72w ago - As a follow-up on our
previous article with the spirit of
Operation: Mongoose in mind, we are continuing to examine both the Cobra and True Blue PS3 DRM-infected dongles and TB EBOOT files, and welcome any help with this project from other PlayStation 3 developers in the scene!
First let me tell you the following explanation is not a theory or any rumors, it's actually how the USB dongles work to allow different things.
We heard many rumors / theories about the process of the Cobra / True Blue but I didn't see anyone give any big answer about that (I'm not saying I would give you the big answer but the explanation how it works and how to make this possible)
Cobra / True Blue Part 1
Both dongle use syscall / payload (after a big investigation, both dongle also follow the work of
graf_chokolo and the functionality of the dongle can be ported into a CFW (not a good idea from some devs I guess)
Cobra / True Blue use a lv1_wrapper (syscall implementation) that can allow to use subroutine function into kernel mode call. Following the dump of the Cobra / True Blue, every subroutine are indicated inside the dump (probably the reason of some clone like JB-King)
What all this mean ?
About the TB Eboot, i come back on what i said recently, the TB Eboot come from original Eboot (don't make any sense that they access to the dev server when have not Eboot on it) the PSN dev don't exist this way... but for related beta development games and testing beta multiplayer mode, interface beta test PSN for games etc... but nothing related to a Eboot.
TB use original Eboot and make their own sign (you can easily generate a new NPDRM sign with a Self/elf)
How can boot the games, the NPDRM Sign made in TB can't be run into a user mode, you would have a error of boot and every program that you resign etc... will not boot into a usermode... that's why we need to use a syscall that can let use into a kernel mode to execute a program that not recognized and authorized by the system. The dongle validates the actual eboot by syscall / subroutine.
For example, I want to have a execute something into the CoreOS but I'm not allowed because I can only execute this on a kernel mode, fine, I use my actual user mode to turn into a kernel mode by using a syscall.
A Syscall can allow you to execute, create, read, load, etc... The limitation of a dongle = the PS3 system, a dongle it's only here to prevent a error that by using redirection and syscall, the dongle give a correct answer that PS3 system execute.
If you check correctly the dump you can see 0x80 -> correspond to the C library, also when you call into kernel mode, the kernel fix the table permission that allow to give big access. You can recognized r1 stack register -> 0xA0 (debugger mode) -> R2 stack status...
Ok you probably gonna ask, what is that ? lol
It's actually a schema / plan from the dongle, the dongle is here to give a strong access to the system that you can execute what you want.
For example the PS2 Emu of Cobra = PS2 self (is not executed into a user mode but kernel mode / debugger mode that) reason why it can be execute under a PS3 Slim retail without following an error system.
How this can help ?
This mean many things, that you don't need any keys to execute under a kernel / debugger mode because anyway the syscall will give you a whole access to the cell execution.
I want to give a simply explanation that everybody can understand, the TB EBoot = Original Eboot from Original game, we not interested by the sce header, etc... we only want the elf header program represent and related to the game execution (like a exe, you patch the exe to be run without cd) here almost the same, we patch the elf with a fake sign can be run into a specific mode without asking anything.
What is weird,
graf gave many oriented possibility and no one try to exploit them but only in a business way. Anyway like I said, the dongle is in relation with the PS3 system/Dev_Flash/Core_OS
I'm also working on it and try to do my best to release something strong and free... but my knowledge is limited and I can't do that alone.
Why I explain all that, it's because I want to see also some good dev can work on it with me, actually I want to thanks graf for all this awesome stuff, cfwprophet and all the PS3 scene that support us, I say also thanks to the people who insult me and said I'm a fake... more you said that and more I don't care and offer good stuff
Somebody said he want to be fame, no at all... I don't really care, my family and my gf give me already that by supporting me, it's enough
Anyway I would like this project to encourage PS3 homebrew developers to help out if they can, and also for the work that
cfwprophet, me and others are doing on it will be updated here periodically.
PS: Probably go have more explanation and more stuff about it in the next week. Oh yes about the Debug PKG that is available on PSN Dev (it's not related to the TB Eboot)
You can make a Debug PKG yourself by only extracting the ELF, make a Self without NPDRM, leave him Eboot.self and make a PKG without NPDRM, this represent exactly what is a debug PKG (it's a standard Self inside a PKG without NPDRM)
I was going to post this a few hours ago, but I didnt know we could post in this area lol...
It might have made you not try the update...
Have you ...
I don't believe it but would be nice to proven wrong.
I mean all the evidence is there, lol, there is some usb sticks, err, some pirated blue rays ooh, err some PS3 games, a lovely tv showing PES
C'MON I'M A BELIEVER
Reportedly it allows users to play v3.6+ PlayStation 3 Firmware titles including FIFA 12 on burned Blu-ray discs, however, it only allows running older PS3 games from the hard drive.
To quote: I live in indonesia, and here in my country, there is a hot rumor about new dongle called JB2 and can play 3.60+ game burned to Blank BD.. It also still can play from HDD...
It require us still on 3.55 (not cfw), use the dongle (without power eject), and it will boot the ps3, then you can insert the copied / pirated bd disc. It already being sold and my friend also the sellers already confirmed it can play FIFA 12 and PES 12 and more game coming soon
I attached all the pics
Curent game:
• PES 2012
• FIFA 2012
• Driver San francisco
• God of War Origins
• X-Men Destiny
• Sniper Ghost Warrior
Upcoming:
• Resistance 3
• Disgaea 4
• Batman Arkham City
Finally, according to GaryOPA the PS3 JB2 (JailBreak 2) device is genuine and will allow games that require the v3.6+ keys to run (including FIFA 12) providing the following requirements are met:
• Console must be on PS3 Firmware v3.55 (Official Sony Firmware)
• PS3 JB2 USB dongle must be used
• PS3 games must be burned to BD-R (Blu-ray) discs
He also states the following on the upcoming PS3 JB2 (JailBreak 2) device:
• Retail Price of the JB2 dongle will be around $45
• A lot more newer PS3 game titles then originally listed below are now working, and have been confirmed by one of our trusted sponsors.
• You be able to burn the special game discs yourself, that are used by the JB2 design, and details on how & why will be coming by next week.
PS3 JB2 Dongle FAQ
Q: what is JB2?
A: the latest Dongle can mainin game2x yg 3.60 + via BD copy, not a hdd
Q: does the same with JB before?
A: different once, so it cannot be used
Q: What’s red rubber JB2 JailBreak2 yg dulu?
A: no, it’s different, colour yg dongle blue-black, not red
Q: what are the terms in order to play this pake JB2?
A: The Deal:
• PS3 hrs in fw 3.55
• installed some kind of patch for cfw kmeaw, 3.55 dongle can work
• playing pirated create game2x pake BD + 3.60, tp game2x long under 3.60 can still be played on the HDD
• Get back and forth Dr. kmeaw-dongle-kmeaw, tp do not need to return to kmeaw krn dongle can play via hdd for game2x under fw 3.60
Q: there are how many game compatible with yg 3.60 fw dongle?
A: according to the information there is 33 games, while there is a new BD tp pirated PES 2012 and 2012 FIFA aja, pirated games others following the BD
Q: what price dongle JB2 and the price of BD bajakannya?
A: the price dongle between 400-550rb and BD copyan/pirated between 50,75 or under $ 10 depending on the area and seller masing2x
Q: apa aja yg hrs Rituals performed before using the JB2? by elison007
A: install dulu cfw 3.55-DONGLE, plug the JB2 trus trus live aja power gan, ga
need a special ritual power eject, cuman ntar ps3 ngebootnya new little long deh trus menu2nya sticking her living dimasukin disc wrote.
Q: get online to PSN pake this dongle?
A: basenya still fw 3.55, and connect to the PSN hrs yg latest fw currently in fw 3.73, so not possible to connect the PSN
Q: who makes, whether dr indonesia?
A: I also do not know, highlight nikmatin aja
Q: Can the road at all Fat PS3/ps3 Slim, the results of an ofw to downgrade Dr. 3.55 also can walk this dongle?
A: can walk on all ps3 Fat/Slim, either downgrade or not, the result of origin already in fw 3.55
Compatible titles ama JB2 (BD copy) by elison007
• PES 2012
• FIFA 2012
• Drivers of San francisco
• God of War Origins
• X-Men Destiny
• Sniper Ghost Warrior
Upcoming
• Resistance 2
• Disgaea 2
• Batman Arkham City
Below are some preliminary PS3 JB2 test results from leksetengah and http://www.kaskus.us/showpost.php?p=532541981&postcount=2, as follows:
Test with PS3 slim:
1. update PS3 firmware with “dongle firmware” (this is new / modified CFW / 3.55)
2. turn off ps3
3. put on usb dongle
4. turn on ps3
5. insert copy game
6. play from BD icon in XMB
Note:
1. Can’t play with original game / higher firmware require (I’ve tried pes 2012 original game , but update software needed)
2. You Still can play from external HDD as ussual.
3. Can’t back up “copy game” with multiman.
4. Can’t play “copy game” without dongle.
Available games:
• Fifa 2012,
• Pes 2012,
• Driver san Fransisco,
• God of war Origin,
• X-men Destiny.
• Sniper ghost warrior
What you need to do is:
• Make sure your PS3 firmware is 3.55 below
• Update your PS3 OFW or CFW with new one (i will provide with burning disc).
• Need to go recovery mode to update if you from 3.55
• After update complete turn off ps3
• Put your usb dongle
• Turn on ps3
• Insert bd “copy game”
• Play from bluray icon from xmb
Available games:
• Fifa 2012
• Pes 2012
• Driver san Fransisco
• God of war Origin
• X-men Destiny
• Sniper ghost warrior
Price:
• USB dongle is $50
• BD game is $10
• Shipping cost: send me your country + city and postal code, i will inform you later
Dongle Updater v1.0
In order to play this game disc, both your PS3 and dongle must be updated. After the process has completed, your PS3 will be running system software version 3.55.
After the update, your PS3 will have new features available and will retain compatibility with all previous software, however, you will be unable to revert either your PS3 or the dongle to an earlier software version. If you do not wish to apply these updates, then you will be unable to use this game disc.
Do you want to proceed with the update? The first stage will update your dongle.
• After the first stage has completed, remove the disc and the PS3 will restart.
• Re-insert the disc, and once again run the "Updater" software from the disc.
• This time you will be told that you must update the PS3 system software.
• Select "OK" and then follow the on-screen directions.
• Once the system software update process has completed the PS3 will restart, you will be on firmware version 3.55 and you may then load this game disc. Updating dongle..
• Dongle update completed successfully!
• ERROR: Unable to communicate with dongle!
• ERROR: Dongle update failed!
• ERROR: Unable to unlock flash!
• The system will now shut down.
More PS3 JB2 details will be added to this article as they become available!
More PlayStation 3 News...