EurAsiayour console hacking resource
Select topic
  Create an account Home  ·  Your Account  ·  Online Shop  ·  Forums  ·  Downloads new  ·  Wiki  
Main Menu
· Home
· About Us
· Downloads
· FAQ
· Forums
· Info Pages
· Members List
· Online Shop
· PDA - AvantGo
· Private Messages
· Search Stories
· Statistics
· Stories Archive
· Submit Story
· Top 10
· Topics
· Upload
· WAP
· Web Links
· Wiki
· Your Account
· Switch to HTTPS!

Online Shop
Credit Card

Bitcoin

EurAsia Online Shop
enter

new products
· PsNee modchip PSX
· R4i Gold 3DS RTS
· Mars Pro GM-816HD
· EurAsia File Collection 2017
· Matrix Infinity 2.0
· Modbo 5.0
· Screwdriver GC/SNES
· X360ACE V3
· E3 NOR Flasher
· Corona Postfix Adapter V2
· SuperCIC SNES kit
· SuperCIC cart key
· Gateway 3DS
· X360ACE V1
· 3k3y 3KR (SATA)
· Mtx Glitcher v1
· HAKKO WICK
· HAKKO PRESTO 980
· ULTRACORE Solder
· Crystal Oscillator 48MHz

complete price list

Tor Hidden Service
Tor Project
EurAsia Onion URL: wrqgfbrcgttkp6pi.onion

Who's Online
There are currently 2324 guest(s) and 15 member(s) online.

aj_phick - Alexw535434 - deadbody - EricCartman - feddy - gross7 - harris - hiropon - modrobert - moremech%20 - popolo - portems - Robert - sabors - techdave

Welcome honored guest. You can register for free by clicking here.

Site Protection
INFOSEC
BM

Hot Wikis
PS4 Exploit using Raspberry Pi
Switch Key List
PS4 firmware updates
3k3y nokeys ISO tutorial
3DS game fw updates
3k3y microSD recovery
PS3 SKU Models
PS3 Metldrpwn
Xk3y microSD recovery
Xbox360 motherboards
Xbox360 Reset Glitch Hack
PS3 Blu-ray Drive
Homemade Sputnik360
PS3 BD drive swap
PSP Crypto Keys
PS3_Crypto_Keys
PS3 Hypervisor RE
PS3 Dongle User Guide
PSGroove tutorial
Xecuter LT Fakir
PS3 YLOD Fix
NSMB Modchip Tutorial
PS3 Glitch Hack
Xbox360NoDvdRom
Ps3FactoryRestore
Free60JtagHack
Ps3HddDecrypt
WiiKey2EjectFix
SaveMiiFree
WiiHwDiagram
Ps3OsRels
PandoraNoHomebrewPsp
GcOsMultiGameWiiHowTo
Xbox360LinuxBurn
Xbox360EraserFix
Xbox360Kernel
Xbox360DisasmXtreme
Ps2HdlPatchTutorial
Ps2VersionTable
XboxErrorCodes
XboxVersionTable
GameCubeLaserTweak
ModchipSolderingGuide
PspUmdIsoHaxorLinux

RSS Feed
News & Downloads & Wiki

IRC
#eur
EFnet

Hosted By

Ad

Respected Sites
Home of the Hitmen
radare
gc-forever
pouet.net
English Amiga Board
GXArena OFW Repo
WiiBrew
WiiUBrew
3DBrew
SwitchBrew
Games and Consoles
Maxconsole.com
Console Wizard
GameCube Linux
Xbox Linux
Xbox-Scene.com
XboxHacker.Net
xbins.org
Doom9.net
bunnie's blog
debugmo.de
GX-Mod.com
ElOtroLado.net
uCON64
GBADEV.ORG
GBAtemp.net
PocketHeaven.com
PDRoms
GameSX.com
ASSEMbler
phrack.org
Woz.org

Support...

Bitcoin

Namecoin

radare

OpenCores
Electronic Frontier Foundation
Amnesty International

Nectarine Radio

Demovibes Radio

GNU
Linux
Mozilla

Total Page Views
We received
154975087
page views since June 2002


Moderated by: Robert

EurAsia : Index PS3 Build your own CFW 4.x by KaKaRoToKS
New Topic   Post Reply
Author Build your own CFW 4.x by KaKaRoToKS
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6387
Status: Online
 _#31038 posted 2012-10-24 @ 03:20 GMT   
Quote:
Since the LV0 keys have now been leaked, I believe I can now share this info with you, to help out those who are trying to build their own 4.x CFW :
The NPDRM ECDSA signature in the SELF footer is checked by lv2. It first asks appldr to tell it whether or not the signature is to be checked, and appldr will only set the flag if the SELF is a NPDRM with key revision from 3.56+ (the ones without private keys). This means that the SELF files signed with the new 3.56+ keys still don't have their ecdsa checked (probably to speed up file loading).
If appldr says the ecdsa signature must be checked, then lv2 will verify it itself, and return an error if it's not correct. There are many ways to patch this check out.
1 - Patch out the check for the key revision in appldr
2 - Patch out the "set flag to 1" in appldr if the key revision is < 0xB
3 - Patch out the code in lv2 that stores the result from appldr
4 - Patch out the actual sigcheck function from lv2.
5 - Ignore the result of the ecdsa from lv2.

Here is one of the patches (the 4th one, patching out the check function from lv2) :
In memory 0x800000000005A2A8, which corresponds to offset 0x6a2a8 in lv2_kernel.elf, replace :
e9 22 99 90 7c 08 02 a6
With :
38 60 00 00 4e 80 00 20

This is for the 4.21 kernel (that was the latest one when I investigated this), I will leave it as an exercise to the reader to find the right offsets for the 4.25 and upcoming 4.30 kernel files.
And here's another bit of info... in 4.21 lv2, at memory address 0x800000000005AA98 (you figure out the file offset yourself), that's where lv2 loads the 'check_signature_flag' result from appldr, so if you prefer implementing method 3 above, just replace the 'ld %r0, flag_result_from_appldr' by 'ld %r0, 0' and you got another method of patching it out. Either solutions should work just the same though.
Enjoy homebrew back on 4.x CFW....

p.s: Thanks to flatz and glu0n who helped reversed this bit of info.



Source: https://twitter.com/KaKaRoToKS/status/260742786972798977
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6387
Status: Online
 _#31039 posted 2012-10-24 @ 03:23 GMT   
LV0 keys: http://www.eurasia.nu/wiki/index.php/PS3_Crypto_Keys#Keys_for_LV0
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
eurasiia



colonel

Registered: 2007-09-27
From: BANNED
Messages: 220
Status: Offline
 _#31040 posted 2012-10-24 @ 06:46 GMT   
This is awesome news.

Correct me if Im wrong and slap me silly with a brutal God of War weapon, but did someone say games with f/w 4.21 and any homebrew games/apps are supported but to make matters more pedantic, users can custom build their own CFW?

I held back on doing anything to my virgin 3.41 (any recent games I played on someone elses system rather than mine)
I held back softmodding etc but I dont think I can hold back anymore.
Rogero 4.21 is the way to go or should I hold back a little longer to see what else someone comes up with?
I need to upgrade my system to 3.55
Anyone know of any revision 1 PAL games that install 3.55?
Rather than I download the f/w or should I just download the f/w?

So 3k3y is not recommended anymore, new users should go the direction of Rogero 4.21?


_______________________________________________________________________________

01100101 01110101 01110010 01100001 01110011 01101001 01101001 01100001
_______________________________________________________________________________

_______________________________________________________________________

01100101 01110101 01110010 01100001 01110011 01101001 01101001 01100001
_______________________________________________________________________

 Profile  pm    Quote
jay210



sgt

Registered: 2005-02-12
Messages: 48
Status: Offline
 _#31041 posted 2012-10-24 @ 09:32 GMT   
lots of things happening at once ,let the bugs (if any) get ironed out first
alot of folks bricked not understanding the full procedure,or even reading the full post.
i can see all new ways in a few weeks time,,, so i would wait.....

 Profile  pm    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6387
Status: Online
 _#31042 posted 2012-10-24 @ 10:04 GMT   
Quote:
On 2012-10-24 @ 06:46 GMT, eurasiia wrote:
So 3k3y is not recommended anymore, new users should go the direction of Rogero 4.21?



3k3y can't really be compared with this at all, since you can upgrade original firmware freely once installed, even the latest 4.30. With custom firmware you will be stuck at some lower version.
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
eurasiia



colonel

Registered: 2007-09-27
From: BANNED
Messages: 220
Status: Offline
 _#31043 posted 2012-10-24 @ 13:07 GMT   
Quote:
On 2012-10-24 @ 10:04 GMT, modrobert wrote:
Quote:
On 2012-10-24 @ 06:46 GMT, eurasiia wrote:
So 3k3y is not recommended anymore, new users should go the direction of Rogero 4.21?



3k3y can't really be compared with this at all, since you can upgrade original firmware freely once installed, even the latest 4.30. With custom firmware you will be stuck at some lower version.



I will wait to see what comes out by the end of the year but of these PS3 options available to us are any not supporting homebrew and emus etc?

As I definitely would like emus support.

I understand 3k3y can continually get updated OFW.

All depends on what I want. Do I want to play the past 12 months of PS3 games with Rogero or do I want to also play future PS3 games on the horizon with 3k3y? What new PS3 games are coming out the next 6months?
Currently Im leaning towards the Rogero solution as the Wii U is coming and it might draw my attention and gametime, while I can still play backlog PS3 games I havent yet played with Rogero.


_______________________________________________________________________________

01100101 01110101 01110010 01100001 01110011 01101001 01101001 01100001
_______________________________________________________________________________

[ This message was edited by eurasiia on 2012-10-24 @ 13:08 GMT ]
_______________________________________________________________________

01100101 01110101 01110010 01100001 01110011 01101001 01101001 01100001
_______________________________________________________________________

 Profile  pm    Quote
tjhooker73



sgt

Registered: 2012-10-10
From: usa
Messages: 49
Status: Offline
 _#31044 posted 2012-10-24 @ 15:11 GMT   
I would like more info on how this is done, What tools do I need.
Links, Keys, Files, Whatever you guys can give me I want to help speed up the process Of this.

 Profile  pm    Quote
l_oliveira



private

Registered: 2006-07-10
From: Brasilia, Brazil
Messages: 9
Status: Offline
 _#31045 posted 2012-10-25 @ 01:26 GMT   
lol I downloaded the current update pup (4.30) from www.scei.co.jp and ran through the usual pup decryption tools.

I was able to extract everything on single files and the self files would not decrypt due to lack of keys but LV0 did decrypt ok and going through it in IDA will surely wield the keys necessary to decrypt the SELFs and modules.

This is the end for the PS3. All SONY can (try to) do is make keys annoying to extract.

 Profile  pm   skype   Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6387
Status: Online
 _#31046 posted 2012-10-25 @ 04:02 GMT   
Yes, game over for sony, except for new consoles. This was interesting: http://wololo.net/2012/10/25/clarifying-the-confusion-on-the-ps3-development/
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
eurasiia



colonel

Registered: 2007-09-27
From: BANNED
Messages: 220
Status: Offline
 _#31047 posted 2012-10-25 @ 05:14 GMT   
Quote:
On 2012-10-25 @ 04:02 GMT, modrobert wrote:
Yes, game over for sony, except for new consoles. This was interesting: http://wololo.net/2012/10/25/clarifying-the-confusion-on-the-ps3-development/



I was about to ask about new consoles such as Super Slim. Does Super Slim fit in the category of new consoles?

Theres always a reason why Corporations launch hardware revisions such as size-scaled-down hardware. Not so the hardware can fit in japanese fishbowl apartments.

I havent had time to read the article you linked, will do so when I get chance.


_______________________________________________________________________________

01100101 01110101 01110010 01100001 01110011 01101001 01101001 01100001
_______________________________________________________________________________

EDIT: I deleted your irrelevant attachment.

[ This message was edited by Robert on 2012-10-25 @ 05:38 GMT ]
_______________________________________________________________________

01100101 01110101 01110010 01100001 01110011 01101001 01101001 01100001
_______________________________________________________________________

 Profile  pm    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6387
Status: Online
 _#31048 posted 2012-10-25 @ 05:32 GMT   
Some "not so popular" observations so far (may come across as overly pessimistic, but it's in my nature, bare with me):

* You can't downgrade CECH-30xx (slim) and CECH-40xx (super slim) consoles to CFW 3.55, those will fail regarding CFW 4.21.

* For some reason you are stuck with homebrew releases for CFW 4.21 at the moment, nothing seems to be released based on OFW 4.25 or 4.30.

* The CFW 4.21 installation is causing bricks, not just from idiot users.

* Game compatibility is still bad.


  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
eurasiia



colonel

Registered: 2007-09-27
From: BANNED
Messages: 220
Status: Offline
 _#31049 posted 2012-10-25 @ 11:21 GMT   
Quote:
On 2012-10-25 @ 05:32 GMT, modrobert wrote:
Some "not so popular" observations so far (may come across as overly pessimistic, but it's in my nature, bare with me):

* You can't downgrade CECH-30xx (slim) and CECH-40xx (super slim) consoles to CFW 3.55, those will fail regarding CFW 4.21.

* For some reason you are stuck with homebrew releases for CFW 4.21 at the moment, nothing seems to be released based on OFW 4.25 or 4.30.

* The CFW 4.21 installation is causing bricks, not just from idiot users.

* Game compatibility is still bad.




Thanks for the heads up on latest info.

I will hang on until new years. Better safe than sorry. Im known to turn things into bricks even when they are not even powered on.

Some pointless info someone might want to start a topic on, is Ive purchased around 20 authentic/original PS3 titles. Just curious how many authentic titles did others purchase during this gen?

Im not sure if its been mentioned but does Rogero 4.21 fully support playing PS1 and/or PS2 games?

Lastly that irrelevant PDF I had attached was going to be deleted once I printed it.
I needed to put the file online and have quick access to it so I could print it using an internet cafe because I dont have a printer at home.
To my surprise the file was deleted quicker than I could sit down and click the mouse just 3 times to download the file.

I will upload the file to another site. Anyone recommend any upload sites where you dont have to jump through hoops to join up?

Last time I looked upwards direction into the clouds it rained in my face.


_______________________________________________________________________________

01100101 01110101 01110010 01100001 01110011 01101001 01101001 01100001
_______________________________________________________________________________

_______________________________________________________________________

01100101 01110101 01110010 01100001 01110011 01101001 01101001 01100001
_______________________________________________________________________

 Profile  pm    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6387
Status: Online
 _#31050 posted 2012-10-25 @ 11:27 GMT   
Just email the stuff to a gmail account, last time I checked it was 10GB free space.
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
windrider



private

Registered: 2007-03-25
From: AB
Messages: 24
Status: Offline
 _#31052 posted 2012-10-25 @ 13:26 GMT   
Quote:
On 2012-10-25 @ 04:02 GMT, modrobert wrote:
Yes, game over for sony, except for new consoles. This was interesting: http://wololo.net/2012/10/25/clarifying-the-confusion-on-the-ps3-development/



Yes I read that yesterday and found it very interesting.

Things have sure changed in the PS3 world in the last week or so.

 Profile  pm    Quote
BadBoy17



private

Registered: 2014-10-05
Messages: 3
Status: Offline
 _#34164 posted 2014-10-08 @ 20:57 GMT   
lv0 holds mostly all the keys ,but u need to patch the . 2 ldr checks ,use ida pwn your assembly instructions of the file u wish to extract from and hope it will be easier to get to the ldrs Lol

[ This message was edited by BadBoy17 on 2014-10-08 @ 20:58 GMT ]
I AM  GOING  to OPEN YOUR WORLD! ;)

 Profile  pm    Quote
Mulzaren



private

Registered: 2014-10-07
Messages: 2
Status: Offline
 _#34169 posted 2014-10-09 @ 04:27 GMT   
Well, when did already released firmware?

 Profile  pm    Quote
_
New Topic   Post Reply
Jump To
 

All trademarks and copyrights on this page are owned by their respective owners.
Comments and forum messages are owned by the Poster.