Etat du hack Ps3


Newserator
 Share

Messages recommandés

  • Réponses 532
  • Created
  • Dernière réponse

Top Posters In This Topic

franchement utiliser mfw builder c'est à la portée de tout le monde, la preuve, un boutonneux de 14 ans l'a bien fait (je suppose qu'il a 14 ans vu comment il écrit), même si ce qu'il a fait c'est de la m**** et qu'on peut faire nettement mieux :)

Modifié par sephirothff
Lien vers le commentaire
Partager sur d'autres sites

  • 3 weeks later...

today PlayStation 3 developer oct0xor shared a video of his OpenCobra Payload which aims to render the current Cobra USB dongle from Max Louarn useless.

Below are the details from his blog, as follows: "First I am going to say that this is not going to be an article, just a first blog post and some info about my recent project.

Finally I got my hands on cobra it was quite a lot of time since I touched this last time. There was s good things happened since then eg. I reverse engineered usercheat and true blue, had done a lot ps3 and not ps3 related hacking. There was a bad things eg. BlueDiskCFW, lv0 leak, a lot of devs leave the scene...

Cobra was for me really "the last" thing I have to do.

The last time when I worked on this I didnt had a dongle, and all what I had was a dump by JaiCraB. I reverse engineered it as much as possible, figure out almost all tricks, encrypton and etc. And figuare out that it reads a lot of data from dongle, and I cant do much without dongle itself. Thats why I put this project to the back burner.

Well... I had never buyed anyone dongle, and I never was not going to. All my dongles was donated (thanks again ) but not that time.

it was hard for me to make this decision but a few days ago cobra finally shipped to me...

3 days and now its all over.

Security is good enough, but not without big security risks. But it still the best crypto/obfuscation what I had seen on ps3. Sony have something to learn from this guys, especially now.

Cobra / True Blue almost identical, have the same source code, if you ever hacked 1 thing, 2nd wouldnt be a problem. The main functionality, honestly, not changed since original jb. Thats a shame. Thats why I cracking them like nuts

On the fourth day I taked a decision to make my own "OpenCobra" payload. only clean code without drm and garbage, to be able to port it to any new firmware, and change/add features. It taked 2 days, 3000 lines of asm, and you had seen the result.

Atm it based on 4.1 payload, plans for future is check/add new features from 4.4/5.0. Port to a new firmware (if cobra will not do this for me), and realize all nice innovations from new version of psp emu, such as better emu accuracy, 3D and etc...

In video you had seen Payload Loader. Thats the all code it has:

This tag related patches handled by mngr. So far I want to move it in payload. First I have to check how it handled in 4.4 / 5.0

Not sure yet when it will be released, if it will be, but we will see.

Keys!

LV2:
7174e18ad8c87a31.... 3.0
2005d05b1ac8a331.... 4.0
3902a14001cd4836.... 4.4
fd905abf25cdc236.... 5.0

APP:
3CFE6288B199F90A.... 3.0
5824D034A3CEED3A.... 4.0
8FA23E557693D4FE.... 4.1

If this subject will be interested for people, maybe I will write a full article about True Blue / Cobra analysis and hacking.

btw: Me and ~ some psp mysterious dark figure ~ reverse engineered algo for generating valid psp isos back to jule. But saves and alot of games dont work without patching. So cobra's patched emu much better there imho.

http://oct0xor.blogspot.fr/2012/12/first-post.html?spref=tw

Lien vers le commentaire
Partager sur d'autres sites

  • 3 weeks later...
  • 2 weeks later...

C'est utile ca ?

PS3 PUP Syscon Changer 1.0 Released

PUP-Syscon-changer.png

Today, developer Nathan_r32_69 releases a Windows application called PS3 PUP Syscon Changer 1.0 which allows you to install a lower firmware PUP on a higher firmware.

Use at your own risk

Only works with CFW

Instructions:

All you need to do is choose your PUP file, select Syscon version and click on start and if it works the PUP file should be renamed to NEW-PS3UPDAT.PUP

Lien vers le commentaire
Partager sur d'autres sites

Evilnat nous propose un soft quii va nous permettre de changer le Syscon check d'un fichier .PUP
Vous allez me dire a quoi cela vas me servir....

Ce prog vas vous permettre d'installer un CFW inférieur à celui déjà installé tout comme le fait le PUP downgrader 4.25 to3.55 .Ce programme fonctionne plus facilement que son homolgue .

tuto





Citation

Lancez PS3 PUP's Syscon Changer v1.0
Ensuite indiquer le chemin du. PUP de votre CFW
Ensuite choisissez la version syscon et cliquez sur START.
Vous aurez alors un 'NEW-PS3UPDAT.PU
Lien vers le commentaire
Partager sur d'autres sites

Lo all

Bah, les dongle hater's vont surement adorer ça !!!

Code Unique 3 !! Le nouveau dongle next gen destiné au triche !! newlaugh compatible tous CFW 3.55/4.21 et 4.30 !

%E7%BD%91%E9%A1%B52.jpg

Experiencing the games you like just with our Unique Dongle perfectly(CU3)
Would you hope to have enough money when you're playing PS3? YES!
Would you wanna become much stronger than you were in the games so that nobody can hurt you?YES!
Would you wanna get more bullets that never be used up? YES!
Would you wanna kill the boss instantly? YES!
Would you want super ability or weapons and to g

Functionality:
1. Unique dongle in the world which support ps3 all firmwares(Kmeaw 3.55/ROgero 4.21/4.3/Rebug4.3) simultanously
2. Built-in 4 MB Flash and ACTEL chip set, powerful calculation power, support static and dynamic multi level pointer, modify games thoroughly.
3. Provide in game screen capture.
4. Support custom db st.dat, support plain text codes, in that way take advange your own codes easily, no matter.
5. Support dual codes db update, you can switch code db in management section.

http://www.cu3.hk/Sites/cu3hk/Html/index_en.html

Lien vers le commentaire
Partager sur d'autres sites

  • 2 weeks later...

PS3 CFW 4.31 OtherOS++ With QAFlag & BD Emu By MiralaTijera WIP


Today Spanish PlayStation 3 developer MiralaTijera has shared details on his PS3 CFW 4.31 OtherOS++ WIP (work-in-progress) which contains no spoofing older Custom Firmware versions and includes QAFlag and BD Emu without a controller among the features outlined below.

To quote, roughly translated: Hi, basically I stand in the community giving what I made in the dark slowly.. This is my FULL 4.31 4.31 cfw spoof's nothing, it's all ported to the 4.31, and... I give to my multitool also called "core" which is nothing more than a self that load at startup console if this is available in the right usb of your console "/ dev_usb000 /" which among other things dumpea flash console, you enable qa flags (yes in 4.31 directly) and gets you out and gets you the factory mode... I put the specs:

CoreOS lv1 hash downgradeadas deactivated for consoles
lv1 183/182 undocummented (LV1 peek / poke)
lv1 OtherOS++
VSH: nas_plugin (all pkgs installable game_ext explore_plugin and plugin to show install package and eliminate epilepsy warning message (though the latter with qa flag leaves only) and for patched vsh rif / rap fakesign) (This last with qa flag leaves only)
default.spp: added extra memory for otheros GameOS
lv2 peek / poke, syscall 6/7,
lv1 lv2 peek / poke (optional syscall 8/9 via core)
Hermes Payload with 36 ported sc
APPLDR: lv2 memory hashing disabled from appldr (no need to have it at lv1 parcheeis) dev_flash whitelist disabled (load any keyset from dev_flash) and ECDSA Off
ISOLDR: ECDSA Off
SPP_VERIFIER: ECDSA Off
spu_utoken_processor: ECDSA off (qa flag)


Payload here to include in your C fixes and managers with the hook:

http://pastie.org/private/cxg8xvohjbh99q45jw (Payload with SC36)
http://pastie.org/private/rbmvhgepnwlisvqm1zvchq (Lv2 lv1 calls)


Now the core... is an all-in-one, this cfw to start looking at the dev_usb000 if a and a file called cellftp.self and another called copy_script.txt, enable disable search whoever can do it simply by putting the original sys_init_osd.self 4.31 in dev_flash folder / sys / internal / here and no longer seek more...

Then developed a homebrew called core which makes everything a little, the self has to go along with pendrive root folder copy_script.txt and flags with flags (functions) as you want to within when starting the console will look and run, leave a log of what was done in the root called core.log are mention the most important and tomorrow I explain a little more.

BD emu flag is for if you have not and do not controller works if you activate this flag npdrm console will behave as if the reader enabled qa, enable you qa flag directly in 4.31:

nand dump
nor dump
lv2 dump
full ram dump
etc.


The changelog here:

Core 2.6.5

2.6.5 changelog:

Added flag toggle_recovery MAKES A WIPE OF FAT darling!
Fixed 6 flags
Removed epilepsy warning


Core 2.6.0

2.6.0 changelog:

Added flag to clean debris from otheros's flag (used in cases of trouble entering recovery)


2.5.0 changelog:

Added otheros (minituto end)
dumpnandflash fixeado dumpea bootloader flag now also have a full backup of critical data from the console.


flags:

toggle_recovery = MAKES A WIPE OF FAT
clear_bootparam = clean debris flag's use of otheros
custom_boot_nor = boot at dev_usb consoles customboot.self from North
custom_boot_nand = boot at customboot.self from nand consoles dev_usb
boot_otheros = boot at otheros
install_otheros = dtbImage.ps3.bin installed in cell_os_ext_area
prepares setup_flash_for_otheros = nand / nor to be installed otheros
enterfactory = gets you into factory ...
load = payload from payloaderdev dev_usb000/payloads/431cex.bin
load = payload Payloader from core to use Multiman new
active = qa flags enableqa
removeqa = qa flags off
fullramdump = full ram dump
activated bdemu = bd emulator to use the console without controller
dumpdevflash = dumpea dev_flash partitions in the raw
dumplv2 = dumpea lv2
nordump = dumpea the NOR Flash
exitfactory leaves the factory mode =
dumpnandflash = nand flash dumpea fat consoles (including bootloader)


Tutorial OtherOS boot:

Start with only core setup_flash_for_otheros flag, to hear a double beep is that everything went well, if you do not hear looking log
Put this after the dtbImage.ps3.bin that corresponds to your console type dtbImage.ps3.bin.nand dtbImage.ps3.bin.nor is for nand and nor it is for renombrais to dtbImage.ps3.bin and you put it in root of pendrive as appropriate in your case and you put the flag install_otheros, same start and soon will hear 2 beeps sound if you look at the log to and that something is wrong
Once done turn off the console and put the flag boot_otheros, when you start your petitboot will see on the screen


Hermes thanks, I used your cosunpkg and cospkg for CoreOS and payload lined with SC36 and more...

Link all this: http://pastie.org/5913506 / mirror thanks to "Palestine" http://ul.to/0mp1pmbl

Function bd emu's I have also built in a 3.55 cfw I'm uploading it is always useful to dump your key root

Edit: Here is = hilo_cfw-3-55-otheros-cex-bdemu-no-controller-integrado_1862166 to make your cfw patcher Open delta, in original file to Appoint the OFW 4.31 here: PS3UPDAT.PUP

CFW 3.55 OtherOS++ CEX, BDemu Without Controller (Integrated)

Hi, as promised here's the integrated version for CEX BDEmulator that has all patches from glevand for OtherOS++ and has the sha1 hash check syscon disabled for consoles for downgrades.

With this CFW because anyone with broken controller (black screen or throwing npdrm update loop etc...) can use the console as controller, you can load is APP_HOME your games from, that's something I have the same function in the CFW 4.31 in this same subforum but got to 3.55 here too integrated for people to use and get their root key inter things... SS unpatched least trophies error


In xdelta patch, the patch obviously apply and give the option to check and keep the original file checksum enabled, you will create another file called * NEW.pup being * the name that you do them to OFW, hashes the PUP should be good:

Of course not bricked any console, hidden takes time and has been tested on all systems that can be installed

I give the core src polish it once, honestly I'm embarrassed both comment on the code you enjoy it, just as I will update the post in these 3 days with what I forget, that sure is a lot to this fw has had his job for.. Now comes Rogero and copy

Finally, some feedback on this PS3 4.31 CFW WIP from butnut: So I did a little testing... It installs fine on my slim 2101 and since I had left QA active the last time I was on 3.55 it is now automatically activated (still have to input button combo) The cold boot takes the same amount of time, only you don't see the epilepsy warning... It has normal install pkg files and app_home icons (just like Kmeaw 3.55)

Backup managers do not work yet because they do not have the new payloads implemented yet. I will go back to Rogero 2.04 for now. QA downgrade does not seem to work. Every firmware I try (CFW and OFW) the PS3 says it is corrupt. Luckily Rogero 4.25 to 3.55 DG pup still works.

Lien vers le commentaire
Partager sur d'autres sites

Je viens d'essayer sur une CECHL04 en OFW3.55 que j'ai passée spécialement en OFW4.31 pour voir le comportement.

Résultat ne s'installe pas depuis le OFW4.31, j'ai une erreur depuis la mise à jour xmb "8002F957" et une autre erreur depuis la mise à jour du recovery 8002F2B5.

Il semblerait qu'il faille être toujours en 3.55 pour pouvoir l'installer.

@++

Lien vers le commentaire
Partager sur d'autres sites

en fait il nous propose juste de faire son propre cfw 4.31 OtherOS++ avec menu QA Flag activé et BDEMU à l'aide d'une suite d'outils et un exécutable nommé Patch431.xdelta.

Point positif:

Ce CFW serait totalement basé sur un PUP officiel 4.31 ce qui en fait a cette heure le 1 du genre .

Je conseille d attendre un peu les retours voir ce que cela donne .Par contre ne permet toujours pas l'install a partir d'un ofw +3.55 .Bref il vous faut etre en 3.55 pour en profiter

Lien vers le commentaire
Partager sur d'autres sites

Apparement le programme fonctionne mais sans l'ODDE clair que ça sert à rien.

Concernant Zadow28, il me semble qu'il avait essayé de cracker le Cobra mais ça avait rien donné...

Moi je relaie l'info ;)

Lien vers le commentaire
Partager sur d'autres sites

C'est l'un des plus gros menteurs de la scène ps3 !!

Il n'a jamais releasé rien de chez rien !! que de fausses promesses !! c'est l'un des menteurs des forums ps3hax

Lien vers le commentaire
Partager sur d'autres sites

C'est l'un des plus gros menteurs de la scène ps3 !!

Il n'a jamais releasé rien de chez rien !! que de fausses promesses !! c'est l'un des menteurs des forums ps3hax

petit HS : L'oscare des menteurs es mathieulh "Mathieu Hervais" pois lourd champions toute catégorie DES MENTEURS de la scène Ps3 mais quelle gros con il fait ami ami avec les autre dev et hackeurs après il tweet j'ai fait sa et sa et sa en passant par sa

Modifié par DHM
Lien vers le commentaire
Partager sur d'autres sites

Créer un compte ou se connecter pour commenter

Vous devez être membre afin de pouvoir déposer un commentaire

Créer un compte

Créez un compte sur notre communauté. C’est facile !

Créer un nouveau compte

Se connecter

Vous avez déjà un compte ? Connectez-vous ici.

Connectez-vous maintenant
 Share

Annonces