As many of you know (again) the fuzz that the Cex>Dex method, created. Now it’s turn of demonhades crew to bring an EID0 Dumper for JBM 3.55, MA 3.56 and (you can read the whole article) for more references. The first MAIN step or objective from the *demonios* it’s to not have to depend on Linux to do the conversion. (Aka = DEX). Then you have another app called ConfEditor PS3 for TheGrid, that let’s you mess around more with flags among other powerful as risky ones to use. The only NEGATIVE that i find in all of this, it’s that you have to use the JBM (From DH) to achieve this kind of things. Well it’s time to play!, if you want to know more i will do a better *to english* translation, since i fetched this from another source.
This weekend Spanish PlayStation 3 developers at DemonHades have made available a PS3 eEID0 Dumper for JBM 3.55, MA 3.56 and PlayStation 3 CFW 3.55 alongside a ConfEditor for TheGrid. To quote, : (I had to translate the all damn thing again because google translate) eEID0 Dumper by BlackDeath to JBM 3.55, MA 3.56 and CFW 3.55
Hello pals, after the filtered method of CEX2DEX the team decided to investigate in this new field for certain users and not so much for other. That’s why we are working to make an *easier* method in order to switch to DEX without needing linux.
Today i present you the EID0 dumper created by BlackDeath, this app will let us dump all the EID0 or the first section of CEX, ONLY using or running a PKG and having connected a pendrive in dev_usb000. The instructions are on screen and easy to follow:START: Used to dump all the EID0.
SQUARE: Just to dump the first section of the EID0 (eid0_1st_Section_CEX.bin).
X (EX): To dump the ciphered METLDR to the USB and ready to go (plug and play) for the exploit and get the dump from deciphered METLDR (mentioned in early staged of this guide)If you are in CFW 3.55 (normal) you have to launch the pkg from video.
Needless to say i leave you the download link that works in ANY CFW 3.55 (PEEK | POKE LV2) As well in MA.
Blackdeath says:
This last version now allow us to dump the METLDR (ciphered) from our consoles if you use the X (EX) button and you will obtain the already ciphered METLDR, ready to make a deciphered dump along with they *keys* using the exploit (later).We will keep on working on this *area*. Ergo the next step is dump the METLDR without doing so many things in linux, quite the contrary our objective is to achieve a quick, easy to use method to dump it.
eEID0 is needed for make the process of dumping the metldr (as you all know, and only the first section of the eEID0). The result was this tool, which is needed to do the proper conversion from DEX to TEST.
- http://www.mediafire.com/?eblfgmmwrmjl8sw (Old Version)
- http://www.mediafire.com/?32dca82c31470qa (New Version)
Thanks BlackDeath, Checko, Tito01 and DemonHades From checko: WIP: A method to dump metldr and eEID root keys without linux, more easy with some little steps .. maybe naehrwert can help you. To quote from his Twitter (via twitter.com/naehrwert/status/226682478373531648 and twitter.com/naehrwert/status/226686257005203456): Isn’t installing linux to get your eid root key a bit of an overkill when you could just use netrpc?! Or you could compile this pastie.org/4295312, sign it with metldr keys and grab the key/iv from shared LS…
ldr.ld ENTRY(_start) SECTIONS { . = 0x25800; .text : { *(.text) } .data : { *(.data) *(.rodata) } .bss : { bss = .; *(.bss) } }types.h #ifndef _TYPES_H_ #define _TYPES_H_ typedef char s8; typedef unsigned char u8; typedef short s16; typedef unsigned short u16; typedef int s32; typedef unsigned int u32; typedef long long int s64; typedef unsigned long long int u64; #endifstart.S .text /* Loader entry. */ .global _start _start: /* Setup stack pointer. */ ila sp, 0x3DFA0 /* Well... */ brsl lr, main _hang: br _hangmain.c #include "types.h" void *_memcpy(void *dst, void *src, u32 len); void main() { //Copy eid root key/iv to shared LS. _memcpy((u8 *)0x3E000, (u8 *)0x00000, 0x30); //Hang (the PPU should copy the key/iv from shared LS now). while(1); } void *_memcpy(void *dst, void *src, u32 len) { u8 *d = (u8 *)dst; u8 *s = (u8 *)src; u32 i; for(i = 0; i < len; i++) d[i] = s[i]; return dst; }ConfEditor PS3 for TheGrid by RacingLocura07 Our partner and developer RacingLocura07 (UsaveME) leaves us on this occasion the conf editor ps3, this application allows you to enable or disable patches, plugins or create flags without using a PC, all from the PS3 itself in a simple and fastÂ
Download: http://www.sendspace.com/file/99llgd Options:
- Displays a list of flags
- Displays list of patch-dynamic
- Displays a list of plugins
- Allows you to export to the root of the usb, the. Cfg file to test it before storing.
List of flags:
- Matheros (direct or normal)
- dumper-ram
- debug
- dev_flash (dumper / restore)
- sc35/36 +8 (more compatible)
- 100% Fan speed (fan at 100%)
Source: Ps3news
Update: I had to TRANSLATE again, because it’s easy to use google translate, and a pain in the EYE to do a proper translation. Please NEXT TIME guys from ps3 news, use someone who knows spanish. Still we cannot trust in Machines. (Sic).
07-22-2012
02:46 AM
um.. don't you mean DEX without Linux? lol
07-22-2012
02:56 AM
07-22-2012
02:56 AM
07-22-2012
03:00 AM
Damn this guys using google translator!
07-22-2012
03:06 AM
I make dumps with this on CFW355-OTHEROS++-SPECIAL in few seconds
07-22-2012
03:10 AM
Apparently they're claiming it works on any CFW, I haven't tested it.
07-22-2012
03:18 AM
I think i will have to do the translation...
07-22-2012
03:38 AM
is that mean C2D without format hdd?
07-22-2012
03:40 AM
Hello pals, after the filtered method of CEX2DEX the team decided to investigate in this new field for certain users and not so much for other. That's why we are working to make an *easier* method in order to switch to DEX without needing linux.
Today i present you the EID0 dumper created by BlackDeath, this app will let us dump all the EID0 or the first section of CEX, ONLY using or running a PKG and having connected a pendrive in dev_usb000. The instructions are on screen and easy to follow:
START: Used to dump all the EID0.
SQUARE: Just to dump the first section of the EID0 (eid0_1st_Section_CEX.bin).
X (EX): To dump the ciphered METLDR to the USB and ready to go (plug and play) for the exploit and get the dump from deciphered METLDR (mentioned in early staged of this guide)
If you are in CFW 3.55 (normal) you have to launch the pkg from video.
Needless to say i leave you the download link that works in ANY CFW 3.55 (PEEK | POKE LV2) As well in MA.
Blackdeath says:
This last version now allow us to dump the METLDR (ciphered) from our consoles if you use the X (EX) button and you will obtain the already ciphered METLDR, ready to make a deciphered dump along with they *keys* using the exploit (later).
We will keep on working on this *area*. Ergo the next step is dump the METLDR without doing so many things in linux, quite the contrary our objective is to achieve a quick, easy to use method to dump it.
eEID0 is needed for make the process of dumping the metldr (as you all know, and only the first section of the eEID0). The result was this tool, which is needed to do the proper conversion from DEX to TEST.
-----------------------------------
Updated on Frontpage.
07-22-2012
03:42 AM
I've just tested, don't work at 3.55 KMEAW, so sad
update: app work, i've installed from wrong USB port!
07-22-2012
03:54 AM
[MENTION=149982]elcido6[/MENTION] checking again the source, my god...they really know how to screw things up with google translate.
07-22-2012
04:07 AM
It might be worth noting that "ConfEditor PS3 for TheGrid" is multilingual. Select changes the language between Spanish and English.
I haven't tried it myself but I took a look at the files and if some one repackages them they could probably make English the default since most of them are suffixed with _en / _es including the background image.
07-22-2012
04:16 AM
I don't have any *PS3* to try on, if anyone give this a shot. Report if it worked or not.
[MENTION=203910]davidpstone[/MENTION] already said that in kmeaw = don't work.
07-22-2012
04:26 AM
I dont know that created dumps are correct
07-22-2012
04:31 AM
I hope to see a nice tutorial like [MENTION=99538]CaptainCPS-X[/MENTION] that includes this method istead of petitboot.That way we won't have to format our HDD just to get linux running.
07-22-2012
04:34 AM
SO IT DOES/DOESNT DO ANYTHING?
EDIT. sorry caps
07-22-2012
04:37 AM
************* [ - Post Merged - ] *************
http://www.ps3hax.net/showthread.php...840#post395840
This tut will work just on NAND models?
07-22-2012
04:53 AM
Im not wrong, i just quoted what you posted.
07-22-2012
05:01 AM
07-22-2012
05:09 AM
It worked for me, on CHECHH PS3, 3.55 KMEAW, but sometimes it crashed.
After installing the pkg, you should run it from VIDEO, not from GAME. And for me it only worked as when the usb pen (formatted FAT32) was completely empty.
07-22-2012
05:22 AM
i've heard that the eid0 dump you get from linux is 256kb, mine (dumped from app) is 3 KB, wtf?
07-22-2012
05:27 AM
worked here on 355oos-sspatches from gitbrew, fast and easy, the usb stick was filled with stuff.no problem saving it
im about to fix one, can't leave it trying the RND iso again, after reburning it boots fine only no video-input once it's loaded, it must be an easy fix and why would he post it if it fails, that one already has it build-in..can't help re-testing it
************* [ - Post Merged - ] *************
07-22-2012
05:49 AM
[MENTION=138171]haz367[/MENTION] better explained, impossible.
07-22-2012
06:37 AM
A modified (or new) no-linux cex-->dex walkthrough would be nice.
07-22-2012
06:47 AM
07-22-2012
07:02 AM
07-22-2012
07:13 AM
There is the original Post ps3hax
07-22-2012
07:24 AM
Now with this how far is it from being a one step thing, Install x.pkg after that fw update?
Do we still need the pc to patch the files needed to flash?
Is Linux still needed to flash the files back to the ps3?
07-22-2012
07:55 AM
We are getting to the stage where linux will be unnecessary to dump the metldr, I'm just waiting fro the time when the DEX version of multiman will pick up games from the internal HDD and it's on like aristion baby!
07-22-2012
08:13 AM
N00B-time: Hi DEXter, what does this button do?? hahahaha sorry i could not resist asking that.
Seriously, what does this tool do above other tools? Do you install it over cfw 3.55 to play 3.60+ games, What what whaaaaaaaaaaaatttt!!?????
Do you have to have a non jailbroken 4.11 ofw ps3?? or a slim ps3 or do you have to update to 4.21??
i read the pages but no good info, i am lost in HEX numbers and algorithems, so please explain it in N00B language!!! don't flame me for asking this, because alot of people are wandering this so, i do not ask for my self.
Please make a N00Breadme.txt on tools like this.
Furthermore Good job in getting SEX to DEXters labratory heheheheheh (CEX=> DEX thing hahaha)
Peace out man.
PS: new cfw should be called "ps3 dexters-lab.pup"
07-22-2012
08:18 AM
Riiiigggghhhht.
07-22-2012
08:56 AM
Not sure if you know what the whole CEX->DEX thing is about so I'll try to explain that to.
CEX= Normal retail console bought in any store close to you.
DEX= Developers console that are sold to game developers, they aren't locked to signed codes and can there by run any code/programs you throw at them.
There is a way to play 3.60+ games on the DEX consoles but it's still in a early stage and it involves using the standard BD-Disk emulation that exists in the DEX console and it have limitation to how many games you can store in it if I don't remember wrong its a max of 4(each game have to be store on a external mass media in a partition each).
In other word Multiman or what every backupmanager you use normaly don't work on a DEX console with fw higher then 3.55, the reason for that is the need of Peak & Poke with don't exist for fw's higher then 3.55 atm.
PS the whole converting process is still long so at least I will wait till it's more simple and a better way then the BD-disk emulator works for games.
07-22-2012
09:37 AM
Does syscall 36 still exist in higher firmwares? if so: why not utilize this instead of peek poke?
[spoiler]
I’ve often been asked what Custom Firmware (CFW) should a person install and why. In this article, I’ll do a comparison between the five widespread custom firmware. By the end of this, you should know, which custom firmware is best.
Geohot Custom Firmware – Geohot’s CFW has the ability to load signed homebrew. Since lv2 is not patched, no backup managers work because of this. If you want games to play, you will have to convert them into a PKG using tools.
Unpatched lv2 (No Backup Managers, game must be converted to a PKG)
Loads Signed Homebrew
wutangrza Custom Firmware - wutangrza’s CFW based on flukes1′s instructions to add peek and poke to lv2. Just like geohot’s, it loads signed homebrew and has the extra progress of peek and poke in lv2. It’s still not able to make use of Backup Managers in a stock setup, however, later, the kmeaw patch can be applied to do that.
Only Signed Homebrew
No Backup Managers on Stock CFW (However possible using kmeaw’s patch)
Added Peek and Poke to lv2
Waninkoko Custom Firmware – Waninkoko’s CFW patched lv2, however, it did this without even checking lv1 first. This method was highly unstable and led to a lot of random bricks. The CFW did bring Peek and Poke to lv2 as well as SysCall 36 which allowed Backup Managers to work.
Launch Signed Homebrew
Working Backup Managers
Peek, Poke and SysCall 36
Highly Unstable (Causes Random Bricks)
kmeaw CFW – Just about a day after wutangrza, kmeaw came up with his CFW. kmeaw’s CFW implemented PL3. kmeaw also released a patch for wutangrza’s CFW which brought PL3 to it.
Launch Signed Homebrew
Working Backup Managers
Peek, Poke and SysCall 36
Seems stable.
Rebug CFW – Rebug Custom Firmware is the latest custom firmware out there. It aims to add debug console features to regular retail consoles. While not all debug features work, it has bought some.
Launch Signed Homebrew
Working Managers
Peek, Poke and SysCall 36
Some Debug features
Pre-installed BDEmu
Supports TB Dongle through a PKG Patch
There you have it. A simple comparison between the five different Custom Firmwares. My advice; use either kmeaw CFW or Rebug CFW. Make sure to avoid Waninkoko’s as there’s a high chance it’ll randomly brick you. Also, if you plan on switching CFW's, I suggest you uninstall the current CFW by installing the Original Firmware version you need for the new CFW.
[/spoiler]
Old info, I know, but is it still relevant?
07-22-2012
10:05 AM
07-22-2012
10:18 AM
[MENTION=234571]lintz[/MENTION] 2 words:
Thank You!!!
Thats all :-).
07-22-2012
10:19 AM
07-22-2012
10:33 AM
07-22-2012
10:40 AM
07-22-2012
10:51 AM
07-22-2012
10:55 AM
Cheers [MENTION=114607]deank[/MENTION]
07-22-2012
01:35 PM
Quick questions
can chechL be converted to dex
anddoes this work or is it a wIp
07-22-2012
01:42 PM
[MENTION=114607]deank[/MENTION].So i assume that this tool doesn't have any use at all?I'm asking cause i'm itching to convert my console but i'm too lazy to backup all my data,Just to run linux once.Do you think/work on ony way/tutorial for us, to make a COMPLETE dump without formating the ps3???
[SPOILER]Love your work,keep it up[/SPOILER]
P.S. I remember i could run linux on KMEAW with lv2 patcher & asbestos or bootos(something like that).Can we obtain the dump through this way?
07-22-2012
02:21 PM
07-22-2012
03:58 PM
i tested this tool (blackdeath dumper) on my PS3 (FAT with NAND / CFW 3.55 with peek/poke build with MFW Builder 0.21 ) now, installed ok but no file created on my stick i tried all options nothing worked...
i know that my stick is ok cause it worked with preloader advance 3.1
i think i use the way with c2d..
07-22-2012
04:22 PM
c2d keeps opening then cuts off after 2 secs any help with this ???
07-22-2012
06:07 PM
07-22-2012
11:00 PM
but thats not the problem anymore.. have the metldr dumped with cex2dex.. checked it with ps3devwiki
at the moment cant get that dump-proggy to run fine.. timing or something.. dont get it.. sleepmode on...
07-23-2012
10:52 PM
can i install this on my slim CFW 3.55 kmeaw without Nand.
Regards
07-24-2012
10:29 PM
then, what shall I do after I dump the eEID0.bin, eid0_1st_Section_CEX.bin, metldr files?
I know the use of metldr, how to use the other 2 files?
07-24-2012
11:16 PM
[MENTION=97984]cuberider[/MENTION] i think, nope.
07-25-2012
01:56 AM
perhaps its because I have an old SD tv (One of those back breakers) but when this loads I cannot see the instructions on the screen just the title and changing background colours.