86w ago - Following up on the
PS3 JB2 Reverse-Engineering news, today Gary Wayne Bowser (aka
GaryOPA) has confirmed that the official name of the JailBreak 2 USB dongle will be True Blue.
A list of supported PlayStation 3 games is outlined
HERE, and below are the details, to quote: "The actual name of the JB2 dongle has now been announced along with official confirmed features and specs:
Welcome to the era of True Blue for your PS3 which enables all your Jailbreak dreams and needs!
True Blue features:
- Booting of games from v3.6+ (up to v3.73) from special BD-R discs available from official resellers
- Runs games up to v3.56 from HDD in conjunction with backup managers
- Does not require the Power/Eject trick
- Custom v3.55 Dongle firmware behaves like OFW when True Blue is not inserted
- Manufactured from highest grade components and Actel based
- Durable and high quality metal case design
- Tough and durable plastic packaging
- Further features to be added as they are developed
- On board 2 MBytes SPI flash
- Supports Fat and Slim consoles currently running any firmware up to v3.55
- And any PS3 which can be downgraded from v3.6+ to v3.55 (NOTE: Requires other tools, True Blue currently can't downgrade a Console)
- Supports all regions of consoles
- Supports all regions of ISO’s to be released
- Rock solid crystal oscillator on board for flawless timing
The True Blue dongle allows booting of the latest the ISO’s (3.6+) from special BD-R discs which can be purchased from all official resellers. The discs can be burned by any BD-R recorder and there are no special requirements on either PC or BD burner types.
Whilst we can disclose that the discs are specially manufactured to allow booting of the latest ISO’s, further technical information on the way by which the BD-R discs can allow booting cannot be provided, for obvious reasons.
Update: Clearer note on the above info, in regard to questions being asked!
The special BD-R discs being SOLD are BLANK, they are not warez in some cases less shady modshops operating in countries like Asia were local law enforcement turn a blind eye to 'flea market' operators they may infact FILL the disc with information turning the blank disc into warez, but that is not fault of the True Blue designers, and those places will NOT be official resellers. Information and pricing and list of official resellers will be forcoming in new news post later this week once details are confirmed.
Second, there is a lot more games working then the 5 listed in the forums and emails from the original JB2 rumors, and the full list of all the tested games will be published once it is official and confirmed by us, don't trust other sources of information there a lot of people out there trolling and passing around mis-information still for various reasons.
Third, even tho there is effort to crack this dongle already even tho it is not in the actual hands of any of the people posting information about it, there is a lot of stuff unknown about how and why it works and for many reasons we can't give further technical information but there is KEY reason why you have to buy special BLANK BD-R discs, due to some background research on the Blu-ray specs and maybe you understand why this is only way to get your dreams filled on running the latest v3.60+ games on your PS3 correctly!"
Sony PlayStation 3 hacker
Mathieulh states the following on the PS3 JB2 USB dongle device to quote:
"They actually do encrypt the elf data sections on the fself and have fself + decryption support handled in lv2 but part of the routine is decrypted through the dongle, it'd be possible to dump it from ram, but honestly, I don't own a dongle and I am not interested."
Below are some PS3 JB2 / True Blue in-depth testing demo videos from
leksetengah:
There are 3 Element in JB2:
1. Dongle-FW (3.55)
2. USB Dongle JB2
3. Burning Game (which being Modified)
In order to play game you need all of 3 element above, can't work if one is missing.
PS3 Backup game can't work without JB2 dongle
First thing is update your PS3 with Dongle-FW. In this video i show that after Update PS3 with Dongle-FW you CAN'T PLAY any backup game without JB2 dongle.
Backup PS3 game works with JB2 dongle
In this video i show that after Update PS3 with Dongle-FW you CAN Play any backup game WITH JB2 dongle.
Playing burned PS3 disc without JB2 dongle
Note: Burning game also have cover and label disc but made with printed sticker. PS3 cannot play burning game (3.55 above) without JB2 dongle. XMB and Multiman can not detect the burning game. PS3 cannot play Original game (3.55 above) without JB2 dongle. Update software needed, you Know what happen next if you update, don't you?
Playing Burning Game with JB2 dongle
PS3 can play burning dan modified game (3.55 above) with JB2 dongle. XMB and Multiman can not detect the burning game. But multiman can not backup burning game, also file manager multiman can't open root of Burning game.. same result with comgenie, after press start to copy nothing is happened.
PS3 cannot play Original game (3.55 above) with JB2 dongle. Update software needed, you Know what happen next if you update, don't you? Backup original game in multiman is no problem.
Finally, to quote from PlayStation 3 developer
defyboy on the PS3 True Blue USB device: "Appears to be pretty simple. Apparently the dongle itself is just DRM so I would expect this to be completely cloned in software. Don't bother wasting your money on these."
Hi everyone.
I hope someone is able to help me here, because i don't understand what went wrong.
I was running Rebug 4.30.2 cex edition and decided ...
thats a pretty please i'm bored and need something to do thanx to the good ol community lol.
do i need a tb dongle to do this?
Example
scetool -i tb_eboot.bin
• ELF64 Header:
Program Headers Offset 0x0000000000000040
Section Headers Offset 0x00000000017EC228
Then we know the section headers start at 0x17EC228
Last section STRTAB:
• ELF64 Section Headers:
Idx Name Type Flags Address Offset Size ES Align LK
029 0001 STRTAB --- 00000000 017EC0F7 0000012C 0000 00000001 000
So elf ends at 0x17EC0F7 + 0x12C. We add padding to 0x17EC228, and insert clean elf64 section headerd dump from original eboot.bin, right? Or does this dump ELF+section headers+some extra stuff we can cut off?
Anybody care to post a dumped elf (raw, with this tool) so i can look at it?
Download: http://www.filefactory.com/file/1mxrnsbnysb/n/TB_ELF_Dumper.zip / http://www.2shared.com/file/elOEAmgg/TB_ELF_Dumper.html (Mirror) / http://www.mediafire.com/?htg9apb38sxcw9t (Mirror #2) / http://www61.zippyshare.com/v/32707610/file.html (Mirror #3) / http://www.gamefront.com/files/22169441/tbed.zip (Mirror #4) / http://www.mediafire.com/?p2o498r20ep5vic (Mirror #5) / http://cvfzpr.1fichier.com/en/ (Mirror #6) / http://pastie.org/pastes/4582351/text?key=7hrn1g60zcqp0qkmcvq0q / http://pastebin.com/zw6mFauf (Mirror) / http://www.multiupload.nl/H5XU4KMIUD (DUMPEDBOOT.bin and DUMPEDBOOT1.bin) by arnes_king / http://rghost.net/40005638 by gibson25 / http://www.mediafire.com/file/i11zafxgz4caz3j/np_trp_prx.rar (np_trp_prx.rar) / http://uploadmirrors.com/download/1AUM1GKM/np_trp_prx.rar (Mirror) / http://www.uploadmirrors.com/download/1IPWSYTT/DUMPEDBOOT.zip by mellss
Tested on:
• Original 355 -> ok
• True Blue CFW v2 -> ok
• ...
There are some bugs (size of dump ...) but it works. It's ELF dumper from memory and it work with True Blue cfw v2 and any 3.55 firmware because it doesn't use lv2 peek/poke.
Warning: It will not brick your ps3. But I am not responsible for any damage.
HOWTO:
• Enable dev_blind with multiman
• copy libsysutil_np_trophy.sprx from /dev_blind/sys/external/external to dev_hdd0/ and rename it "orignal_libsysutil_np_trophy.sprx"
• copy my modified "libsysutil_np_trophy.sprx" to /dev_blind/sys/external/
• load a True blue game from multiman
• exit multiman
• run your game
• wait few minutes (if you get black screen after 3 minutes reboot ps3)
• exit game
• go to ftp
• in dev_hdd0/ there are your decrypted DUMPEDBOOT.bin
• copy and rename it with another name.
Howto uninstall patch - Two ways:
• You could uninstall this patch by replacing modified libsysutil_np_trophy.sprx by orginal libsysutil_np_trophy.sprx
• Or update in recovery mode
Thanks to: Ps3dev
Brief Guide:
1 - Install TB ELF Dumper first as stated in its readme file.
2 - Start Multiman, it will make a dump of multiman eboots, so you must delete it first by browsing to dev_hdd0 then delete all DUMPEDEBOOT.BIN files you found there.
3 - Back to multiman game selection then select any TB game then launch it.
4 - Start the game from XMB then wait for some times until game start.
5 - Exit game now then start multiman again then browse to dev_hdd0 and now you must found a decrypted game dump.
From PlayStation 3 developer deank (via pastebin.com/avcM5iuU) comes a revision as follows:
Download: http://www.mediafire.com/file/i11zafxgz4caz3j/np_trp_prx.rar (np_trp_prx.rar) / http://uploadmirrors.com/download/1AUM1GKM/np_trp_prx.rar (Mirror)
[code]
// Author: Shadoxi
// Modified:
// Backup the original /dev_flash/sys/external/libsysutil_np_trophy.sprx to /dev_hdd0
// Replace /dev_blind/sys/external/libsysutil_np_trophy.sprx by this sprx
#include
#include
#include
#include
#include
#include
#include
#include
SYS_MODULE_INFO (sceNpTrophyhook, 0, 1, 0 );
SYS_MODULE_START( _start );
SYS_MODULE_STOP ( _stop );
SYS_LIB_DECLARE( sceNpTrophyhook, SYS_LIB_AUTO_EXPORT | SYS_LIB_WEAK_IMPORT );
SYS_LIB_EXPORT ( loader_sprx, sceNpTrophyhook );
int _start(void);
int _stop(void);
void DumpELF_Payload(void);
void loader_sprx(const char* PATH_PRX);
static void write_message (char const * message)
{
unsigned int write_length;
char const * end;
for (end = message; *end != '\0'; ++end);
sys_tty_write(SYS_TTYP_PPU_STDERR, message,end - message, &write_length);
}
void DumpELF_Payload(void)
{
write_message("Dumping ELF from RAM...\n");
int fd;
uint64_t nread;
uint64_t ptr= 0x00010000ULL; //ELF offset in RAM;
uint64_t sizeelf = 35*1024*1024; //Need a way to get size of ELF
char dump_path[30]="/dev_hdd0/RAMDUMP-00.BIN";
for(uint8_t i=0; i