200w ago - Today the PS3 hack exploit SX28 hardware arrived, so we can begin work on dumping the PlayStation 3 Hypervisor to examine!
Up to now, both GeoHot and xorloser have successfully performed the PS3 hack while a few others simply obtained GeoHot's PS3 Hypervisor dump to study privately.
Needless to say, the rest of the PS3 scene including most of us here, have been waiting to take a peek at the unencrypted bootloader and Hypervisor lv0 and lv1 dumps.
We started by writing a Ubuntu Guide (as did titanmkdHERE) and attempted to use a 555 timer to obtain the 40ns pulse required to trigger the exploit, but like many others who attempted this we too had no such luck!
Luckily xorloser shared some propered code to trigger a 40ns pulse using an SX28 chip. They are a bit harder to find, and a little more expensive (as you need a programmer) but the method is sound.
That brings us to today, and our SX28 chips and programmer arrived - so we will be recreating the hardware, and giving this a go soon!
Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!
Yeah the biggest problem is really the fact that the exploit itself is well a glitch. I mean, the hardware works perfectly, I can get it to start to exploit the box within 20 seconds of trying , every time.
The problem is, 90/100 times the exploit crashes / locks up the ps3 / errors , resulting in the need to reboot, and restart.
Once the exploit is planted, then we start running our own kernel module to dump out the real memory. The way we we're doing it is well, unreliable and prone to massive corruption (not to mention slow)
But, with dumping memory to a file you run into other issues. You can't just use FileI/O in a kernel module any more, and you can't access lv1_peek from user mode either, so you need to make some additional code to handle it, which is what were working on now - although I'm open to any suggestions to get it done faster, its such a pain after your kernel module crashes, and having to reboot and re-exploit the PS3!
[QUOTE=PS3 News]Yes, you do not need a PS3 once you have the dumps... anyone with the time and talent can use IDA (on their PC) and xorloser's PS3 plug-ins to begin reverse-engineering the code and looking for "interesting" things.[/QUOTE]
great! with all those talented scene and ind crackers i bet HV will get a hard time..
will be fun to follow when dumps get released
edit: good timing for the ida and ida sdk releases that got released not so soon ago