94w ago - Following up on the previous True Blue (TB) PS3 JailBreak 2 (JB2) DRM-infected dongle news comes a WIP update from Shadoxi on dumping and decrypting the TB and Cobra payloads below, as follows:
I have figured out where the payload is located of the TB and Cobra dongles. You can find it at offset @360000 in lv2_kernel and 7f0000 in PS3 memory. According to the PS3 Developer Wiki (ps3devwiki.com/index.php/ReDRM_/_Piracy_dongles) the LV2 dump payload at 0x7f0000 has also been decrypted @ LV2 dump 0x7f0000 (pastebin.com/3VG76HQs)
Drag and drop payload in IDA and load it in Binary file mode, Processor type PPC.Press...
108w ago - Today the True Blue PS3 JB2 v2.2 USB JailBreak dongle update has arrived, and similar to the first version also came the free True Blue Unpkg'd / Unself'd PKG file and Payload from PlayStation 3 scene hackers!
111w ago - PlayStation 3 developers have been busy recently working on payloads for dumping the PS3 per console keys, as once the per_console_key_0 is obtained with full EID decryption dongles and burned BR-D's may be a thing of the past.
Below are details from sphinxkoma and the PS3 Wiki (ps3devwiki.com/index.php?title=Talk:Per_Console_Keys) on dumping the per_console_key_1 via Kaz... it's only a matter of time for per_console_key_0 which unlocks everything we need.
To quote: PS3 Per Console Keys
EID crypto is very complicated, it is done so on purpose. first of all EID0 isn't decrypted with one key, and one algorithm alone. it is decrypted in several parts which use different algos and keys. the keys are all derivations of a per console key (per_console_key_1) which is stored inside metldr and copied by it to sector 0 and never leaves isolation. that same key is a derivation of the per console key (per_console_key_0) used to encrypt metldr and the bl in the first place as well.
isoldr clears that key from sector 0 before jumping to the isolated module. but before doing so it encrypts it with another keyset and stores it in a buffer so that the isolated module can use the new crafted key. since the operation is AES, if you know that keyset you can decrypt...
The PS3 SELF loader will load the files directly without the need to package them. Just FTP them over to your PS3 or place them on a USB stick and load them.
From the NFO File: b0xloader - SELF Loader 1.0
A Simple SELF launcher for the Playstation 3.
Install the package to PS3
Select a Fake signed SELF from the menu and press X to launch.
The SELF you are launching must be "fake signed" for it to launch, if not it will bring you back to XMB, This is good for quick testing your development/test builds without repacking to a PKG every time. Future support will be added for non-signed SELF/ELF's
"The age of miracles is past."
Greetz to DeLiGhT
12/9/10 - b0xloader 1.0
10/2/10 - FTP Server 1.2
157w ago - Today DanyL has announced at PSX-Scene (linked above) that he has started work on a PS3Payload Downloader project, and although it is currently a WIP he states a release will be incoming as soon as work is completed.
To quote: I'm happy to announce a new project I'm working on, called PS3Payload Downloader.
It's a program that gathers all the payloads for all the platforms (rockbox, teensy, psfreedom and so on) in one place and allow you to download them.
As all my other projects - it's an open source. I'll release the source in github when I'll finish working on it.
Most of the programming is done, what I still need to do it:
• Improve search engine
• Improve GUI - Done
• Create a Logo - Done
• Create an updater - Done
• List and upload all the payloads (Uploaded and listed = 76 payloads)