Sponsored Links

Sponsored Links

 

PS3 Hacker KaKaRoToKS Interviewed, Says 3.60 Solution Coming

1350°
196w ago - Today Myce.com (linked above) interviewed PS3 hacker KaKaRoToKS, who states that a PS3 Firmware 3.60 solution is indeed coming after reports and videos of a 3.60 JailBreak running code circulated last week.

Below is the the KaKaRoToKS interview in full, to quote:

What are your thoughts on the recent PS3 3.60 firmware cracking video that was uploaded and removed over the course of a day last week? Many dubbed it fake and said it was a debug PS3, but when we chatted with the guy who uploaded it he defended it as real and said it was a retail unit.

I’ve seen the videos, and I also talked to the people who did it. Whether it’s fake or not, I cannot tell as I have not been authorized by the authors to divulge what they did. All I can say is that they said they would never release it, so whether it’s fake or not has no importance, since in the end no one will have access to it.

However, as I’ve said to a few people on Twitter, the hack that was used on 3.55 and lower was unique and Sony fixed it. So, that’s...
 

PS3IDA and PS3 Jump Table Analyzer v0.1 for PS3 Devs Arrives

350°
197w ago - Today KaKaRoToKS has announced that PS3IDA and PS3 Jump Table Analyzer (PPCJT) v0.1 for PS3 Devs is available and for use with [Register or Login to view links] interactive disassembler and debugger.

Download: [Register or Login to view links] / [Register or Login to view links]

To quote: It's been a while since my last post! A lot has been happening lately, I've mostly kept my followers updated on what's new through my Twitter account, but I think that this deserves a post of its own!

I've been reversing some PPC code in IDA and unfortunately, it doesn't handle the PS3 files very well, so I wrote a lot of scripts in order to make it parse the files properly! There was one thing missing though that I couldn't do with an .idc script : handling of jump tables.

Yesterday, I took on the task of writing an IDA plugin in order to parse the ppc code and find jump tables and define them in IDA's kernel so the analysis is done properly! It was a very fun and exciting challenge that I enjoyed doing, and I'm happy to say that I succeeded and it works very well (on the files I tried anyways).

The IDA API is extensive and easy to use, and allows you to do pretty much anything!...
 

EZPayloadToTi: Make PSGroove Hermes and Kakaroto Payloads

500°
217w ago - Today DJpopol on PSX-Scene.com (linked above) has released EZPayloadToTi v1.1 along with some updates below which allows PS3 JailBreak users to easily make PSGroove Hermes and Kakaroto payloads.

Download: EZPayloadToTi v1.1 / EZPayloadToTi v1.3

To quote: With this you can make payloads (Hermes & Kakaroto).

You must compile the payload's source before.

How-to use:

1. Select .bin file.
2. Give it a new name for your payload (8 characters required).
3. Click GO.
4. Now, you should have a new file, whatever name you gave it, ending with extension .8xv

Changelog for v1.1:

• Supports payload Kakaroto.
• English translation for languages other than French.
• The destination folder can now be chosen.

v1.2:

• Now You Can Choose Name of Kakaroto.8xv
• You Asked To Choose Bin File Than Payload's Compiled Folder. It's done.
• But Be careful if the Bin Filename is different than hermes's Bin or Kakaroto's Bin. (You'll Seen Payload Unknown). It do the same than To8xv.exe.

v1.3:

* Kakaroto support...
 

KaKaRoTo on The PSGroove / PSFreedom PS3 Payload Mess

1150°
219w ago - Update: The latest PSFreedom build (with PL3) is now available for both iPhone 2G/3G and iPod Touch 1G with details posted HERE, and Zaxtron has released what he calls Zaxtron Front End Multi PS3 Firmware And Multi Payload for iPhone 2G and 3G with PSFreedom 1.1 Payloads.

Today PSFreedom author KaKaRoTo discusses the current PSGroove / PSFreedom PS3 payload mess.

To quote: "I see a lot of people asking me some questions and I notice a lot of ignorance in the net about the different payload and the latest PL3 payload. So I want to make things clear..

First of all, people should stop talking/requesting/using the hermes v3 payload, I don't like his work, and the payload is not good, it might crash the system in some cases, it's not written properly, and hermes doesn't even seem to understand how git works.
 

KaKaRoTo on How to Port PL3 to an Exploitable PS3 Firmware

700°
221w ago - Today KaKaRoTo detailed how to port PL3 to an exploitable PS3 Firmware via Github (linked above).

To quote: "How to port to a new Firmware (but < 3.41) :

First disable the JIG mode, and try to bruteforce the position of the payload with a panic payload (add 'b panic' at payload_start in dump_lv2.S), until you can get a hit reliably (see [Register or Login to view links]).

Then replace the payload with the original dump_lv2 payload, and connect the ps3 through ethernet to your PC and run wireshark to capture your dump... Run the payload, then once the ps3 panics (to tell you it's done), you can save your wireshark dump to a file in .pcap format.

Then run the tools/dump_lv2_pcap_to_bin program to dump the lv2 binary from the pcap file captured by wireshark.

Open the dump with IDA, set the processor to 'ppc', then run the dump_lv2_analyzer.idc IDC file from the tools directory to get it analyzed and follow the instructions (set TOC table in IDA options).

Once you are done, set the TOC_TABLE value in PSFreedom/PSGroove and set the syscall_table define in macros.h.S.

Then look for the position of the JIG response offset in the dump by searching for a recognizable string you previously put in there. You can now set the JIG response address...
 
Sponsored Links

Sponsored Links
Sponsored Links

Sponsored Links






Advertising - Affiliates - Contact Us - PS3 Downloads - PS3 Forums - Privacy Statement - Site Rules - Top - © 2015 PlayStation 3 News

Sponsored Links