To quote: My PSGroove fork is up! Functions are relocatable and it includes the USB stick apploader payload.
This fork comes with multiple payloads, which you can enable by editing port1_config_descriptor.S. All payloads have been rearranged so that they do not use hardcoded addresses anymore; you can rewrite and resize functions without worrying about offsetting others.
### Default Payload
The default payload performs the basic PSGroove exploit; it allows you to install and run unsigned packages.
### Apploader Payload
This payload makes use of the /app_home/PS3_GAME menu item. You may place an application on a USB drive under the PS3_GAME folder to run it without installing a package.
Note that simply extracting a .pkg onto the USB drive is not quite enough for a program to run. EBOOT.BIN must be slightly modified to boot properly.
Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!
etc etc. most notably, his payload STOPS right before the normal /dev_bdvd would start.
if anyone else wants to play around a bit and see, just do a:
make -f Makefile.payload
then open up the .h file. this will create aerialx's payload. to compare to the 'default' payload included with his source for comparison, edit port1_config_descriptor.S then remake the payload with the above command.
this is all way beyond my knowledge right now and i dont see it as simple as just inserting some of the code from the default to his payload.