Sponsored Links

Sponsored Links

JaicraB on Cobra USB JIG Protection RTOC Trick for PS3


Sponsored Links
185w ago - Today Spanish PlayStation 3 developer JaicraB has explained the Cobra USB JIG protection RTOC trick implemented for the PS3 against cloning the device.

To quote, roughly translated: Flynn sent me this text explaining this protective carrying the Cobra, I hope it will open the eyes of those interested in reversing the dumps.

EXPLAIN RTOC COBRA TRICK

The JIG Cobra has several protective measures to ensure that your code could not be used correctly even if your code could be dumped.

This trick RTOC in the registry is the first used for this purpose in addition to hinder analysis.
Registration is initially RTOC stored in the battery to keep the RTOC of lv2 and power it back later:

[Register or Login to view code]


At this point we have to explain that the OFFSET DELTA. DELTA OFFSET is a method used in the x86 in its original moments in the creation of computer viruses, to calculate the memory address in which we are in the sea of ​​bytes in RAM.

In the original time a computer virus when I did not know where he was pulled into an executable,
depending on the executable it could be an initial site or another, for it was invented DELTA OFFSET.

DELTA OFFSET can be used in any system, the procedure is:

  • Using the record that indicates the current execution address (or the next depending on the system)
  • Reducing the size of the previous code we use the value obtained from the registry.

Knowing this, and taking for example the x86 processor where the EIP register can not be read directly invented the trick make a call to a "subfunction" which is simply the following line to the call:

[Register or Login to view code]


X86 call instruction saves the top of the stack the address of the next instruction to itself. Thus using pop draw from the top of the stack this value, and stored in eax for example, and having the memory address where we only subtract the above would be missing and we have the exact calculation.

The PowerPC can use this trick using the BL instruction is equivalent (LINK BRANCH), which jumps to a "subfunction" but before you save LR in the record the following address to BL.

[Register or Login to view code]


At this point we see the trick used for the creation of the RTOC of charges at this time. If you look both r0 and RTOC are passed to 0:

[Register or Login to view code]


Subsequently, given the value 0x11DE0 to RTOC:

[Register or Login to view code]


A r0 is given the value 0x920:

[Register or Login to view code]


R0 is subtracted from the value of RTOC:

[Register or Login to view code]


Unlike the PowerPC x86 LR register can be read directly with mflr instruction, we put in RTOC the value obtained by the delta offset:

[Register or Login to view code]


To calculate the delta offset subtract final instructions executed before the delta offset, which were 4, or 16 bytes:

[Register or Login to view code]


Finally we add the value of r0 at the end of the delta offset RTOC, storing the result in the RTOC and this already takes RTOC suitable for this hook:

[Register or Login to view code]


It takes having the RTOC stored in the stack 3 arguments that the hook received:

[Register or Login to view code]


You call the function of the charges where the first argument will check for command 0x8202 (a special command to the usual):

[Register or Login to view code]


After making the necessary steps as charged, the battery recovers the original RTOC, like the arguments the hook received, it executes the original instruction that was overwritten in the syscall entry 379 (in this case) to have our hook, and call the original syscall lv2:

[Register or Login to view code]


Upon returning to retrieve the original LR from the stack and returns to the prompt

[Register or Login to view code]





Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter, Facebook and drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene and PlayStation 4 scene updates and fresh homebrew PS3 Downloads. Enjoy!

Comments 1254 Comments - Go to Forum Thread »

• Please Register at PS3News.com or Login to make comments on Site News articles.
 
#184 - kombat75 - 151w ago
kombat75's Avatar
Anyone know can i use the deank MM the latest version 04.02.00 ?? because previous MM i having now is the Team Cobra Releases mmCM v04.01.00 ...

Worry it will crash the MM or worst cannot even start the MM Later on after I install the deank MM ..

#183 - mdr3939 - 152w ago
mdr3939's Avatar
Please help !! I installed the latest version (full) of multiman, this went well but when loading the system freezes and shows a screen with a laughing face. When trying to remove this version aI end up with a corrupted icon in the list. I can't install an earlier version because system says that there is already the latest version installed.

How do I completely remove multiman and what can i do to get it working again. I'm on CFW 3.55.

Thnx

#182 - PS3 News - 152w ago
PS3 News's Avatar
Today condorstrike has made available a Metro mmCM PS3 Theme for those interested with details below, as follows:

Download: [Register or Login to view links]

To quote via tortuga-cove.com/hacking/31-ps3/6572-solar-v41-and-metro-mmcm-theme-released: I took a couple of days off from working on Solar and got bored quickly, so I made an mmCM theme called METRO, 100% compatible with the latest version 04.02.00, but I really don't have time to make themes, so I won't be making any more...

#181 - PS3 News - 152w ago
PS3 News's Avatar
Below is another mmCM v04.02.00 (20120228) Full Update for those with the Cobra dongle and the changes, as follows:

Download: [Register or Login to view links] / [Register or Login to view links] (Mirror) / [Register or Login to view links] (Mirror #2) / [Register or Login to view links] / [Register or Login to view links] (Mirror)

28 - 02 - 2012 Changelog:

  • Added new display mode ("TMB" - Top Media Bar) to replace "Box-art" mode
  • Added new option in Settings - "Top Media Bar Color" to set user-defined color for top and bottom stripes in TMB mode
  • Added new background image in the original theme (TMBBG.JPG) for TMB display mode
  • Improved speed when copying files
  • Optimized memory usage (another 10MB of RAM available for operations)
  • Added support for scanning /dev_usb010 to /dev_usb099 for PSX/PS2/PS3/PSP/BD/DVD ISO files
  • Added four (4) new colors to SIDE/TMB color setting options and two options in COLOR.INI to set side/tmb colors from themes
  • Added function to "Quit to XMB" if [CIRCLE] (or [CROSS] if X/O swap is set in options) button is held pressed
  • Added visual slider indication when scrolling trough a lot of entries (XMMB, TMB and XBDM modes + when browsing devices)
  • Reminder for BD-Remote colored keys: RED - Quit, GREEN - Screen Saver, YELLOW - Restart, BLUE - To File Manager and back

#180 - PS3 News - 152w ago
PS3 News's Avatar
Below is mmCM v04.01.04 Full (20120223) for those with the Cobra dongle and the changelog, as follows:

Download: [Register or Login to view links] (21 MB - showTIME, ps3NETSRV, lastGAME, bdRESET) / [Register or Login to view links] (296 MB - showTIME, ps3NETSRV, lastGAME, bdRESET, 1 motion background, 10 themes, 7020 game covers)

23 - 02 - 2012 - mmCM ver 04.01.04 Full Changelog:

  • Improved FTP transfer speed even more
  • Improved FTP compatibility with certain clients (wininet)
  • Improved "Game list (4x2)" display mode
  • Improved "Game list (poster)" display mode
  • Improved overall speed and stability and fixed some GUI glitches
  • Optimized memory usage (10MB more RAM available for operations)
  • Optimized caching procedure for game icons and backgrounds (ICON0/PIC1.PNG) - faster and less HDD space used
  • Added "Group Titles by Genre" option in the SIDE menu and changed the function of [SQUARE] button: now opens "Game Settings" menu.

#179 - Tidusnake666 - 153w ago
Tidusnake666's Avatar
Hello,

Anyone kind enough to link me to new LAST GAME app for mmCM v4?

I had mine from v2, and now when updater to v4, last game app just refuses to work

UPD: Okay, found it. It's LASTGAMEv2.pkg inside "Base" 4.01.00 distro

#178 - PS3 News - 153w ago
PS3 News's Avatar
Another multiMAN Cobra Manager (mmCM) v04.01.03 update for those with the dongle and the changes, as follows:

Download: [Register or Login to view links] (4.88 MB)

17 - 02 - 2012 Changelog:

  • Changed: 4x2 display mode is rewritten to use XMMB engine which makes it 5x faster and allows access to all content (Games/Music/Video/Photo/Retro/ISO)

  • Added "4.11" option in "System Firmware Version" to spoof reported version to the latest OFW 4.11

  • Added support for loading network PSX/PS3/BD/DVD ISO/BIN+CUE images to lastGAME2 application

  • Added proper support for covers in "Coverflow" mode, without affecting XMMB and other display modes (covers in Coverflow/4x2 modes and icons in BOARD mode)

  • Added PIN-protected option "Reset Options to Default" in SETTINGS (press [TRIANGLE] to access it in the SIDE menu). Default PIN is "0000".

  • Added support for forcefully resetting mM to default during boot if L2+R2+L3+R3 buttons are pressed

  • Changed: PIN-protected options will not prompt for PIN code if using the default PIN "0000". If "Parental Level" is set, games which require higher level will still require PIN.

#177 - PS3 News - 154w ago
PS3 News's Avatar
Below is another multiMAN Cobra Manager (mmCM) v04.01.02 update for those with the dongle and the changes, as follows:

Download: [Register or Login to view links] (4.52 MB - Can be used to update 04.xx.xx to 04.01.02) / [Register or Login to view links] (106.18 MB - 3090 covers - showTIME lastGAME bdRESET ebootFIX ebootMOD ps3SERV)

13 - 02 - 2012 - Changelog:

  • Added support for creating ISO/BIN+CUE images from PS2 CD and PS1/PSX CD *directly* to remote host

  • Added automatic extraction of thumbnails after ISO/BIN+CUE is created (PS3/PS2/PSX/BD/DVD)

  • Added support for displaying coverart/jacket for Blu-ray and AVCHD discs (if /HDAVCTN or /BDMV/META/DL folders contain jpg jacket-image)

  • Added support for creating ISO files from folders to remote host (ISO is cached to internal HDD and then moved to remote host)

  • Improved FTP transfer speed (up to 10MB/s over 100Mbit connection)

  • Improved transfer speed from and to remote hosts (/net_host) (up to 10MB/s over 100Mbit connection)

  • Improved scanning of remote host content folders

  • Added support to set "External Game Data" for games/applications installed under /dev_hdd0/game or /dev_usbxxx/GAMEI (RELOAD.SELF required)

  • Fixed few issues introduced in 04.01.01, related to displaying/refreshing Retro/Music/Photo columns

#176 - PS3 News - 154w ago
PS3 News's Avatar
Today Cobra has released mmCM version 04.01.01 update (20120209) for their dongle with details below, as follows:

Download: [Register or Login to view links]

Note: In order to install this Update package, you must first be on version 04.01.00.

09 - 02 - 2012 Changelog:

  • Increased max number of entries for directory listing in file manager to 3584 (from 2560), fixing issues with PSX/PS2/PS3 covers
  • Optimized scanning for network content (ISO/CUE+BIN) (Video, Music, Photo and Roms are also supported)
  • Added "4.10" option in "System Firmware Version" to spoof reported version to the latest OFW 4.10
  • Added support for creating ISO images from PS2 DVD, PS3 BD, Blu-ray and DVD discs *directly* to remote host (remote file system must support 4GB+ file sizes)
    --> You can now create backups of your games and movies directly to your PC and play them remotely! (Blu-ray movies/DVD-Video titles may require additional decryption)
  • Added support for extracting ICON0.PNG for network PS3 ISO games, which don't have .png/.jpg thumbnail in the remote folder (when game ISO is loaded)
  • Added support for extracting coverart (/BDMV/META/DL) for Blu-ray ISO movies, which don't have .png/.jpg thumbnail in their folder (when movie ISO is loaded)
  • Added support for installing PKG package files from remote host (clicking over a .pkg file from /net_host folder in File Manager)
  • Added "Network" device-browse entries in PHOTO, MUSIC, VIDEO and RETRO columns to enable browse/view/playback functions for remote content
  • Added support for loading RETRO games (ROMS) from remote host
  • Added support for thumbnails for ROMS, PSX, PS2, PSP, BD and DVD titles
  • Added new game titles to internal database (PSX/PS2)
  • Fixed an issue which caused mmCM to lock during boot (on boot screen)
  • Fixed a potential issue which may have caused creating invalid *split* ISO files from PS3/BD discs (when output exceeds 4GB and is stored on USB)

NOTE 1: Playing video content from remote hosts requires caching to local storage

NOTE 2: For best compatibility with remote content, the following content folders are automatically created in the root folder served by ps3netsrv:

! - BDISO - for Blu-ray movie titles in ISO format
! - DVDISO - for DVD-Video titles in ISO format
! - PS3ISO - for PS3 games in ISO format
! - PSXISO - for PS1/PSX games in ISO or CUE+BIN format
! - PSPISO - for PSP games in ISO/CSO format (NOTE: Currently used ONLY for storing backups and not to play games)
! - PS2ISO - for PS2 games in ISO format (NOTE: Currently used ONLY for storing backups and not to play games)
! - MUSIC - for audio files in MP3 format
! - PICTURE - for image files in JPG/PNG format
! - VIDEO - for supported video files
! - ROMS - for supported RETRO games (gen/fba/vba/snes/fceu emulator subfolders)
! - PKG - for installable package files (.pkg) (NOTE: You can install packages from remote host in File Manager mode)
! - GAMES - for PS3 games in folder/jb format (NOTE: Currently used ONLY for creating/storing backups and not to play games)

#175 - PS3 News - 155w ago
PS3 News's Avatar
Today Cobra USB Firmware v5.0 and mmCM v04.01.00 Full is released for those who have the dongle, with details below:

Download: [Register or Login to view links] / [Register or Login to view links] / [Register or Login to view links] / [Register or Login to view links]

04 - 02 - 2012 Changelog of Cobra USB Fw 5.0:

  • Added support to play isos from a PC using network connection. No more waste of time copying between PC and ps3, play directly from the files on your computer!

Requires to run the supplied ps3netsrv server application (it is inside mmCM 04.01.00 download) on the PC, a version for windows and linux is provided (mac users can use the windows version with wine

Note: when using wine, we recommend to run directly the command line ps3netsrv.exe and not the gui).

Currently the following items can be played from network:

  • PS3 isos
  • PSX cue+bin or isos
  • Blu-Ray isos
  • DVD isos

Currently the following items cannot be played from network:

  • PS3 games in JB directory format (planned for 5.1 release)
  • PSP isos (planned for 5.1 release)
  • PS2 isos (planned, but we cannot estimate the version)

Although Cobra doesn't restrict the isos from being loaded through wifi, wifi is too slow for most uses, we recommend to use a wired connection.

  • Optimized a bit the read of PS3 isos (15-20% gain in external disk, not noticeable in internal disk)

  • Added dynamic firmware version spoofer capabilities. You can set the spoof in mmCM settings. As Sony release new firmwares, the spoofer can be updated by updating mmCm, without need of updating Cobra USB fw. No system files are modified by the version spoofer, all take place in ram.

Changelog of mmCM 04.01.00:

  • Changed: Nethost PC server application "ps3serv" is replaced by new windows/linux application "ps3netsrv"
  • Added support for playing PS3 and PSX games in ISO/CUE+BIN format from remote net_hosts (PCs connected to the LAN)
  • Added support for playing Blu-ray and DVD-Video movie titles in ISO format from remote net_hosts
  • ! NOTE: For best performance and compatibility of the new net_host interface, a WIRED network may be required (Wi-Fi is also supported)
  • ! NOTE: Root folders served by remote hosts must contain /PS3ISO, /BDISO, /DVDISO and /PSXISO folders to enable remote content
  • Added new option in SETTINGS column: "Network Servers" for setting up to 10 remote nethost IP:PORT values
  • Removed: *nethost* settings from options[_default].ini are ignored and no longer supported
  • Added new option in SETTINGS column: "System Firmware Version" for "spoofing" current FW version to 4.00 or higher
  • Added support for thumbnail images for remote BD/DVD/PS3/PSX ISO/BIN+CUE files (*.jpg / *.png)
  • Added support to copy files from one net_host to another
  • Added support to delete folders from remote net_host
  • Added support to view files in TextViewer from remote net_host folders
  • Added support to copy games and ISO images to remote host from SIDE menu ([TRIANGLE] in XMMB/XBDM/BOARD display modes)

Finally, below is a usage guide from coveman via: tortuga-cove.com/forums/viewtopic.php?f=77&t=2509&p=4828#p4828

1) Pick a folder which will be used for sharing: I created a folder called H:\PS3_ROOT
2) Created the subfolders for different type of content: BDISO, DVDISO, PS3ISO, PSXISO, PSPISO, PICTURE, VIDEO, MUSIC
3) Double click the ps3netsrv_GUI.exe to start the GUI
4) Click the box under "Folder to share" and selected my folder H:\PS3_ROOT
5) Click [Start] button

s3nint3!If everything is okay, a black window will appear with message "Waiting for client..."

s3nint3!6) Go to my PS3 and in SETTINGS -> Network Servers I added my PC as /net_host0. I set the IP address of my PC and used the default port 38008. Make sure that you find the IP address of your computer and even better - using a STATIC IP ADDRESS will make it easier for you, because it will not change between PC restarts.

s3nint3!7) After you complete step 6 - you should see the messages in the black-box "Connection from xxxx" where xxxx is your PS3's IP address.

In case you don't have "Connection from..." message, make sure that your WINDOWS FIREWALL is either disabled or it allows incoming connections to the selected port (in our case the default 38008). Also check if you entered the IP address correctly.

That's it. I guess I was helpful!

Tip: If you want to save yourself a bit of time next time you need the ps3netsrv, just create a simple .bat or .cmd file (I created one called ps3.cmd) and save it in the same folder where ps3netsrv.exe is saved. You can see mine in the first screenshot.

Just put this single line in your cmd/bat file and save the file:

ps3netsrv.exe . 38008

Pay attention that there is a DOT "." before the port. You can also use any other path and replace the dot if you wish, but that's not necessary. The next time you can simply start the ps3.cmd by double clicking on it and you won't have to use the ps3netsrv_GUI.exe.

 

Sponsored Links

Sponsored Links
Sponsored Links

Sponsored Links







Advertising - Affiliates - Contact Us - PS3 Downloads - PS3 Forums - Privacy Statement - Site Rules - Top - © 2015 PlayStation 3 News