/dev/ram0: January 2012

Thursday, 26 January 2012

Playstation 3 and Malware

I don't know if anybody already talked about this, but yesterday, while i was working on a thing, i saw an interesting thing on the wiki. what i read was absurd.

GameOS is allowed to write in the metldr flash region. this is stupid.

Anyone with a little of knowledge would never allowed it, since if you damage that region, you will brick permanently the PS3; this thing should be allowed also on 3.56+ Firmwares.

I always thought that Sony would be not so stupid, but, seems that i'm wrong.

Now, i will not explain how to do that and i hope that no one will ever build a malware to brick your Playstation.

What i suggest is download Homebrews and ANY other executables from well known website, just to avoid this.

DISCLAIMER:

DO NOT ASK ME HOW TO DO THAT BECAUSE I WILL NOT SAY IT.

Friday, 20 January 2012

Thursday, 19 January 2012

i wrote it for naruse and euss since we was talking on the irc about the buzzer.

maybe someone will find it funny xD

changelog:
(V1.1)

added the usb007
added file not found
(V1.2)
fixed an awful bug.

README

Written by deroad

this is a simple player
it reads two var (var1 and Var2) from a file.

the file must be called buzzer.txt and placed in the main folder of a USB
an example:

on Windows:

My USB is j so, i will put this file here:
j:/buzzer.txt

on OSX:

My USB is 8GB so, i will put this file here:
/Volumes/8GB/buzzer.txt

on LINUX:

My USB is 8GB so, i will put this file here:
/media/8GB/buzzer.txt

======Beeps=======

Var1 Var2 DESCRIPTION
4 6 Makes a short single beep
10 438 Makes a double beep
7 54 End
10 4095 Makes a continuous beep

Have fun!

Buzzer Player [Downoload] V1.2

Mathieulh

So in the end, that moron of Mathieulh was a liar!

i was one of the people that start making angry him.

From KaKaRoTo Blog:

I said I will provide proof of the lies that Mathieulh gave us, so here they are : he said it’s in 3.56, that was a lie, he said it’s an AES OMAC, that was a lie, he said it’s an HMAC, that was a lie, he said it’s in appldr, that was a lie, he said it’s in lv1, that was a lie, he said that he can do it, that was a lie, he said that “it takes one hour to figure it out if you have a brain”, that was a lie, he said that he verified it to work on 4.0, that was a lie, he said that he had the algorithm/keys, that was a lie, he said that once we know the algorithm used, we can reproduce it, that was a lie, he kept referring to it as “the hash”, that was wrong. The proof ? It’s an ECDSA signature, it’s not a hash (two very different terms for different things), it was verified by vsh.self, it was not in lv2, or lv1, or appldr, and the private key is unaccessible, so there is no way he could build his own npdrm self files. Now you know the real reason why he refused to “share” what he had.. it’s because he didn’t have it…

So why do all this? was it because his arrogance didn’t allow him to admit not knowing something? or was it because he wanted to make us lose all this time? To me, it looks like pure sabotage, it was misleading information to steer us away from the real part of the code that holds the solution…. That is of course, if we are kind enough to assume that he knew what/where it was in the first place. In the end, he wasn’t smart enough to only lie about things that we could not verify.. now we know (we always knew, but now we have proof to back it) that he’s a liar, and I do not think that anyone will believe his lies anymore.

i don't know if you remember this:

This is his src (this is not real, just a joke :P):

#include <stdio.h>

int main(int argc, char** argv)

{

        printf("%s v1.0.1\n\n"

                  "Self Type:\t lv0"

                  "SDK Version:\t 3.73\n\n"

                  "File successfully decrypted!\n"

                  ,argv[0]);

}

i hope to see KaKaRoTo Hen soon.

source: Status update on the ps3 4.0 hen

Wednesday, 18 January 2012

vitatools

Since the vita scene is started, i wanted to give a hand, and i released just a modified version of the f0f tools for ps3.

i released also an unfinished version of a pkg reader

[PKG File] PCSC80003.pkg
[PKG Size] 13213792 Bytes
[PKG Name] JA0003-PCSC80003_00-UKETORNE00000000
[Content Size ] 13208720 Bytes
[ SFO ]
[ 1 ] APP_VER | Param: 01.00
[ 2 ] ATTRIBUTE | Param: 0x8180
[ 3 ] ATTRIBUTE2 | Param: 0x0
[ 4 ] CATEGORY | Param: gdc
[ 5 ] CONTENT_ID | Param: JA0003-PCSC80003_00-UKETORNE00000000
[ 6 ] GC_RO_SIZE | Param: 0x0
[ 7 ] GC_RW_SIZE | Param: 0x0
[ 8 ] PARENTAL_LEVEL | Param: 0x1
[ 9 ] PSP2_DISP_VER | Param: 01.500
[ 10 ] PSP2_SYSTEM_VER | Param: 0x1500000
[ 11 ] PUBTOOLINFO | Param: c_date=20111205
[ 12 ] SAVEDATA_MAX_SIZE | Param: 0x400
[ 13 ] STITLE | Param: uke-torne
[ 14 ] STITLE_00 | Param: uke-torne
[ 15 ] TITLE | Param: uke-torne
[ 16 ] TITLE_00 | Param: uke-torne(ウケトルネ)
[ 17 ] TITLE_ID | Param: PCSC80003
[Content]

EDIT:
i fixed a bad bug.

https://github.com/wargio/vitatool

Friday, 13 January 2012

Syscon Firmware Reader

First initial release of my Syscon Firmware Reader..

this little program will read the content of a PS3 Syscon Firmware Patch

This is a simple preview:

deroad@Linux: sc$ syscon SYS_CON_FIRMWARE_01000004.pkg

[Name FW] SYS_CON_FIRMWARE_01000004.pkg
[Gen 01][Phat]
[Soft ID] 0B8E
[PatchID] 0001000000000004
[FW size] 4096 Bytes
[SC HDR] 1b2d700f
[CHKSUM?] cce4758b a0966da5 6c6722d3 4c2df73e
d86187a4 2f1e2712 e45c7bcf d3020b45
[?static] 0000000000100000c00f0000

Syscon:

From what i can see this is the header 0x1b2d700f , the it has a kind of checksum then a static value 0x0000000000100000c00f0000
the rest of the FW is encrypted. it needs reversing

Syscon Firmware Reader V 0.01 http://pastebin.com/DwnK2rQ2

I posted it also on the Http://ps3devwiki.com (Syscon_FW_Reader)

i want to thanks Sandungas for his help to fill the More System Information wiki page, on the Ps3 Dev Wiki

Wednesday, 11 January 2012

Regarding any new 3.60+ JB or CFW

Ok, i want to explain it once for all. There isn't NOW a 4.11 CFW PS3 or Jailbreak.

STOP LOOKING FOR IT !

Why i'm telling this? because people is stupid and keep looking for it.
If you find someone that post on twitter or ANY youtube video or some unknown website about a 4.11 CFW or ANY 3.60+ CFW they are FAKE!

So who trust? all the devs on the #ps3dev irc channel and KaKaRoTo.

Who is KaKaRoTo? he is a dev, well known on the ps3 scene and he is working on an HOMEBREW ENABLER, not a CFW!!

What is an Homebrew Enabler (also called HEN)? it's a software (i don't know how he will release it) that will enable a way to install homebrews and execute it.

What Homebrews will it execute? it will execute only normal homebrews, like emulators or any app that do not need any syscall. this means NO BACKUP LOADERS and there will be no way to play any pirated game.

Who i am to say this? well i'm not well known but i'm a dev and i only care about homebrews. i'm not interested about FW modding and piracy and i will never be.

Where to find more info about this HEN? well here: http://www.ps3devwiki.com/index.php?title=KaKaRoTo_Kind_of_"Jailbreak"

If you really want to JB your ps3 you will need any ps3 that is on a fw lower then 3.56. if you have one with a 3.60+ FW you will need to check if it's jailbreckable (all the new models are unjailbreakable) and then, if it's possible, buy and hardware flash to downgrade to 3.55

Once you are on any FW lower 3.60 you will not able to play online.

These are a well known Scam website or fake ps3 devs

Website:
(any website called ps3cfw or ps3jailbreak)
http://www.transamgrafx.com (SCAM WEBSITE)
http://anonymousjbreakersblog.blogspot.com (Fake website)

People:
TUHTA
ps3jailz
DaleEarnhardt
Black Cat
Mooses 910
Mr. egg and all the egg devs
Teamhack91
PR
eitjuhh
AnonymousJailbreaker