Sponsored Links

Sponsored Links

PS3 Hypervisor Dumped via Parallel/LPT1 Port with XorHack!


Sponsored Links
252w ago - Today JaicraB shared with the PlayStation 3 scene a PS3 Hypervisor 3.15 lv0/lv1 dumped via XorHack using a parallel / LPT1 port as a trigger alongside source code for the application used to send the pulse.

Shortly following, he redumped it possibly due to file corruption.

Download: [Register or Login to view links] / [Register or Login to view links]

To quote, roughly translated: Good. I've managed to make the Hyper Dump and BL. In the end I pulse generator echo PC using the search and the parallel port.

Software: (I AM NOT RESPONSIBLE for damage to the pileup, is a very simple, just polished. Q is unlikely to burn something, but also take into account q LPT1 port is very delicate. Good luck!)

Advisable to do so under MSDOS. Download the boot disk Windows 98, copy the executable and run it. No conecteis LPT1 port until q do not enter the program. The source was made with Turbo C + +.

The important thing is to share and not keep anything more if it is for the common good. Do not make bad use of my Mac and my PS3's own data

Any questions or suggestions are welcome in the comments. The next "chapter" eviscerate the dump. Until next time!





Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter, Facebook and drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene and PlayStation 4 scene updates and fresh homebrew PS3 Downloads. Enjoy!
Sponsored Links
Sponsored Links

Comments 35 Comments - Go to Forum Thread »

• Please Register at PS3News.com or Login to make comments on Site News articles.
 
#15 - red8316 - 252w ago
red8316's Avatar
Dump Comparison logs from 010 hex editor in txt and csv formats for those who are interested.

Example txt :

Result,Address A,Size A,Address B,Size B
Match,0h,2945h,0h,2945h
Difference,2945h,2h,2945h,2h
Match,2947h,1AB9h,2947h,1AB9h
Difference,4400h,C0Eh,4400h,890h
Match,500Eh,Fh,4C90h,Fh
Only in B,,,4C9Fh,3h

#14 - crazed376 - 252w ago
crazed376's Avatar
In this reference, 'volcado' means 'dump' as in memory dump. Also 'tengais cuidado' means 'take care'. Hope that helps.

#13 - PS3 News - 252w ago
PS3 News's Avatar
He just posted another update here: [Register or Login to view links]

Another dump to compare differences... he may have redumped it due to file corruption or something... if anyone can translate better.

Download: [Register or Login to view links]

Good evening / morning.

First of all, point out that tengais care if you go to implement the circuit explained above.

The program there are some critics who say you have the source code, modify it at will! it works for me as I worked and I have forwarded. Memory dumps happened the same, or look at them. That which He obtains the copy in a Pendrive, the compressed and even went up without looking at the content.

Also I have to point out that none of the dumps to date, including this second test plate was connected communication (bluetooth, wifi).

Let that go. I echo a second volcano to see variations from one to another. Whether corruption of data that stayed behind to cause the pulse of the variable regions or simply HV.

Dump the Boot is identical and do not understand anything: S. Surely this does not contain any encryption or String. The HV dump is different, but much like the first thing I did.

Draw your own conclusions.

#12 - Kiriller - 252w ago
Kiriller's Avatar
Good Good, keep it coming boys, great job and thanks to all contributed...

#11 - PS3 News - 252w ago
PS3 News's Avatar
Agreed, and +Rep TUHTA! I have moved this to the Site News now and added your repack for the download link.

#10 - red8316 - 252w ago
red8316's Avatar
Quote Originally Posted by TUHTA View Post
I JUST REUPLOADED all files that included in Jaicrab's 40 ns program archive, it is without password and it was archived by WinRar.

Right on, thanks for repackaging it all on one easy to grab download.

#9 - TUHTA - 252w ago
TUHTA's Avatar
I JUST REUPLOADED all files that included in Jaicrab's 40 ns program archive, it is without password and it was archived by WinRar.

Specially for you get it: [Register or Login to view links]

Enjoy!

#8 - red8316 - 252w ago
red8316's Avatar
Quote Originally Posted by tragedy View Post
Megaupload finally let me download them. I used 7zip to extract the files, maybe try that.

Right on man. Perhaps my download was corrupt. I tried brute forcing it with WinRar and Winzip attack programs but they couldn't open the file. Great to hear you got it though!

#7 - lanhikari - 252w ago
lanhikari's Avatar
I guess I understand, you run a program that sends pulses through your computers LPT1 port through the cable on pins 1 and 7 to the ram chip used, and then it will glitch the memory bus and allow the exploit to work?

#6 - PSPSwampy - 252w ago
PSPSwampy's Avatar
Can't help thinking sony's recent announcement about removing OtherOS might prompt MORE people to actually hack into their PS3's - the above appears to be a very very cheap way to acheive this! (Great find by the way!)

Sore foot sony? Maybe you shouldn't have shot yourself in it then eh!

PSPSwampy.
p.s. Personally i won't be doing this (my soldering skills leave a lot to be desired - i'd probably have problems with the parrallel connector let alone the ps3!). But i will be keeping my linux thank you very much sony shame about the on-line stuff, but i guess i can try PS3Proxi again and if i get really desperate have a look into coding my own proxy!

 

Sponsored Links

Sponsored Links







Advertising - Affiliates - Contact Us - PS3 Downloads - PS3 Forums - Privacy Statement - Site Rules - Top - © 2015 PlayStation 3 News