Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.
PS3 Jailbreaking       Thread starter PSXHAX       Start date Dec 16, 2016 at 3:24 AM       13      
Status
Not open for further replies.
Following the previous update, today PlayStation 3 developer @zecoxao shared a PS3 XDR RAM Dumper with some related Tweets from his Twitter below. :santa:

Download: UP0001-ZZZZ00001_00-PS3RAMDUMPER0000.pkg (100 KB)

Cheers to @B7U3 C50SS for the heads up in the PSXHAX Shoutbox! :thumbup:

In related PlayStation 3 hacking news Robbie Luong made available a homebrew application to retrieve the PS3 developer key easy, with details below to quote:

Download: kc.zip / KC_Alternate.zip (Updated for 4.81)

what this is?
  • an application to retrieve developer key
what is developer key?
  • a key game maker has put in game to unlock other games files
why get key?
gamer can unlock game files to make off line cheats, etc

how this works?
  • patches lv1 protection of lv2
  • patches lv2 system call 4-7-0 to save key in lv2 memory space
what someone needs to use this?
  • custom firmware with peek and poke lv1 and lv2
  • made to work on rebug 421 and tested
  • for rebug 480 made also but not tested
  • user should study source and check compatibility
  • usb drive to save keys
how to use?
  • install application package on playstation
  • start application
  • after it exits start game
  • after exit game start application again
  • it saves keys to front usb drive
  • can repeat
  • version 0 saves key and files name
  • can save 8 keys each time
  • version 60 saves key
  • can save 60 keys each time
  • to remove patches turn off playstation as normal
what this does not do?
  • does not enable playing games that don't work. if you already tried to play game, but this games crashes playstation it will still crash.
  • does not read or write any files on flash
  • does not read or write any files on devflash
  • does not write to playstation hard drive
  • does not install linux
  • does not use network or internet
  • does not use monitor
:arrow: Update: This is a simple lv2 payload for retrieving the developer key which is used to load game files. This version is for custom firmware that has lv2 protection already patched.

For rebug and similar custom firmware with lv2 protection patch not already applied use the version in the rebug forums.

to use:
  • install pkg
  • run pkg from ps3 menu
  • run game from ps3 menu
  • run pkg again with usb stick in front port
  • dev key is saved to file on usb stick
  • can repeat
does not read or write to dev flash, flash, hdd, network, or monitor
  • version for 4.21 tested
  • versions for 4.80 and 4.81 untested
Finally, Magnonymous shared an application for decrypting app load3r k3ys to quote:

Download: dekryptsk3ys.zip (79 KB)

An app to extract and dekrypt k3y table from app load3r. I always used k3y file distributed with aldostools, but I didn't see it around any more.. dekryptsk3ys app.e1f version.

Version input manually enables trying old k3ys on newest 7irmware release. Example 481 k3ys work for dekrypting 482.

In case they change the table prologue, this also accepts as input k3y table extracted manually instead of full e1f.
PS3 XDR RAM Dumper by PlayStation 3 Developer Zecoxao Arrives.png
 

Comments

My guess would be for PS3 developers to examine the dumps in hopes of finding alternatives (for example use the RAM dumps to create an ROP Chain to USER-level code execution) for those who have 3K / 4K consoles that can't be downgraded, etc... as usual time will tell! ;)
 
I'm just going to get a 3.55 PS3 slim off eBay and run all my jailbreak on it. PS4 jailbreak will be around in five years lol.
 
This is terrible, I did startup this homebrew has brick to my PS3 CFW.

I restarted in safe mode > Restore system file, it's fixed.

Everyone, please don't use this, will be brick to your PS3 for CEX.

You may report to this him.
 
Status
Not open for further replies.
Back
Top