• PS3 Hacks , 26.06.2013

    Here are two awesome releases/accomplishments for the scene in one day, the 3.60+ loader keys (credits to great unicorns!) and HDD encryption for PHAT Consoles (credits to flatz)!

    Starting with firmware version 3.60 loader keys have been encrypted. Look here for a tool that decrypts them. Besides that, there is an implementation of the cryptographic algorithm which is used to encrypt/decrypt lv1ldr from lv0 and root scramble key at the SPU side.

    More Info/Source: http://ps3devwiki.com/index.php?title=Keys
     
     

    • On the PHAT consoles AES-CBC-192 is used for HDD encryption and AES-CBC-128 for VFLASH encryption.
    • So no tweak and tweak key here. Each sector is encrypted with the same zeroed IV.
    • VFLASH is encrypted once with ENCDEC key and zeroed IV!
    • Data key is of size 32 bytes but only the first 24 bytes are used for HDD and 16 bytes for VFLASH.
    • See also http://www.multiupload.nl/6PIFV4GKSH (contains scripts of ENCDEC emulator for both types of consoles).

    More Info/Source: http://ps3devwiki.com/index.php?title=HDD_Encryption

     


    Meme by naehrwert (i don’t really know what it means but i’m still posting it..)

    Thanks to all devs!

    Discuss in Forums (105)


  • 105 Comments

    1. donglehater
      06-26-2013
      02:59 PM
      1

      I will look stupid so others wont need to.


      What will this help us to do?

    2. HomeDope
      06-26-2013
      03:02 PM
      2

      Yeah. I'm interested too, could someone translate that for us

      ~Home

    3. mrc1978
      06-26-2013
      03:04 PM
      3

      Originally Posted by donglehater
      I will look stupid so others wont need to.


      What will this help us to do?
      Don't worry, I'll look stupid with you.....

      Explain?

      Please...

    4. wizzar
      06-26-2013
      03:06 PM
      4

      We noobs are all thinking it so here goes, will this aid towards CFW/HOMEBREW/PIRACY ON 3.55+ firmwares?

    5. felino_31
      06-26-2013
      03:08 PM
      5

      explanation for me too please

    6. ICECOLDKILLAH
      06-26-2013
      03:09 PM
      6

      loader....?? keys...?

    7. Gunzmo
      06-26-2013
      03:11 PM
      7

      i guess we can decrypt the hdd of phat ps3's and maby mod the hdds internal files and put it back and let the ps3 load it up.. just a guess tho

    8. zecoxao
      06-26-2013
      03:11 PM
      8

      first thing are the scrambled keys. Sony obfuscated the keys in order to make hard our access to them. those are called scrambled keys.

      second thing is hdd encryption by glevand was incomplete. partially because he only had a slim and not a phat. now it's complete.

      third thing is supposedly how cobra and 3k3y takes care of the drive keys on newer consoles. they basically don't even grab the keys, and all that's needed are sv_iso keys.

      /flies away :D

    9. euss
      06-26-2013
      03:12 PM
      9

      It will help others to deobfuscate the real keys that in the end are used for making MFWs. Basicly anyone can now decrypt them and with the algo documented publicly that makes it time for Sony to change it or let it rest while giving PS4 attention.
      And no, we will never be able to get private keys - forget that ever happened in 3.55pre era.

      As to the hdd crypto: well, it is about time that not only NOR consoles, but also NAND consoles can benefit from documentation about their encryption. In the longrun that means you could be able to dump your drivekeys and decrypt the hdd on the PC.
      Ofcourse without keys you cannot get far, to give you an idea : http://www.ps3hax.net/showthread.php...d=1#post616317

    10. kiwitothemax
      06-26-2013
      03:20 PM
      10

      [MENTION=131344]euss[/MENTION] cheers for the explanation and commitment to this scene

    11. hellsing9
      06-26-2013
      03:27 PM
      11

      4.45 + HDD fiasco = ?

    12. Annelies
      06-26-2013
      03:29 PM
      12

      Who are the great unicorns?

    13. haz367
      06-26-2013
      03:30 PM
      13

      thx i suppose keep sharing pls...to much greed already...

    14. aus
      06-26-2013
      03:45 PM
      14

      Cobra-ODE, 3k3y, and now this, All jail the scene!!!

    15. Beoir
      06-26-2013
      03:50 PM
      15

      Awesome! Gj to everyone who's involved with this :D .

    16. BobbyBangin
      06-26-2013
      03:57 PM
      16

      Originally Posted by Annelies
      Who are the great unicorns?
      Charlie the Unicorn - YouTube

    17. felino_31
      06-26-2013
      04:15 PM
      17

      do not go to candy mountain charlie!!!!

    18. ocam
      06-26-2013
      04:31 PM
      18

      Originally Posted by hellsing9
      4.45 + HDD fiasco = ?
      tell us

    19. Elegant
      06-26-2013
      04:35 PM
      19

      I really wish we would start patching out encryption like the HDD from the console, it's nice to be able to decrypt them but since we could just patch it why don't we just do that, then decrypt our drives and be free.

    20. beatdowniidx
      06-26-2013
      05:10 PM
      20

      i guess we can do some sort of happy dance ?

    21. eat
      06-26-2013
      05:18 PM
      21

      Originally Posted by beatdowniidx
      i guess we can do some sort of happy dance ?
      here You go

      Percy Happy Dance - YouTube

    22. tjhooker73
      06-26-2013
      05:23 PM
      22

      SON OF A *****. it takes me to the freaken free 60 gb ps3 thread again.

      Sent from my HTC One X using Tapatalk 2

    23. hellsing9
      06-26-2013
      05:32 PM
      23

      Originally Posted by ocam
      tell us

    24. toolz
      06-26-2013
      05:33 PM
      24

      make our internal drives NTFS?

    25. UrbanAnonymous
      06-26-2013
      05:47 PM
      25

      Originally Posted by hellsing9
      i fudging love chicks wit ink. and thats a sick tat !!!


      and so this doesent mean we can now rescue lost save data from a broken system?

    26. tjhooker73
      06-26-2013
      05:49 PM
      26

      Damn it. It's Microsoft and the illuminati releasing info again.

      Sent from my HTC One X using Tapatalk 2

    27. Cheesethief
      06-26-2013
      05:55 PM
      27

      Stuff is happening.

      I like it when stuff is happening.

    28. cloudx
      06-26-2013
      05:55 PM
      28

      hmmm the great unicorns ! i guess unicorns are magical !!! : D XD LOL !

    29. Joe-PK
      06-26-2013
      06:21 PM
      29

      So realistically as im slightly confused by all the different things going on in this post. Will this help us get homebrew applications running on ps3s that are 3.55+ anytime soon or is this just a small step and everything is still a shot in the dark?

    30. Haidarooz
      06-26-2013
      06:24 PM
      30

      Originally Posted by hellsing9

      Illuminati puppet detected in picture !

    31. Elegant
      06-26-2013
      07:23 PM
      31

      Originally Posted by Joe-PK
      So realistically as im slightly confused by all the different things going on in this post. Will this help us get homebrew applications running on ps3s that are 3.55+ anytime soon or is this just a small step and everything is still a shot in the dark?
      Unlikely, you'd still have to sign it correctly which we can't do. This of course assuming you got the keys to decrypt it as they are per console based.

    32. hellsing9
      06-26-2013
      07:40 PM
      32



      http://t.co/7ePxPMiauq

    33. w0313
      06-26-2013
      07:53 PM
      33

      I knew it ... http://www.ps3hax.net/showpost.php?p...5&postcount=80
      and now their name is Unicorn. what's next?take a guess ..

    34. beatdowniidx
      06-26-2013
      09:40 PM
      34

      so how long will it take to actually turn into something

    35. Ada Love Lace
      06-27-2013
      01:17 AM
      35

      Originally Posted by beatdowniidx
      so how long will it take to actually turn into something
      Be more enthusiasm, it s free and the best era on ps3 for it.
      It s good news to hear more from Euss, Flatz and Naehrwert.
      It ll not turn into something magic but more easily/open for everyone.
      You can have some ideas from this thread, as where A lead to B.

      http://www.ps3hax.net/showthread.php?t=28303&page=16

    36. ocam
      06-27-2013
      02:14 AM
      36

      Originally Posted by hellsing9
      and suddenly

    37. 3absiso
      06-27-2013
      02:21 AM
      37


      this is what i said, something is going to be leaked

    38. Abkarino
      06-27-2013
      03:11 AM
      38

      Originally Posted by 3absiso

      this is what i said, something is going to be leaked
      This is not leaked anyway
      flatZ had figured this algo a long time ago and he had wrote a tool to some other trusted devs to be able to create newer CFW

    39. ocam
      06-27-2013
      03:27 AM
      39

      Originally Posted by Abkarino
      This is not leaked anyway
      flatZ had figured this algo a long time ago and he had wrote a tool to some other trusted devs to be able to create newer CFW
      you mean the newer CFW's that we already have?

    40. DEFAULTDNB
      06-27-2013
      03:38 AM
      40

      Originally Posted by Abkarino
      This is not leaked anyway
      flatZ had figured this algo a long time ago and he had wrote a tool to some other trusted devs to be able to create newer CFW
      Are you saying Rogero/Rebug etc have been using this all this time to make 4.XX CFWs?

      Our BIGGEST thanks:
      flatz - Helping with the OtherOS testing and well… You know what you did..
      http://rebug.me/

    41. tjhooker73
      06-27-2013
      03:41 AM
      41

      Originally Posted by DEFAULTDNB
      Are you saying Rogero/Rebug etc have been using this all this time to make 4.XX CFWs?



      http://rebug.me/
      Well of course.

      Sent from my HTC One X using Tapatalk 2

    42. NTA
      06-27-2013
      03:45 AM
      42

      Yay new cfw without downgrading

    43. Abkarino
      06-27-2013
      04:13 AM
      43

      Originally Posted by ocam
      you mean the newer CFW's that we already have?
      Originally Posted by DEFAULTDNB
      Are you saying Rogero/Rebug etc have been using this all this time to make 4.XX CFWs?

      http://rebug.me/
      Yea Rebug/Rogero are using the lv1ldr decrypted from lv0 by flatZ since he is the only one that i know that had figured out how Sony had encrypted/scrambled lv1ldr to protect app keys in newer versions since 3.60.
      He had reversed the scrambling algorithm for lv1ldr long time ago before any 4.xx cfw release and without this algo/tool no body could made this CFW.
      Also Rebug Team had used this tool to create their lovely CFW

    44. xxmcvapourxx
      06-27-2013
      04:41 AM
      44

    45. 3absiso
      06-27-2013
      04:49 AM
      45

      Originally Posted by Abkarino
      Yea Rebug/Rogero are using the lv1ldr decrypted from lv0 by flatZ since he is the only one that i know that had figured out how Sony had encrypted/scrambled lv1ldr to protect app keys in newer versions since 3.60.
      He had reversed the scrambling algorithm for lv1ldr long time ago before any 4.xx cfw release and without this algo/tool no body could made this CFW.
      Also Rebug Team had used this tool to create their lovely CFW
      This is really good,
      i just wish all ODE plans shatters

    46. Cheesethief
      06-27-2013
      05:00 AM
      46

      Originally Posted by Abkarino
      This is not leaked anyway
      flatZ had figured this algo a long time ago and he had wrote a tool to some other trusted devs to be able to create newer CFW
      Oh gosh, how I love this scene and its developer circle jerks

    47. 3absiso
      06-27-2013
      05:03 AM
      47

      Originally Posted by Cheesethief
      Oh gosh, how I love this scene and its developer circle jerks
      Just leaked at the right time

    48. ocam
      06-27-2013
      05:04 AM
      48

      Originally Posted by 3absiso
      This is really good,
      i just wish all ODE plans shatters
      eventually, a software solution will be released, we just have to be patient.
      **** DRM and all devs behind it

    49. Abkarino
      06-27-2013
      05:09 AM
      49

      For every one here please read this post

      http://www.ps3hax.net/showthread.php...656#post616656

    50. ocam
      06-27-2013
      05:12 AM
      50

      Originally Posted by Cheesethief
      Oh gosh, how I love this scene and its developer circle jerks
      imagine how many other things/keys they have

    51. Abkarino
      06-27-2013
      05:14 AM
      51

      Originally Posted by ocam
      imagine how many other things/keys they have
      4 of them are now published by me see the last post

    52. ocam
      06-27-2013
      05:18 AM
      52

      Originally Posted by Abkarino
      4 of them are now published by me see the last post
      I've seen it, thanks.
      Can you contact the lovely bird for all other keys?

    53. Abkarino
      06-27-2013
      05:24 AM
      53

      Originally Posted by ocam
      I've seen it, thanks.
      Can you contact the lovely bird for all other keys?
      Sure will be soon not other keys only but a lot of good info will be available also

    54. The Dutch Gamer
      06-27-2013
      05:30 AM
      54

      Was this the thing you were talking about [MENTION=186943]hellsing9[/MENTION] ?

      :D :D

    55. willemse21
      06-27-2013
      05:34 AM
      55

      great news thnx!

    56. ocam
      06-27-2013
      05:43 AM
      56

      Originally Posted by Abkarino
      Sure will be soon not other keys only but a lot of good info will be available also
      now THAT's some INFO!

      thanks [MENTION=12453]Abkarino[/MENTION]

    57. Geikro
      06-27-2013
      05:56 AM
      57

      So, with it, can be made a 4.41 CFW?

    58. 3absiso
      06-27-2013
      06:04 AM
      58

      Originally Posted by Abkarino
      Sure will be soon not other keys only but a lot of good info will be available also
      Does this mean ODE Plans are shattered Bro?

    59. ocam
      06-27-2013
      06:06 AM
      59

      Originally Posted by Geikro
      So, with it, can be made a 4.41 CFW?
      a CFW that can be installed over OFW 4.41?

      NO

    60. Akmzero
      06-27-2013
      06:36 AM
      60

      So I don't think this question was ever answered. Are we able to view our HDD's and get the data off them now?

    61. Abkarino
      06-27-2013
      06:50 AM
      61

      Originally Posted by 3absiso
      Does this mean ODE Plans are shattered Bro?
      I did not think so my bro. since ODE can not be software implemented only specially in newer console.
      But this info will allow us at lest to run homebrews in 3.60+ OFW
      ************* [ - Post Merged - ] *************
      Originally Posted by Akmzero
      So I don't think this question was ever answered. Are we able to view our HDD's and get the data off them now?
      Yes you can if you have the valid keys for that and i remember that you will need your eid root key also.

    62. 3absiso
      06-27-2013
      06:57 AM
      62

      Originally Posted by Abkarino
      I did not think so my bro. since ODE can not be software implemented only specially in newer console.
      But this info will allow us at lest to run homebrews in 3.60+ OFW
      Running Homebrews on 3.60+ OFW PS3 is what we need and it is the first step Bro

    63. w0313
      06-27-2013
      07:04 AM
      63

      Sony screwed the scene
      Cobra ODE screwed Sony
      3KEY ODE screwed Cobra ODE
      The scene screwed the ODEs and Sony (once again)

    64. Abkarino
      06-27-2013
      07:12 AM
      64

      Originally Posted by 3absiso
      Running Homebrews on 3.60+ OFW PS3 is what we need and it is the first step Bro
      Yea that what we need bro


      Originally Posted by w0313
      Sony screwed the scene
      Cobra ODE screwed Sony
      3KEY ODE screwed Cobra ODE
      The scene screwed the ODEs and Sony (once again)
      hehehehe yea you are right

    65. 3absiso
      06-27-2013
      07:24 AM
      65

      Originally Posted by w0313
      Sony screwed the scene
      Cobra ODE screwed Sony
      3KEY ODE screwed Cobra ODE
      The scene screwed the ODEs and Sony (once again)
      the thing i do not like about you is : you are A REAL MADRID Fan

    66. donkey-punch
      06-27-2013
      07:36 AM
      66

      Surely with all this info and all these keys users should have the ability to knock up some sort of ghetto ode.

    67. malex
      06-27-2013
      09:07 AM
      67

      So with these keys we can play PS4 games of our PS3s now????

      Originally Posted by donkey-punch
      Surely with all this info and all these keys users should have the ability to knock up some sort of ghetto ode.
      It's about time I had something else to do with the Teensy.

      It's great to see these releases, I was expecting things to eventually start getting more interesting as the PS4 looms ever closer. Thanks to all involved.

    68. w0313
      06-27-2013
      09:09 AM
      68

      Originally Posted by 3absiso
      the thing i do not like about you is : you are A REAL MADRID Fan
      and then you're a Barcelonista right?that's fine

      Originally Posted by Abkarino
      Yea that what we need bro




      hehehehe yea you are right
      thanks to you too, indeed we screwed Sony again.

    69. 3absiso
      06-27-2013
      09:53 AM
      69

      Originally Posted by w0313
      and then you're a Barcelonista right?that's fine
      Yub iam a Barcelonista

    70. K!r@
      06-28-2013
      03:38 AM
      70

      With the leaks of 3.60+ Loader keys plus lvl1ldr crypto keys, will we be able to see the light of a new CFW over OFW 4.21 - 4.46??

    71. Cheesethief
      06-28-2013
      03:43 AM
      71

      Originally Posted by K!r@
      With the leaks of 3.60+ Loader keys plus lvl1ldr crypto keys, will we be able to see the light of a new CFW over OFW 4.21 - 4.46??
      No. This is not related to that. In order to install a CFW over OFW we would need private keys. Those are locked away at Sony's HQ. They are actually random this time too so we can't calculate them like what happened with 3.55.

      Sent from my Nexus 4 using Tapatalk 2

    72. RCFProd
      06-28-2013
      04:12 AM
      72

      Where is Sony's HQ? They might give me their private keys if I ask nicely.

    73. DEFAULTDNB
      06-28-2013
      04:23 AM
      73

      Originally Posted by RCFProd
      Where is Sony's HQ? They might give me their private keys if I ask nicely.
      You might also poop a perfect block of gold one day too....

    74. The Dutch Gamer
      06-28-2013
      04:24 AM
      74

      Originally Posted by RCFProd
      Where is Sony's HQ? They might give me their private keys if I ask nicely.
      Good luck
      http://www.sony.net/SonyInfo/CorporateInfo/Data/Map/

    75. RCFProd
      06-28-2013
      04:34 AM
      75

      Thanks. I'll just tell 'em It's for business.

    76. ocam
      06-28-2013
      04:42 AM
      76

      Originally Posted by Abkarino
      Sure will be soon not other keys only but a lot of good info will be available also
      will it be related to the homebrew part on OFW or something completely new?
      I know that you can't go into details, but give us some hints

    77. caymera
      06-28-2013
      05:49 AM
      77

      Originally Posted by Cheesethief
      No. This is not related to that. In order to install a CFW over OFW we would need private keys. Those are locked away at Sony's HQ. They are actually random this time too so we can't calculate them like what happened with 3.55.

      Sent from my Nexus 4 using Tapatalk 2
      so what can we do with these keys?

    78. The Dutch Gamer
      06-28-2013
      06:56 AM
      78

      Originally Posted by caymera
      so what can we do with these keys?
      Quoted from the very first page (which you prolly didn't read ?)

      Originally Posted by zecoxao
      first thing are the scrambled keys. Sony obfuscated the keys in order to make hard our access to them. those are called scrambled keys.

      second thing is hdd encryption by glevand was incomplete. partially because he only had a slim and not a phat. now it's complete.

      third thing is supposedly how cobra and 3k3y takes care of the drive keys on newer consoles. they basically don't even grab the keys, and all that's needed are sv_iso keys.

      /flies away :D
      Originally Posted by euss
      It will help others to deobfuscate the real keys that in the end are used for making MFWs. Basicly anyone can now decrypt them and with the algo documented publicly that makes it time for Sony to change it or let it rest while giving PS4 attention.
      And no, we will never be able to get private keys - forget that ever happened in 3.55pre era.

      As to the hdd crypto: well, it is about time that not only NOR consoles, but also NAND consoles can benefit from documentation about their encryption. In the longrun that means you could be able to dump your drivekeys and decrypt the hdd on the PC.
      Ofcourse without keys you cannot get far, to give you an idea : http://www.ps3hax.net/showthread.php...d=1#post616317

    79. Abkarino
      06-28-2013
      06:56 AM
      79

      Originally Posted by ocam
      will it be related to the homebrew part on OFW or something completely new?
      I know that you can't go into details, but give us some hints
      Yea it'll be related to installing and running homebrew in OFW if it does need any CFW patches like peek and poke

    80. JonahUK
      06-28-2013
      07:02 AM
      80

      [MENTION=12453]Abkarino[/MENTION]

      Maybe peek & poke could be done via a pkg as it was originally done before CFW, it just won't be permanently patched.

    81. wakka1
      06-28-2013
      07:38 AM
      81

      Originally Posted by Abkarino
      Yea it'll be related to installing and running homebrew in OFW if it does need any CFW patches like peek and poke
      Will it also work on 3k/4k or just fat/slim 2XXX ?

    82. zecoxao
      06-28-2013
      07:51 AM
      82

      people, sony did several things when they created the 3.60 ofw and the remaining firmwares.

      firstly, they hid isoldr,appldr,lv1ldr and lv2ldr on lv0 so that it couldn't be decrypted with anything else besides the bootldr keys.

      secondly, they scrambled lv1ldr with other keys. you can decrypt the other loaders fine ( appldr, isoldr, lv2ldr ) but not lv1ldr, since you need aditional keys for that.

      so basically, all these "new" findings are OLD. lots of devs already knew about the algo (it was probably flatz who found out about it), and besides, the 3.60/3.61 and 4.21-4.46 keys are already known. what ISN'T old are the root scramble keys from the other revisions, and we must fill the rest of the stuff missing on the wiki for that.

      THIS WILL NOT LET YOU RUN HOMEBREW ON OFW!!!

      THIS WILL NOT LET YOU GET PRIVATE KEYS!!!

      i hope people understand this as soon as possible.

    83. Geikro
      06-28-2013
      10:49 AM
      83

      Originally Posted by ocam
      a CFW that can be installed over OFW 4.41?

      NO
      Why cannot be installed over OFW 4.41? If the keys are public

    84. szczuru
      06-28-2013
      10:58 AM
      84

      Originally Posted by Geikro
      Why cannot be installed over OFW 4.41? If the keys are public
      We need private keys to have properly signed CFW with abitility to install over any 3.55+ OFW.

      Obtaining private keys is almost impossible - only know solutions:
      -obtain them via "super-hyper-mega-cool" exploit (which we don't have also)
      -obtain them from sony angry ex-employee ;D

    85. zecoxao
      06-28-2013
      11:02 AM
      85

      the keys should be these ones.

      Code:
      2A F9 18 23 CE 38 59 8E 8D 66 24 5F 69 8A B5 72 <- key 1 
      04 BE 8D D3 18 D3 E7 45 4A 16 62 96 B0 22 F8 8D <- key 2
      D1 A7 4E 3D ED 98 14 5F 02 3F 07 FF B6 0D 2B 1D <- iv 1
      16 D3 B1 E7 B0 07 FD FE 10 1C 02 9B 5F 39 C7 61 <- iv 2
      for 3.70 appldr

      Code:
      9F D8 3E A3 2E 9E AA 0E F5 4A D0 CF BB 60 D1 DF <- key 1
      A9 70 9B E3 E8 04 3B A2 46 35 A2 61 75 41 E9 D5 <- key 2
      19 4B 64 9C DA 9F 4D 81 4C D1 19 C6 03 E4 9F B5 <- iv 1
      F0 6A 5B 2F EF 9C A8 7B 17 59 DC 53 AE E1 A3 B5 <- iv 2
      for 3.70 isoldr

      last but not least

      Code:
      85 AE C6 7C B8 5B D0 4D 3E 7D 3D 76 AA 60 4F F5 <-key 1
      61 60 04 C6 C2 D6 14 73 71 06 FE 41 66 88 26 A7 <- key 2
      51 B4 0C 08 4A 81 C9 BE 35 10 8F FC 0C 00 8F 64 <- iv 1
      A7 65 A8 45 AA B4 77 EA BF EF 42 74 AD A6 AF 04 <- iv 2
      for 3.70 lv2ldr

      i'll post more as i find them

      edit: following the same scheme as before (key 1 and 2 then iv 1 and 2):

      Code:
      D1 FF 8A 1B 7A D2 7A 18 6B 0F 1E 2F FF 5C 2B 65 
      8F 40 C9 F3 CE F5 28 4F 5F 43 2B D9 06 EC DF 24 
      4D 5E C6 16 04 BC E8 25 0E 62 60 03 76 06 18 78 
      0B 10 7F 57 C0 95 B3 1E F1 5B 95 FF EC 51 34 B2
      appldr 3.65

      Code:
      E3 7A 76 3F D7 A5 59 CF D7 E1 E2 DA 5C 8C BA C4 
      23 EA D0 0F C7 8D 9A 8B 77 85 EB 60 01 24 23 8C 
      19 83 61 A9 04 E7 48 38 1C B9 AA 1D F5 CC AB 17 
      61 B0 D0 45 DF 57 27 EF C1 9E 5B E5 3B E7 0F 14
      isoldr 3.65

      Code:
      4B 97 3A 45 A2 38 94 CB F0 CD FC 16 8B 7E FB 31
      85 8C FE 09 36 54 E3 EF A1 6F CC E5 F7 3C 95 91
      22 10 B3 10 3E 7E DF D8 CE 0B 25 55 1B 1D 40 03
      48 14 72 B4 DF 63 EA 5F 88 3D AA 28 72 EE 5D 2F
      lv2ldr 3.65

      edit : same scheme

      Code:
      6B FA FA 12 4D 4B 88 84 1B CB 86 13 64 C3 28 26 
      43 38 70 0B 5F A6 42 76 DD 3E 57 80 6E D6 79 FD 
      3F 76 79 B0 A1 43 0C 49 0C 1F 24 9E AA 46 8D 2C 
      CF CA E1 AF 6F 98 E5 65 1C BB 02 1D 78 DD 8F 1B
      appldr 4.11

      Code:
      FF D6 34 2F C8 6B 81 F0 E5 6C 68 67 D6 18 D7 2A 
      19 49 22 A1 EE B0 1E 61 48 84 A4 4D 1D 7B 7F C1 
      EE B7 2F C7 E4 25 44 C4 60 E7 8E A3 0C 72 D2 11 
      85 2C C5 C6 C5 D3 B7 EE B1 80 11 47 B3 2E 8D 21
      isoldr 4.11

      Code:
      02 03 97 E6 D2 92 28 8F 80 65 9F 06 E2 DA CE FB 
      57 7B A1 CB F1 FD 40 A3 EF 53 C9 B5 DA C3 AC 60 
      4C C9 A8 A9 EE D8 89 07 0F 06 6E C9 A7 CA DA 2B 
      B6 4B F3 D0 4F BB 3F 8D 29 F9 E6 3A 97 DF 3D A9
      lv2ldr 4.11

    86. Geikro
      06-28-2013
      11:17 AM
      86

      Originally Posted by szczuru
      We need private keys to have properly signed CFW with abitility to install over any 3.55+ OFW.

      Obtaining private keys is almost impossible - only know solutions:
      -obtain them via "super-hyper-mega-cool" exploit (which we don't have also)
      -obtain them from sony angry ex-employee ;D
      And why this Keys are so important for make a new CFW?

    87. zecoxao
      06-28-2013
      11:20 AM
      87

      Originally Posted by Geikro
      And why this Keys are so important for make a new CFW?
      they're not really important, since the newer firmwares already have all the keys necessary. we're just concerned about the firmwares between 3.65 and 4.11

    88. tjhooker73
      06-28-2013
      11:28 AM
      88

      Originally Posted by zecoxao
      they're not really important, since the newer firmwares already have all the keys necessary. we're just concerned about the firmwares between 3.65 and 4.11
      Didn't someone have some contraption that could dump the keys. But wouldn't share them? So I'm guessing it was math. I remember seeing something some time ago like after 3.60

      Sent from my HTC One X using Tapatalk 2

    89. zecoxao
      06-28-2013
      11:35 AM
      89

      more keys:

      B2 30 69 98 F3 0D EF 67 50 E0 16 74 BC A3 8D 46
      F8 FA D1 54 8B 45 6C 4F 78 69 29 6F 7D C2 7E 83
      29 12 F5 FC 4C 4F F4 00 94 0B 36 91 93 30 3D 16

      isoldr key set (2 erks 1 riv)

      EC FA C7 BA 2F 1B FA 19 8A 83 4E BC 25 B4 FB D4
      74 48 76 4A 6E 79 A2 00 C2 69 48 14 1A 26 B7 94
      CF 33 BD A9 F5 5C 71 BD 9F 38 B3 11 62 FC B0 E3

      lv2ldr keyset (same scheme)

      more keys to come.

    90. howieumd
      06-28-2013
      11:37 AM
      90

      Originally Posted by zecoxao
      they're not really important, since the newer firmwares already have all the keys necessary. we're just concerned about the firmwares between 3.65 and 4.11
      And 4.46? Or is that one already found and we're just waiting for an updated CFW from Rebug, Rogero, or whoever makes them at this point?

      So right now, you're just filling in the gaps more or less? Like if we had this info a year ago there could have been a CFW 4.11, or two years ago a CFW 3.70, to be installed over those who stayed on 3.55, similarly to how Rebug/Rogero 4.21 came out and each CFW since, up to 4.41 so far, that we have those keys for?

    91. toolz
      06-28-2013
      11:38 AM
      91

      Mint keep it up

    92. zecoxao
      06-28-2013
      11:57 AM
      92

      even more keys:

      3.70 iso keyset

      7D A7 D4 47 D0 FD 40 88 FF F2 B8 58 A2 66 FE FE
      CB 3D 2E 79 D6 8B CC 0A 70 FF 8B 38 12 58 EF A7
      E4 6F 02 FD CA 9F 40 CC 5C D7 15 D9 30 19 0F E0

      3.70 lv2ldr keyset

      7E 11 5E 8C 38 BE A0 57 85 8E 97 F6 70 EB 3E 6E
      2B 8F A0 4C 05 94 22 CC 92 73 EF 12 33 56 79 B4
      90 A0 6C 54 C7 27 84 4A B5 30 0B B6 AB 54 C5 37

      3.65 iso keyset

      16 26 B6 46 CC 8A 81 98 DA C7 25 CF 61 6C 44 2D
      85 5A 1E 3F BD 58 24 BA 9A A3 6F 5F BC 34 5C A0
      2E 69 1E 33 43 A5 5B 99 E8 A9 35 B0 44 3B D6 7B

      3.65 lv2ldr keyset

      2A 0E 7F D3 DA 4A C7 4D 4A B2 DD 6A F3 6F ED 41
      CD 5F 50 DE CB 7F C9 45 F8 1A 85 46 0E 14 17 39
      FD 9D 73 15 64 C1 D1 F0 A4 25 86 67 10 0D 1F 17

      edit:

      AND FINALLY, a real goddamn decryption key. 3.65-3.66 isoldr key and 3.65-66 lv2ldr key

      [isoldr]
      type=SELF
      revision=0001
      version=0003006500000000
      self_type=ISO
      erk=E6A21C599B75696C169EC02582BDA74A776134A6E05108EA701EC0CA2AC03592
      riv=D292A7BD57C0BB2EABBCA1252FA9EDEF
      pub=
      priv=
      ctype=

      [lv2ldr]
      type=SELF
      revision=0000
      version=0003006500000000
      self_type=LV2
      erk=688D5FCAC6F4EA35AC6AC79B10506007286131EE038116DB8AA2C0B0340D9FB0
      riv=75E0239D18B0B669EAE650972F99726B
      pub=
      priv=
      ctype=

      edit: 3.70 isoldr and lv2ldr keys

      [isoldr]
      type=SELF
      revision=0001
      version=0003007000000000
      self_type=ISO
      erk=072D3A5C3BDB0D674DE209381432B20414BC9BDA0F583ECB94BD9A134176DD51
      riv=8516A81F02CF938740498A406C880871
      pub=
      priv=
      ctype=

      [lv2ldr]
      type=SELF
      revision=0000
      version=0003007000000000
      self_type=LV2
      erk=E81C5B04C29FB079A4A2687A39D4EA97BFB49D80EF546CEB292979A5F77A6254
      riv=15058FA7F2CAD7C528B5F605F6444EB0
      pub=
      priv=
      ctype=

      edit: a couple more

      [isoldr]
      type=SELF
      revision=0001
      version=0004001100000000
      self_type=ISO
      erk=4262657A3185D9480F82C8BD2F81766FCC2C8FD7DD5EBE8657B00B939E0C75BD
      riv=4F1E3EF07D893A4714B1B3D5A4E50479
      pub=
      priv=
      ctype=

      [lv2ldr]
      type=SELF
      revision=0000
      version=0004001100000000
      self_type=LV2
      erk=A1E4B86ED02BF7F1372A2C73FE02BC738907EB37CE3BA605FE783C999FAFDB97
      riv=BBE7799B9A37CB272E386618FDFD4AEC
      pub=
      priv=
      ctype=

      appldr keys for maximum version 4.21 (it's a simple comment out of the code, anyone can spit out the text)

      https://dl.dropboxusercontent.com/u/35197530/appldr.txt

    93. zecoxao
      06-28-2013
      03:34 PM
      93

      [MENTION=100038]aldostools[/MENTION] i was wondering if you could verify those keys for me it seems that some appldr keys are wrong on the wiki too.

    94. beatdowniidx
      06-28-2013
      03:37 PM
      94

      jesus [MENTION=202826]zecoxao[/MENTION] great work

    95. aldostools
      06-28-2013
      09:24 PM
      95

      Originally Posted by zecoxao
      [MENTION=100038]aldostools[/MENTION] i was wondering if you could verify those keys for me it seems that some appldr keys are wrong on the wiki too.
      I have verified your keys with the lv2 and iso selfs of CORE_OS for fw 3.65, 3.73 and 4.00 and the keys worked fine

      I updated the keys file for scetool:
      http://ps3tools.aldostools.org/keys

    96. cloudx
      06-28-2013
      10:57 PM
      96

      sweet ! hopefully we might get ohh say a 4th of July present ? lol

    97. zecoxao
      06-29-2013
      05:55 AM
      97

      a couple more keys. https://dl.dropboxusercontent.com/u/35197530/stuff.zip

      inside you can find decrypted lv1ldr, scramble keysets and scramble keys for 365 370 411 firmwares. i'm gonna take care of the lv1ldr keys after i eat.

      edit:

      [lv1ldr]
      type=SELF
      revision=0000
      version=0003006500000000
      self_type=LV1
      erk=BD0621FA19383C3C72ECBC3B008F1CD55FFD7C3BB7510BF11AD0CF0FC2B70951
      riv=569AF3745E1E02E3E288273CDE244CD8
      pub=
      priv=
      ctype=

      [lv1ldr]
      type=SELF
      revision=0000
      version=0003007000000000
      self_type=LV1
      erk=41A6E0039041E9D8AAF4EF2F2A2971248EDBD96A3985611ED7B4CE73EE4804FE
      riv=C8C98D5A5CE23AF5607A352AECACB0DC
      pub=
      priv=
      ctype=

      [lv1ldr]
      type=SELF
      revision=0000
      version=0004001100000000
      self_type=LV1
      erk=557EDF6C063F3272B0D44EEC12F418DA774815B5415597CC5F75C21E048BAD74
      riv=7144D7574937818517826227EF4AC0B4
      pub=
      priv=
      ctype=

      [MENTION=100038]aldostools[/MENTION], i already checked them, but you can check them too if you wish

    98. NiceShot
      06-29-2013
      09:29 AM
      98

      All checked keys added to the wiki already

      Thanks

      ;D

    99. aldostools
      06-29-2013
      09:36 AM
      99

      Originally Posted by zecoxao
      [MENTION=100038]aldostools[/MENTION], i already checked them, but you can check them too if you wish
      Thanks for the new keys I checked them too and updated the keys file again

      There are still some missing keys for these fw versions (rvk, spp, lv0, isoldr revision 0x0100 for me_iso_for_ps2emu/sv_iso_for_ps2emu). These lastest ones for +4.2x are in the keys file, but they are not listed in the wiki

    100. zecoxao
      06-29-2013
      10:13 AM
      100

      Originally Posted by aldostools
      Thanks for the new keys I checked them too and updated the keys file again

      There are still some missing keys for these fw versions (rvk, spp, lv0, isoldr revision 0x0100 for me_iso_for_ps2emu/sv_iso_for_ps2emu). These lastest ones for +4.2x are in the keys file, but they are not listed in the wiki
      i'm pretty sure lv0 key is the same as bootldr key. as for the rest, i can put them on the wiki. oh, and some appldr keys are wrong on the wiki, we should change them

    101. aldostools
      06-29-2013
      10:19 AM
      101

      Originally Posted by zecoxao
      i'm pretty sure lv0 key is the same as bootldr key. as for the rest, i can put them on the wiki. oh, and some appldr keys are wrong on the wiki, we should change them
      Could you indicate which ones? Maybe I have them wrong too in the scetool's keys file

      PS. I tested decrypting lv0 of fw3.73 with the keys from [metldr], but they didn't work.

    102. zecoxao
      06-29-2013
      10:29 AM
      102

      Originally Posted by aldostools
      Could you indicate which ones? Maybe I have them wrong too in the scetool's keys file

      PS. I tested decrypting lv0 of fw3.73 with the keys from [metldr], but they didn't work.
      that's because your keys file is using the metldr internal keys. those are pretty much useless for everyone except devs. you should delete them and leave the retail keys only or save them in a separate place. and when i say metldr, i say the rest of the internal keys

      as for appldr check the keys here. https://dl.dropboxusercontent.com/u/35197530/appldr.txt

      iirc revision 0x11 is mismatched with revision 0x0c of app key for instance. there may be more mismatched keys.

      edit: nevermind about appldr, the keys listed on the wiki are correct.

    103. zecoxao
      06-29-2013
      07:30 PM
      103

      i just found the rest of the keys for rvk list and spp verifier. if someone would be kind enough to check them. they're on the wiki but i'm pretty sure they're the ones

    104. Abkarino
      07-01-2013
      03:17 AM
      104

      Originally Posted by JonahUK
      [MENTION=12453]Abkarino[/MENTION]

      Maybe peek & poke could be done via a pkg as it was originally done before CFW, it just won't be permanently patched.
      I think we can but the old peek and poke was added using the old jailbreak exploit and i think that patches applied even before lv1 hypervisor are loaded but applying it from pkg means that it will be applied after lv1 hypervisor start and i think that it will prevent it.
      ************* [ - Post Merged - ] *************
      Originally Posted by howieumd
      And 4.46? Or is that one already found and we're just waiting for an updated CFW from Rebug, Rogero, or whoever makes them at this point?

      So right now, you're just filling in the gaps more or less? Like if we had this info a year ago there could have been a CFW 4.11, or two years ago a CFW 3.70, to be installed over those who stayed on 3.55, similarly to how Rebug/Rogero 4.21 came out and each CFW since, up to 4.41 so far, that we have those keys for?
      This keys released by me are working fine with 4.46 Firmware and me and Rogero just started to make a newer version of his CFW, so you may find the Rogero's CFW 4.46 v1.00 soon here

    105. JonahUK
      07-01-2013
      03:49 AM
      105

      Originally Posted by Abkarino
      I think we can but the old peek and poke was added using the old jailbreak exploit and i think that patches applied even before lv1 hypervisor are loaded but applying it from pkg means that it will be applied after lv1 hypervisor start and i think that it will prevent it.
      P&P wasn't available in the original JB, PSGroove added syscalls 6 & 7 in version 1.1.
      Before Kmeaw released his 3.55 CFW, we had Wutangra(?) CFW where we had to run a pkg to enable p&p but the Hypervisor allowed it.

      But, all that is irrelevant if Rogero is working on a 4.46 CFW. Let's hope Rebug are doing it to.