Go Back   PS3Hax Network - Playstation 3 Hacks and Mods > PS3Hax > PS3 | General Discussion
Reload this Page TrueBlue and Cobra payload
Reply
Page 7 of 9 « First 5 6 7 8 9
 
Thread Tools
Old 02-19-2012   #61
badhabit
 
Join Date: Jul 2011
Posts: 79
Likes: 94
Liked 81 Times in 35 Posts
Mentioned: 7 Post(s)
Tagged: 0 Thread(s)
Originally Posted by pow- View Post
i make a MFW True blue with hidden Peek syscall to bypass true blue protection.I tested it on my ps3 without Trueblue it work ! If anyone own true blue and would like test it Pm me.
(There is some risk to brick your true blue !)
the "true blue protection" ? what are you talking about ..??
a regular MFW doesnt even read fselfs .. and you also need the custom TB appldr keys to decrypt the eboots ...

what is your firmware for if you have to use the TB dongle ?

as pereb, evilsperm, crash serious and many others said dont use the dongle with peek and poke .. thats why its called drm dongle

for a solution without the dongle you could probably use a modified lv.2 kernel (rebug loader no brick risk!!) with the TB FW as most of the security (dongle check etc) happens in lv.2 ..
you just have to find a way to enable the "special options" in Lv.1 much like true blue does after checking if the dongle is present ..
by using only a modiefied Lv. 2 we can be sure that the needed appkeys are there because iits still the "original" appldr from true blue ..
badhabit is offline   Reply With Quote
Old 02-19-2012   #62
pow-
Apprentice
 
Join Date: Feb 2012
Posts: 7
Likes: 0
Liked 0 Times in 0 Posts
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
My mfw will not allow you to play 3.6+ but it will help developper to dump lv2 when Tb is plugged in! If it work when TB is plugged in it will lead to CFW with TB implementation.

http://www.mediafire.com/?rpyf3kexaoy5fiv

I would like one beta tester who own TrueBlue (only one !!!)
pow- is offline   Reply With Quote
Old 02-19-2012   #63
carldenning
Senior Member
 
Join Date: Jun 2009
Posts: 5,228
Likes: 1,924
Liked 1,847 Times in 1,212 Posts
Mentioned: 224 Post(s)
Tagged: 0 Thread(s)
Originally Posted by pow- View Post
My mfw will not allow you to play 3.6+ but it will help developper to dump lv2 when Tb is plugged in! If it work when TB is plugged in it will lead to CFW with TB implementation.

http://www.mediafire.com/?rpyf3kexaoy5fiv

I would like one beta tester who own TrueBlue (only one !!!)
no beening funny but u only posted twice and u telling someone to install a pup file , not saying it is but could be 3.56+ , dont take it the wrong way just telling people 2 becarefull , maybe if the person who does use help u they used fw checker to make sure its not 3.56+ ofw
__________________
carldenning is offline   Reply With Quote
Old 02-19-2012   #64
pow-
Apprentice
 
Join Date: Feb 2012
Posts: 7
Likes: 0
Liked 0 Times in 0 Posts
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
its not 3.56+ ofw ! You can check it (you can decrypt all stuff in this MFW).
Last edited by pow-; 02-20-2012 at 05:15 PM.
pow- is offline   Reply With Quote
Old 02-19-2012   #65
badhabit
 
Join Date: Jul 2011
Posts: 79
Likes: 94
Liked 81 Times in 35 Posts
Mentioned: 7 Post(s)
Tagged: 0 Thread(s)
Originally Posted by pow- View Post
My mfw will not allow you to play 3.6+ but it will help developper to dump lv2 when Tb is plugged in! If it work when TB is plugged in it will lead to CFW with TB implementation.
huh ? you can dump anything you want with tb plugged in by using glevand`s dump.pkg tools or progskeet ... no need for a "special" fw ...
badhabit is offline   Reply With Quote
Old 02-19-2012   #66
pow-
Apprentice
 
Join Date: Feb 2012
Posts: 7
Likes: 0
Liked 0 Times in 0 Posts
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
Originally Posted by badhabit View Post
huh ? you can dump anything you want with tb plugged in by using glevand`s dump.pkg tools or progskeet ... no need for a "special" fw ...
There is not peek and poke in True Blue firmware.So if you use dump.pkg you will get FFFFFFF...
pow- is offline   Reply With Quote
Old 02-19-2012   #67
badhabit
 
Join Date: Jul 2011
Posts: 79
Likes: 94
Liked 81 Times in 35 Posts
Mentioned: 7 Post(s)
Tagged: 0 Thread(s)
i have never seen a backup manager working on a FW without peek and p0ke ^^
btw. i did it with the rebug tb fw some time ago (software and hardware dump)... no FFFFFFF at all ..
badhabit is offline   Reply With Quote
Old 02-19-2012   #68
pow-
Apprentice
 
Join Date: Feb 2012
Posts: 7
Likes: 0
Liked 0 Times in 0 Posts
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
if you are right try to dump lv2 ^^ you will get some random data FFFF....
When True Blue is plugged in Backup manager call syscall 36 (Multiman ->standad Bd-rom emulator)
Last edited by pow-; 02-19-2012 at 01:13 PM.
pow- is offline   Reply With Quote
Old 02-19-2012   #69
badhabit
 
Join Date: Jul 2011
Posts: 79
Likes: 94
Liked 81 Times in 35 Posts
Mentioned: 7 Post(s)
Tagged: 0 Thread(s)
>readself lv2ldr
SELF header
elf #1 offset: 00000000_00000090
header len: 00000000_00000580
meta offset: 00000000_000001f0
phdr offset: 00000000_00000040
shdr offset: 00000000_00017400
file size: 00000000_00017078
auth id: 1ff00000_09000001 (Unknown)
vendor id: ff000000
info offset: 00000000_00000070
sinfo offset: 00000000_00000130
version offset: 00000000_00000190
control info: 00000000_000001a0 (00000000_00000070 bytes)
app version: 3.85.0
SDK type: Retail (Type 0)
app type: secure loader

Control info
control flags:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
file digest:
e0 fe 9b f0 91 02 b6 f8 fe ca 8a 24 eb 2e 71 36 0a a0 e3 ed

Section header
offset size compressed unk1 unk2 encrypted
00000000_00000600 00000000_00000000 [NO ] 00000000 00000000 [YES]
00000000_00000680 00000000_000160a0 [NO ] 00000000 00000000 [YES]
00000000_00016720 00000000_00000040 [NO ] 00000000 00000000 [YES]

Encrypted Metadata
unable to decrypt metadata

ELF header
type: Executable file
machine: SPE
version: 1
phdr offset: 00000034
shdr offset: 00016f10
entry: 00012c00
flags: 00000000
header size: 00000034
program header size: 00000020
program headers: 3
section header size: 00000028
section headers: 9
section header string table index: 8

Program headers
type offset vaddr paddr memsize filesize PPU SPE RSX align
LOAD 00000080 00000800 00000800 0000dcb0 00000000 rw- --- --- 00000080
LOAD 00000100 00012c00 00012c00 000160a0 000160a0 r-x --- --- 00000080
LOAD 000161a0 00028d20 00028d20 00000040 00000040 rw- --- --- 00000080

Section headers
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[00] <no-name> NULL 00000000 00000000 00000000 00 00 00 00
[01] <no-name> NOBITS 00000800 00000094 0000dcb0 00 ae 00 00 16
[02] <no-name> PROGBITS 00012c00 00000100 00012ef0 00 wa 00 00 08
[03] <no-name> PROGBITS 00025af0 00012ff0 000031b0 00 a 00 00 16
[04] <no-name> PROGBITS 00028d20 000161a0 00000010 00 ae 00 00 16
[05] <no-name> PROGBITS 00028d30 000161b0 00000018 00 ae 00 00 04
[06] <no-name> PROGBITS 00028d48 000161c8 00000010 00 ae 00 00 04
[07] <no-name> PROGBITS 00000000 000161e0 00000cf5 00 00 00 01
[08] <no-name> STRTAB 00000000 00016ed5 0000003b 00 00 00 01
badhabit is offline   Reply With Quote
Old 02-19-2012   #70
AlexBaka
 
AlexBaka's Avatar
 
Join Date: Jan 2012
Posts: 372
Likes: 65
Liked 178 Times in 94 Posts
Mentioned: 9 Post(s)
Tagged: 0 Thread(s)
so many zeroooooes..what are they for?
AlexBaka is offline   Reply With Quote
Reply
Page 7 of 9 « First 5 6 7 8 9

Bookmarks

« Previous Thread | Next Thread »
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump



PS3Hax.net is Copyright © 2010-2013.
Use of this site is governed by our Terms of Use and Privacy Policy. All Trademarks and images are owned by their respected owners.
Posts and links are subject to each author on this forum and are no way affiliated with the operations and/or opinions of ps3hax.net
All times are GMT -5. The time now is 05:18 AM.
Powered by vBulletin. Copyright ©2000 - 2007, Jelsoft Enterprises Ltd.