JaicraB Releases PS3 OtherOS Base Exploit and Source Code

Category: PS3 Hacks & JailBreak By: PS3 News - (jaicrab.blogspot.com)
Tags: jaicrab ps3 ps3 otheros exploit otheros base exploit ps3 hacks

158w ago - As a follow-up to his previous work, today JaicraB has updated his blog entry with a PS3 OtherOS Base Exploit and the related Source Code for PlayStation 3 developers.

Download: PS3 OtherOS Base Exploit (.BLD File) / PS3 OtherOS Base Exploit Source Code

This comes shortly after gow3forme shared a relatively larger PS3 OtherOS Exploit Module which seemed to be loaded (the command lsmod showed: exploit 10497032 1 - loading 0x000000000012000 (P+)) but nothing appeared on the video.

To quote, roughly translated: Good. Here you have a minimum base to build the otheros.bld. The BLD takes up 30 Kb and has functions to the HDD with ext2 to save the DUMP. The functions are described.

Call table incorporates LV1 and ASM functions. This ready to assemble the mechanism of the exploit. I hope this helps those concerned who did not know where to start. It has been compiled with the toolchain pdaXrom.

Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!

38 Comments - Go to Forum Thread »

#28 - PS3 News - 158w ago

Here is the update from DemonHades on this, roughly translated: http://demonhades.org/blog/publicado-el-source-y-la-base-para-la-creacion-del-otheros-bld/

As I commented recently on the subject of the creation of a bld to extract the ram as clean as possible, without a hint of just what linux needs the logged data bld and processes occurring in the XMB, has raised JaicraB bld files and set up base in the absence of the implementation of the exploit that makes use of those calls to LV1 (peek & poke) to extract the files clean.

The resulting output:

Clean Hypervisor

* Supervisor clean *

Processed and logged data in RAM during the execution of procedures in the XMB

NOTE * Only data shall be crushed allocated space for loading and execution of the bld (approx 30/40)

By this we make it clear it will not be necessary to install a linux distro (Ubuntu, YDL, suse, etc. ..), only the installation of internally bld has everything you need.

The BLD takes up 30 Kb and has functions to the HDD with ext2 to save the DUMP. The functions are described. Call table incorporates LV1 and ASM functions.

#27 - laggmaster - 158w ago

And that would probably be a good bet also... as mentioned, the trick will probably only work once so they should wait at least until they add full 3d support or something big... you never know there could be a greater plan behind this like people waiting to use the exploit hole to be able to create a better custom firmware with the most features possible.

#26 - PS3 News - 158w ago

Originally Posted by ahasverus

Who wants to make a bet with me ?

When this guys or somebody else finally create something useful for the retail ps3, geohot and followers will say: "yeah we already did that but it was private."

I bet $25 usd that this will happen.

Ha.. exactly!

Though I wouldn't bet against you, I'd be betting the same... it's all about egos and e-fame apparently.

If I had to take a wild guess, Mathieulh may have convinced GeoHot that his "PUP trick" can only be used once (which is actually obvious, and unfortunately inevitable based on Sony's past record of patching holes) so perhaps this is why GeoHot has been sitting on his "CFW" the last few months... possibly waiting for a more 'useful' update to finally release it for to restore OtherOS.

That said, it's still sad that GeoHot doesn't seem to care about the PS3 community enough to detail what his CFW plan is... Sony already removed OtherOS, so there really is no legitimate reason not to share how to use it to dump LV2 on a PS3 that still has OtherOS installed. Hopefully JaicraB and crew can sort out a proper LV2 dump so that others can begin examining it.

#25 - fritz69 - 158w ago

I have a cecha01 running 1.93. Its a spare so if you want me to test something on it its no prob at all.

Hope someone finally figures this out- i'm tired of sony...

#24 - laggmaster - 158w ago

Originally Posted by blood911

As always I must ask... what does this mean? Does this mean TeamHades has accomplished something new since their last news piece; and is this close to running custom firmware that EgoHot does not want to release?

this release is just a verry minimal linux bootstrap from the description it sounds like it dumps the flash to a secure location on the ps3 HDD whilst having an amazingly small footprint, but i am not sure as i have not tested it... nothing realy new just a usefull tool for people who are trying the exploit... as for your last question i can see we are getting closer to finding a way to run custom firmware... hopefully sony was stupid enough to leave the codes around for us to find...