Sponsored Links

Sponsored Links

PS3 CEX to DEX Converted Units Bricking on OFW 4.30 DEX Update


Sponsored Links
92w ago - It's been a few months since the last PS3 Debug / Test (DEX) Firmware 4.21 leak, however, we are now hearing reports that PS3 CEX to DEX Converted units are bricking when PlayStation 3 scene developers attempt to upgrade to Sony's OFW 4.30 DEX update.

This means if you have a converted unit and currently try to use the (not yet public / leaked) 4.30 DECH update you will get a brick... so consider yourself warned in advance!

What happens is when the bricked unit is powered on the light turns green for a few seconds, then you hear 3 beeps and its goes off.

It is suspected (unconfirmed) the reason why this bricking occurs in CEX to DEX converts on OFW 4.30 DEX is because the EID5 isn't changed, which is one factor separating the converted Retail to Debug / Test consoles from genuine and righteous DECH (DEX) consoles.

Finally, for those curious, the PS3 4.25 DEX update (also not publicly leaked yet) is not patched by Sony to brick converted consoles, so this would be the last PS3 Debug / Test Firmware you could update your converted console to (and go online with PSoN DEX) unless a work-around patch fix is discovered.




Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!

Comments 618 Comments - Go to Forum Thread »

• Please Register at PS3News.com or Login to make comments on Site News articles. Thanks!

Night Hawk's Avatar
#8 - Night Hawk - 107w ago
I love how many devs whine that it destroyed the ps3's hacking future. Please cut the bs, everybody knows that you kept it to yourself in order to enjoy the high fw privileges. If you were going to hack your way through the l0 and the keys you would have done it a long time ago... Higher versions only have more layers of protection.

djpelle's Avatar
#7 - djpelle - 107w ago
By releasing this method Sony now knows how to fix it for the upcoming DEX FW. That was not without a reason why devs not made public this method!!! For devs with converted consoles it will be a massive hit in the face in the future!!!

tiefputin1's Avatar
#6 - tiefputin1 - 107w ago
AnoRelease what was the ID on your console before you changed it to 0x82 (Debug Target ID) ?

PS3 News's Avatar
#5 - PS3 News - 107w ago
Cheers for sharing this AnoRelease, I have now promoted the news to the main page as well.

I'm sure many PlayStation 3 developers will make good use of it, although I bet the passes included in the new PS3 SDKs (which CJPC mentioned they used to have in the 1.00 days) to access SP-INT will be watermarked per developer studio similar to the low level hardware docs that aren't included in most of the public leaks.

plangston's Avatar
#4 - plangston - 107w ago
technodon, have a look here mate from Rnd: wiki.gitbrew.org/wikibrew/Metldrpwn


Metldrpwn

Dear all,

Many of you may have heard about Metldrpwn which allows to obtain Perconsole Key set.

I bet some of you have not gone for it because of many things to install and do, like linux and etc.

Well, since now, you won't have to do all that, the only thing you will need to have/install is Otheros (Petitboot) and that's it, the image of the FULL LINUX distro with glevand's kernel patches and all is in this tutorial.

So, let me tell what you have to do in order to pwn your metldr and get you perconsole keys faster:

1. Install Petitboot

Only these steps from the orginial glevand's tutorial are needed:

1. Install my latest CFW (gitbrew.org/~glevand/ps3/cfw/)
2. When installation is finished, reboot in Recovery Mode (not the Backup/Restore in XMB) and choose "Restore PS3 System"
3. Now your GameOS should use only the half of your HDD (Currently working on a better approach)
4. Run setup_flash_for_otheros.pkg (gitbrew.org/~glevand/ps3/pkgs/setup_flash_for_otheros.pkg - for all PS3 models)
5. Reboot (It's important to shut down and turn on your PS3)
6. Store dtbImage.ps3.bin (gitbrew.org/~glevand/ps3/petitboot/dtbImage.ps3.bin) on USB drive, plug it in and run install_otheros.pkg (gitbrew.org/~glevand/ps3/pkgs/install_otheros.pkg - NAND owners should use dtbImage.ps3.bin.minimal, rename it to dtbImage.ps3.bin). Try different USB ports if you don't get any beeps.
7. Run boot_otheros.pkg (gitbrew.org/~glevand/ps3/pkgs/boot_otheros.pkg)
8. Run reboot.pkg (gitbrew.org/~glevand/ps3/pkgs/reboot.pkg - use the package, not manually reboot!)
9. You should be in petitboot now.

3.15 stock firmware (OFW) users:

Put petitboot on a memory stick


2. Boot Linux

1. Download my distro of Linux (gitbrew.org/~rnd/Linux-2.6.39-Rnd.iso)
2. Unpack in the root of your USB stick/or burn the image to a DVD
3. Plug in your USB/Insert the disc in your PS3 and you should see 2 different boot options, boot the first one

Login details (there are 2 of them, ps3 and root):

Username: root
Password: root

Username: ps3
Password: ps3

If you need to mount a usb stick, I made a dir for that /dev/usb

Here is the mount command:


So now you can access your USB by going here /dev/usb/

3. Metldrpwn part:

Step by Step instuctions

Precompiled metldrpwn : Here (ps3devwiki.com/files/devtools/dump-metldr/metldrpwn.zip)

you can do this over ssh or on console.

Note: don't forget to provide EID0 and RL_FOR_PROGRAM.img if you do manually, instead of the run.sh file where they are commented out

1. ssh into the ps3
2. download the files:


3. untar the files:


4. enter the directory and compile:


5. run the following commands now:


6. there now you have a dump check it out:



7. now copy the dump somewhere or youll lose it:


now you have a copy in your home directory for safe keeping, congrats you've completed about < 10 mins of actual work.

there you go keys are in 0x00 to 0x20 (first 3 lines)

So now you get code execution on metldr at the best time possible because your code executes right after metldr copies the root keys from 0x00 to 0x30, which means you get to dump these too. (Although they are hardcoded in metldr's code anyway)

example:


the first 2 lines are erk the 3rd is riv and together they are eid0 root key

btw this does not mean you get 3.60 keys etc or newer games but it will help you get some nifty things to do some new stuff.... also please be advised that if you are on 3.60+ you will need to downgrade with a flasher to do this, also if you have a unit that shipped from the factory with the metldr.2 (new metldr) your sol at the moment theres also a nifty program on the dev tools page (ps3devwiki.com/wiki/Dev_Tools) to turn your hex into key its called hex2key:

hexkey2bin.c: [Register or Login to view links]
hex2key.c edit: [Register or Login to view links]

If you have any further questions don't hesitate to contact me,

Sincerely,

Rnd
btw, thank you AnoRelease!! a BIG thanks to all devs behind the scenes that have spent countless hours piecing together this puzzle!

Sponsored Links

Sponsored Links
Sponsored Links

Sponsored Links







Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News