171w ago - We are happy to report that the PS3 Hypervisor LV1 and Bootloader LV0 are dumped from the PlayStation 3's RAM after getting our SX28 Hardware a few days ago, utilizing code for glitching and mashing buttons for hours - the exploit eventually will get triggered!
We tried a few different ways to dump out the real memory - the biggest "problem" was the fact that you can't just simply use File I/O code in a kernel module. Furthermore, you can't call the lv1_peek function from user mode either.
Luckily, resident DEV kakarotoks was up to the challenge. After some trial and error (and too many PS3 crashes!) he made a kernel module which maps the "real" PS3 memory to a device in /proc. The /proc area lets the kernel and userland interact some.
Basically, the device /proc/ps3_hv_mem is created when the kernel module is inserted. Once it is inserted, you can use dd to read the device. By doing this, the device gets passed arguments, which is passed along to lv1_peek - which in turns reads out the real memory.
Be advised, don't go beyond the PS3's upper memory limit. At around 260MB, the PS3 tends to crash - it does not like trying to read beyond RAM limits! So, for usage:
First, run the exploit, and get it triggered and working - that's the hard part!
Next, download the attached file, inside are three files, a Makefile, the ps3_hv_mem.c and a pre-compiled version. Stick these in a folder, and run make. It will then compile a kernel module for you (ps3_hv_mem.ko, or use the pre-compiled one). Then simply type: sudo insmod ps3_hv_mem.ko
Enter your password and check /proc for a ps3_hv_mem entry, or your dmesg. If it is there - let the dumping begin!
You can dump out the PS3 Hypervisor and Bootloader (and the rest of the real memory) via dd. You can use the command:
That command will dump out 10485760 bytes, or about 10MB - which nicely includes the goodies like LV0 and LV1. Finally, you can also increase the count, which will increase the amount dumped (multiply by blocksize).
Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!
To clarify, CJPC has no issues whatsoever releasing his PS3 TEST "Backup Launcher" if, for example, the flags can be changed to allow Retail PS3 consoles to run as Debug units.
So to confirm, none of us are against people using loaders/launchers at all... and whether it's us or someone else who releases them, just like all the PSP loaders we will definitely post any PS3 ones here.
Actually, he ment, IF there will be theoreticaly a possibility of CFW and/or Backup launchers, will PS3 dev team continue work on it and actually MAKE CFW and/or ISO-loaders etc etc., or they will take position as Team Twiizers, staying only on homebrew and keeping as far away as possible from pirate scene?
The same as always, nothing has changed really... as things progress if it leads to homebrew and backup launchers both are fine by us.
It is, but it was put on hold due to the holidays and then the HV dump project... the last update to it was HERE, and the next step is for CJPC to install his Infectus Mod into the Service Mode PS3 to begin dumping and comparing the NAND images when time permits.
He's the only one that feels this way... cuz i care if i have the same homebrew on my ps3 as the wii or the xbox 360 or even original xbox. clearly there is a bigger drive behind this.. the clear purpose is known by all of us!!! homebrew is just another saying for hey i dont want you to know why i am really doing this.
Anyways... this tech stuff is a lil over my head.. BUT i do own 18 Ps3... all of which are FAT.... (i sell electronics online) if there is any way i can help please let me know.. because if these get done the value of them go up for me so im all about it.