[ryant001]

Originally Posted by baargle This isn't "interesting". It's a load of non specific mumbo jumbo.

Really interesting
Too bad that who wrote this "forgot" to tell us how are we supposed to dump and decrypt things using 4.21 since there is no peek and poke.

[doggie721]

Extract the 4.21 CEX pup, decrypt the files with PS3 4.21 DEX

Any Clue??

[GraVoX959]

Dump with flasher?
I seem to remember there being the option.

Sent from my GT-I9100 using Tapatalk 2

[ryant001]

Originally Posted by GraVoX959 Dump with flasher? I seem to remember there being the option. Sent from my GT-I9100 using Tapatalk 2

True but then how do you decrypt the files using 4.21 dex?

[GraVoX959]

Originally Posted by ryant001 True but then how do you decrypt the files using 4.21 dex?

Slide it in the front and yell decrypt?
That would be the first thing I'd try

Sent from my GT-I9100 using Tapatalk 2

[doggie721]

I ready unpack the CORE_OS_PACKAGE.pkg

http://www.mediafire.com/?bb8koam5e5rd868

If someone want to try!

[zadow28]

memdump wont work, memdump needs the peek/poke patches to function.

Also if you manage to get memdump to run, it goes into an infinity loop thats not so easy to recover from, so only run it if you are sure.
Also you have to make it an debug self the memdump tool to make it run.

Code:

source/main.c:main():#145 :: +===========================+
source/main.c:main():#146 :: |                           |
source/main.c:main():#147 :: |          memdump          |
source/main.c:main():#151 :: |                           |
source/main.c:main():#152 :: +===========================+
source/main.c:main():#153 ::
__gcm_config :: localAddress: 0xc0000000, ioAddress: 0x52200000, localS
ize: 0xea00000, ioSize: 0x2000000, memoryFrequency: 0x26be3680, coreFre
quency: 0x1dcd6500
source/patching.c:patchingInitialization():#45 :: initializing
source/patching.c:patchingInitialization():#60 :: create sync stuff
source/patching.c:patchingInitialization():#69 :: thread spawn
source/patching.c:patchingThread():#97 :: starting
source/patching.c:patchingThread():#105 :: thread create
source/patching.c:patchingThread():#111 :: thread waiting
source/patching.c:patchingWorker():#123 :: thread started, patching
libpatchutil/patchutil.c:patchutilInitialization():#65 :: patching and
testing
libpatchutil/syscallutil.c:syscall_test_lv2peek():#93 :: 0x0, av
ailable
libpatchutil/patchutil.c:patchutilInitialization():#76 :: lv2 peek sysc
all: 6
31mlibpatchutil/syscallutil.c:syscall_lv2_find_syscall_table():#398 ::
syscall table not found!, searched to: 0x8000000000400000
libpatchutil/syscallutil.c:syscall_test_lv2poke():#154 :: 0x0, a
vailable
libpatchutil/patchutil.c:patchutilInitialization():#89 :: lv2 poke sysc
all: 7
31mlibpatchutil/syscallutil.c:syscall_lv2_find_syscall_table():#398 ::
syscall table not found!, searched to: 0x8000000000400000
libpatchutil/syscallutil.c:syscall_lv2_find_syscall_table():#398 :: sys
call table not found!, searched to: 0x8000000000400000
libpatchutil/syscallutil.c:syscall_lv2_find_syscall_table():#398 :: sys
call table not found!, searched to: 0x8000000000400000
libpatchutil/syscallutil.c:syscall_lv1_peek():#884 :: ERROR: lv1_undocu
mented_function_114 returned: 0x8001000d
libpatchutil/syscallutil.c:syscall_lv2_find_syscall_table():#398 :: sys
call table not found!, searched to: 0x8000000000400000
libpatchutil/syscallutil.c:syscall_lv2_find_syscall_table():#398 :: sys
call table not found!, searched to: 0x8000000000400000
libpatchutil/syscallutil.c:syscall_lv1_poke():#934 :: ERROR: lv1_undocu
mented_function_114 returned: 0x8001000d
libpatchutil/syscallutil.c:syscall_lv2_find_syscall_table():#398 :: sys
call table not found!, searched to: 0x8000000000400000
libpatchutil/syscallutil.c:syscall_test_hvcall114():#206 :: 0x0,
 available
libpatchutil/patchutil.c:patchutilInitialization():#102 :: lv2 hvcall s
yscall: 813
31mlibpatchutil/syscallutil.c:syscall_lv2_find_syscall_table():#398 ::
syscall table not found!, searched to: 0x8000000000400000
libpatchutil/syscallutil.c:syscall_lv1_peek():#884 :: ERROR: lv1_undocu
mented_function_114 returned: 0x8001000d
libpatchutil/patchutil.c:patchutilInitialization():#109 :: ERROR: get c
onsole type returned: 0x80010003
libpatchutil/fwutil.c:firmwareGetVersion():#412 :: using LV1 ver
sion info: -2147418099
libpatchutil/patchutil.c:patchutilInitialization():#118 :: WARNING: fir
mware version not supported: 0x8001000d, results may vary.
libpatchutil/patchutil.c:patchutilInitialization():#127 :: firmware ver
sion detected: 0x8001000d (-2147418099), spoof: true, spoofed version:
0xffffffff (-1), type: false
libpatchutil/lv1_peek_poke.c:patch_lv1_peek_poke_call():#360 :: patchin
g lv1 peek/poke/call
libpatchutil/lv1_peek_poke.c:poke_lv1_peek():#54 :: poking lv1 peek
31mlibpatchutil/syscallutil.c:syscall_lv2_find_syscall_table():#398 ::
syscall table not found!, searched to: 0x8000000000400000
libpatchutil/syscallutil.c:syscall_lv2_find_syscall_table():#398 :: sys
call table not found!, searched to: 0x8000000000400000
libpatchutil/syscallutil.c:syscall_lv2_find_syscall_table():#398 :: sys
call table not found!, searched to: 0x8000000000400000
libpatchutil/syscallutil.c:syscall_lv1_poke():#934 :: ERROR: lv1_undocu
mented_function_114 returned: 0x8001000d
libpatchutil/syscallutil.c:syscall_lv2_find_syscall_table():#398 :: sys
call table not found!, searched to: 0x8000000000400000
libpatchutil/syscallutil.c:syscall_lv2_find_syscall_table():#398 :: sys
call table not found!, searched to: 0x8000000000400000
libpatchutil/syscallutil.c:syscall_lv1_poke():#934 :: ERROR: lv1_undocu
mented_function_114 returned: 0x8001000d
libpatchutil/syscallutil.c:syscall_lv2_find_syscall_table():#398 :: sys
call table not found!, searched to: 0x8000000000400000
libpatchutil/syscallutil.c:syscall_lv2_find_syscall_table():#398 :: sys
call table not found!, searched to: 0x8000000000400000
libpatchutil/syscallutil.c:syscall_lv1_peek():#884 :: ERROR: lv1_undocu
mented_function_114 returned: 0x8001000d

and so on and on.

If interested here are the syscalls i found in the lv2_kernel from 3.60.

http://pastie.org/4824915

[falloutsux]

i dunno what all that text means, but it looks bad

[haz367]

just tryed dumping lv1/lv2 using multiman on 421dex, it dumps but all zero's for lv2 and lv1 isn't correct either, flasher here we go...extracted coreos 421 ready

decrypt using 421dex means running each self in debuggermode+log, then something is decrypted along the way?!

nice info, we need more :P
thx!

[uncharted angel]

method of decrypt is important that he Did't reveal