Winskeet Update v111120 for PlayStation 3 is Released

Category: PS3 Hacks & JailBreak By: PS3 News - (twitter.com)
Tags: winskeet ps3 winskeet ps3 updates winskeet v111120 winskeet playstation 3 uf6667 ps3

78w ago - Today PS3 developer uf6667 Tweeted that he has updated Winskeet to version 111120 stating that 110819 is now officially obsolete (NAND works, also using WinUSB now) alongside iSkeet and YASkeet updates with details below.

Download: Winskeet Update v111120 for PS3 / iSkeet v20111120 / YASkeet v20111120‎

Changelogs:

New WinSkeet - 110819 is now officially obsolete (NAND works, also using WinUSB now)

#ProgSkeet: New iSkeet
#ProgSkeet: New YASkeet
#ProgSkeet: Complete solderless NAND dualboot POC works, no more cutting traces!

ProgSkeet Flasher

Recent Changes and History:

111004:

New Qt GUI implemented
Linux and MacOS X support
Added predefined and user presets
Fixed ability to select invalid ranges
Added a file patcher
Flasher: Added support for canceling running operations
Flasher: Added USB device reset
Flasher: Added support for erasing as a stand-alone operation
Flasher: Added cycle period selection, should help with longer cables
Flasher: Added abort on error option
Flasher: Reodered operations, full read, full erase, full write
Flasher: Fixed bug with unreliable GPIO operation
NOR: Added new write mode "Dual word program"
NOR: Added display of total flash size
NOR: Fixed flashing of the second half of Samsung K8Q2815UQB and likely other dual chip NORs
NOR: Added erase block region configuration
NOR: Added selection of number of bytes for buffered write
NOR: Added support for Spansion S29GL128N90TFIR2
NAND: Made custom ranges work
NAND: Added Dual-NAND reading. Reads a block from two NANDs simultaneously, thereby doubling the speed.

11xxxx:

Flasher: New buffer handling.
NOR: Added new timing options. Static timing will be configurable later.
NOR: Added preset for Samsung K8P2716UZC-QI4D

Notes:

Differential flash, if you haven't noticed yet, will skip unnecessary writes (compares data on chip vs data in file)
The Ready triggered timing requires you to bridge the RDY and the GP4 pins together (still needs to be connected to the target RDY)

yours truly,

uf6667

Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!

97 Comments - Go to Forum Thread »

#22 - PS3 News - 93w ago

Below are some more ProgSkeet Diagram updates.

ProgSkeet Diagram and Flasher Changelog: 08/04/11

• Updated VER-001
• Added 80 GB (taken from twitter of PHIRENZ)

ProgSkeet Diagram and Flasher Changelog: 08/05/11

• Updated DIA-001 and added JSD-001, DYN-001... next update includes 2 or 3 more

Also from uf6667 (twitter.com/uf6667/status/99504102089830400) comes an updated NorUnpack (pastebin.cc/index.php?show=60) to support ProgSkeet dumps - Usage: "./norunpack 1"

// Copyright 2010 Sven Peter
// Licensed under the terms of the GNU GPL, version 2
// http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt

#include
#include
#include
#include
#include
#include "tools.h"

static u8 *nor = NULL;

static void new_dir(const char *n)
{
mkdir(n, 0777);

if (chdir(n) < 0)
fail("chdir");
}

static void do_toc(u8 *ptr)
{
u32 n_entries;
u32 i;
u8 *p;
u8 *tmp;
u64 size;
char name[0x20];

n_entries = be32(ptr + 0x04);
p = ptr + 0x10;

for(i = 0; i < n_entries; i++) {
memcpy(name, p + 16, 0x20);

if (strncmp(name, "asecure_loader", 0x20) == 0) {
new_dir("asecure_loader");
do_toc(ptr + be64(p));
if (chdir("..") < 0)
fail("chdir(..)");
} else if (strncmp(name, "ros", 3) == 0) {
new_dir(name);
do_toc(ptr + be64(p) + 0x10);
if (chdir("..") < 0)
fail("chdir(..)");
} else {
tmp = ptr + be64(p);
size = be64(p + 0x08);
if (be32(tmp + 0x10) == 0x53434500) {
tmp += 0x10;
size -= 0x10;
}

memcpy_to_file(name, tmp, size);
}
p += 0x30;
}
}

static void modifyimage(u8 *ptr)
{
u32 i;
u8 temp;
for(i=0; i 3)
modifyimage(nor);

do_toc(nor + 0x400);

return 0;
}

ProgSkeet Flasher Changelog 08/07/11:

• The comboboxes are bigger now, can't be edited and show the values with a scrollbar.
• Made the NAND part idiot proof. Enjoy.

ProgSkeet Flasher Changelog 08/08/11:

• It seems there are problems in Windows 7 and since I don't have Win7, please find the log file in C:\ProgSkeet.log and put it on pastebin.cc so I can take a look... thanks!

ProgSkeet Flasher Changelog 08/11/11:

• NOR: Rewrote entire NOR driver. NAND is unmodified.
• NOR: Write-To-Buffer Programming method optimized (added timeout) Note: not every device supports this. Please consult the datasheet if you are facing problems.
• NOR: Erase Sector optimized (added timeout)
• NOR: Forced verify and differential flash
• NOR: Can't enter values anymore, thanks to RAIDEN (if only some people could read...)

Note: Some NOR flash devices have bad sectors (usually just a few bytes, but enough for entire systems not to work). These will be reported in C:\ProgSkeet.log If you have such a device (for example, I heard this happens with RSOD on PS3), you should relocate the sectors to somewhere else or replace the NOR flash device.

110811-A:

• NOR: Fixed fault in timeout of programming/erasing. Also increased it to 3.5seconds per line and per sector.

110811-B:

• NOR: Added wait on erase sector.

110811-C:

• Improved flashing speed

110811-D:

• Added "tries" for flashing. It is currently hard-coded to 5 tries.

#21 - PS3 News - 93w ago

Below are some pics and a ProgSkeet review from French site L-S: logic-sunrise.com/news-327205-review-ls-le-progskeet-est-arrive-chez-nous.html

To quote, roughly translated: LS Team is pleased to present a new review of products for your changes to consoles. Today we will test the promising ProgSkeet, as we already reported in our news

We will start with a small reminder: ProgSkeet is a program to dump all the flash and flash memory (NAND / NOR), so for us it will be more designed for Xbox 360, Wii, PS3 already supported. The team said that other devices will be supported later as satellite receivers dreambox. So this will allow you to retrieve an image or flash memory of your console, but also debricker your console or to the Dual-NAND.

This kind of product already exists but ProgSkeet Team put forward a speed unmatched dump before. We will now see if the team has delivered.

The progskeet comes Ready To Use, and is already programmed but is easily updatable via Injectus or Proflash 3 (support JTAG programming cables should also be created) for future updates to the microcontroller. At first sight, one notices that the progskeet is a quality product that is not at all "cheap" with its almost 2mm PCB and solder treated.

Like any device connecting to the PC, install the drivers available on the official site, nothing complicated.

We must now verify that your ProgSkeet works well for this, we use the software and we do UF6667 "test shorts."

If you have "No Short found! Device Properly working" brand, your controller is functional and the drivers are installed correctly.

You can now start the welds.

To do this, you use the charts provided by the Team, I have done the test on an xbox.

Now connect your PC to your Progskeet powered console and click a NAND. You should see the ID down with XXXX XXXX changed the ID of your NAND. In my case, a Jasper 512 is a Samsung nand with ID EC DC 10 95 54.

We must now choose what you want to dump, you can retrieve the information in the manufacturers datasheet, just look at the reference of the chip and do a google search. I put what it takes to set up Xbox.

16MB
[] Big block [x] Raw
Pages per Block: 32
Block Count: 1024

256MB
[X] Big block [x] Raw
Pages per Block: 64
Block Count: 2048

512
[X] Big block [x] Raw
Pages per Block: 64
Block Count: 4096

After just under 10 minutes, my 512MB nand was dumped, can be seen at an average speed of 0.88mo / s. For comparison, to dump a module with 16MB USB SPI whatever, it takes more than 6min ...

So we can say that at speed, there is no photo ... the team has clearly delivered on its promise.

Now a little more balance with the lowest for the 360:

Cons:

• More welds a USB SPI.
• We must completely disassemble the CM to access the spot welds in the CM.

Pros:

• The speed is almost the dump when a 512MB USB spinnaker in 16 dump ...

Acknowledgements:

• Team ProgSkeet for their sample.
• UF6667 for its soft and help.

#20 - PS3 News - 94w ago

Below are some ProgSkeet installation diagram and Flasher updates from their site along with a NOR GENERAL PINOUT + PINOUT OF ZIF 50 PIN connector: progskeet.com/forum/viewtopic.php?f=2&t=16 and I added a ProgSkeet: Dumping a PS3 NAND video to the first post as well.

Just updated the DIAGRAMS COLLECTION RAR file in download area.

• Added the GENERAL NOR PINOUT
• Added the 50 PIN zif connector PINOUT on the back of PROGSKEET

Programmer now works with NOR Flash too. It can flash partially in less than a minute

ProgSkeet Diagram and Flasher Changelog: 08/03/11

• Removed DualNandNew.bmp (this is for prototype, sorry)
• Added Dual NAND diagram (with the switch), read below for instructions.
• Fixed: issue with "Test Shorts" - ONLY USE THIS WHEN PROGSKEET IS NOT CONNECTED TO ANY DEVICE!!! OTHERWISE IT GIVES FALSE POSITIVE!!!

#19 - Zero1376 - 96w ago

i can't wait till this comes out so i can add it to the list of jb devices i already have.

#18 - PS3 News - 96w ago

Here is an interview with the developer for those curious: fronttowardsgamer.com/2011/07/15/exclusive-hacker-talks-progskeet-geohot-and-why-he-doesnt-give-a-sht-about-sony/

I recently got the opportunity to ask a few questions to hacker uf6667 about a project recently announced as nearing completion: ProgSkeet or "The Last Mile", a device that has the ability to bypass the PS3′s security and downgrade it's firmware.

Hacking and homebrew on the PS3 have been a contentious issue ever since Sony removed the ability to install Linux on the PS3 when hacker Geohot took advantage of it and broke through the PS3′s security. This sparked what has been a tumultuous couple of years for Sony and gamers, seeing the PS3′s data encryption key released to the public and PSN being brought offline.

But it isn't over yet, as new devices, such as ProgSkeet begin to pop-up, but what does the developer of this latest device have to say?

What exactly is ProgSkeet and what does it enable users to do?

It's a device that allows you to read and program non-volatile memory (NVM), in the strictest meaning... What can be done with it? Well, say you have this new car and want to mess with its calibration data - pop the hood, find the ROM (NAND/NOR, supports both), solder it to it, hook it up to your computer via USB, fire up the software, do the work. This is NOT limited to cars - it can also program flash that is contained in PS3, PSP, PSP Go, Wii and Xbox 360. Large block, small block, doesn't matter!

For what purpose was ProgSkeet designed and developed?

Programmers used in the industry cost thousands of euros and there is no cheaper solution to this problem... until now. It can match both performance as well as low price range to complete the purpose... Sure it'll kill some businesses because their engineers are still paying for student loans but hey, what do you care?

How does ProgSkeet compare to say, the PS Jailbreak Dongle or Infectus?

Let me make one thing clear: it was NOT designed for PS3 in mind. It's just lucky that PS3 supports NVM. Comparing it to PS Jailbreak is like comparing apples to oranges.

But back to the subject - Infectus is good for what it does but it's limited in both speed as well as support. See, Infectus can reach speeds like 50kB/s whereas ProgSkeet can do 1MB/s without hassle. Plus, the customer is king - in this case, the user can either choose one of the available configurations for flashing or add new ones (MoviNAND for example) - you no longer have to wait for a team to update their software to accustom your needs - you can just read the datasheet by yourself and add the configuration.

The question is: do you want a product that is never updated, limited in capabilities and slow (Infectus) or do you want something that's fast, has steady support and keeps adding features?

PS3 (NAND+NOR), 360 (NAND, big block + small block), Wii (big block) are already supported. You can add more if they are not yet supported. Just need like 10 pieces of information from the datasheet.

When did you start development on ProgSkeet and why?

I am NOT "the cook" but he tells me he started in like 2007 or something for a school project with a USB core of his own. This year he introduced it to me and I started working on the software, suggesting changes in the hardware, etc. I have sht loads of things I can flash but no device to do the job. I don't fancy reversing a TAP for each and every device. Too much hassle.

When will ProgSkeet release and how much will it cost?

Production will be done July 15th (I was told), so expect it very soon. Software just needs some ironing here and there but will be functional by the time it can be ordered.
Expect the cost to be less than 50EUR (I don't know the exact cost but for sure not over 50EUR).

After seeing Sony's treatment of GeoHot, are you worried that they will come after you as well?

Well, this is a complicated question. GeoHot "extorted" Sony on paper ("If you want it secure bla bla bla hire me") and accepted donations at some point. That's him making money after a failed extortion. In this case, we don't give a sht about Sony. I don't even play PS3. If you want to use it on PS3, go right ahead, then each and every producer of flashers will be prosecuted or in this case: persecuted.

"The cook" was *explicitly* advised to remove the sniffing abilities to get rid of any kind of troubles. Originally, it was intended as a programmer, logic analyzer, and pattern generator - all very legal in their own purpose - however, in a potential civil lawsuit, this could escalate to criminal lawsuit, due to European/International IP laws, specifically concerning intended circumvention of TPMs. It's like distributing hunting rifles without a licence: you're bound to get fcked when the first idiot commits homicide/suicide. Don't make it possible and you're free from worries.

In conclusion, if you're into homebrew: be excited, but if you're just interested in playing games then there's nothing to worry about.