103w ago - A few weeks back PS3 Firmware 4.0 was released, and recently French PlayStation 3 developer UpSilon has made available a dump of the dev_flash contents for others who wish to examine it alongside a previous version below.
To quote, roughly translated: UpSilon, French developer already known to have deciphered some files on the console of Nintendo 3DS, ext today through his blog, the dump dev_flash firmware 4.00.
For information, dev_flash is a very sensitive part of the PS3 NAND which contains many key information such as firmware, the numbers of encryption running games and other programs, or other important files firmware. The dump of this part could therefore, if a developer managed to unpack, to facilitate the establishment of a CFW 4.00.
Upsilon also announced it has started working on the reactivation of the Service Mode (Jailbreak) on 3.56 + firmware.
From UpSilon's page: Here is a dump of the version...
111w ago - Following up on the initial PS3 JailBreak 2 news comes various PS3 CFW JailBreak 2 and JB2 Updater details today including the examination of an EBOOT.BIN from the Driver: San Francisco Blu-ray Disc in comparison to one from an official PS3 Game (BLES00891) Disc with developments on reverse-engineering the PS3 JB2 file dumps and more below.
To begin, whyudie states the following on the PS3 CFW JailBreak 2 and JB2 Updater for PlayStation 3: I just wanted to share this CFW. This CFW is intended more specifically for Jailbreak 2 dongle only. Most likely will not run well without that dongle. Perhaps some developers out there could investigate this CFW, and develop it even better.
If anyone out there want to install this CFW on your PS3. Do it at your own risk!!
JailBreak 2 Dongle Features
Can play backup games that require firmware 3.60 + (Direct boot just like the original games)
Only burned BD Disc format with some patches will work. For now, there's no info how to make a backup iso to work with this CFW.
Can play backup games from the HDD. PS3 games with FW 3.55 or lower (via internal or external hdd)
160w ago - A few days ago we reported on graf_chokolo's progress in decrypting PS3 Firmware 3.50, and today he has made available to the PlayStation 3 Wiki (linked above) his PS3 hypervisor reverse-engineering work to date, as follows:
HSPRG The hypervisor stores a pointer to some structure per LPAR in HSPRG0 register. There are actually 2 HSPRG0 values: one for each thread of Cell CPU !!! There is a HSPRG0 array at 0x8(-0x69A0(HSPRG0)) + 0x20.
LPAR LPAR = Logical Partition
lpar1 starts at 0x(unknown), and its believed to be the memory space wherre lv1 stores its variables, flags and other data.
lpar2 starts at 0x80000000000 and it's believed to be the memory space where lv2 stores its variables, flags and other data.
The pointer to active LPAR is stored at -0x67E8(HSPRG0).
vtable 0x0033CA40 (3.15)
Member variables offset 0x38 - some pointer
offset 0x50 - LPAR id (8 bytes)
offset 0x70 - pointer to VAS id bitmap
offset 0x78 - power of 2 of word size from VAS id bitmap (4 bytes), equal to 6
offset 0x7C - number of 64-bit words in VAS id bitmap(4 bytes)
NZHawk has released Awesome PeekPoke today which dumps live ram using peek/poke commands and posted a video of it in action along with a Patch App that will patch the offset 57410 with the data 48000098- launch...