PS3 SCETool, Friday Isolated SPU POC and EIDTool WIP Updates

Category: PS3 Hacks & JailBreak  By: PS3 News - (ps3news.com)
Tags: ps3 scetool friday ps3 isolated spu poc eidtool ps3 eidtool naehrwert ps3 ps3 hacks

77w ago - This weekend Sony PlayStation 3 hacker naehrwert has released a PS3 SCETool based on the fail0verflow tools, an Isolated SPU binary POC dubbed Friday and some EIDTool work in progress updates for PlayStation 3 developers interested in remarrying Blu-ray drives, motherboard keys, QA tokens, etc via Twitter.

Download: PS3 SCETool / Friday Isolated SPU Binary POC / PS3 SCETool v0.0.3 and VSH.Self Output / PS3 SCETool v0.0.4

Below are the details from the ReadMe files and Tweets, as follows:

SCETool (C) 2011 by naehrwert - This tool will see more features in the future.

Notice: THIS CAN DO NOTHING NEW, IT'S CURRENTLY JUST A REWRITE OF f0f TOOLS.

Keyfile format:

 [keyname]
 type={SELF, PKG, SPP}
 sdk_type={00, ..., 18, 8000}
 version={..., 0001000000000000, ...}
 self_type={LV0, LV1, LV2, APP, ISO, LDR, NPDRM}
 erk=...
 riv=...
A sample keyfile is included.

Shout-outs: I think they know who I mean

Friday (C) 2011 by naehrwert - This is a POC for a isolated spu binary. Generate a self encrypted+signed with the metldr keys out of friday.elf. Then use friday.h to write a PPU application that loads the self by utilizing metldr and DMAs your console's EID2 to the shared SPU LS. It will generate the P and S block from it, that is used to pair the BD drive to the specific console. Yon can then DMA the blocks out from the LS and send them to the drive to remarry it to the console.

Communication with the SPU is done over in_mbox and out_mbox. MSG_OUT_* is send from the SPU code to out_mbox. MSG_IN_* should be written from the PPU to in_mbox. When MSG_OUT_READY arrives the PPU should DMA the EID2 to EID2_START and send MSG_IN_READY. When MSG_OUT_GEN_DONE arrives the PPU should DMA the blocks out from BLOCKS_START and send MSG_IN_DIE.

Note: this is UNTESTED but should just work

POC http://www.mediafire.com/?u8lvl08h1lai2nb

note: self part is only for spu yet!

scetool http://www.mediafire.com/?31r5482wy28sc9c

veeeery nice http://pastie.org/2928187

## scetool
scetool 0.0.1 (C) 2011 by naehrwert

[*] Keys loaded.
[*] Loaded keys:
 Name        Type SDK-Type Version
 isoldr 3.50 SELF 0x0000   0x0003005000000000
 isoldr 3.41 SELF 0x0000   0x0003004100000000
 isoldr 1.00 SELF 0x0000   0x0001000000000000
 metldr      SELF 0x0000   0x0000000000000000
 spp 0x00    SPP  0x0000   0x0000000000000000
 pkg 0x00    PKG  0x0000   0x0000000000000000
[*] File decrypted.
[*] SCE Header:
 Magic           0x53434500 [OK]
 Version         0x00000002
 SDK Type        [Type 0]
 Header Type     [SELF]
 Metadata Offset 0x000001B0
 Header Length   0x0000000000000480
 Data Length     0x0000000000012BF4
[*] Metadata Info:
 Key 00000000: AC 0E 35 E4 A9 22 07 C7 09 2C 38 66 69 45 34 31 
 IV  00000000: 1C 7D C8 A3 EB B9 C8 9C BB E4 B6 A6 A6 49 61 C2 
[*] Metadata Header:
 Signature Input Length 0x0000000000000450
 unknown_0              0x00000001
 Section Count          0x00000003
 Key Count              0x00000016
 Signature Info Size    0x00000030
 unknown_1              0x00000000
 unknown_2              0x00000000
[*] Metadata section headers:
 Idx Offset   Size     Type Index unk_1 SHA1 Encrypted Key IV Compressed
 000 00000500 00011C20 02   00    02    00   [YES]     06  07 [NO ]
 001 00012120 000000A0 02   01    02    08   [YES]     0E  0F [NO ]
 002 00012EE4 00000190 01   03    02    10   [NO ]            [NO ]
[*] SCE File Keys:
  00000000: F9 A1 54 8A A2 E3 12 FE 3B 67 CB 5E 02 03 66 82 
  00000001: EF E2 22 82 00 00 00 00 00 00 00 00 00 00 00 00 
  00000002: F4 06 C9 67 46 0F 09 C3 54 E5 0F DB BD 63 74 A6 
  00000003: A9 00 9B 0D 53 B4 4E 3E F2 EB 3D 7A C3 0A 79 C3 
  00000004: 6A 55 C9 6F 72 DE 4E 7E 7A 0D C2 CB 27 F8 C9 9A 
  00000005: C3 08 9E 65 A9 DF 80 B1 7E 66 DF 6B 9D 10 33 99 
  00000006: 2A 3C 73 80 C6 1B 85 24 9F 95 3D BE A9 A5 63 38 
  00000007: CB 41 E6 46 F8 B2 6E 06 D4 1A 5B F5 08 48 28 D3 
  00000008: 13 07 A2 4F 1C 32 3F D7 15 47 D9 50 BF E4 11 04 
  00000009: 18 7F EC 72 00 00 00 00 00 00 00 00 00 00 00 00 
  0000000a: F4 06 C9 67 46 0F 09 C3 54 E5 0F DB BD 63 74 A6 
  0000000b: A9 00 9B 0D 53 B4 4E 3E F2 EB 3D 7A C3 0A 79 C3 
  0000000c: 6A 55 C9 6F 72 DE 4E 7E 7A 0D C2 CB 27 F8 C9 9A 
  0000000d: C3 08 9E 65 A9 DF 80 B1 7E 66 DF 6B 9D 10 33 99 
  0000000e: 2A 3C 73 80 C6 1B 85 24 9F 95 3D BE A9 A5 63 38 
  0000000f: CB 41 E6 46 F8 B2 6E 06 D4 1A 5B F5 08 48 28 D3 
  00000010: 2A AE E7 5C 8C EB 44 4A 62 F4 DF EF 77 5B 02 42 
  00000011: C7 5C 2D 5C 00 00 00 00 00 00 00 00 00 00 00 00 
  00000012: F4 06 C9 67 46 0F 09 C3 54 E5 0F DB BD 63 74 A6 
  00000013: A9 00 9B 0D 53 B4 4E 3E F2 EB 3D 7A C3 0A 79 C3 
  00000014: 6A 55 C9 6F 72 DE 4E 7E 7A 0D C2 CB 27 F8 C9 9A 
  00000015: C3 08 9E 65 A9 DF 80 B1 7E 66 DF 6B 9D 10 33 99 
[*] SELF Header:
 unknown_0           0x0000000000000003
 App Info Offset     0x0000000000000070
 ELF Offset          0x0000000000000090
 PH Offset           0x00000000000000D0
 SH Offset           0x0000000000012EE4
 Section Info Offset 0x0000000000000110
 SCE Version Offset  0x0000000000000150
 Control Info Offset 0x0000000000000160
 Control Info Size   0x0000000000000070
[*] Application info:
 Auth ID   [isoldr]
 Vendor ID 0xFF000000
 SELF Type [Secure loader]
 Version   0x0003004100000000
[*] Elf32 Header:
 Type      [EXEC]
 Machine   [SPU]
 Version   0x00000001
 Entry     0x000259E0
 PH Offset 0x00000034
 SH Offset 0x00012A64
 Flags     0x00000000
 PH Count  0x0002
 SH Count  0x000A
 SHStr Idx 0x0009
[*] Elf32 Section Headers:
 Idx Name     Type         Flags Address Offset Size  ES Align LK
 000 00000000 NULL         ...   00000   00000  00000 00 00000 00
 001 0000000B PROGBITS     .AE   25800   00080  001DC 00 00001 00
 002 00000022 PROGBITS     .AE   259E0   00260  0F1D0 00 00008 00
 003 00000028 PROGBITS     .A.   34BB0   0F430  02870 00 00010 00
 004 00000030 PROGBITS     WA.   374A0   11CA0  00070 00 00010 00
 005 00000036 PROGBITS     WA.   37510   11D10  0001C 00 00004 00
 006 0000003D PROGBITS     WA.   3752C   11D2C  00014 00 00004 00
 007 00000044 NOBITS       WA.   37540   11D40  039B0 00 00010 00
 008 00000049 PROGBITS     ...   00000   11D40  00CD2 00 00001 00
 009 00000001 STRTAB       ...   00000   12A12  00052 00 00001 00
[*] Elf32 Program Headers:
 Idx Type    Offset VAddr PAddr FileSize MemSize Flags Align
 000 LOAD    00080  25800 25800 11C20    11C20   W.E   00080
 001 LOAD    11CA0  374A0 374A0 000A0    03A50   .AE   00080
http://pastie.org/private/4dflpsc66d4gngjvmxwqyq

eidtool (C) 2011 by naehrwert
Loading iso_root_keyset: done.
EID2: p_len=0x0080, s_len=0x0690
Generated blocks from EID2:
p_block 0000: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
        0010: C2 88 95 D0 7E 9C 7F B5 5A 02 7E E7 D5 81 3B EA 
        0020: 39 3A EE 41 B5 E4 1C B5 38 B9 DA 1E D0 81 60 FB 
        0030: A1 35 2A 13 B1 03 9C A1 EA FD CF 36 82 2B 39 01 
        0040: DD 9E DB 46 BF A6 79 8D 71 75 F7 9A 69 1A AC 3C 
        0050: A7 4C 41 10 9A 90 C2 46 74 18 35 75 37 D6 09 C4 
        0060: F3 BE 0F 25 89 D2 4A C5 5F 42 57 67 A5 F5 18 CC 
        0070: 3C 89 40 BC 5F 7D EB 58 69 D1 1C 56 BC 95 3C 5C 
s_block 0000: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
        0010: C2 88 95 D0 7E 9C 7F B5 5A 02 7E E7 D5 81 3B EA 
        0020: C9 43 70 6F 98 5C 3B 68 0D C6 58 33 98 D5 B1 6E 
        0030: 82 E3 98 81 FC 73 1B 54 04 BD 6F F4 D6 60 E4 33 
        0040: ED 22 46 B0 17 D0 FB F2 3E 6E 56 2C CD CF D5 FA 
        0050: B2 92 A9 A0 FE 97 63 43 25 C8 E7 7E 57 65 93 A8 
        0060: 1A 27 C4 60 5A 4C 16 59 68 04 34 3B 60 7C 5F B2 
        0070: 1C 98 32 D0 83 89 7E B3 3A 3C 73 D0 DE 18 18 6A 
        0080: E9 B2 A7 56 1D E4 67 BB AD D6 13 54 E7 39 DD 3C 
        0090: 21 48 8F 82 5F C4 F9 E4 CF 0A 4B 8E 69 F2 44 7E 
        00A0: 12 D2 D0 29 16 67 DD 07 8F 60 2C 0A 4A 7A AF D7 
        00B0: D9 8E 84 96 A9 E5 EB 3A 08 FB E8 88 7F 35 1F F6 
        00C0: 2E 5F 59 FD A9 3F 7F F0 BB 17 F3 0C A9 6E 34 59 
        00D0: 9C 5E D9 9B 30 10 A5 6A 8B CD 3E FB 03 2E 3C 91 
        00E0: 4A AA 06 E7 BF 3C 82 69 EF C5 F7 A1 6E 1A 47 AF 
        00F0: F5 74 A6 B0 93 09 F7 BF C3 9E 7C 7D 16 5A 8D B6 
        0100: E6 90 AD C7 26 97 DB A8 52 F6 DB AB D7 FA 37 43 
        0110: A2 56 DF 3A C6 C8 66 F7 55 68 F1 25 CF B0 5F 02 
        0120: ED 0D 66 03 9B 7E 9C D9 BA 0C 6C 77 4A 32 E2 48 
        0130: C9 02 35 47 49 C3 4F C6 35 E5 22 FB CF D5 E0 0B 
        0140: 54 F0 71 B9 7A 4B D2 B0 FD 9B A2 5F 0A D0 9B A7 
        0150: 2B 94 ED 7C 22 51 F5 90 86 36 B5 E0 A7 2F 64 CC 
        0160: 79 39 22 85 3B 44 52 D7 3D A0 54 B7 D4 D3 25 F8 
        0170: F0 EB 6A 12 C0 E6 F0 ED 99 95 79 72 AB 98 A3 50 
        0180: F4 BE F5 E0 8E E8 03 6F F8 8C 54 99 39 66 A0 D0 
        0190: 7A B6 BD 4B 45 4D 57 DB FF 05 B6 4F C3 98 07 CA 
        01A0: FA 3D FF 01 C0 5F F0 02 3C 78 A8 CD 8B 67 68 86 
        01B0: 10 E3 5E C6 9D C3 23 5F 05 21 E8 37 1F 8C 8C FC 
        01C0: D2 38 C4 0F 0A 30 0C DD DA 2A 8E 91 F4 40 74 75 
        01D0: 2A D1 9C 3E 1C 5F 5A 30 A7 69 C4 DB 1E 7F 5A AD 
        01E0: D7 7E 77 74 78 01 B6 2D DE 61 7C 11 70 AB CE F7 
        01F0: 14 02 7B C7 67 92 95 64 51 FF 4E B8 5E 5C 84 33 
        0200: 20 9A F7 9A 05 3C 7F 68 49 53 A0 79 98 C1 1E E5 
        0210: 95 D1 DB 33 D1 96 76 D9 99 32 07 F5 F6 1A 4B D8 
        0220: 07 45 4F 45 3C 2A 82 88 69 DF 13 4B 6B 7C 64 28 
        0230: EE F7 18 E2 8A 82 8A 1E 02 E4 47 A3 40 F8 65 2B 
        0240: 59 2C AB C7 DC 01 9B 01 18 3B 41 B7 16 49 05 B7 
        0250: 9F 6C 58 79 59 18 58 A8 E4 F4 80 C4 62 BC EC AA 
        0260: CE EE 79 21 DA D5 99 AC B8 DE FE 4F CC 75 C9 96 
        0270: D6 5B AE 93 D3 2D AA F5 EA 74 E3 FF 67 CB 32 63 
        0280: 82 DD 83 D0 1A 0E 51 29 43 E3 56 82 79 9E 58 B3 
        0290: D9 2A 75 26 A0 2E 52 50 85 B1 06 65 CD 9F B3 B7 
        02A0: 04 EA 7E A2 1D C2 0D 36 DF 19 A2 AB AA 3F 9B AD 
        02B0: 8D B8 CC 68 5D B8 C3 B5 EC D7 1D 73 84 56 33 F5 
        02C0: 76 6F 67 2C 6D F2 84 C0 31 C9 D8 2A 0D DA 88 52 
        02D0: 06 C9 82 83 F3 58 1B DB EF 7D 85 68 7D 5C 94 73 
        02E0: B0 B8 B4 74 10 3F 60 0F EE 21 F5 BC E5 55 66 E1 
        02F0: 70 EA 02 9B 78 10 F3 AF 33 5C 7F 9D CD 67 09 E5 
        0300: 57 8E 8E 28 34 01 99 9D 61 01 DF 28 D0 1F 33 0F 
        0310: 83 76 4E 40 74 7D 69 72 3F 2F FC 7A D7 CC 33 DE 
        0320: 95 17 BF 91 6F 03 2B E0 3D 34 D6 D1 5B 12 A7 A2 
        0330: 89 D4 AB EB A2 93 49 4D C1 13 BB D0 4F 72 5C BD 
        0340: 41 1B F3 8C 24 70 B5 4C F2 31 E0 D4 B8 00 91 BF 
        0350: 31 42 76 60 65 DD B8 FE E8 14 FE 03 A4 FF 69 48 
        0360: 7E 57 90 B1 0C 93 E7 2A FF 6C BF 57 60 AB 9E E4 
        0370: 08 6D 63 66 E5 9B 5D 99 C6 14 14 8A 82 15 85 D0 
        0380: 62 D7 32 35 29 E5 4D 8C D6 4B 39 94 4D 80 52 66 
        0390: 69 94 A3 31 43 7A A5 F7 98 09 AB AA 5F 3C A2 B3 
        03A0: 64 70 86 E1 F5 D0 BB 14 3B A5 3E 45 DD 41 30 73 
        03B0: 91 97 5D F4 7C 56 6C 65 1D 2E 5D 6F EE 7C D2 CB 
        03C0: 41 3C B3 74 38 90 A4 65 0C 26 C8 17 14 35 D2 25 
        03D0: 45 9D 9F 6D 47 80 9F 01 2D DE 4A C1 4D FD 06 67 
        03E0: D1 2E 77 62 DF 08 D8 F0 B5 C0 22 37 4C 71 9A 51 
        03F0: DD 34 5D 22 AC 54 DC 56 81 31 0A 2C B9 2B D9 BB 
        0400: AF 03 A1 A5 5F D0 D5 0A 02 14 04 4D D0 92 EF EF 
        0410: DE 3B 58 28 B2 68 33 E2 A2 CA 08 A9 55 06 CF 50 
        0420: D9 BA 40 97 FB 9A 34 B5 7B BA 14 54 E4 93 AB CA 
        0430: D7 56 CB 9B 16 0E 48 D1 A6 76 3C 69 ED 05 BE AD 
        0440: 63 B2 AA 97 44 7F BC 9C 4F 33 05 16 76 F4 98 C3 
        0450: 6C 25 DE 43 88 A7 7A D2 32 A0 88 0E 6B 50 23 8D 
        0460: F3 7C B3 A3 68 3B 2C 43 3C 9F D5 0F D1 37 0D 11 
        0470: 93 E6 DA B4 BB 45 0F 0E C8 4C FA D8 09 28 F7 58 
        0480: 72 84 DA CC ED 45 20 25 EF 2B E8 EB 81 CA 26 10 
        0490: BB 47 8A 0E 2D 67 2B 35 95 D9 E2 59 0E C5 99 73 
        04A0: 6A 82 E1 CC 0C F7 39 E1 5F DB 50 2C 9E E7 FC 18 
        04B0: 13 96 E3 C6 1C 66 B6 7D D3 BC 4A 9F DB 1D 7C 87 
        04C0: 7A 8A 61 95 0C A4 C4 3B 77 DA 46 08 46 E3 52 6F 
        04D0: 32 CF 2A 1E 2C 99 2B 65 A2 32 86 0D 10 03 45 BF 
        04E0: 82 32 60 F0 0C C6 6D 6B C2 AE D0 18 2B 47 8B 83 
        04F0: 86 34 D8 23 0D EC 6F 7A D0 17 53 AF D5 DC F0 EF 
        0500: 49 D7 31 1E F1 02 D3 9C 15 D2 04 AE 44 95 7E F4 
        0510: 4E 32 58 94 9B 9A 8C 72 12 76 CC D0 4A B8 87 FC 
        0520: 2F 7F 79 1A A8 78 A1 53 83 90 90 EC FF 8D 2B 46 
        0530: CB A4 C9 79 E1 92 A0 FC 37 63 CD 9D 3B D7 C9 2D 
        0540: C7 85 C0 EE E3 E1 6A 43 31 B2 4F CA 25 71 7A 23 
        0550: 7F 78 D0 A2 6E FF B6 B3 14 D5 55 CB 10 64 7D 11 
        0560: 8D 9A 0B 26 22 3F 64 1C C0 9C C4 44 1C C3 12 43 
        0570: 37 51 7E E6 62 B1 F7 39 83 A3 BC 5E 5A AC 6A 1C 
        0580: 8F 7E A3 8D 4A E2 60 44 8E 50 EA 33 4B 12 D2 C1 
        0590: 22 F0 59 A1 B3 C8 97 C0 81 D7 EB 54 78 0A 9E 1C 
        05A0: DD 3B 3C A8 D3 EA 4A 0A 3E BF 32 A0 96 62 89 78 
        05B0: 55 5E 3E 2E B8 DA 86 4E 18 5E 85 99 69 EA 8F CC 
        05C0: 31 2C 62 BF A0 F2 B9 3F 3E AC D5 0A B3 61 01 10 
        05D0: 9B 45 D7 D6 B0 12 7A 76 A9 79 6F B3 1F A3 DD 56 
        05E0: 1E 0F 7A 16 25 EA 8C 86 D1 06 75 56 76 4F D5 5F 
        05F0: C2 07 92 9F A2 0F B6 D1 0E 44 B8 8F 98 8A FC A5 
        0600: 48 08 4C E8 F0 DC C3 B2 15 92 72 35 00 FD D0 A8 
        0610: 90 A4 95 6D BD D9 33 36 5A 06 32 53 82 F8 4E 8A 
        0620: E2 B1 F9 EE 43 96 75 27 13 CF 52 A6 C7 BF 9A 30 
        0630: 44 00 26 5F BC E8 97 CD 74 AE FF 3A CA 46 6D 20 
        0640: E4 51 35 3E B8 24 AC F9 A5 DE 70 A1 73 0D D1 78 
        0650: BF A5 EB 5F 25 E9 17 3F 88 50 09 B3 14 06 E7 2B 
        0660: 6B 4D F5 9E 5B 27 6D A1 21 F9 F9 06 4A 6C 7B F4 
        0670: C3 ED 96 32 08 2E 50 E4 FC F3 DD F1 2D 7F B1 1E 
        0680: 56 38 FE 50 0D 36 F0 FF C1 C7 6E 97 5B D7 31 B2

00 00 00 06 00 00 1D D0 00 00 00 00 00 00 00 00 00 00 00 70 00 00 08 60 00 00 00 00 00 00 00 00 00 00 08 D0 00 00 02 A0 00 00 00 00 00 00 00 01 00 00 0B 70 00 00 07 30 00 00 00 00 00 00 00 02 00 00 12 A0 00 00 01 00 00 00 00 00 00 00 00 03 00 00 13 A0 00 00 00 30 00 00 00 00 00 00 00 04 00 00 13 D0 00 00 0A 00 00 00 00 00 00 00 00 05 00 00 00 01 00 82 00 05 14 04 16 89 7A 00 AB FC 00 12 00 0B 4D 7F 52 09 69 36 EC 12 00 66 33 13 00 00 00 01 00 82 00 05 14 04 16 89 7A 00 AB FC 1F C0 CA 95 CF 0F 90 B8 BD 71 59 73 07 2B 4C 3F E5 D5 54 C2 57 7B EB 07 B6 12 6C F5 2D A5 FD 93 B8 C0 57 8E 6C 9E 97 E7 94 86 C5 DA FF D3 32 35 B3 06 EC D2 F7 FC 2F FF 31 71 9F FE 42 C9 93 D6 7C 09 6F D6 19 82 EE 2D B2 E6 1C CF 2A DF B2 7A 94 D1 00 BE 6E 24 99 1D 65 D9 3F 3D A9 38 85 8C EC 2D 13 30 51 F4 7D B4 28 7A C8 66 31 71 9B 31 57 3E F7 CC E0 71 CA 8A 59 FE 58 F0 53 18 AA 86 63 73 C1 59 D7 15 E9 11 57 84 A0 4F 3C 49 32 10 2F 3F 91 44 D0 84 75 03 DF DE 24 80 63 9A 78 38 82 E5 59 11 81 84 8D AC 00 00 00 00 00 00 00 00 DD 0B 8B 71 E5 3F 30 9F E7 12 E6 DC 0D F0 5B 71 73 AB 6F 54 E1 2A 8D 8A 1C BC 8F E7 11 17 BD 13 F6 F3 34 73 5E 6E 7B 68 28 8E E6 17 B5 1E 33 6E BD 73 99 74 EC 22 4D 86 CA 72 0F BA 5A F2 9E 60 82 D3 96 77 E4 61 37 FC 27 6F E8 5F 86 DC A8 05 C5 4E 50 F7 A5 FF 15 33 0D 26 E1 AE AB E5 4D B7 4C A6 28 82 1B 52 89 61 E2 AB CD 90 75 D2 4B 5E 97 A5 39 B7 71 45 3D 9A 24 06 AE 68 50 E1 58 B7 53 B3 AF CA DA 9A FE 16 2E AA 27 CE B7 E8 67 E2 D5 B0 C6 3C 84 62 41 C7 28 33 BC E9 64 A0 75 8E 34 0E DB FF E5 D6 01 1A EC 5D BE 1E CF 74 0E B9 66 D1 E0 68 D9 F3 DF 3F BA DE B2 A5 7A B1 0F 28 A8 D8 E0 05 73 65 94 70 87 89 6B 68 AB 69 8D 57 5C 54 16 AA 4F 62 E3 F7 1D 65 C6 C9 00 ED 30 9E 29 EA 6C 2A 16 8D 44 50 00 2D C1 86 5F 08 C0 5B EC C5 13 ED CE 5D 5C DE 0B A0 4A 72 5F FF D7 41 49 B4 48 52 FC B4 9D DD 0A 48 0B E1 CA 0F AC EF AC 19 B8 37 CF 9E 10 81 42 72 9C 7E 1C 06 6A 8C 5C DD 85 33 4A F3 F2 A8 C2 C2 92 21 4B 11 AB FB 0B 3B 50 17 F5 23 F7 C8 0A CF B3 8D 74 B0 66 39 4E 48 5B F4 46 29 0B 59 53 75 F0 EA 40 F5 C4 25 5E 18 96 A0 6D 92 5B 98 66 6E 9B 55 81 EB 13 C6 0D E2 18 AE 42 3E 77 C9 60 AF 4F 4A 60 7A 96 8A 5E 85 3A 60 7C E8 68 F1 DB 8B 15 AF C5 E7 F4 51 B9 18 E2 6F 62 BC 8C 1A A3 3B A2 96 39 AD A3 F1 B9 89 47 DE 41 F7 9B 78 39 EF 56 EF DD 96 0D 4C 41 15 D7 33 E8 0D BA 61 9E 64 1C CE 32 F5 1E 2A 37 6F F0 9C 8C 62 30 76 DC 58 FD B5 CF 65 96 49 5A 0D 92 4A 07 56 A8 B1 90 A9 E7 AF A2 FC 19 F1 24 96 3A 5E C1 83 3B 82 62 5A 28 3D D1 55 D5 D1 22 C6 D1 02 94 8D 67 95 76 4C FC 25 EA 45 69 B4 39 B7 96 E1 34 89 EC FB AF ED 05 5F 8B AC 79 5E 5E 7E AB D2 D5 0F 21 BA 98 BD 6F 26 8E 0B BA 1E CC 2E 67 9A 40 90 BE F1 48 42 14 72 E6 7A A9 22 BC 8D 53 5F 58 A5 E7 CC 68 2B 25 27 1C 33 FF B3 0E E1 3C 73 D1 73 AC DA 54 CC DA 6E 64 93 F2 0B 6A A7 61 77 83 31 71 1E ED C0 8F C1 5B F4 D9 E6 6A 21 BF 4E 8B 90 E5 E2 71 BB 52 8D 59 B3 06 15 86 D3 56 B6 3C 83 51 A4 5C E3 0A CC AB 49 FE 23 20 C6 E1 5F B5 B8 E6 09 DA 90 32 AB EE AE 42 B6 F4 5B B4 19 DB 40 2C B5 62 5D 48 63 39 53 D6 E8 6C 69 63 D0 93 6F 9A E6 49 B4 FD E6 41 49 79 BB 5A 4D 61 AD 6F 62 0F F5 BE D8 CC 86 51 F6 3C 7B B5 DE DA 74 11 1A 88 D7 8F C5 34 DF FE 40 12 AE 1E C9 71 C7 8A CB F3 E3 FE 2D 81 83 15 C5 1D 60 4D D3 F4 F6 BE 6C 80 DC CF 58 06 0B A7 C6 1D 72 33 A2 AF D9 DA 9B AA 64 E0 1E 36 7E 3A 63 6D 40 C2 09 D6 8A 09 77 C7 25 49 51 16 8D 1E DD 64 FB 87 E0 53 29 25 A8 27 3D CE 08 DD DB 89 78 0E 97 1E 9C 14 92 0B 70 F9 9B 73 6C 2E 26 33 7C 59 FE 09 BF 75 34 55 1E 42 C0 4C 5A EA EB 4B D3 14 8C
which I can generate and yes my eid4 passes the hash check

but one would need to get the aes_omac1 key to be able to check it

hmm eid4 digest is stored unencrypted

seems like there are some hardcoded eid4 fallback bytes - http://pastie.org/private/oxy580s4omh8ofbdfgj3dq

## sv_iso
eid4_fallback_0x00 FF1471C135E4593D0D27F9CAA3795BD9
eid4_fallback_0x10 DD38369F0175173CE32BEED051FD4EF3
scetool/eidtool progress is great




Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!

Comments 211 Comments - Go to Forum Thread »

Quick Reply Quick Reply

  • Decrease Size
    Increase Size
  • Wrap [QUOTE] tags around selected text
spunkybunny's Avatar
#16 - spunkybunny - 69w ago
Reply
I just tried and keep getting the error "Could not find keys" and 3 other lines.

landon's Avatar
#15 - landon - 69w ago
Reply
Thanks in all cases

PS3 News's Avatar
#14 - PS3 News - 69w ago
Reply
Following up on the previous revisions, this weekend PlayStation 3 hacker naehrwert has updated SCETool to version 0.2.1 which now includes full PS3 SELF file support.

Download: http://www.mediafire.com/?1elx2ub98dnroj9 / http://zlib.net/zlib125-dll.zip (Required)

To quote: scetool 0.2.1 - SELFs should be fully supported now.

Finally, from the included ReadMe file:

scetool 0.2.1 (C) 2011-2012 by naehrwert

Notes:

• zlib is required to use scetool.
• 'sdk_type' was changed to 'revision' in data/keys.


Keyfile format:
[keyname]
type={SELF, RVK, PKG, SPP, OTHER}
revision={00, ..., 18, 8000}
version={..., 0001000000000000, ...}
self_type={LV0, LV1, LV2, APP, ISO, LDR, UNK_7, NPDRM}
key=...
erk=...
riv=...
pub=...
priv=...
ctype=...

USAGE: scetool [options] command
COMMANDS Parameters Explanation
-h, --help Print this help.
-k, --print-keys List keys.
-i, --print-infos file_in Print SCE file info.
-d, --decrypt file_in file_out Decrypt/dump SCE file.
-e, --encrypt file_in file_out Encrypt/create SCE file.
OPTIONS Possible Values Explanation
-v, --verbose Enable verbose output.
-0, --sce-type SELF/RVK/PKG/SPP SCE File Type
-1, --compress-data TRUE/FALSE(default) Compress data?
-2, --key-revision e.g. 00,01,...,0A,... Key Revision
-3, --self-auth-id e.g. 1010000001000003 Auth ID
-4, --self-vendor-id e.g. 01000002 Vendor ID
-5, --self-type LV0/LV1/LV2/APP/ISO/
LDR/NPDRM SELF Type
-6, --self-fw-version e.g. 0003004100000000 Firmware Version
-7, --self-add-shdrs TRUE(default)/FALSE Add ELF section headers?
-8, --np-license-type FREE License Type
-9, --np-app-type EXEC/UPDATE App Type
-a, --np-content-id Content ID
-b, --np-real-fname e.g. EBOOT.BIN Real Filename
Greetings to: you know who you are!


More PlayStation 3 News...

EiKii's Avatar
#13 - EiKii - 72w ago
Reply
so the scetool 0.1.2 version is released, i guess this is the version thats supposed to work with 3.56

Its great to see some devs working on the ps3 still

Download: http://www.mediafire.com/?7w61244c4sfy3y7

Below is a read out of Naehrwert's SCETool as well: http://pastebin.com/Eq2QcW3C


SELF header
elf #1 offset: 00000000_00000090
header len: 00000000_00000880
meta offset: 00000000_000003a0
phdr offset: 00000000_00000040
shdr offset: 00000000_00566f60
file size: 00000000_00b7d760
auth id: 10700003_fd000001 (Unknown)
vendor id: 01000002
info offset: 00000000_00000070
sinfo offset: 00000000_00000260
version offset: 00000000_00000340
control info: 00000000_00000350 (00000000_00000070 bytes)
app version: 4.0.0
SDK type: Retail
app type: application

Control info
control flags:
40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
file digest:
62 7c b1 80 8a b9 38 e3 2c 8c 09 17 08 72 6a 57 9e 25 86 e4
3b 33 02 36 0f f6 45 f0 cd ce 4b f5 33 b9 ac 12 a0 93 09 32

Section header
offset size compressed unk1 unk2 encrypted
00000000_00000880 00000000_001fc16f [YES] 00000000 00000000 [YES]
00000000_00208f80 00000000_00015146 [YES] 00000000 00000000 [YES]
00000000_0022df50 00000000_00268d43 [YES] 00000000 00000000 [YES]
00000000_004a24a0 00000000_000b933a [YES] 00000000 00000000 [YES]
00000000_0055b7e0 00000000_00000000 [NO ] 00000000 00000000 [YES]
00000000_00000000 00000000_00000004 [NO ] 00000000 00000000 [N/A]
00000000_00000000 00000000_00000020 [NO ] 00000000 00000000 [N/A]

Encrypted Metadata
Key: da 28 41 ee 15 56 ba 2c 32 ca 02 78 8d 4e 4e dd
IV : 44 e4 a7 d4 b0 ea cb 30 d8 bf 59 56 b6 b4 f8 b7
Signature end 00000850
Sections 6
Keys 46

Sections
Offset Length Key IV SHA1 Type
00000000_00000880 00000000_001fc16f 006 007 000 2
00000000_00208f80 00000000_00015146 014 015 008 2
00000000_0022df50 00000000_00268d43 022 023 016 2
00000000_004a24a0 00000000_000b933a 030 031 024 2
00000000_0055b7e0 00000000_00000000 038 039 032 2
00000000_00566ff0 00000000_00000800 -01 -01 040 1

Keys
Idx Data
000 c7 2a ef 7b ee 49 bf 74 15 c5 ba 5f 46 71 23 ca
001 02 6d e8 66 00 00 00 00 00 00 00 00 00 00 00 00
002 cf df 00 9a 3f 63 00 2d 29 a5 18 74 f0 de a6 64
003 90 0f 63 57 02 e6 87 3e 20 62 6b 56 c7 7c 94 d6
004 32 80 38 48 31 2d 41 66 e5 f4 9f d8 e0 25 f9 24
005 02 2e 93 ba 5d 4c 43 5e aa fb 72 59 bd 81 0d 58
006 2b 43 63 56 ff b6 fe 0e 59 50 e7 eb ff ee dd cb
007 e6 93 0f 91 2d 4d c0 2f f5 d2 3f 77 00 00 00 00
008 33 70 b7 34 f5 13 31 61 99 39 1d 99 14 a7 3c 24
009 1e 8b 33 68 00 00 00 00 00 00 00 00 00 00 00 00
010 cf df 00 9a 3f 63 00 2d 29 a5 18 74 f0 de a6 64
011 90 0f 63 57 02 e6 87 3e 20 62 6b 56 c7 7c 94 d6
012 32 80 38 48 31 2d 41 66 e5 f4 9f d8 e0 25 f9 24
013 02 2e 93 ba 5d 4c 43 5e aa fb 72 59 bd 81 0d 58
014 3e d3 4e c5 21 b0 ba 81 d1 d5 8e 88 83 5f 35 f4
015 8d 1f d1 3b 86 a1 9c 17 99 67 b4 71 00 00 00 00
016 59 c5 91 47 b8 fa 3f 5a 87 67 ee 51 d0 84 54 03
017 e4 f3 fb 62 00 00 00 00 00 00 00 00 00 00 00 00
018 cf df 00 9a 3f 63 00 2d 29 a5 18 74 f0 de a6 64
019 90 0f 63 57 02 e6 87 3e 20 62 6b 56 c7 7c 94 d6
020 32 80 38 48 31 2d 41 66 e5 f4 9f d8 e0 25 f9 24
021 02 2e 93 ba 5d 4c 43 5e aa fb 72 59 bd 81 0d 58
022 a8 59 04 ed c6 84 1f 7d ae 8f 1e 7d a2 7c 78 5e
023 82 fb 7f 37 36 61 d5 37 f2 14 32 aa 00 00 00 00
024 d2 5a b2 13 b8 76 87 7f b8 ed f2 eb 67 e9 76 c9
025 a1 f1 03 23 00 00 00 00 00 00 00 00 00 00 00 00
026 cf df 00 9a 3f 63 00 2d 29 a5 18 74 f0 de a6 64
027 90 0f 63 57 02 e6 87 3e 20 62 6b 56 c7 7c 94 d6
028 32 80 38 48 31 2d 41 66 e5 f4 9f d8 e0 25 f9 24
029 02 2e 93 ba 5d 4c 43 5e aa fb 72 59 bd 81 0d 58
030 be 3f f1 8f 6f 85 b1 2c e5 dd a2 a9 6f 9a be 22
031 42 14 5f 32 00 9f 1d b9 8c 8d 26 b6 00 00 00 00
032 e7 25 ed 99 2f c3 a4 59 bc 89 98 6c 9b 3e 49 b2
033 ca 9d 7b e2 00 00 00 00 00 00 00 00 00 00 00 00
034 cf df 00 9a 3f 63 00 2d 29 a5 18 74 f0 de a6 64
035 90 0f 63 57 02 e6 87 3e 20 62 6b 56 c7 7c 94 d6
036 32 80 38 48 31 2d 41 66 e5 f4 9f d8 e0 25 f9 24
037 02 2e 93 ba 5d 4c 43 5e aa fb 72 59 bd 81 0d 58
038 58 72 47 7a 32 3b 6c 15 ea 7b 4a 68 2b af f0 2f
039 40 29 29 33 02 7a 04 8a e4 ec 0a 96 00 00 00 00
040 eb b9 3f d1 8c ca 2b ae 32 30 b4 43 ab d6 8b 99
041 18 57 bb 16 00 00 00 00 00 00 00 00 00 00 00 00
042 cf df 00 9a 3f 63 00 2d 29 a5 18 74 f0 de a6 64
043 90 0f 63 57 02 e6 87 3e 20 62 6b 56 c7 7c 94 d6
044 32 80 38 48 31 2d 41 66 e5 f4 9f d8 e0 25 f9 24
045 02 2e 93 ba 5d 4c 43 5e aa fb 72 59 bd 81 0d 58


ELF header
type: Executable file
machine: PowerPC64
version: 1
phdr offset: 00000000_00000040
shdr offset: 00000000_00b7cf60
entry: 00000000_004e8810
flags: 00000000
header size: 00000040
program header size: 00000038
program headers: 7
section header size: 00000040
section headers: 32
section header string table index: 31

Program headers
type offset vaddr paddr
memsize filesize PPU SPE RSX align
LOAD 00000000_00000000 00000000_00010000 00000000_00010000
00000000_004c3a70 00000000_004c3a70 r-x --- --- 00000000_00010000
LOAD 00000000_004d0000 00000000_004e0000 00000000_004e0000
00000000_00030184 00000000_00030184 rw- --- --- 00000000_00010000
LOAD 00000000_00510000 00000000_10000000 00000000_10000000
00000000_00514800 00000000_00514800 r-- r-- --- 00000000_00010000
LOAD 00000000_00a30000 00000000_10520000 00000000_10520000
00000000_0016ddc8 00000000_00141750 rw- rw- --- 00000000_00010000
LOAD 00000000_00b71750 00000000_00000000 00000000_00000000
00000000_00000000 00000000_00000000 rw- rw- rw- 00000000_00010000
????? 00000000_00500180 00000000_00510180 00000000_00510180
00000000_000001b8 00000000_00000004 r-- --- --- 00000000_00000008
????? 00000000_004c3a50 00000000_004d3a50 00000000_004d3a50
00000000_00000020 00000000_00000020 --- --- --- 00000000_00000008

Section headers
[Nr] Name Type Addr ES Flg Lk Inf Al
Off Size
[00] NULL 00000000_00000000 00 00 000 00
00000000_00000000 00000000_00000000
[01] PROGBITS 00000000_000101c8 00 wa 00 000 04
00000000_000001c8 00000000_0000002c
[02] PROGBITS 00000000_000101f8 00 wa 00 000 08
00000000_000001f8 00000000_004c1f54
[03] PROGBITS 00000000_004d214c 00 wa 00 000 04
00000000_004c214c 00000000_00000040
[04] PROGBITS 00000000_004d218c 00 wa 00 000 04
00000000_004c218c 00000000_00000024
[05] PROGBITS 00000000_004d21b0 00 a 00 000 04
00000000_004c21b0 00000000_0000189c
[06] PROGBITS 00000000_004d3a50 00 ae 00 000 08
00000000_004c3a50 00000000_00000020
[07] PROGBITS 00000000_004e0000 00 ae 00 000 04
00000000_004d0000 00000000_00000178
[08] PROGBITS 00000000_004e0178 00 ae 00 000 04
00000000_004d0178 00000000_00000104
[09] PROGBITS 00000000_004e027c 00 ae 00 000 04
00000000_004d027c 00000000_00000004
[10] PROGBITS 00000000_004e0280 00 ae 00 000 04
00000000_004d0280 00000000_00004cb4
[11] PROGBITS 00000000_004e4f38 00 ae 00 000 08
00000000_004d4f38 00000000_000038c4
[12] PROGBITS 00000000_004e8800 00 ae 00 000 04
00000000_004d8800 00000000_0001d728
[13] PROGBITS 00000000_00505f28 04 ae 00 000 08
00000000_004f5f28 00000000_0000a258
[14] PROGBITS 00000000_00510180 00 ae 00 000 08
00000000_00500180 00000000_00000004
[15] NOBITS 00000000_00510188 00 ae 00 000 08
00000000_00500184 00000000_000001b0
[16] PROGBITS 00000000_10000000 00 a 00 000 128
00000000_00510000 00000000_000b63e8
[17] PROGBITS 00000000_100b63e8 00 a 00 000 04
00000000_005c63e8 00000000_00000028
[18] PROGBITS 00000000_100b6410 00 a 00 000 04
00000000_005c6410 00000000_00000004
[19] PROGBITS 00000000_100b6414 00 a 00 000 04
00000000_005c6414 00000000_00000004
[20] PROGBITS 00000000_100b6418 00 a 00 000 04
00000000_005c6418 00000000_00000004
[21] PROGBITS 00000000_100b641c 00 a 00 000 04
00000000_005c641c 00000000_00000004
[22] PROGBITS 00000000_100b6420 00 a 00 000 04
00000000_005c6420 00000000_0000002c
[23] PROGBITS 00000000_100b644c 00 a 00 000 04
00000000_005c644c 00000000_0000001c
[24] PROGBITS 00000000_100b6480 00 ae 00 000 128
00000000_005c6480 00000000_0045e380
[25] PROGBITS 00000000_10520000 00 ae 00 000 128
00000000_00a30000 00000000_0014174c
[26] PROGBITS 00000000_10661750 00 ae 00 000 08
00000000_00b71750 00000000_00000000
[27] NOBITS 00000000_10661750 00 ae 00 000 01
00000000_00000000 00000000_00000000
[28] NOBITS 00000000_10661750 00 ae 00 000 16
00000000_00b71750 00000000_0002c678
[29] PROGBITS 00000000_00000000 00 00 000 01
00000000_00b71750 00000000_0000b6c0
[30] PROGBITS 00000000_00000000 00 00 000 04
00000000_00b7ce10 00000000_00000028
[31] STRTAB 00000000_00000000 00 00 000 01
00000000_00b7ce38 00000000_00000126

Also from naehrwert via Twitter:

• scetool now supports compression of data sections!

EiKii's Avatar
#12 - EiKii - 72w ago
Reply
seems like naehrwert found that hes SELFs are working on 3.56. And are working on a update of scetool yet again (0.1.1 doesent make valids - twitter.com/#!/naehrwert/status/153570111750545408)

• no it seems 3.56 doesn't check for it, only 3.56+
• But not generated by version 0.1.1, I'll release a fixed one soon!
• apparently NPDRM SELFs generated by scetool DO work on 3.56 lol
• http://pastie.org/3106873



scetool.exe --sce-type=SELF --key-revision=0 --self-auth-id=1FF000000A000001 --self-vendor-id=FF000000 --self-type=LDR --self-fw-version=0003004100000000 --encrypt friday.elf friday.self

lets hope this helps KaKa

Page 40 of 43 «3839404142LAST »

Related PS3 News and PS3 CFW Hacks or JailBreak Articles

Simple PS3Updates v1.6 Build 2 Final PS3 Homebrew App Updated
Video: Super Pixel Jumper v1.2 PS3 Homebrew Game is Released
Video: Pointman: The Akkadian Wars PS3 Homebrew Game Arrives
PSPMinis / PS3Minis / Bite v1.5.1 Update for PS3 is Now Released
PS3 Fan Control Utility v1.7 for PS3 CFW CEX 3.41 to 4.41 Arrives
PSPMinis / PS3Minis / Bite v1.5 for PS3 with PSP Homebrew Support
Affiliates  NewsNow  Privacy  PS3 CFW & MFW  PS3 Hacks & JailBreak  PS3 Reviews  PS3 Videos  © 2013 PlayStation 3 News

PlayStation 3 Links

Contact Us E-Mail
PS3 Affiliates
PS3 CFW & MFW
PS3 Debug Firmware
PS3 Decrypted PSN Links for CFW
PS3 Downloads
PS3 EBOOT.BIN Original File Links
PS3 Firmware
PS3 Game Releases List
PS3 Guides & Tutorials
PS3 Hacking Guides and Tutorials
PS3 Hacks & JailBreak
PS3 Help & Support
PS3 JailBreak Game Compatibility List
PS3 JB2 / True Blue (TB) Game Links
PS3 multiMAN Updates
PS3 News Forums
PS3 News Site FAQ
PS3 News Site Advertising FAQ
PS3 News Site Posting FAQ
PS3 News Site Privacy FAQ
PS3 News Site Rules
PS3 News Site Tag Cloud
PS3 News Site Terms
PS3 Resources
PS3 Reviews
PS3 Save Files Repository
PS3 Themes
PS3 Trophies List
PS3 Videos
PS Vita Trophies List

PlayStation 3 News Discussions
Video: Men's Room Mayhem Queues Up on PlayStation Vita Today - 1h ago

StanSmith's Avatar
Quote Doesn't sounds like the sort of game I would find fun. Who wants to clean piss for a game? People don't want to do it for a job so why would a game of...
By StanSmith with
 1 Comment »
Video: XBox One Next-Generation Console Unveiled by Microsoft - 1h ago

PS3 News's Avatar
Quote Following up on yesterday's rumors, Microsoft officially unveiled their XBox One next-generation console as part of XBox Reveal today. Below are al...
By PS3 News with
 0 Comments »
Sony Introduces a Better, Faster PSN Video Streaming Technology - 1h ago

PS3 News's Avatar
Quote Sony Senior Marketing Specialist James Cullen officially introduced a better, faster PSN video streaming technology service today alongside a r...
By PS3 News with
 0 Comments »
FarSight: The Pinball Arcade Season One Bundle: 18 Tables, $29.99 - 1h ago

PS3 News's Avatar
Quote FarSight Studios Lead Designer Bobby King unveiled The Pinball Arcade Season One bundle today, which includes 18 tables for $29.99 with details...
By PS3 News with
 0 Comments »

Latest PlayStation 3 Trophies
 Ratchet: Deadlocked HD: Gut Wrencher
 Ratchet: Deadlocked HD: Landstalker Talkin'
 Ratchet: Deadlocked HD: Death From Above
Ratchet: Deadlocked HD: Spotless

Latest PlayStation Vita Trophies
 Men's Room Mayhem: Toilet Trouble
 Men's Room Mayhem: Mayhem Master
 Men's Room Mayhem: Hygiene Award
 Men's Room Mayhem: Sand in the Face

Latest PlayStation 3 Releases
Kamen Rider Battlide War JPN PS3-Caravan - 05-21-2013
Resident Evil Revelations PS3-ANTiDOTE - 05-19-2013
Muvluv Alternative Total Eclipse JPN PS3-HR - 05-17-2013
Skate 2 EUR PS3-Googlecus - 05-16-2013

Latest PlayStation 3 Themes
 Wolverine Origins PS3 Theme - 05-19-2013
 Heavy Rain (Official) Dynamic PS3 Theme - 05-09-2013
 Wipeout HD Fury Dynamic PS3 Theme - 05-06-2013
 Batman Arkham City Dynamic PS3 Theme - 05-04-2013