Ps3 4.00 exploit. - PS3Hax Network

PsDev · 01-24-2012

the topic revolves around a possible PS3 4.0 exploit, and the theory around it. This is information that I would like to share with the scene, in hopes of change and overcoming the current barriers to jailbreaking the PS3 console. Feedback welcomed, as I has put a lot of thought and time into this theory.

There has been information available for quite some time. and I took it, thought about it, researched and experimented and I come out with my theory below to exploit 4.00 part of the way. This is not a random theory to, this is logical stuff and true facts. I'm providing this info for other devs to look at and lets see if this can work. I don't keep my work to my self, I like to share in give other people chances in discovering stuff. It always makes me happy when someone finds something out using my work, it just tells me I did a good job in describing and helping and they did a good job in listening and learning the material in order to trigger the exploit or whatever it might be.

So the lv2ldr verifys decrypts the lv2_kernal.self. we can get the address of this happening. inside Parameters Layout there are arguments, they are used as commands basically to load a function you want to use. they start in the lv2 @ 0x3E800(seems to be same for other ldrs) that address. There is a argument that is called lv2_in and lv2_out (we have know about these) basically we can use lv2_in to map out the address and lv2_out to map out the address for where the lv2ldr decryptes the self file. We can make a program like readself basically and get the offset, u8* means read one byte from the address. use that and we can actually be get the exact offset where it all happens at. once we have the location grabbing this decrypted self should be the easy task. Like I said some info we had and some we did not know about can be obtained like this and used to get keys.
exploiting 4.00 with this method would work most likely because I doubt sony changed all the locations where the loaders do there thing, sure there encapsulated in the bootloader but they still pass over into the ram at one point before being fed over to the metldr which loads ldrs and if all that is still happening then Sony didn't change nothing

So other devs I post this possible exploit I found here for you to experiment with and get some where with 4.00. You can follow me on twitter @ https://twitter.com/#!/RealPsDev

Thanks bye.

mcmrc1 · 01-24-2012

Unfortunately iam no developer

... hope this is something interessting for the scene :D

PsDev · 01-24-2012

Originally Posted by mcmrc1

Unfortunately iam no developer ... hope this is something interessting for the scene :D

I on my opinion thinks this will work. I'm 85% sure

mcmrc1 · 01-24-2012

I hope so

and thanks for your work !

landon · 01-24-2012

Thanks for sharing

calo · 01-24-2012

cool, hopefully this is the theory for the ps3 users,
who want to use there product, for what they want to do.

PsDev · 01-24-2012

Originally Posted by landon

Thanks for sharing

No problem

. I know one other exploit that I was told yesterday, but I am not posting it because the source is a guy that came out of no where so until it's proven and or has some type of proof more then just telling me very little about it, I will not release in public

V6ser · 01-24-2012

Come on progskeet!!

You are late to arrive at Psdev's house.

Sent from my MadTeam Galaxy 5
using Tapatalk

PsDev · 01-24-2012

Originally Posted by hyztname

Come on progskeet!!

You are late to arrive at Psdev's house.

Sent from my MadTeam Galaxy 5
using Tapatalk

Lol I was told it was shipped Thursday or Friday so it will be here tomorrow, Thursday, Friday or Saturday at latest.

V6ser · 01-24-2012

Originally Posted by EmBoLa.be

great news, i think if every dev her are willing to stick there heads together then we would have an exploit in a month or so,
including
@samson
@JuanNadie
@EXE.trim.ALL
@PsDev
@DeViL303
@deank
@CrashSerious
@ps3hen
@euss
@mallory
and the rest i forgot

Okay, Euss keeps the psdevwiki alive, I know.

But do you really think he will release something to the scene?

He just post explanations of what the Developers says,

He is like a translator for noobs or news to the scene understand.

I'm not saying he is useless or he is not good.

Some people started developing with his explanations.

But he will not release anything new I think.

And Wow! You really forgot kakaroto?

Sent from my MadTeam Galaxy 5
using Tapatalk

01-24-2012	#2
mcmrc1 Member Join Date: Jan 2011 Location: Gliese 581g Posts: 613 Likes: 531 Liked 346 Times in 176 Posts Mentioned: 17 Post(s) Tagged: 0 Thread(s)	Unfortunately iam no developer ... hope this is something interessting for the scene :D __________________

01-24-2012	#4
mcmrc1 Member Join Date: Jan 2011 Location: Gliese 581g Posts: 613 Likes: 531 Liked 346 Times in 176 Posts Mentioned: 17 Post(s) Tagged: 0 Thread(s)	I hope so and thanks for your work ! __________________

		PS3Hax Network - Playstation 3 Hacks and Mods > PS3Hax > PS3 \| Jailbreak & Custom Firmware
Ps3 4.00 exploit.

01-24-2012	#5
landon Member Join Date: Oct 2011 Posts: 207 Likes: 125 Liked 39 Times in 34 Posts Mentioned: 14 Post(s) Tagged: 0 Thread(s)	Thanks for sharing

01-24-2012	#6
calo Member Join Date: Feb 2011 Location: Dublin Posts: 165 Likes: 44 Liked 59 Times in 40 Posts Mentioned: 11 Post(s) Tagged: 0 Thread(s)	cool, hopefully this is the theory for the ps3 users, who want to use there product, for what they want to do.

User Name		Remember Me?
Password