will think that if the upgrade to a CFW 3.56/3.60/3.61 and thou mayest not reinstall any other CFW (that is, you stay forever in that CFW or FW actualizais an official). The answer is yes, but hey, is not inevitable and that, in creating this CFW, we can modify the VSH (or one) to use the old updater (which does not check new firms and therefore we have no obstacle to install new CFW), or modify the APPLDR to allow us to load the new updater but modified to not check signatures (the new updater can be changed, of course, but also need to modify our FW APPLDR currently installed to the recifrar updater with a private key known and APPLDR then be able to decrypt and run).
And that's all.
From groveritos: teknoconsolas.es/foro/viewtopic.php?f=214&t=98319&hilit=
Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!
Is the 4.25 MFW real or fake and does it work??? I've seen a lot of videos on youtube showing it. I also was wondering if these are real does Multiman work on them??
Here is one:
Another from gamerexpert: Event preview ps3 hacking.
My name is Gamerexpert, I'm Italian and I am the head of the Expert Team.
I am pleased to encourage all those who are still to OFW 4.25, indicating that by November there will be important news,
with our release of the new "Custom Firmware 4.25 hyb Gamerexpert" that will lead to a complete reversal of the scene Hacking.
I am writing this to inform and advise to preview Chei has OFW4.25 or less, do not waste money on any hardware modification as downgrade e3, proskeet or others, but to wait for the dissemination of our work is completely free. Within a few days I will show evidence of my work.
I hope you appreciate this news and advice, they do not criticize, ridicule or worse insult me or my Team Expert, who still try to give
their contribution at all.
I take this opportunity to again greet all with affection and wishing you good things, your partner,
Download link: http://www.mediafire.com/?vlttq9x7dq5w9sg (Passworded - Fake so don't bother!)
This jailbreaks your 4.21 console and put it on Dongle Firmware!
This usual takes 1 - 2 hours to install but be patient!
All additional Files and readme.txts are in the file above, as well a reverter, for your needs!
2.60 Reverter: http://www.mediafire.com/?19t5imbb5tb0vmz
3.55 Reverters & Downgrader: 3.55 Shop-Retail: http://www.mediafire.com/?yz60me8tjc8ffki / https://mega.co.nz/#!JcBHRQAZ!GVg0fwg3XH5lpy7p8ukpJhixel5SBF1yI0eP0_L5WLk / 3.55 SEX(CEX) Downgrader (Rogero): https://mega.co.nz/#!9NRDmYLC!elV1wVhZJyVtNDzDPA66knXkLIkez25bTCWo1mgJQrY (This is for people that do the downgrade while on SEX firmware and cannot use the Downgrade PUP)
4.20: XMB and Recovery: http://www.mediafire.com/?2wu24e999tpw0bf
4.21: Recovery Only: http://www.mediafire.com/?mndxtf76qt69e7a
4.23 Reverter: http://www.mediafire.com/?kd1q9j9ic1zwc5c (RECOVERY Menu Only)
4.25 Reverter: http://www.mediafire.com/?ovs9qd2fm39oyjl (from v1p)
4.30 Reverter: http://www.mediafire.com/?zu4l7inm3t52fle
4.31 Reverter: http://www.mediafire.com/?283de7ehm5dq5dg
4.40 Reverter: http://www.mediafire.com/?r2flvzx4obha4dv
4.41 Reverter: http://www.mediafire.com/download/0i2yqoaodu9655p/PS3UPDAT.PUP
4.46 Reverter: https://mega.co.nz/#!wAZllB7I!K8AfkAabxBtdaI4ajSswyWwAEntJR-XQc0Eq0_QXRgE
4.46 Reverter (Fixed Retail2Kiosk): https://mega.co.nz/#!ZUZD1Jqa!L2cCUlh8bvQZG1o4xFdu8kspwD1R8rfXT-0fbYlR2Wk
4.50 Reverter: http://www.mediafire.com/?pmqst7ey9k780js
4.31 Kiosk Video (revised from glitchyjoey)
How to do it: [USB Drive] > (Make an new folder and call it PS3) > [PS3] > (Make a new folder called UPDATE) > [UPDATE] > (Then drop the reverter into the UPDATE folder) > [PS3UPDAT.PUP]
I hope this helps some of the people who got stuck on Kiosk firmware.
1. Download files.
2. Plug In USB And Create Folder Called PS3.
3. Inside PS3 Folder Make A Another Folder Called UPDATE.
4. Inside UPDATE Folder Place The UPDAT.PUP Inside there.
5. Unplug From PC Then Plug Into PS3.
6. Go To System Update And Install From USB.
7. Once Its Installed And Stuff, Go To Settings Then To Security Settings.
8. Dont Go Into Security Settings Only Hover Over It.
9. Hold Down L1 + R1 + Square + Select.
10. Then A Password Should Come Up Put In 0000 or 4801 And Press X.
11. And your Done
PS3 Downgrade 4.21 to 3.41 Downgrade Test Video by d875j
I am now in charge of this project for Downgrade for 4.21. We making 3.55 downgrade for those who want but under testing.
Here is another user named xCoLiZzioN who has even tested his 3.55 downgrader BETA release. Sadly enough both of them return "DATA CORRUPTED" .. and thus they state it is in BETA TEST!
This is his Facebook page: facebook.com/pages/D875j-Awesome-PS3-Downgrade/333512753407810
PS3 4.21 Public Keys (BS) from ModderExcess: http://www.mediafire.com/?r803e1c325rh255
Yet another BS one below from PS3JailbreakMast3r...
Get Sony PS3 Jailbreak 4.25/4.23/4.21 For free now!This is the only working ps3 jailbreak for 4.25/4.23/4.21
You can find the download link for jailbreak 4.25/4.23/4.21 down below. The jailbreak for 4.25 was just released and it is working! The PS3UPDAT.PUP is updated for the ps3 4.25 version as of today 12/09/2012.
STEP 1: Plug a USB stick into your computer
STEP 2: Create a folder in the root of the USB stick called PS3
STEP 3: Create a folder inside the PS3 folder called UPDATE
STEP 4: Move PS3UPDAT.PUP to the directory UPDATE that you just created on the USB stick
STEP 5: Plug the USB stick into your PS3
STEP 6: Navigate to Settings Tab
STEP 7: Choose System Update
STEP 8: Choose Update via Storage Media
STEP 9: It will say it found Version 4.21-jb
STEP 10: Choose OK
STEP 11: Accept Conditions and Install Update
STEP 12: After less than a minute, your PS3 will update, beep 4 times then shut down.
STEP 13: Power up your PS3 (You will have to do it on the console and not by the controller)
STEP 14: Your PS3 is now jailbroken!