192w ago - Update: JaicraB has now shared a second (36MB) dump and update, details and the download link are available HERE and the guide is being worked on!
Today JaicraB (linked above) with the help of DemonHades have done what GeoHot failed to do, dump and publicly leak the PS3 Hypervisor LV2 (GameOS) for the entire PS3 scene to begin reversing and examining for new holes, exploits, etc!
But wait, there's more... they also plan to share a guide soon detailing how the LV2 dump was done (see HERE for the LV1 dump leak) so that everyone in the PlayStation 3 development community can join in on the fun!
This is indeed refreshing news in comparison to a lone glory hound out only for himself instead of the PS3 scene, seeking attention while blinded by his own e-fame from the notion that others in the community are just as capable, if not moreso, as will surely be demonstrated in coming months.
BIG PROPS to both JaicraB and DemonHades, you guys deserve it and we are honored to see your willingness to share with everyone to further PS3 development. You truly are shining examples of what the scene is all about, and you will be remembered for this.
To quote, roughly translated: "DHorg friends because that is in luck, and I DemonHades and JaicraB we have dump the LV2 (supervisor) thereby obtaining ps3 kernel very soon we detailed the dump.
Jaicrab a pleasure working with you friend.
Best to all! A week ago I started to dismount for the first time a PS3 and install Linux without any experience. My only goal was to teach people to change the cooling of a PS3. Gradually I was calling attention to the world of SCENE and a week I give the LV2.
This concludes a long afternoon with only one thought. DemonHades Thanks for sharing your experience with me and spend the whole evening with me and discuss check for teaching me everything you know in two hours. The truth is that without DemonHades would have been almost impossible. A great and wise person.
After an entire afternoon leading a project in mind, we could dump the LV2. We had read access of the last session before entering XMB Other.
I promised. It will explain the method to follow if you want to do you the same. Enjoy it!
Next step? The next step is Inmagine. First of all tomorrow if I can I will explain the process of how to do it.
It is not a simple dump LV2, but a dump of the entire session previously opened in XMB. What you need to debug the dump way to make things not to mix the session Other and so we can analyze everything that we run in XMB.
This dump was made with an upper size LV2, which contains trash otheros session mixed with XMB. The LV2 area is intact, are the first 36 megabytes, which is lv0, LV1, LV2.
You open a door and you find 50 more, each new door you can open 50 more doors. Choose your path to investigate and share it with everyone."
Finally, pictured below is the IDA Pro SPU processor module in action!
Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!
Yea as soon as I saw that dns method mentioned I figured it was shady. Anyways, all this news is keeping me quite interested in what's going on now! Hard to keep my eyes off the forum for updates on what people find in the lvl2 dump. Wish I knew more about this stuff myself so I could contribute, but it's great to see the scene moving again, and exciting to see how people figure this stuff out! Thanks for keeping the ball rolling guys, and great work!
This is perfect! Anyway, i'm new, but good in electronics and stuff. I dumped the LV2 today by using his method (used an old linux kernal which is 768KB in size). I'm uploading the lv2 dump, upload speed is slow (2KB/s), bear with me.
and another thing about dns: he can know the strings you sent, because you can decrypt HTTPS Connections, by using programs like Fiddler (Web Debugger)
OK I checked DemonHades Blog (http://demonhades.org/blog/mathieulthowned-by-u/), I will post the translation of it here since it deals with their LV2 dumps anyway and what Mathieulh whined about as well.
And here is what Mathieulh states should be found in a good/clean LV2 HV dump: Strings from lv2 to show people what they should expect from a proper dump
/dev_hdd0/vm/vm0........vm_physical_memory::free_page 0x%llx is not managed.....An inconsistence was detected...................................version segments---.....# ---/--- base------+filesz----+(mem-file) [flags-----]..../app_home/liblv2.sprx.../dev_flash/sys/external/liblv2.sprx....._sysProcessElf..SysPrxUserSegment.......SysPrxKernelSegment
%08x_main_......%s......- Found the system process image file, but insufficient memory..........- Found the system process image file, but the file is not a valid ELF.. (The file has an unrecognized format.)........- Found the system process image file, but the file is not a valid SELF. (error core:%08x).....- The system process image file does not exist (error code:0x%08x)......process_utils::k_process_process : can't allocate memory for putting argv/envp..process_utils::k_process_spawn : can't allocate memory for dummy process object.........emer_init.self..DEH.....creating the vflash recover process (emergency program) : ......OK .....Failed (path:%s)........creating the initial system process : ..OK....../dev_usb000...../dev_flash......process_utils::create_initial_system_process : can't allocate memory for putting path name.......###.### Factory diagnostic mode.###....mounting the USB mass storage (usb000) : ....... Failed (error code:0x%08x).....%s/%s...Lv2diag.self....Continue ........#.# Detected USB dongle..#.....mounting the flash file system : ........###.### Vflash recovery mode.###.......process_utils::create_initial_system_process : ss_params::get_update_status failed (%d)..........###.### Software update mode.###.......mounting the builtin HDD1 : ....PS3UPDATE/ps3swu.self...sys/internal/sys_init_osd.self../app_home.......sys_init_osd.self........# WARNING : lv2::ss_params::get_update_status() returned an invalid value (0x%02x)......###.### creating the ps3swu process : Failed (path:%s, error code:0x%08x).### exiting software update mode.###.........tb 0x%08x HW%d.. processor: Broadband Engine Ver 0x%04x Rev 0x%04x... userland information:. thr%d prio %d proc %d......SP %p...MSR 0x%08lx
The only other thing I got out of the translation is that DemonHades mentioned not to use that IP (126.96.36.199) circulating around for your DNS to bypass and connect to PSN as allegedly it is being used to collect people's PSN or credit card info. It apparently is ran by this kid on IRC: Aaron is [email]AerialX@ip137.67-202-81.static.steadfast.net[/email] * Aaron
Obviously there are people saying the above is possible and not possible, so it comes down to whether you want to take the risk or use one of the other methods really.