Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.
PS4 Jailbreaking       Thread starter PSXHAX       Start date Jul 14, 2017 at 2:30 AM       24      
Status
Not open for further replies.
Earlier today we covered the PS4 MTX Key Resellers, and for those interested in further homebrew / non-profit development comes a preliminary PS4 MTX Key ModChip hardware analysis for the gamesharing method used on PlayStation 4. :geek:

So far we've seen specifications on the W29N01GZ NAND Flash Memory, a Macronix MX25L25735F Datasheet and some research from scener @Luckystar via Chinese BBS A9VG.com.

To quote, roughly translated: PS4 MATRiX Key Chip Crack Hardware Analysis

Http://www.psdevwiki.com/ps4/MX25L25635FMI-10G
Http://www.psdevwiki.com/ps4/Flash-Main

PS4 MATRiX Key is polished, so according to the photo can not be analyzed. Only from the PS4 fly line chip start.
  • PS4 1000,1100 models are MX25L25635FMI-10G 16-pin
  • PS4 1200, Slim, Pro is on MX25L25635FZ2I-10G 8 pin
Capacity 256Mb (32MB), is SCEI CXD90025G ARM low power coprocessor use. Sony does not explain the role of the CPU, but now generally speculation for the network, DRM and other background behavior. MTX 6 fly lines are respectively.

MX25L25635FMI-10G

MX25L25635FMI-10G_Pinout.png

MX25L25635FZ2I-10G

8PinWSONCUH1200.png

  • CS # Chip Select
  • SCLK Clock Input
  • SI / SIO0 Serial Data Input (for 1 x I / O) or Serial Data Input & Output (for 2x I / O or 4x I / O read mode)
  • SO / SIO1 Serial Data Input (for 1 x I / O) or Serial Data Input & Output (for 2x I / O or 4x I / O read mode)
  • VCC + 3V DC Power Supply
  • GND Ground
In conclusion:

The MTX Key deletes the coprocessor by writing data to NOR Flash. So that the PSN wrong that the PS4 has been lifted commonly used, but the actual PS4 did not lift. The biggest problem with this approach is whether Sony blocks the crack through system updates.

PS4 history similar to the crack were the Brazilian method and the Egyptian method.

What is the so-called Brazilian approach?

I checked for a long time outside the network, in short, there is no specific method of publication, but the basic process is to use Raspberry Pi to send the NOR Flash dump to external SD card, and then it seems that the hard disk and BIOS need to clone.

Ultimately it turns your PS4 into another PS4, but later the system updates seem to block this method.

Key words: cloning.

As for the Egyptian method is actually an account how to play the first three machines: commonly used, then the site unbundled. (This machine can not be networked)

Second: commonly used. Then play in other accounts.

The third: login account.

Keywords: broken net

As for the MTX should be inherited the first two methods improved version. Also need to break the network, but do not need complex disassemble and cloning.

Can Sony blockade?

NOR Flash can be updated, but it is not clear whether this is the CXD90025G loopholes. I think this is some time for Sony. Can not block the possibility of 50%. I am biased, short-term will not block. But the emergence of MTX moved a lot of people's cake. And the long term will certainly be blocked.

Sony is definitely not no way, can be used to host the strategy from the indefinite into short-term. For example, one month, three months need to log in once. Even shorter, although it can not be completely resolved, but has caused great limitations to the MTX.

:arrow: Moving forward to even better news from longtime scener and PlayStation Mod-Chip Developer Extraordinaire GaryEdmunds (see my sCENE rETROSPECTiVE for a bit more on him), to quote:

"The person behind the stealing of your work freeplex is Max Louarn this is nothing to do with Paul Owen as Paul Owen has left the modscene long time ago and sold his interest in Xecuter website to Max.

Paul Owen is currently involved in Cronusmax and no other console mods.

Just as a little bonus as Max tried to steal from me a long time ago I have the gerber files and other files for this clone chip and I will release them free to the world on the day the first modshop that is aligned with Max has them in stock to ship."

Finally, @Figure03's forum post HERE discusses a Kuro-Dachi / Clone + Erase / U3 hard disk cloning machine that may also be of interest on the Chinese blog CMD0725.Blog.FC2.com... it appears similar to the known PS4 Gamesharing Method but if anyone fluent can tell us more on this feel free to in the comments below! (y)
PS4 MTX Key ModChip Analysis for Gamesharing on PlayStation 4.jpg
 

Comments

Maybe indirectly, such as the hardware docs... it would likely take low-level devs to make use of such information though.
 
This kind of "hack" is not so easy to block for manufacturers, that needs a soft/hard modification and could take some months to do it.

The situation from my limited perspective is similar to the odes case on ps3. Update after update some brick will be added to the wall and finally any method like this one would be blocked or seriously complicated to the end user.

And from de psn side, some kind of files/checks in the games could do things a bit more hard to the users. I think this is just a swallow, but summer is far away.

Just my opinion, dont take it seriously.
 
Just to update the post the previous brazilian method is:
  • Install games and NO active as primary console
  • Change HDD and install system update
  • Make dump from NOR IC (with rpi or teensy) save as nordump.bin
  • Put hdd with games on console and Active Account as primary.
  • Dump nor ic actived, and save as nordumpactive.bin
  • Write nordump.bin on ic (not active)
  • Power on console with hdd with system only (the hdd we installed system) and go to account settings and deactive as primary
  • Write back on ic nor the nordumpactive.bin and power on console with hdd with games, done

    The method only works offline. If you connect console on internet padlock will appears in games installed with this method.

    This method worked from 2.55 OFW until 3.50 appears and blocked everything!

    This is how old brazilian sharing methods works.
 
Just to update the post the previous brazilian method is:
  • Install games and NO active as primary console
  • Change HDD and install system update
  • Make dump from NOR IC (with rpi or teensy) save as nordump.bin
  • Put hdd with games on console and Active Account as primary.
  • Dump nor ic actived, and save as nordumpactive.bin
  • Write nordump.bin on ic (not active)
  • Power on console with hdd with system only (the hdd we installed system) and go to account settings and deactive as primary
  • Write back on ic nor the nordumpactive.bin and power on console with hdd with games, done

    The method only works offline. If you connect console on internet padlock will appears in games installed with this method.

    This method worked from 2.55 OFW until 3.50 appears and blocked everything!

    This is how old brazilian sharing methods works.
by the way, when u used old method gamesharing, u sell for me and another people more that 500$

i remember and send xbox one fake method and now that you are so angry when different people sell new method????
 
If I make over the copied account another copy will work, more with another login and password, doing so on, would it work, making copy over copy?
 
Status
Not open for further replies.
Back
Top