Sponsored Links

Sponsored Links

KaKaRoTo Introduces PL3, 3.01, 3.10 and 3.15 PSFreedom Ports

Sponsored Links
221w ago - Today KaKaRoTo has introduced a common [Register or Login to view links] of payloads that can be used by any PS3 JailBreak implementation called PL3, and also said he is making progress with PSFreedom ports for PS3 Firmware 3.01, 3.10 and 3.15.

Download: PL3 PS3 JailBreak Payloads

To quote: "I'll announce two things, first, let's talk about PL3.. PL3 is a new project I started in order to have a common repository of payloads that can be used by any 'jailbreak' implementation. I got tired of copying payloads from PSGroove, and I had some nice changes in mine that I thought the PSGroove project could benefit from, so I thought I'd create a single repository that both projects, PSFreedom and PSGroove (or any other similar projects) could use.

You can find it in github, so don't hesitate to submodule it and use it.

Second important news... I've bought a new PS3 just for homebrew. Thanks to all who donated money so I can buy it (I didn't get enough donations to pay for it, but enough to help me). I bought this PS3 used and it came with firmware 3.01! This is good and bad news : I can't use PSFreedom to jailbreak it, so i've put on hold any improvements for it, however, it will allow me to actually port PSFreedom to older firmwares! My plan is to get the jailbreak working on 3.01, then move on to 3.10 and 3.15 (depending on how hard it is, i might skip 3.10).

Another good news is that after 4 days of work, I was finally able to dump the LV2 memory from the 3.01 firmware, and now all that remains is to find the right offsets to patch, and port PSFreedom to 3.01, so all those who are still using this firmware version, you will soon be able to jailbreak it! Once I'm done with that, I'll try to do the same with the 3.10/3.15 firmware versions!

To dump LV2, I used a trick and algorithms found by marcan42, so big thanks goes to him, as well as many other people who helped me out, RichDevX and Aaron in particular. I used RichDevX's idea of ignoring the JIG and bruteforcing the address in which the port1 descriptor gets stored until I get a hit, then use that payload to dump lv2, then find the right JIG offset for that particular firmware from the dump. Marcan's trick was to send the data through the ethernet cable by using LV1 only hypercalls, and it worked!

Now the latest git version of PL3 has a new 'dump_lv2′ payload which you can use, it is firmware independent, and only uses LV1 hypercalls, so it should just work... It will dump all the lv2 memory through ethernet, so fire up wireshark, save the dump to a .pcap file, and use the tool in PL3/tools to extract the memory dump from the .pcap file.

In other news, I will soon upload to Ps3utils an .idc script that will search and find the syscall table, and correctly resolve all of its functions and name them properly.. maybe even have it automatically find all functions of a dump in order to save time creating procs in IDA. I'll let you know once I'm done with it."

Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter, Facebook and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene and PlayStation 4 scene updates and fresh homebrew releases!

Comments 40 Comments - Go to Forum Thread »

• Please Register at PS3News.com or Login to make comments on Site News articles.
#20 - pasky - 221w ago
pasky's Avatar
Hope he makes one for debug firmware.

#19 - smotheredhope - 221w ago
smotheredhope's Avatar
It's cool, I know that it would take more than just copying folders from one to another but I was just saying that it could be a very interesting find and that someday somrthing could come from compairing how different firmwares react. It might lead to more exploits being found on older firmware or maybe Geohot's original hack. I agree though it would be a very difficult task but it certainly will aid those who would try.

#18 - GrandpaHomer - 221w ago
GrandpaHomer's Avatar
Quote Originally Posted by smotheredhope View Post
An upside to this would be that a jailbroken 3.15 system could show what has been removed from the firmware that enables otherOS so it's still possible for all us who have updated.

Not to rain on your parade but simply seeing the "diferences" will not help much - the whole FW must be firs RE-d to understand it's functionality, then actuall differences found and even after that it doesn't automatically means that knowing the difference or what was changed or removed will lead to re-enabling (any) functionality on later FWs. All this is quite complex process FAR beyond just comparing two folders or bin files and "filling up the missing bits".

#17 - smotheredhope - 221w ago
smotheredhope's Avatar
An upside to this would be that a jailbroken 3.15 system could show what has been removed from the firmware that enables otherOS so it's still possible for all us who have updated.

#16 - PR0r - 221w ago
PR0r's Avatar
Quote Originally Posted by GrandpaHomer View Post
Not sure what kind of problem you have in mind but as far as I'm aware there are no issues in 3.41 from the PS3 fuctionality point of view. The ONLY "issue" seems to be for Sony as this is currently the only FW at which you can JB your PS3

(Unless indeed you'll count as an issue impossibility to connect to PSN / Play online / Play 3D movies).

Lets not forget OTHEROS which a lot of users pre 3.41 are still "stuck" on. I kinda wish I never upgraded back when it was removed serveral updates ago.


Sponsored Links

Sponsored Links
Sponsored Links

Sponsored Links

Advertising - Affiliates - Contact Us - PS3 Downloads - PS3 Forums - Privacy Statement - Site Rules - Top - © 2015 PlayStation 3 News