Sponsored Links

Sponsored Links

JaicraB on Cobra USB JIG Protection RTOC Trick for PS3


Sponsored Links
167w ago - Today Spanish PlayStation 3 developer JaicraB has explained the Cobra USB JIG protection RTOC trick implemented for the PS3 against cloning the device.

To quote, roughly translated: Flynn sent me this text explaining this protective carrying the Cobra, I hope it will open the eyes of those interested in reversing the dumps.

EXPLAIN RTOC COBRA TRICK

The JIG Cobra has several protective measures to ensure that your code could not be used correctly even if your code could be dumped.

This trick RTOC in the registry is the first used for this purpose in addition to hinder analysis.
Registration is initially RTOC stored in the battery to keep the RTOC of lv2 and power it back later:

[Register or Login to view code]


At this point we have to explain that the OFFSET DELTA. DELTA OFFSET is a method used in the x86 in its original moments in the creation of computer viruses, to calculate the memory address in which we are in the sea of ​​bytes in RAM.

In the original time a computer virus when I did not know where he was pulled into an executable,
depending on the executable it could be an initial site or another, for it was invented DELTA OFFSET.

DELTA OFFSET can be used in any system, the procedure is:

  • Using the record that indicates the current execution address (or the next depending on the system)
  • Reducing the size of the previous code we use the value obtained from the registry.

Knowing this, and taking for example the x86 processor where the EIP register can not be read directly invented the trick make a call to a "subfunction" which is simply the following line to the call:

[Register or Login to view code]


X86 call instruction saves the top of the stack the address of the next instruction to itself. Thus using pop draw from the top of the stack this value, and stored in eax for example, and having the memory address where we only subtract the above would be missing and we have the exact calculation.

The PowerPC can use this trick using the BL instruction is equivalent (LINK BRANCH), which jumps to a "subfunction" but before you save LR in the record the following address to BL.

[Register or Login to view code]


At this point we see the trick used for the creation of the RTOC of charges at this time. If you look both r0 and RTOC are passed to 0:

[Register or Login to view code]


Subsequently, given the value 0x11DE0 to RTOC:

[Register or Login to view code]


A r0 is given the value 0x920:

[Register or Login to view code]


R0 is subtracted from the value of RTOC:

[Register or Login to view code]


Unlike the PowerPC x86 LR register can be read directly with mflr instruction, we put in RTOC the value obtained by the delta offset:

[Register or Login to view code]


To calculate the delta offset subtract final instructions executed before the delta offset, which were 4, or 16 bytes:

[Register or Login to view code]


Finally we add the value of r0 at the end of the delta offset RTOC, storing the result in the RTOC and this already takes RTOC suitable for this hook:

[Register or Login to view code]


It takes having the RTOC stored in the stack 3 arguments that the hook received:

[Register or Login to view code]


You call the function of the charges where the first argument will check for command 0x8202 (a special command to the usual):

[Register or Login to view code]


After making the necessary steps as charged, the battery recovers the original RTOC, like the arguments the hook received, it executes the original instruction that was overwritten in the syscall entry 379 (in this case) to have our hook, and call the original syscall lv2:

[Register or Login to view code]


Upon returning to retrieve the original LR from the stack and returns to the prompt

[Register or Login to view code]





Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!

Comments 714 Comments - Go to Forum Thread »

• Please Register at PS3News.com or Login to make comments on Site News articles. Thanks!

PS3 News's Avatar
#704 - PS3 News - 4w ago
21 - 8 - 2014: Cobra ODE News - Update

We have updated the 2.2 fw archives to correct errors in the names of the update files for Cobra ODE ver 5.30A and files relating to PSX auto patching. The PDF for 5.xx board include in archive have been updated as well. We have also updated the user manual to reflect these changes.

Users kindly ensure that update files should be named as follow for 5.30A Hardware:

Chipset M2S010 file name should be v5p30A10.spi or Chipset M2S025 file name should be v5p30A25.spi

Download: Cobra ODE Firmware v2.2 Fixed / [Register or Login to view links] / [Register or Login to view links] (Mirror)

Also from Roor comes HCL - Humble Cobra Laucher with details below as follows:

Download: [Register or Login to view links]

Hi. Since last week I've been working on my own Cobra Manager. I begun it because I wanted a fast-loading, easy to use Manager for my games; that I feel comfortable with.

It is still "under development" but it already does all what the official Cobra Manager does, more and in a faster way.

If someone is interested in testing, please let me know and I'll send you a first "private" beta tomorrow night. I'm quite limited in testings, as I only have one PS3. So it has only been tested with Cobra ODE 4.30A in my Slim PS3.

I'm posting some pictures I took with my phone last night (my screenshot capability is zero right now).

Thanks in advance,

Roor.

Update: Hi. After being tested by some users, I'm releasing my first version of HCL (Humble Cobra Launcher).

Basically another homebrew that works in the line like SonicMan, Cobra Manager, GameSonic and similar.

It was created during last week, and designed specifically for Cobra ODE. My plan is to make a couple of weekly releases until I find myself satisfied with the product; and then to make updates from time to time based on new Cobra ODE releases and features.

In order to use it, just place the manager.iso file in your COBRA folder, and make sure to set your Cobra.cfg to use homebrew.

If you have a PS3 Slim, like me, I recommend setting your EJECT.DELAY=10000 in Cobra.Cfg and set your PS3 to to auto start games when discs are inserted.

Here are the current features (HCL V0.1):

  • Compatible with the latest Cobra MCU.
  • Very fast loading times, compared to other Managers.
  • PS1 and PS2 game covers included. (covers are autodetected based on GameVolume name. Will be improved later).
  • Separate menus for every Cobra flavour : PS1, PS2, PS3, DVD and BLURAY.
  • Many integrated tools (disabled on this first release).
  • As stealth as possible. HCL is recognized as "PS MOVE STARTER PACK". And doesn't touch PS3 HDD at all.
  • Cache mode: If you plug a FAT32 formated USB Drive, Covers, Icons and even Cobra's Fodlers are cached into your USB. It takes a bit longer the first time, but it makes HCL boot a lot faster from then on.
  • Some graphical glitches, which will be fixed on next release.

Future features (weekly updates expected):

  • File Browser (ready right now, but being tested).
  • Disc Ripper (ready right now, but being improved with "multithreading" in order to make it even faster).
  • PKG Installer (still under study)
  • Integration with some Emulators and Players.
  • Automatic detection of PS1 and PS2 covers (right now you need to set the "disc names" to the name code, in order to get this working).
  • Save Settings and Cache inside PS3 HDD (once it is considered stealth enough).
  • Sound Effects.
  • Graphical Enhancements.
  • Faster navigation.

Please write feedback.

Cheers.

D4RKN355's Avatar
#703 - D4RKN355 - 4w ago
i was attemp to play Sengoku Basara 4 but the game seem to be not working and freezed at the loading screen. after that, my friend told me to go to game setting menu in multiman's game selection screen and tick all the choices at the left except BD Mirror, Discboot and USB patch.

i then booted the game at xbm screen and the screen showed a bunch of japanese and cannot process further so i quit the game. after i quit the game, i couldn't find my multiman icon anymore.

now i am stuck and cannot play any games at the moment. Is there anyway to fix this ?

Update: i installed multiman and sorted out the problem.

PS3 News's Avatar
#702 - PS3 News - 4w ago
19 - 8 - 2014: Cobra ODE News - Update, Cobra ODE v2.2 Released

We are happy to release the 2.2 update for all Cobra versions including the 5.1B and 5.3A PCB revisions V5.x boards, we have increased USB read speeds by 40%* and further improved the success rate of swapping discs for the bypass.

Furthermore, we have added support for 4.60 ofw bypass and new bypass tools (applicable to all Cobra ODE versions v3.x, 4.x and 5.x)

We have also added a another nice features, auto region patching for psx games.

Various fixes for stability and configuration have been added, please refer to the changelog in the mcu update folder.

V5.30A users please note that a bug has been fixed in the 2.1 firmware which caused ISO's not to load if the drive door was not toggled open and then closed. Please ensure you update to the 2.2 Cobra ODE fw asap.

We have now successfully bypassed 4.60 ofw on older PS3 consoles (PATA, SATA FAT, 2k, 2k5 and 3k models). An additional hardware module (Cobra DMC) is required and will be sold bundled with 5.10B or 5.3A versions of the Cobra ODE.

The Cobra DMC hardware module also supports in tradition with Cobra philosophy all previous versions of the Cobra ODE (V3.x and 4.x) hardware and may be purchased from your local reseller soon.

Resellers may contact us at: [email]sales@team-cobra-ode.com[/email] to order the additional Cobra DMC hardware modules.

The cobra 2.3 firmware will be released simultaneously with release of the DMC hardware module.

Photo's of the Cobra DMC will follow next week.

NOTE: Cobra ODE v3.x and 4.x users already on 2.1 firmware can ignore the FPGA update files.

Download:






cobra.cfg Config Tool v2.2 by SDeath

I have made a new program for you guys so you can create the cobra.cfg in a few easy steps. It is setup with default settings and you can just click the options you want.

I have 2 sections, Basic Settings and Advanced Settings, only use the Advanced settings if you where told to do so by a member with more experience or if you know what you are doing.

All options have tooltips if you want to know more about what they do. By default the following is set:

  • COBRA Browser
  • Eject Disc On selection in Browser/Manager
  • Add "Return to Manager" in XMB
  • MCU Underclock

For users on a 4k and on OFW 4.55 and everybody else on OFW 4.60 enable that option too in the basic settings. If you want to use the Manager just enable that.

After setting the right settings press Generate and select the destination of the cobra.cfg so the COBRA folder on the external HDD, if it already exist it will be overwritten.

v2.2 Changelog:

  • Added support for the latest config options introduced in firmware 2.2, 2.1 and 2.0.
  • Changed version number to the same as the firmware version it reflects.

Download: [Register or Login to view links] / [Register or Login to view links]

Easy Batch Generate/Merge COBRA ISO's Tool (Including OFW 4.55/4.60 ISO's + Swap Disc) by SDeath

Easy Batch Generate ISOs Package 2.2 Full / Light v2.2 20-08-2014 (dd-mm-yyyy) Changelog:

  • Updated to the latest version v2.2 firmware, v1.3 bypass files and genps3iso v2.5, released today by the COBRA Team.
  • Full Package includes 1574 IRD files and 7914 swap files.

Download: [Register or Login to view links] / [Register or Login to view links]

Easy Batch Generate ISO's Instruction Movie / Easy Batch Generate ISOs Tutorial





Updated Source Code:

[Register or Login to view code]

Tutorial: How to Prepare the HDD (with Preconfigured Packages) by SDeath

To make things easy for you I have setup 3 pre-configured HDD packages to prepare your HDD, this way you are sure all the needed files are there on the HDD.

The Packages:

  • HDD Package 2.2 Browser Stealth* (recommended): [Register or Login to view links]
  • HDD Package 2.2 Browser SuperStealth*: [Register or Login to view links]
  • HDD Package 2.2 Manager: [Register or Login to view links]

*Stealth will show the COBRA Browser in the Games and Video section of the XMB, SuperStealth will only show the COBRA Browser in the Video section.

All 3 packages include the Browser and the Manager, from update 2.0 onward it's very easy to switch between the two, just a small edit in the cobra.cfg. The differences between the packages is just how the cobra.cfg is setup. The Manager now also supports disc dumping so that's why I think it should also be included in the Browser packages.

Instructions:

01 - Download one of the above packages.
02 - Extract the contents to the root of the HDD.
03 - Copy the games to the folder PS3_GAMES.
04 - Adjust the cobra.cfg to your needs, since FW 2.1 most used options like Return to Manager and Eject On Selection are enabled by default, the other options like 4.55 or LED disable you need to adjust yourself.
05 - Safe eject the HDD and connect to the external PCB USB port.
Done!

Tips:

If you downloaded one of my Browser packages you can switch easily to the manager by changing this line:

[Register or Login to view code]

To this:

[Register or Login to view code]

And if you used my Manager package you have to do the revers to switch to the Browser so change this line:

[Register or Login to view code]

To this:

[Register or Login to view code]

Changelog v2.2:

  • Updated to the new 2.2 firmware, the packages also include the files for PSX auto region patching

File versions used:

  • Firmware 2.2
  • Browser/Manager 1.6
  • cobra.db 14-06-2014

racer0018's Avatar
#701 - racer0018 - 4w ago
I don't have a super slim to test it on. I sold my only one.

misiozol's Avatar
#700 - misiozol - 5w ago
Install newest multiman base package but before delete old one completely.

Sponsored Links

Sponsored Links
Sponsored Links

Sponsored Links







Advertising - Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News