PS3 3.70 Appldr Keys Surface, 3.65-4.30 Appldr Keys in Development

Category: PS3 Hacks & JailBreak  By: PS3 News - (elotrolado.net)
Tags: ps3 3.70 appldr keys ps3 3.65-4.30 appldr keys luckystar ps3 ps3 dev ps3 development

34w ago - Similar to Shark Week, this appears to be PS3 Key week with the latest additions being the PS3 3.70 Appldr (VSH.elf) Keys surfacing while a list of the PlayStation 3 version 3.65 to 4.30 Appldr Keys in SCETool format is also in development.

Download: PS3 3.70 Appldr Keys (VSH.elf) Decrypted by ItsKamel / PS3 3.70 Appldr Keys (VSH.elf) Decrypted (Mirror) / PS3 3.70 Appldr Keys (Mirror #2) / PS3 3.70 Appldr Keys (Mirror #3) / PS3 4.25 Keys by razorx / PS3 lv0 key + 3.60 + 3.70 key by Mistawes / Battlefield 3 EBOOT Decrypted by lewy20041 / Resident Evil Operation Raccoon City (REORC) Decrypted by windrider (Password: SupLeechers) / multiMAN 3.70 [EBOOT_FIX] by slarty1408

This adds to the recent PS3 LV0 (Bootldr) Keys leak, the PS3 4.25 / 4.30 Decrypted APPLDR Keys, the PS3 LV0 and Encapsulated CEX 4.30 Loaders, the PS3 4.21 LV1 and lv2_dump from 4.21 acquired by zadow28 when the Sycall table was found at offset 0x346390, the PS3 LV0 4.25 / LV2 4.25 / LV0 4.30 dumps decrypted and the PS3 4.25 Keys for MFW Builder.

Today's update begins with dosjuanes posting the PS3 3.70 Appldr Keys on Spanish site Elotrolado (linked above), followed by Chinese hacker Luckystar (via bbs.duowan.com/thread-29248664-1-1.html) developing a PS3 Appldr Keys 3.65 to 4.30 list in SCETool format as outlined below.

From dosjuanes on the PS3 3.70 Appldr Keys, roughly translated:

THANK ROBE_GRI

[Key]
title = App revision 22
type = app
version = 3.70
revision = 0016
riv = 62773C70BD749269C0AFD1F12E73909E
erk = A106692224F1E91E1C4EBAD4A25FBFF66B4B13E88D878E8CD072F23CD1C5BF7C
pub = 566635D3E1DCEC47243AAD1628AE6B2CEB33463FC155E4635846CE33899C5E353DDFA47FEF5694AF
priv =
ctype = 30

REST ask HIM RATHER THAT IS YOUR NAME DOSPIEDRAS

[appldr]
type=SELF
revision=0016
version=0003007000000000
self_type=APP
erk=A106692224F1E91E1C4EBAD4A25FBFF66B4B13E88D878E8CD072F23CD1C5BF7C
riv=62773C70BD749269C0AFD1F12E73909E
pub=566635D3E1DCEC47243AAD1628AE6B2CEB33463FC155E4635846CE33899C5E353DDFA47FEF5694AF
priv=
ctype=30
From razorx: Here's the .ps3 keys i've put together (linked above) for you all just extract the zip into your .ps3 folder and your done the zip contains:

  • lv0-ctype-425
  • lv0-iv-425
  • lv0-key-425
  • lv0-priv-425
  • lv0-pub-425

From slarty1408: Hi ppl, Just thought i'd add the 3.70 keys to deank's multiMAN[EBOOT_FIX] tool (linked above) so you can fix your own eboots/games. i will add more keys as i get hold them... I have only only tested it with 1 game by the way so any feed back would be great.

From cory1492: None of the keys are decrypted. The ERK/RIV of all keys (app/npdrm/spp) in the raw decrypted appldr are decrypted before use by appldr at runtime. Look at the working 3.70 posted earlier (or any of the previous keys) pub and search it out.

From Luckystar comes a PS3 3.65-4.30 Appldr Keys WIP, roughly translated: Appldr 4.30

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 5019FEF491F2031AC2564E560EFDA3D79887F4CFFEAD371B0564EC4EE2CA8951
riv = E763C7970A7D7F9AD3B365AD804B759F
pub = 6F8DF8EBD0A1D1DB08B30DD3A951E3F1F27E34030B42C729C55555232D61B834B8BDFFB07E54B343
priv =
ctype = 21

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = DC64F26E860217ACEB70BE89E479DB8B93F29C78D2BB29C5CB45726BB7EE1387
riv = 2600D2DA9DA6519D283117563F552B80
pub = 94D1B7378BAFF5DFED269240A7A364ED68446741622E50BC6079B6E606A2F8E0A4C56E5CFF836526
priv =
ctype = 11

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 8FCD13089C6499D584D93DA5C39795C0BB5BC6BB6F5B6E8BFECC7A1D879332B7
riv = 04017C8421443E5FCA95DC3A6E9F0BD9
pub = 8CA6905F46148D7D8D84D2AFCEAE61B41E6750FC22EA435DFA61FCE6F4F860EE4F54D9196CA5290E
priv =
ctype = 13

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = D98D6AC6B0F76E2F08E46F78A5FFB6BB8FB8B26430980701A254022AAA11D0D5
riv = B56CFA40EC86FD1AD2EF6A578F81BBAE
pub = 1F140E8EF887DAB52F079A06E6915A6460B75CD256834A43FA7AF90C23067AF412EDAFE2C1778D69
priv =
ctype = 14

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 36486F69A3C6682DB3851CFD68614FA5B1CC636AAB3E8FC4F8D150BAE62AA276
riv = D686E30097952A605DB15744645570EE
pub = B6BB0A84C649A90D97EBA55B555366F52381BB38A84C8BB71DA5A5A0949043C6DB249029A43156F7
priv =
ctype = 15

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = E2F9C174FBCEA739CBF2BE1567133F0035D0C9D1D70237122D2A8D6C9E0E9123
riv = C11B1AC4EFF80D6D2275F4FC8B4EAEC6
pub = AB284CA549B2DE9AA5C903B75652F78D192F8F4A8F3CD99209415C0A84C5C9FD6BF3095C1C18FFCD
priv =
ctype = 15

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 877757BE18C759E2DEF34B34617A54A2C7F7A0657B68D70CBFC89FE1C0B59F57
riv = 242A2FF7DD72554239450A424DD38AA6
pub = 6E82F6B54A0E9DEBE4A8B3043EE3B24CD9BBB62B4416B0482582E419A2552E29AB4BEA0A4D7FA2D5
priv =
ctype = 16

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 388F751542E8B245C6757ABC03B3D31B62D40030E09BE5A4A48F95FC436DBBA0
riv = 6B976709CCD408718FF3CDF03CFB2E21
pub = 09301B6436C85B53CB1585300A3F1AF9FB14DB7C30088C4642AD66D5C148B8995BB1A698A8C71827
priv =
ctype = 25

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = C13D6AD58434080D3947EAC965A999CA909B36EE8689AC46FC27C409889878E0
riv = 66D51260B5CD33E3772DFA2531218EC6
pub = 2733C889D289550FE00EAA5A47A34CEF0C1AF187610EB07BA35D2C09BB73C80B244EB4147700D1BF
priv =
ctype = 26

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = E24420003D554C14C4838DD43CA995781B350E8D360E8B014247609693C77A2F
riv = 2265BA1E66FA4BD573F3D837CAF27B20
pub = 71502ADB5783583AB88B2D5F23F419AF01C8B1E72FCA1E694AD49FE3266F1F9C61EFC6F29B351142
priv =
ctype = 12

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 9F1C2C07C228AB8A6562DD27B8DB4D0D62A9AF3E000E0B8579D205ABFABEA622
riv = 1BB69374A1E157D3C74DAC8FB784754E
pub = 84DE5692809848E5ACBE25BE548F6981E3DB14735A5DDE1A0FD1F475866532B862B1AB6A004B7255
priv =
ctype = 27

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = F239349F6472817C6251713DFA2F6A05164B7B37514C660ECDB83B96E6CF2991
riv = 29E4B2179AC9DD72A66A1886205751F9
pub = 50597B7F680DD89F6594D9BDC0CBEE03666AB53647D0487F7F452FE2DD02694631EA755548C9E934
priv =
ctype = 25

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 632CCFBB2B4D1BE84C3FC15BE22B4839FEFD82953E86C075232817B6FF5E6818
riv = 16E914D782054347F252715833AB3C51
pub = 2FDA7A56AAEA65921C0284FF1942C6DE137370093D106034B59191951A5201B422D462F8726F852D
priv =
ctype = 26

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = E2B22D94972650B4FD9BADD7C29F43C14D0ED3375AA42DD233A1D4A4E16322DC
riv = 933B0784C58A44EAAD4D7846CA70B573
pub = B26FE6D3E3A1E766FAE79A8E6A7F48998E7FC1E4B0AD8745FF54C018C2A6CC7A0DD7525FAFEA4917
priv =
ctype = 12

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 6DCE9AC4EFF461FE542FC543B7EF2F2AD9C98379C4DCBD3CB2BD58576861C7D2
riv = 56835229635DE782F6001600DD4219EA
pub = 04275E8838EF95BD013B223C3DF674540932F21B534C7ED2944B9104D938FEB03B824DDB866AB26E
priv =
ctype = 27

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = C5F0DF6C72A61DFCD591D22E100ECBEB04A82831C6A90CB82DCFC852605C1433
riv = 83947AB81813B4EFEDBEFB967E533DFB
pub = 566635D3E1DCEC47243AAD1628AE6B2CEB33463FC155E4635846CE33899C5E353DDFA47FEF5694AF
priv =
ctype = 30

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 04CD534825102487891B8E264D859587017BC8993EA10B0F8B0CAED2CD1DA207
riv = 188A2108137A9E874D72A79E4D3A8E94
pub = 3B7B04C71CAE2B1199D57453C038BB1B541A05AD1B94167B0AB47A9B24CAECB9000CB21407009666
priv =
ctype = 08

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 7092ED26CDA962F6879776B1C390E9D9E5904F76DB5928B1789F05D79763B0E3
riv = 6CCF6A03E7962F488F5043AEFDFDEE93
pub = 148DCA961E2738BAF84B2D1B6E2DA2ABD6A95F2C9571E54C6922F9ED9674F062B7F1BE5BD6FA5268
priv =
ctype = 31

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 4EAC8511C61C8459FDA903C6EB2B94A80E81C02495920FD2333257674A1701EF
riv = 4D9860CB27D15E8A31A6874F602215A8
pub = BE4B1B513536960618BFEF12A713F6673881B02F9DC616191E823FC8337CCF99ADAA6172019C0C23
priv =
ctype = 17

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 408B4CCF0D620A0EA7DB1C60706935CAE6DFC5BEF0FE7AF46DCFA97AA2A2C2E5
riv = 514AD3E676E281D94825AC7609D62236
pub = 36C1ACE6DD5CCC0006FDF3424750FAC515FC5CFA2C93EC53C6EC2BC421708D154E91F2E7EA54A893
priv =
ctype = 09

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 0FA315D068EAF4EC96EB835253BF8E8AFEAC4D700A098D22B6ADAAB7E76B28ED
riv = 64233F38F482D391C901E7F9DAAEBF58
pub = 430322887503CF52928FAAA410FD623C7321281C8825D95F5B47EF078EFCFC44454C3AB4F00BB879
priv =
ctype = 1A

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = ED11AF0A3040E823E676244B3F79113AF4C858AD79997959386B5F48537EC1C2
riv = CB9E901D0466EFE8427AD65C8EFB85F6
pub = A14F6D5F9AD7EBB3B7A39A7C32F13E5DC3B0BA16BDC33D39FDDF88F4AEEA6CFEEB0C0796C917A952
priv =
ctype = 0F

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 9DB0954784CEA7F2FF59192EFD04A60F0250B9D4A32AE6AD2A446F3A34F9212B
riv = BFA08178E4EB5A2CA41A336BE4CF5603
pub = 05BF09CB6FD78050C78DE69CC316FF27C9F1ED66A45BFCE0A1E5A6749B19BD546BBB4602CF373440
priv =
ctype = 0A

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 668716115A3B1F9F98F247769104E58E01AF6472571F257523865A53E8620C05
riv = 564174ABF22C32D1102EAAF47E60F08A
pub = B05F9DA5F9121EE4031467E74C505C29A8E29D1022379EDFF0500B9AE480B5DAB4578A4C61C5D6BF
priv =
ctype = 11

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 546B2FF3FE216ED2BA865C79368109A15F2B0D23C2031354B1F6F36B0FDB4D46
riv = 9B871D6414B8AACE542C18100AC21893
pub = 9C327471BAFF1F877AE4FE29F4501AF5AD6A2C459F8622697F583EFCA2CA30ABB5CD45D1131CAB30
priv =
ctype = 16

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 68E8261E31115665F2FED48EB12C6E4A3722A93E46D3BAF41A71D0802CA2A1F6
riv = D882EF46F57E12FE4D44681FA4F7F805
pub = A13AFE8B63F897DA2D3DC3987B39389DC10BAD99DFB703838C4A0BC4E8BB44659C726CFD0CE60D0E
priv =
ctype = 17

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 1DCBE29DC2B2730F084B55012BFCE82B40BEBDC2D92E6277C2118ED0CACE441F
riv = 275F8D432055BE85199261963796D220
pub = 3995C390C9F7FBBAB124A1C14E70F9741A5E6BDF17A605D88239652C8EA7D5FC9F24B30546C1E44B
priv =
ctype = 27

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = E4F2C93F93BF636014E9F8AD36D9BAD0F835ABE16A5788E082A7001E39E30C1D
riv = E5F37DDC3E0BA3E3298DA91130133CF5
pub = 9BFF1CC7118D2393DE50D5CF44909860683411A532767BFDAC78622DB9E5456753FE422CBAFA1DA1
priv =
ctype = 18

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = C5AE4C11A373495DA250BC8A3A7B571415A38C381D3EA99202A9E8753644A813
riv = F407E9FD67E45D9A527234A083790CEB
pub = 64A5C60BC2AD18B8A237E4AA690647E12BF7A081523FAD4F29BE89ACAC72F7AB43C74EC9AFFDA213
priv =
ctype = 27

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = EE3B468FC5F29081588B7C816E6EFD1959FAFE5E3DF83ABADA9158CAB91362BE
riv = C62E683903BAB3018438621EFAB55A10
pub = 9D8DB5A880608DC69717991AFC3AD5C0215A5EE413328C2ABC8F35589E04432373DB2E2339EEF7C8
priv =
ctype = 18

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 8198BBF29F8F216CAA2EB1834F38E9490C155E767880346712BD6167C652D04E
riv = 023E758FB9684EA99264249A5523BC53
pub = 62DFE488E410B1B6B2F559E4CB932BCB78845AB623CC59FDF65168400FD76FA82ED1DC60E091D1D1
priv =
ctype = 25

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = BE21A922FA6307DFEA78CB7617A51816145CE8D9A70A2DD14278A866BE65FDC8
riv = 42994B6602F8E33781BA1281EF186FBF
pub = 637EAD34E7B85C723C627E68ABDD0419914EBED4008311731DD87FDDA2DAF71F856A70E14DA17B42
priv =
ctype = 24

[Appldr]
type = SELF
revision =????
version = 000? 00?? 00000000
self_type =?????
erk = 4CEBFC1D3DCE650DE71F73B78EB4A37DEACFBE57231FDEDCDC568AEB49CEE377
riv = BD9A81284BBB019D3D2741AA3BAA5096
pub = 503172C9551308A87621ECEE90362D14889BFED2CF32B0B3E32A4F9FE527A41464B735E1ADBC6762
priv =
ctype = 30
The extracted from appldr 4.3 from 000248A0-000260F0. The PUB is right. erk and riv incorrect. The estimated or anergistic, send a sce header to the ok.

From aldostools on Mistawes keys dump (above): 1. make sure you have this added to keys file:

[appldr]
type=SELF
revision=0016
version=000300700000000
self_type=APP
erk=A106692224F1E91E1C4EBAD4A25FBFF66B4B13E88D878E8CD072F23CD1C5BF7C
riv=62773C70BD749269C0AFD1F12E73909E
pub=566635D3E1DCEC47243AAD1628AE6B2CEB33463FC155E4635846CE33899C5E353DDFA47FEF5694AF
ctype=30

2. make sure that the key revision of your SELF is 0x0016 and that it is not a NPDRM self.

I tested the keys with Saints Row The Third, and it decrypted the ELF... shift+Enter.

[*] Error: Could not find keyset for SELF.[*] Warning: Could not decrypt header.[*] SCE Header:
 Magic           0x53434500 [OK]
 Version         0x00000002
 Key Revision    [DEBUG]
 Header Type     [SELF]
Key Revision [DEBUG] means that your file is a FSELF. You just need to unfself it and sign the ELF with the keys that you want (eg. 0x01)

These 3.70-3.73 keys are just for retail SELF files signed with keys 0x0016. SELF files from PKG use NPDRM keys (unless they are custom made PKG created using make_package_npdrm). Yes... there used to be a tool that resigned your FSELF just pressing Ctrl+Enter on the eboot.

The current "3.70 keys" are only for key revision 0x0016 and self type = APP (retail eboot). If you have an "update/patch" eboot 3.70, it will not be decrypted with these keys, because they are self type = NPDRM and use a different key. Key revision 0x0016 is used by apps signed for 3.70, 3.72, 3.73 and 3.74.

Most of these have been confirmed by users including EussNL and ItsKamel and added to the PS3 wiki here: ps3devwiki.com/wiki/Keys. As always, we will update this article as new PlayStation 3 Keys are discovered and posted publicly.




Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!

Comments 233 Comments - Go to Forum Thread »

Quick Reply Quick Reply

  • Decrease Size
    Increase Size
  • Wrap [QUOTE] tags around selected text
Ps3scener's Avatar
#233 - Ps3scener - 2w ago
Reply
found these but not sure, 3.60 and 3.61 Private keys

if you grabbed all the keys from gitorious. including 4.40 and 4.41 you should be able to make some sort of a jailbreak. unfortunately i can't patch lv 1 on 4.41. so anyone who can, feel free to try.

dunno why its a little bit bigger in size but these are lv 1 private keys by the way

PS3 News's Avatar
#232 - PS3 News - 2w ago
Reply
Here are some more PS3 SDAT/EDAT v3 and v4 Keys from kongen12 (via pastebin.com/KuE3zk5u)


little to spark the scene

I have been ask to with hold these for an long time now.

only to see no use for public user.

use with care !!

there are 4 keys
two edat and two sdat
one pre v4(v3)
one v4
same goes for sdat

00038D00 EF FE 5B D1 65 2E EB C1 19 18 CF 7C 04 D4 F0 11 '�[Ðe.Ù-..�|.È*.
00038D10 3D 92 69 9B 70 5B 07 38 54 D8 FC C6 C7 67 27 47 =Æi�Tϳ�g'G
00038D20 BE 95 9C A8 30 8D EF A2 E5 E1 80 C6 37 12 A9 AE �ò£�0ì'�7.®�
00038D30 4C A9 C1 4B 01 C9 53 09 96 9B EC 68 AA 0B C0 81 L®-K.+S.�.+ü

Recardzz from the monkey

From aldostools: According to (ps3devwiki.com/wiki/Keys#EDAT) the "keys" above are edat-key-0, edat-key-1, and edat-hash-0, edat-hash-1. sdat-key is different.

EDAT

edat-key-0: BE959CA8308DEFA2E5E180C63712A9AE (SHA1: 84E9FC3574EAA11A9462FFA53D5EA46B4D0003BF)
edat-hash-0: EFFE5BD1652EEBC11918CF7C04D4F011 (SHA1: 8A721A06ABC7BB9BF398C5EF5D6F1FD997BC0A56)
edat-key-1: 4CA9C14B01C95309969BEC68AA0BC081 (SHA1: 6ECDFEC0A11890C1F2A689062D3EFE562317B2FB)
edat-hash-1: 3D92699B705B073854D8FCC6C7672747 (SHA1: F7B2917B1FA260FD51D37716A91036651F6F42F2)

SDAT

sdat-key: 0D655EF8E674A98AB8505CFA7D012933
sdat-sha1:

kaito kid's Avatar
#231 - kaito kid - 2w ago
Reply
Hi everyone, I want ps3keys up to 4.41 or 4.40 because I have 4.31 keys.

GlobalTroll's Avatar
#230 - GlobalTroll - 9w ago
Reply
Scrambling and unscrambling obfuscated keys from loader (PS3 FW 3.60 - 3.61)

from LV1LDR.ELF FW3.61

offset 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F

1A390 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 00 < curve_type
1A3A0 00 00 00 00 00 00 00 00 00 01 2E 08 00 01 2D C0
1A3B0 00 01 8A 90 00 01 8A D0 00 00 00 00 00 00 00 00
1A3C0 00 00 00 00 00 00 00 00 00 01 2D 90 00 01 2D 78
1A3D0 00 01 66 28 00 01 66 28 00 00 00 00 00 00 00 00
1A3E0 1C DA BE 30 83 38 23 F4 61 CA 53 41 04 11 5F FF < pub
1A3F0 60 01 0B 71 06 31 E4 35 A7 D9 15 E8 2A E8 8E DE < pub
1A400 66 72 64 65 6C B7 06 2E 00 00 00 00 00 00 00 00 < pub
1A410 84 4F 80 F3 C5 7C 45 5C 7F 09 00 00 00 00 00 00 < root_scramlbe_key

1D140 F9 2C 86 66 EF FB AC 7E B5 83 E5 4A 25 7F 7C 05 < sk1_key
1D150 DD F6 A5 B1 43 C1 14 1F EE D0 1C DA 71 97 05 C3 < sk2_key
1D160 F2 E7 0B C4 BA C1 0C 3D 8D DB B7 DC 23 05 3F 9A < sk1_iv
1D170 01 8E 69 5C 3A 29 AF 6E 74 6A 73 CB F7 3D BD FD < sk2_iv
1D180 FF FF FF FF 00 00 00 00 00 00 00 01 00 00 00 01
1D190 FF FF FF FF 00 00 00 07 00 00 00 06 00 00 00 02
1D1A0 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00
1D1B0 FF FF FF FF 00 00 00 30 00 00 00 20 00 00 00 20
1D1C0 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00
1D1D0 00 00 00 00 FF FF FF F0 00 00 00 00 00 00 00 00
1D1E0 62 7C B1 80 8A B9 38 E3 2C 8C 09 17 08 72 6A 57
1D1F0 9E 25 86 E4 00 00 00 00 00 00 00 00 00 00 00 00

1DE00 18 09 79 66 C3 DE 8A 0D 82 BF 95 6C B3 9F AF 78 < erk_obf
1DE10 22 95 C6 CA 7F 1E 54 7A B3 0E DF D7 EE 5C B8 12 < erk_obf
1DE20 9B 32 B2 0F A7 72 80 F1 09 5E A1 3F 1C 2D 5C 99 < riv_obf

Unscrambling script: key_unscrambler.py

from CryptoPlus.Cipher import AES
import hashlib, hmac

def sha1_hmac(key, data):
return hmac.new(key=key, msg=data, digestmod=hashlib.sha1).digest()

def aes_decrypt_cbc(key, iv, data):
crypto = AES.new(key, AES.MODE_CBC, iv)
return crypto.decrypt(data)

def unscramble(key, iv, data):
key = sha1_hmac(root_scramble_key, key)
return aes_decrypt_cbc(key[:16], iv, data)

def unscramble_1(key):
return unscramble(sk1_key, sk1_iv, key)

def unscramble_2(key):
return unscramble(sk2_key, sk2_iv, key)

root_scramble_key = '844F80F3C57C455C7F09'.decode('hex')

sk1_key = 'F92C8666EFFBAC7EB583E54A257F7C05'.decode('hex')
sk1_iv = 'F2E70BC4BAC10C3D8DDBB7DC23053F9A'.decode('hex')

sk2_key = 'DDF6A5B143C1141FEED01CDA719705C3'.decode('hex')
sk2_iv = '018E695C3A29AF6E746A73CBF73DBDFD'.decode('hex')

erk_obf = '18097966C3DE8A0D82BF956CB39FAF782295C6CA7F1E547AB30EDFD7EE5CB812'.decode('hex')
riv_obf = '9B32B20FA77280F1095EA13F1C2D5C99'.decode('hex')

erk_dec = unscramble_1(erk_obf)
riv_dec = unscramble_2(riv_obf)

print 'erk_dec:', erk_dec.encode('hex')
print 'riv_dec:', riv_dec.encode('hex')

Scramling script: key_scrambler.py

from CryptoPlus.Cipher import AES
import hashlib, hmac

def sha1_hmac(key, data):
return hmac.new(key=key, msg=data, digestmod=hashlib.sha1).digest()

def aes_encrypt_cbc(key, iv, data):
crypto = AES.new(key, AES.MODE_CBC, iv)
return crypto.encrypt(data)

def scramble(key, iv, data):
key = sha1_hmac(root_scramble_key, key)
return aes_encrypt_cbc(key[:16], iv, data)

def scramble_1(key):
return scramble(sk1_key, sk1_iv, key)

def scramble_2(key):
return scramble(sk2_key, sk2_iv, key)

root_scramble_key = '844F80F3C57C455C7F09'.decode('hex')

sk1_key = 'F92C8666EFFBAC7EB583E54A257F7C05'.decode('hex')
sk1_iv = 'F2E70BC4BAC10C3D8DDBB7DC23053F9A'.decode('hex')

sk2_key = 'DDF6A5B143C1141FEED01CDA719705C3'.decode('hex')
sk2_iv = '018E695C3A29AF6E746A73CBF73DBDFD'.decode('hex')

erk_dec = '5FF17D836E2C4AD69476E2614F64BDD05B9115389A9A6D055B5B544B1C34E3D5'.decode('hex')
riv_dec = 'DF0F50EC3C4743C5B17839D7B49F24A4'.decode('hex')

erk_obf = scramble_1(erk_dec)
riv_obf = scramble_2(riv_dec)

print 'erk_obf:', erk_obf.encode('hex')
print 'riv_obf:', riv_obf.encode('hex')

nintendo1516's Avatar
#229 - nintendo1516 - 12w ago
Reply
very cool news

Page 1 of 47 123456789LAST »

Related PS3 News and PS3 CFW Hacks or JailBreak Articles

PS3 EDAT Devklic Bruteforcer v1.0 / v1.1 By JjKkYu is Released
MAME 0125 (Multiple Arcade Machine Emulator) for PS3 Release 1 Out
PS3 Game List by Nullptr PlayStation 3 Homebrew App is Released
MultiMAN v04.40.00 PS3 Server and Showtime Edition Updates Out
ScummVM 1.6.0 PlayStation 3 Emulator Updated, +4 to Engines
PSN Tool v1.0 and PSN Tool Creator v1.0 to Combat PSN Bans Arrive
Affiliates  NewsNow  Privacy  PS3 CFW & MFW  PS3 Hacks & JailBreak  PS3 Reviews  PS3 Videos  © 2013 PlayStation 3 News

PlayStation 3 Links

Contact Us E-Mail
PS3 Affiliates
PS3 CFW & MFW
PS3 Debug Firmware
PS3 Decrypted PSN Links for CFW
PS3 Downloads
PS3 EBOOT.BIN Original File Links
PS3 Firmware
PS3 Game Releases List
PS3 Guides & Tutorials
PS3 Hacking Guides and Tutorials
PS3 Hacks & JailBreak
PS3 Help & Support
PS3 JailBreak Game Compatibility List
PS3 JB2 / True Blue (TB) Game Links
PS3 multiMAN Updates
PS3 News Forums
PS3 News Site FAQ
PS3 News Site Advertising FAQ
PS3 News Site Posting FAQ
PS3 News Site Privacy FAQ
PS3 News Site Rules
PS3 News Site Tag Cloud
PS3 News Site Terms
PS3 Resources
PS3 Reviews
PS3 Save Files Repository
PS3 Themes
PS3 Trophies List
PS3 Videos
PS Vita Trophies List

PlayStation 3 News Discussions
What is your favorite game franchise series? - 11m ago

Liongooder's Avatar
Quote Any R* franchise series NFS GOW Resident Evil The Elder Scrolls Fallout Uncharted...
By Liongooder with
 104 Comments »
[+1 QP] What Do You Enjoy Doing When Offline? - 14m ago

Liongooder's Avatar
Quote Offline i like sports especially ping pong, swimming & cliff jumping from high cliffs is my favorite. my favorite movies are Shawshank redemption...
By Liongooder with
 33 Comments »
PSN Games Decrypted for PS3 Custom Firmware 3.55 by DUPLEX! - 14m ago

candan's Avatar
Quote Hi all. For The Last of Us, what am I doing wrong? MM won't merge the split files together again. Here's what I did... Using Rogero 4.41 ...
By candan with
 8295 Comments »
Naughty Dog Reveals Uncharted 3: Ancient Multiplayer PS3 DLC - 24m ago

PS3 News's Avatar
Quote Naughty Dog Community Strategist Eric Monacelli revealed some fresh Uncharted 3: Ancient Multiplayer PS3 DLC to fans today. To quote: It's ne...
By PS3 News with
 0 Comments »

Latest PlayStation 3 Trophies
 Dungeons & Dragons: Daggerdale: The Big Stick
 Dungeons & Dragons: Daggerdale: Four of a Kind
 Dungeons & Dragons: Daggerdale: Man at Arms
 Dungeons & Dragons: Daggerdale: Solid Gold

Latest PlayStation Vita Trophies
 Jak II (Vita): The Collectationator!
 Jak II (Vita): The Collectivist
 Jak II (Vita): The Collector
 Jak II (Vita): Head Master

Latest PlayStation 3 Releases
Le Tour De France 2013 PS3-STRiKE - 06-18-2013
MotoGP 13 PS3-COLLATERAL - 06-17-2013
Remember Me USA PS3-ANTiDOTE - 06-17-2013
The Last of Us ASiA MULTi3 PS3-Kirin - 06-14-2013

Latest PlayStation 3 Themes
 The Last of Us PS3 Theme - 06-14-2013
 God Of War 3 (Unofficial V1/V2) PS3 Theme - 06-12-2013
 Heavy Rain (Official) Dynamic PS3 Theme - 06-11-2013
 PlayStation Classic PS3 Theme - 06-11-2013