Sponsored Links

Sponsored Links

PS JailBreak Inside Pics, Details by SKFU & DemonHades Team


Sponsored Links
227w ago - Yesterday we caught a glimpse of some PS JailBreak Reviews which confirmed PS3 Firmware 3.41 is required, and today we have some PS3 JailBreak details from PlayStation 3 hackers SKFU and the DemonHades Team along with some pictures of the inside of the PS JailBreak (below) courtesy of [Register or Login to view links].

For those who missed it, PS JailBreak was first announced two days ago and is a USB device which allows end-users to play PS3 game back-ups on Sony's PlayStation 3 entertainment system.

Here is what [Register or Login to view links] has to say on it, to quote:

"I just tested the software they uploaded and can confirm it works so far.

I can tell a bit about the backup manager. It seems the software uses bd_emu features to manage the backups. The HDD to use, should have a modified bd emu format, which sets all backups on first position, so the PS3 detects 'em all. Then you can choose the image to boot via the manager.

To directly copy and boot a game, the software would need to decrypt all layers on the fly. Meaning it decrypts all executables somehow, else it won't run. Even on a debug unit.

The hardware look like a copy of the original PS3 jigstick, used in SONY service centers to repair broken PlayStation3 SKU's. Someone internal leaked or sold a stick, so they had the chance to reverse and clone the hardware.

The stick should boot before the normal firmware does, so it's hard to patch it. Maybe SONY could update the bootcode to prevent it, set it to a revoke list.

By the way, in all videos they use debug PS3's to run the software. There is no video showing the actual process booting on a retail PS3 afaik. So I do not confirm that this is true, yet!

If it's as true as it looks this time, good job guys!"

And now here are comments from [Register or Login to view links] on PS JailBreak, to quote (roughly translated):

"Well I see that recently raised a stir is mounted by a chip of course to load backups from a pendrive, at first glance one might say it's fake if we did not know of studies conducted years ago and let us see many more hidden things that not all users can understand, in this case we speak of the card jig, the jig is used by the card sony sat for maintenance and restoration in ps3.

In short, this jig card has been removed from the payment sony sat.. so now try to expand the money spent only and once recovered the money spent in obtaining this device the reproduction and cloning of the device will be imminent.

When I saw the body of the above, first I noticed that the sample vsh known and used parts of a debug.. and of course if one is launching retail which does not make much sense, could only think one way quickly- THE CONVERTER RETAIL TO DEBUG.

This converter is thought to sony and service for devs have this jig card (aka USB dongle), allowing this USB is that:

Releasing the boot ini dev_usb0 and a sequence of buttons that change the state of syscon as we launch the initial boot usb dongle, then interprets the bootstrap and load the necessary files from the dongle itself temporarily leaving the ram doing a false reboot.

According to the store have told the seller, no residue on the PS3.. so it fits the above description.

The idea is quite clear gentlemen, emulates the fw of trm syscon and we have a debug interprets loading the kernel debug and providing all the features to debug vshmain time, this results in loading unsigned code.

This allows us as I mentioned months ago to launch pkgs from ubs, since it has a browser for managing them.

The official BDEMU disk loading before you activate the mediatype BD and then run the loader to the channel of communication with the real reader would be closed and only would use the BD-emu, emu and the bd can not share the same channel communication.

In this case to remove the layer is used to extract cellftp to an external source of filesystems without pre-decoded and converted to debug layer.

Executables can be created with the sdk, and generated their own loader which removes the layer of encryption (this if it will extract the discs, not linux), then the PS3Gen (published as a matter of 1 month) can be create iso patched with valid soft.esto itself mean that everything is made in the PS3 SDK (emulators, applications, etc) will be loaded without problems, as we are doing the same as the 360 with jtag hack it uses a core debug.

The loader is loaded by the execution path that recognizes the actual application manager, loaded via app.

TRUE GENTLEMEN OF THE NEWS WOULD BE A GREAT TIME AND NEWS bad news... Let me explain:

1. NO SERIOUS WORK DONE BY HACKERS OR RESEARCHERS.

2. MATERIAL IS MADE LIKE THE MAGIC BATTERY FOR PSP WITH SONY TOOLS.

In short, PS3 has fallen to the very tools you use in your SAT Sony... that if Sony can plug it into the next update.. just have to cancel the initial boot usb to close the bar, because the boss is syscon."







Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter, Facebook and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene and PlayStation 4 scene updates and fresh homebrew releases!

Comments 24 Comments - Go to Forum Thread »

• Please Register at PS3News.com or Login to make comments on Site News articles.
 
#19 - jayjo - 226w ago
jayjo's Avatar
Quote Originally Posted by xantra View Post
(...)The protection can be break on the 18F. (...)

How?!? i know you can glitch the 16Fxxx but 18Fxxx are pretty secure.. a voltage monitor inside the chip and a protection against frequency glitching..

do you have any information on how to break the lock bits on a 18Fxx without acid and a microscope?!?

#18 - xantra - 226w ago
xantra's Avatar
Connexions next to the ? is for send the program on the . Schema of the TOP and BOTTOM is not complet, but i can complet it, i post documents when it's finish.

About the dump memory of the PIC, someone have made it? The protection can be break on the 18F. Escuse me for my bad english, I'm french.

#17 - hacked2123 - 227w ago
hacked2123's Avatar
Quote Originally Posted by PS3 News View Post
I wouldn't be surprised if the same group of people producing the originals are also cashing in on the clones, as this happened with previous mod-chips often.

For example, Paul Owen and Thomas Wright were peddling the Neo chips and Neil Brown and David France were selling clones so everyone was making boatloads of cash while they could from both ends.

I've also been thinking the same thing. Was thinking the original manufactures would go so far as you program 'time-bombs' into the hardware to fail on X date to make you think all Chinese chips are crud, and you have to buy the $160 one... and no one would do anything because of the monopoly they would have still.

#16 - TUHTA - 227w ago
TUHTA's Avatar
well, it is not simple USB Pendrive, its like Modchip,So that means that we have to Assemble our own USB JIGs and Load Soft there? From PS Jailbreak...

#15 - tripellex - 227w ago
tripellex's Avatar
That may be true. However it may also be that whatever manufacturer originally created the Service Center JIGs for Sony may also be the same company producing the clones. When it comes to manufacturers in China, you never know. A lot of times they'll make two rival's very similar products in the same factory.

So there may be that, who knows. I have a feeling though that this is just some generic dongle manufacturer using a ready-made solution. If from what I gather is correct, all they'd need to do is have it output a certain HW ID upon system boot, then possibly load a very minimal firmware or fileset. Easy enough to have taken from the original leaked JIG I'm sure.

 

Sponsored Links

Sponsored Links
Sponsored Links

Sponsored Links







Advertising - Affiliates - Contact Us - PS3 Downloads - PS3 Forums - Privacy Statement - Site Rules - Top - © 2015 PlayStation 3 News