OpenSCETool (OSCETool) v0.9.2 By SpacemanSpiff for PS3 is Released


49w ago - Today PlayStation 3 homebrew developer spacemanspiff has released OpenSCETool (OSCETool) v0.9.2 which is an open-source clone of the original SCETool followed by the SCETool source code by naehrwert with details below.

Download: OpenSCETool (OSCETool) v0.9.2 / GIT / SCETool Source Code / GIT

To quote: OpenSCETool is a clone of scetool under an open source license. SCETool was reverse engineered and analized to produce this program, and copied his behaivour.

OpenSCETool (OSCETool) Changelogs:

Version 0.9.2

  • Fixed rap/rif/idps/act.dat management. Now it works fine.

Version 0.9.1

  • Fixed a segfault decrypt some SELFs.
  • Added option -p to patch the sys_process_param when signing an ELF. This is the same as applying FixELF.exe before signing.
  • Added support to klics.txt. If the klicensee is not specified, it is looked up in the data/klics.txt automatically (only for decrypt).

Version 0.9.0

  • First commited version, compatible with SCETool 0.2.9.

Now GNU/Linux users can have a native tool too. If you want an SCETool replacement, remember to add this keys (this were in the code, you can find them in previous revisions of the code, or in flatz's rif/raf tools:

From mind: Seems the keys are:

SCETool Changelog: History:

Version 0.2.9

  • Plaintext sections will now take less space in metadata header keys array.
  • Added option to specifiy a template SELF to take configuration values from.
  • Added option to override the keyset used for en-/decryption.
  • Fixed NP application types.
  • [Firmware Version] will now be written to control info only.
  • [Application Version] will now be written to application info only.

Version 0.2.8 (intermediate release):

  • Fixed minor bugs where scetool would crash.
  • Added SPP parsing.
  • Decrypting RVK/SPP will now write header+data to file.

Version 0.2.7:

  • Added local NP license handling.
  • Added option to override klicensee.
  • Added option to disable section skipping (in SELF generation).

Version 0.2.5:

  • Added option to use provided metadata info for decryption.
  • "PS3" path environment variable will now be searched for keys/ldr_curves/vsh_curves too.

Version 0.2.4:

  • Added option to display raw values.
  • Moved factory Auth-IDs to (as they are on ps3devwiki now).

Version 0.2.2:

  • Added options to override control/capability flags (32 bytes each).
  • Fixed where a false keyset would crash scetool when decrypting a file.
  • Some source level changes and optimizations.

Version 0.2.1:

  • zlib is required to use scetool.
  • 'sdk_type' was changed to 'revision' in data/keys.

Greetings to: you know who you are!






Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!

Comments 231 Comments - Go to Forum Thread »

Quick Reply Quick Reply

miandad's Avatar
#11 - miandad - 120w ago
thx for info , when they release it .. !

and i'm noob dont know about reverse the eid.. can you ask them about Lv2diag.self signed for 3.60 or 3.70+ for downgrade?

PS3 News's Avatar
#10 - PS3 News - 121w ago
Here are a few quick updates from naehrwert (twitter.com/naehrwert) for those following:

  • haha just figured the eid3 algo, nice!
  • KaKaRoToKS and I added basic NPDRM support to scetool
  • SELF generation works now for SPU and PPU, except for compressing the data and NPDRM
  • added SPU SELF generation to scetool

Also from his site: nwert.wordpress.com/2011/12/24/individual-infos/

Individual Infos

One of the PS3′s console specific cryptography works as follows:

At factory time there is a console specific key generated, probably from a private constant value and a console specific seed. Maybe that’s the key used for encrypting bootldr and metldr. Fact is, that metldr stores another console specific keyset (key/iv) to LS offset 000000. That keyset is probably calculated from the first one. At factory time the isolated root keyset (how I call it) is used to encrypt the console’s “Individual Infos”, like eEID.

But not the whole eEID is encrypted the same way, special seeds are used to calculate key/iv pairs for the different sections. And not even that is true for every eEID section, because for e.g. EID0 another step is needed to generate the final section key(set). Each of the isolated modules using such an “Individual Info” has a special section that isoldr uses to generate the derived key(set)s.

But the generation works in a way, that the section data is encrypted with aes-cbc using the isolated root keyset, so it is not possible to calculate the isolated root keyset back from the derived key(set)s, because aes shouldn’t allow a known plaintext attack. So far I can decrypt some of EID0′s sections, EID1, EID2 and EID4. EID5 encryption should be similar to EID0′s but I lack the generation keys for that one.

PS3 News's Avatar
#9 - PS3 News - 123w ago
Today Naehrwert has released PS3 SCETool v0.0.4 for those interested.

Download: PS3 SCETool v0.0.4

From his Tweet (twitter.com/#!/naehrwert/status/145481343411830784) the changes are as follows:

scetool 0.0.4 http://www.mediafire.com/?c10cwi77n7h4o3o

(added 32 bit ELF "unselfing")

isoldr_emulate http://pastie.org/3001424


Bartholomy's Avatar
#8 - Bartholomy - 124w ago
Eidtool is what we need, rest is useless I think

PS3 News's Avatar
#7 - PS3 News - 124w ago
Below are some more updates from naehrwert for those following..

scetool 0.0.3 http://www.mediafire.com/?ykjil6hn2xai5qw

output for vsh.self pastie.org/2958961


Added ELF64 support to scetool!

but I extended eidtool by some new functions













Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News