113w ago - Today PS3 hacker Mathieulh has tweeted some new details on dumping LV0 from PlayStation 3 3.60 Firmware and obtaining the new keys, followed by Ps3WeOwnYoU claiming he has already reproduced it to confirm it works.
Below are all the tweets, as follows:
xShadow125 You can update from your own pup only from 3.55 or lower, unless you have an exploit.
xShadow125 Of course that should be fixed in upcoming lv0 revisions anyway (By moving the ldrs to the top of lv0)
xShadow125 You run the 3.60 lv0, then you switch the nor, and pull the cell reset line, and you dump the extra KBs where the loaders are.
xShadow125 Basically you have a nor with 3.55 (or lower) lv0 and your own small lv1 code that does the dump, and 3.60 lv0 on the other.
xShadow125 You wont get all of lv0 but the part with the loaders shouldn’t be overwritten.
xShadow125 You can actually get all the 3.60 keys/loaders without knowing lv0 keys by dumping lv0 from ram with dual nor and signed lv1.
To those planning on building a 3.56+ pup for whatever reason, the files attributes changed, the group and user ids for the files as well.
115w ago - Just over a week ago PlayStation 3 hacker Mathieulh confirmed finding a PS3 3.56 Exploit, and today drizzthacks tweeted part of an IRC chat log where Mathieulh stated the following regarding PS3 Firmware 3.60 running homebrew code, as follows:
"[03:15] while you are insulting me like morons, I already have code running on 3.60, and I am laughing, and guess what ? I am happy I stopped sharing, you can hate me for it, I don't care."
He followed up with the following Tweets: To those planning on building a 3.56+ pup for whatever reason, the files attributes changed, the group and user ids for the files as well. The new 3.56+ values for tarballs are the following: owner_id, “0000764″ group_id, “0000764″ owner, “tetsu” group, “tetsu” ustar, “ustar”
You can use fix_tar to use those new values. Use with caution. By comparison, those are the pre-3.56 values. owner_id, “0001752″ group_id, “0001274″ owner, “pup_tool” group, “psnes” ustar, “ustar”
116w ago - Today PS3 hacker Mathieulh reports finding a PlayStation 3 Firmware 3.56 exploit, although he states he has no plans to give any further details about it.
To quote from PSX-Scene (linked above): Well-known hacker Mathieu Hervais has reportedly found a bug that allows exploiting metldr, the bootloader and firmware version 3.56. Unfortunately, he refuses to release it.
I hesitated a lot before tweeting about it, but a bug allows exploiting metldr, the bootloader and 3.56+. I don't intent to ever unveil it.
So much for "unhackable" PS3s though... I am not giving any further details about it. Sorry.
Actually the revocation list exploit doesn't allow you to exploit isoldr, you could however sign a revoke list if you had the revocation list keys and knew the sign fail, and use that to dump isoldr. Metldr does not load revocation lists.
This has been tested, how do you think I could release the lv2ldr and appldr keys ? (about 24hrs before Geohot showed up with metldr keys) This has been tested, how do you think I could release the lv2ldr and appldr keys ? (about 24hrs before Geohot showed up with metldr keys)