Sponsored Links

Sponsored Links

 

JaicraB Releases PS3 OtherOS Base Exploit and Source Code

850°
241w ago - As a follow-up to his previous work, today JaicraB has updated his blog entry with a PS3 OtherOS Base Exploit and the related Source Code for PlayStation 3 developers.

Download: [Register or Login to view links] / [Register or Login to view links]

This comes shortly after gow3forme shared a relatively larger PS3 OtherOS Exploit Module which seemed to be loaded (the command lsmod showed: exploit 10497032 1 - loading 0x000000000012000 (P+)) but nothing appeared on the video.

To quote, roughly translated: Good. Here you have a minimum base to build the otheros.bld. The BLD takes up 30 Kb and has functions to the HDD with ext2 to save the DUMP. The functions are described.

Call table incorporates LV1 and ASM functions. This ready to assemble the mechanism of the exploit. I hope this helps those concerned who did not know where to start. It has been...
 

PS3 Pulse Generator V2 with Source Code is Now Available

650°
247w ago - Yesterday JaicraB shared a PS3 Hypervisor 3.15 he dumped via Parallel/LPT1 Port with XorHack along with a redump done for comparison purposes and the PS3 Pulse Generator code.

red8316 has also posted a Dump Comparison from 010 Hex Editor in TXT and CSV formats for those interested.

Today JaicraB has updated his blog again with PS3 Pulse Generator V2- compiled and with source code included.

Download: [Register or Login to view links]

To quote, roughly translated: The pulse generator which was put very little refined and theoretically ill-posed. I really worked, but it is true that there was always the first. So I miss a second version, more refined and controlled by cycles. Because in cycles? Each computer is different, CPU, BUS, etc etc.

That is why every computer will have its own cycle which is ascertained to start from the smallest to find it. In my case is 3, MSDOS running under a VMware...
 

XorHack v2.0: The Updated PS3 Exploit Toolkit Arrives

400°
249w ago - Today xorloser has updated his XorHack PS3 Exploit Toolkit to XorHack v2.0!

Download: [Register or Login to view links]

To quote: After using the XorHack for a while I realised it was missing some things so I decided it was time for an update. New syscalls have been added to give finer control over data access, now providing 8, 16, 32 and 64 bit reads and writes.

Also some new ioctls were added to provide additional useful functions for your userland code. Lastly new userland applications were added which now give the ability to read, write and execute memory from the command line.

Hypervisor Exploit Changes

At the innermost level some more syscalls are now added to the hypervisor when initially exploiting the PS3. These use different syscall numbers to the previous exploit code in order to group them all together rather than scattering them all over the place.

This should make keeping track of them easier. There are now nine syscalls added to the PS3 upon exploiting. These are added as syscalls 32 to 40 inclusive. Previously syscalls 16 and 20 were used...
 

XorHack: The PS3 Exploit Toolkit is Now Available!

800°
251w ago - Today xorloser has shared his XorHack: The PS3 Exploit Toolkit which allows you to call lv1 syscalls (level 1 system calls) from a normal (userspace) program and run the software required when triggering the PS3 exploit from a normal userspace program.

To quote: I finally found the time to complete the PS3 exploit toolkit software I mentioned to in my previous posts. I call it [Register or Login to view links].

It allows you to call lv1 syscalls (level 1 system calls) from a normal (userspace) program. It also lets you run the software required when triggering the PS3 exploit from a normal userspace program. To give an example of how it can be used I have included the following example programs:

ps3exploit - Runs the software required to exploit the ps3, it loops a number of times which can be specified as a parameter. (This still must be used along with the "button pressing", it will not exploit the PS3 via software alone).
dumphv - Dumps the hypervisor to a file in the current directory.
dumpbl - Dumps the bootloader to a file in the current directory.
dumprom - Dumps the system rom to a file in the current directory.

The XorHack package contains full sourcecode...
 

GeoHot PS3 Hack Exploit SX28 Hardware Tutorial By Xorloser

1000°
255w ago - A few days ago xorloser propered the GeoHot PS3 Hack Exploit for all PlayStation 3 Firmware versions, and today he has detailed the required SX28 microcontroller hardware and shared the source code.

To quote: This post will deal with the hardware required to trigger the PS3 hypervisor memory access exploit. The purpose of the hardware is to stop the PS3 from saving a change to a value that we don't want changed. The PS3 saves this changed value by writing the value to RAM. Therefore in order to stop it from saving the changed value we need to stop this write from occurring.

The PS3 sends the write command to the RAM over some control lines, so we interfere with these control lines when the write command is sent. The result we want is having the PS3 think it has successfully written the value to RAM, but the RAM didn't receive the write command due to our interference and so it did not perform the write operation.

The easiest (and moderately safe) way to interfere with these control lines is to ground them. This is done easily enough by connecting a wire between one of the control lines and ground. The tricky part is timing it just right so that it only interferes with the write...
 
Sponsored Links

Sponsored Links
Sponsored Links

Sponsored Links






Advertising - Affiliates - Contact Us - PS3 Downloads - PS3 Forums - Privacy Statement - Site Rules - Top - © 2015 PlayStation 3 News

Sponsored Links