Sponsored Links

Sponsored Links

Sony PS3 Slim CECH-2000 System Flash Dumped!


Sponsored Links
239w ago - Here is a little piece of news we skipped over when our PS3 Reference Tool arrived.

One of our resident PS3 DEV's CouRieR extracted the flash of a PS3 Slim (CECH-2000) European console with Firmware 2.75 a few months back by removing the chip, and dumping it with an external reader along the lines of the [Register or Login to view links].

The chip, a Samsung K8Q2815UQB, is a 128 Megabit flash chip. The dump, which weighs in at 16.0 MB (16,777,728 bytes), is quite similiar to that of a later model PS3 with the smaller flash.

Earlier generation Fat PS3's, those that sported dual 1 Gigabit flashes, had two copies of the PS3 firmware along with a full AES filesystem (for /dev_flash) on the flash.

The PS3 Slims, like later generation Fat's, have the AES filesystem (/dev_flash) on the Hard Disk Drive, and mounted virtually (like a loopback) with only one copy of the firmware.

Both the Fat and Slim PS3 systems feature everything that one would expect: a bootloader, corresponding core operating system LV1/LV2 SELF's, along with corresponding isolated SPU code - all encrypted of course.

Since everything is encrypted, and tied per box, the Slim's flash is really no different from that of a Fat PS3 - makes you really wonder what the "hardware differences" that made OtherOS incompatible were.

Finally, for those who'd like to take a peek, here is the PlayStation 3 Slim's FileList Dump Log!

Next week we will share some exciting PS3 Service Mode information, specifically on what we got in the mail a few days back! Then we will take a tour of the PS3 TOOL XMB as promised last week.



Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!

Comments 18 Comments - Go to Forum Thread »

• Please Register at PS3News.com or Login to make comments on Site News articles. Thanks!

gtxboyracer's Avatar
#18 - gtxboyracer - 238w ago
Yeah, I suggest you search first - Namely, its multiple different types of encryptions, and multiple layers of it. How you state will not work, not to mention just cracking the encryption by analysis / brute force will not work with any modern encryption system, short of using every supercomputer in the world - and even then, you need to know how the system works in order to brute it.

Agreed - especially how i'm now working in that industry. Brute forcing only works if you know what you are dealing with. - that as well as you can't split it into sections and divide it up against multiple hackers - its designed to be encrypted as a whole, therefore need to brute force it in one section (or one piece). That being said, even the firmware signed hashes (SHA1-MD5 i think) is impossible without the original key to create. Therefore impossible to brute-force as well.

CJPC's Avatar
#17 - CJPC - 238w ago
Ok so you dumped the flash, but it's encrypted. Maybe we should get a group of code analyzers to try and decrypt it. I'm talking hardcore analyzers who read and decrypt code for fun. Break the code into several sections one section per person. then when each coder is finished with his or her section, put toghether the finished sections and they all come toghether to revise the final product and correct any missing information that may have resulted in the split and compare it to the original untill the entire file is decrypted.

Yeah, I suggest you search first - Namely, its multiple different types of encryptions, and multiple layers of it. How you state will not work, not to mention just cracking the encryption by analysis / brute force will not work with any modern encryption system, short of using every supercomputer in the world - and even then, you need to know how the system works in order to brute it.

alexcamrod's Avatar
#16 - alexcamrod - 238w ago
Ok so you dumped the flash, but it's encrypted. Maybe we should get a group of code analyzers to try and decrypt it. I'm talking hardcore analyzers who read and decrypt code for fun. Break the code into several sections one section per person. then when each coder is finished with his or her section, put toghether the finished sections and they all come toghether to revise the final product and correct any missing information that may have resulted in the split and compare it to the original untill the entire file is decrypted.

CJPC's Avatar
#15 - CJPC - 238w ago
Well, a few fold. For starters, the picture of the dump needs to have a few things done to it to become somewhat readable (like all of them, byteswap/interleave). Most of it then becomes legible (file headers, etc).

With the old systems, at least, we had a large chunk of encrypted data, that we did not know what it was for - but, we also knew what was on the flash, and it was no where to be found on the system. It was not a far leap to assume that the big piece of encrypted data was our filesystem (especially going by filesizes of the FS and files)!

DSpider's Avatar
#14 - DSpider - 238w ago
Well, it's still good news that the Slims firmware can be dumped and all... But because it's encrypted how can you tell it's been dumped correctly ? I mean, isn't it all gibberish ? Encrypted content usually looks something like


Oh, and another thing. I don't agree with Sony's take on forced updates once you're online. Imagine going through an update and experiencing a grid power failure (and you're out of warranty)... That's why service mode for regular Joes would be great -> having a backup which you can restore (even if it's tied to your own machine). So keep up the good work !

Sponsored Links

Sponsored Links
Sponsored Links

Sponsored Links







Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News