PS3 Lv0ldr / Bootldr Exploit Reverse-Engineering Details by Naehrwert

1300°
73w ago - Following up on the previous PS3 Lv0ldr / Bootldr clarifications by marcan42 and wololo, today PlayStation 3 hacker naehrwert has shared some details based on reverse-engineering the exploit used to dump it.

To quote from his blog: The Exploit

As the exploit that was used to dump lv0ldr/bootldr/howeveryouliketocallit is public now, let's have a closer look at it to understand what's going on. Here is what I have reversed from lv0 (it shares the syscon portion of the code with its SPU counterpart):


 

PS3 LV0 (Bootldr Keys) Leak Development Clarification By Wololo

1300°
77w ago - Following up on the recent explanation by marcan42 (scroll down), today PlayStation 3 and Vita hacker wololo has added some clarification of his own below.

To quote from his blog (linked above): PS3 Blown open, Scene chaos, LV0 keys Leaked and Working!

Leaks, chaos and drama have been something common, and on the heels of the PSVita chaos comes the PS3s turn with both good and bad news. This event is so huge that it will completely change the PS3 hacking scene and leave Sony in the wake.

Sony will be turning in their graves today as the PS3 has been basically blown wide open thanks to other events leading up to that. In the wake of this leaves Sony in huge trouble and mostly exhausted due to the amount of progress the hacking scene has made on their devices especially with the recent Psvita PSP EMU kernel exploit.

It’s been absolute chaos in the PS3 scene for the last few days and fair enough to say has been chaotic over the last few years. Ill break down what happened and what this means for the developers and users, keep reading...

Background Information

The similarity in events is extremely blatant but its started...
 

PS3 Metldr / Per Console Key0 Update, LV0 Bootloader Decrypted?

1300°
126w ago - A few weeks back details and payloads for Dumping PS3 Per Console Keys surfaced followed by news of a PS3 Metldr Exploit, and today PlayStation 3 developer xx404xx on IRC has shared his PS3 Metldr / Per Console Key0 findings thus far.

Included below are a PS3 EID Rootkey Dumper (SELF) which is loaded through lv2patcher, an EID Decrypter Script, the required EID Static Keys and more, as follows:

[xx404xx] lol wtf you can write to metldr!!!!!!
[xx404xx] 0x17014 - Write eEID/Write metldr Holy crap, it writes passed data to the region of FLASH memory where eEID or metldr data is stored !!! And GameOS is allowed to use this service !!! Do not experiment with this service if you don't know what it does or else your PS3 will not work anymore !!!
[xx404xx] http://img841.imageshack.us/img841/1617/newbitmapimage3en.png
[xx404xx] http://img824.imageshack.us/img824/5747/newbitmapimage3f.png I highly recommend...
 







Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News