• PS3 Hacks, PSGroove , 02.12.2010

    A few days we reported to you about Graf_Chokolo working on SELF/SPRX decryption, today he has just released his PSGroove port which allows you to decrypt a SELF files and send the data VIA ethernet to your PC!

    To quote:

    Guys, i promised to you to make my SELF decrypter public. I just uploaded it :-) Let me first explain how it works.

    I used only HV calls in my code because i wanted to learn how to decrypt SELFs without GameOS. The decryption and decompression of SELFs is done by isolated module appldr which is prepared and loaded by lv1_undocumented_function_99. After appldr is loaded it sends a message and waits for your instructions to decrypt some encrypted segments. When the message arrives i pass encrypted segment data to appldr through shared memory and it decrypts the passed data. When the decryption is done the payload sends the decrypted data over network to my PC and i capture it with tcpdump :-)

    I’m using IDA to analyze the decrypted code. First i extract the decrypted segments from pcap dump and load them at right addresses into IDA. I created a shell script to make segment extraction from pcap dumps easier. Virtual addresses of decrypted segments you will find in ELF header.

    The target group of this release are again advanced programers among you. The goal of this release is not to give you a tool for SELF decryption but to show you how it can be done :-) So, feel free to ask me any questions about my code. I will support everyone who wants to port my code and create more user-friendly GameOS applications for SELF decryption because i do not intend to write any GameOS tools :-) I’m more interested in HV reversing :-)

    My SELF decrypter is not able to decrypt games and NPDRMs yet but i’m working on it :-) I think you will have enough SELFs now to reverse :-)

    I will document my findings about SELF decryption on my HV page in the next days.

    Download the payload @ his Github page HERE.

    Tags: ,

    Discuss in Forums (18)


    1. bykas2
      04:44 PM

      Maaaaan, this is getting serious! Hope we see some interesting findings thanks to this.

      Btw, awesome work! and F the haters!

    2. Hailfire101
      04:48 PM

      How do you delete comments?

    3. Joel
      05:02 PM

      Don't really understand it all but good job.

    4. Klaxxon
      05:08 PM

      Man I'm sure happy you guys are on our side. If SONY had hackers like you we would be screwed.

    5. prophour
      05:33 PM

      Nice work, I am amazed at the progress this scene has shown. Even with ynos employees on all these sites telling everyone that jailbreaking will never happen. Way to stay focused. Thank you scene, you have been very good to us.

    6. SubZero
      06:55 PM

      Do i know what this does....NO

      am i glad we have it....YES

    7. denero1
      07:23 PM

      i also don't know what it does which means it probably isn't for me lol but thanks very much someone else will make good use of this

    8. jasonwclarke2009
      08:11 PM

      hope this gets expanded on and one day we can decrypt eboot.bin.

    9. daveshooter
      08:55 PM

      Wicked work Graf_Chokolo, thanks to you and others who continue to help use get the best out of our PS3's. Thanks

    10. Old_Gill
      09:47 PM

      3 Things, I would like to see happen:
      (1) GET BACK ONLINE!!!!!!!
      (2) PS2, N64, Wii emulator
      (3) MKV Support

      Come on, Hackers! We know you can do it! Keep up the good work!

    11. SubZero
      10:27 PM

      yeah, things are just getting better and better

    12. advocatusdiaboli
      04:06 AM

      SELF unpacker is one of the biggest achievements to the PS3 scene since the JTAG itself, it’s the first step to decipher and the first step to set the PS3 free from its current nazi-like dictatorship.

      Originally Posted by Old_Gill
      (3) MKV Support
      MKV support is just stupid, use a transcoder,
      most movies take 1-5 mins to transcode.

      Unless you are aiming for full MKV support with editing capabilities there is no need for MKV support just to play pirated material.

    13. ascrounch
      06:02 AM

      all my movies are MKV too.
      i wait it also.

      and stop tell ****, all mkv are not pirated, like i transform all my DVDs to mkv..

      we need a good player like vlc

    14. budsta
      06:34 AM

      Just convert MKV to M2TS. Sorted.

    15. ascrounch
      06:48 AM

      stupid idea...
      anyways, this payload is a good new

    16. Zzim
      07:30 AM

      Hmmmm any way someone can explain this to me, what does this mean to the community? How will it help other hackers?

    17. $n!pR
      01:45 PM

      Guys, i’m able now to decrypt games, EBOOT.bins
      I will make my findings public very soon

      Here is a snippet of a game i decrypted:


      Guys, how can i install NP-DRMs on my PS3, i have no clue

    18. advocatusdiaboli
      03:13 PM

      Originally Posted by ascrounch
      all my movies are MKV too.
      i wait it also.

      and stop tell ****, all mkv are not pirated, like i transform all my DVDs to mkv..

      we need a good player like vlc
      Better use handbrake.fr to convert DVDs to m4v, the output from hb works on PS3, iPad, iPhone, AppleTV.

      Choose: High-Profile
      Audio: 6-channel discrete to make it work on PS3

      Handbrake makes output as x264 encoding in an m4v file.

      The only reason to make use of MKV is if full theora/mkv implementation is made for video composing and editing is implemented, why ask for a player for a production format? Besides transcoding to m4v or m2ts or vob is ultra fast 1-5 mins depending on clumsyness of mkv file.

      VLC? XBMC/Plex( MacOS X port of XBMC with iPad/iPhone remote app ) and MPlayer are alot better in my opinion.
      ************* [ - Post Merged - ] *************
      Originally Posted by $n!pR
      I would like to have unsigned output of browser.self, ps2emu.self, pspemu.self and ps1emu.self