Sponsored Links

Sponsored Links

JaicraB Releases KeyFindPuP v0.1, Details PS3 LV2 Dump Progress


Sponsored Links
221w ago - Update: An English update of JaicraB's KeyFindPuP application is now available HERE courtesy of kakashigr.

Just over a month ago JaicraB attempted to dump the PS3 Hypervisor LV2 (GameOS) and revealed how it was done, and today he has released a KeyFindPuP application alongside details on their PS3 LV2 dump progress.

Download: [Register or Login to view links]

To quote, roughly translated: Good! For business reasons I have not had occasion to pursue my hobby. Although we have less time to devote some time still.

We stayed with the method of Dump LV2, but will not be entirely useful without appropriate software, which is why I open the door in case anyone wants to help do not hesitate.

Contact hadesteam@hotmail.com. HadesTeam? A small nonprofit group, we just like to learn. This group consists mainly of the following persons: JaicraB, DemonHades, Calimba, DanteHades and Druid. That said, do not hesitate to help.

Mainly we want to Lv2? As you know the PUP has a number of checks with Hmac_Sha1. If we make a clean dump of the process of installation of the Key PUP Hmac_sha1 achieve in this struggle to unpack a PUP to carry out changes and re-create the Hash.

How?

We need a otheros.bld as simple as cash. A BLD with built the exploit and a stand to dump the memory. If someone offers volunteer program, contact. Once we have the dump is necessary to search for the Key. I have designed a program which facilitates the task: jaic_Hmac_sha1_file.zip Provide us find the Key.

Extra Information

The installation of the PUP has three phases:
1. Checking the hash described in PUPHeader.bin
2. UPDATE to unpack the hard disk cache area Fat32.
3. Verification and update of hardware modules.

Process

Having a second hard drive formatted with the PS3 and have the BLD (see above). Enter the first drive and enter the recovery with the PUP in a USB.

The first process to run the PUP from the recovery checks described in the file hashes PUPHeader.bin. If everything is correct UPDATE unpacks the hard disk. At that time makes a reset and return to continue the installation.

At that time you restart and have lost the KEY, as it would be replaced by other data. Solution? Motherboard Keep constantly fed and cause instant shutdown.

"The next day the board will explain how to keep the system fed without being noticed. (Is curious to see the fan on the hard drive and other peripherals and the red light on.) Also explain how to cause instant off with a small bug on the BIOS controlled."

With these two methods can turn off the PS3 at any time hold the RAM and make a Dump.

Objectives

Getting the key to restructuring a Hmac_Sha1 and PUP. The advantage of being able to change modules update. If you want to help hadesteam@hotmail.com.

Today, not having the special BLD we are investigating the BD player with good results. Greetings!

PD: ItSuGa has volunteered to translate this page into English. Still under construction, but you can see it in http://jaicrab-en.blogspot.com/. Thanks ItSuGa.







Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!

Comments 89 Comments - Go to Forum Thread »

• Please Register at PS3News.com or Login to make comments on Site News articles. Thanks!

sapperlott's Avatar
#89 - sapperlott - 218w ago
Well, I guess using the memory exploit you can have access to these files and from what I understand they are decoded (or are able to be decoded by using metldr or coldboot attack on lv2).Reading George's blog entry about the wallpaper hack, it seems that he has patched the HV to allow him to access the flash from OtherOS. That way he has easy access to the files in the flash.

tjay17's Avatar
#88 - tjay17 - 218w ago
Hopefully those twitter messages will help and hopefully something will be found out soon.

PS3 News's Avatar
#87 - PS3 News - 218w ago
Quotes from twitter:
Here are a few more related Twitter updates:
@marcan42 I agree with you, and I predict that the hybrid fw was premature... flashing nand with mem patched hv, rather than a pup.

@RichDevX But, couldn't we change the pup that detects it?

@Omega191 it's also very simple to detect hybrid fw...

@Omega191 it's not a pup issue, the hard coded version numbers would be different. VSH/PRXs would be much newer than the kernel/hv

@Omega191 it can be checked with a single syscall, which is also available to games

kakashigr's Avatar
#86 - kakashigr - 218w ago
Well, I guess using the memory exploit you can have access to these files and from what I understand they are decoded (or are able to be decoded by using metldr or coldboot attack on lv2).

tragedy's Avatar
#85 - tragedy - 218w ago
So the whole point of this keyfinder is moot.
Not really. Until someone finds a way of decoding self/sprx files, we can't look at what's inside this sprx to check if the HMAC code is there or not.

Sponsored Links

Sponsored Links
Sponsored Links

Sponsored Links







Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News