[CaptainCPS-X]

Hey guys idk if this is possible but recently I been thinking about an idea of how could someone on OFW 3.56+ manage to install something that has been resigned now that we have many keys at our disposal.

I'm not gonna be very technical since I just wanted to share this idea so if anyone has the "skills" (lol) they could consider doing an exploit based on it.

The Idea is as follow:

- Remove the PS3 HDD running on OFW 3.56+
- Decrypt the PS3 HDD on a PC by using @Naehwert 's PS3HDD ( http://www.ps3hax.net/2012/08/naehrw...dd-encryption/ ) (some dev(s) was(were) experimenting with this some months ago, if I remember correctly)
- Modify the PS3 HDD contents and inject (if possible) a resigned application for that FW now that we have many keys (example: exploit app for OFW 4.21 / 4.30)
- Encrypt the PS3 HDD
- Place the PS3 HDD back in the PS3
- Exploit ? xD

If someone could confirm if this idea cannot be done, and knows why it cannot be done with facts, I will appreciate any information.

Maybe if this was possible, probably we could run some kind of application that allowed us to downgrade OFW or just install CFW, idk.

Maybe all this is just garbage xD and I'm just dreaming haha!

SeeYa!

[tjhooker73]

no.
We could use Kaka's Exploit to install the Apps, And The Appldr keys to get them to run I think, making a HEN is the Best idea.

[Goldeneye]

Originally Posted by tjhooker73 no. We could use Kaka's Exploit to install the Apps, And The Appldr keys to get them to run I think, making a HEN is the Best idea.

whatever happend to his HEN anyway?
he didn't start working on it after the keys got leaked, did he?

[zecoxao]

ps3_hdd poc works like this:
you get your per_console_key
you get the dumped sectors (aka an hdd dump) swaped with bswap16
you compile the app
you run it
voilá decrypted sectors. stick some kpartx from linux with ps3 patches from glevand and you can browse the insides of your hdd from linux like it was nothing.

i don't see any problem here, since 4.21.1 REX can run otheros++. but, the problem would be to swap the hdd, since that when we put the hdd of another console into a different one. it'll ask for format. or am i wrong here?

[luqi]

Originally Posted by zecoxao i don't see any problem here, since 4.21.1 REX can run otheros++. but, the problem would be to swap the hdd, since that when we put the hdd of another console into a different one. it'll ask for format. or am i wrong here?

youre right , if you put the hdd out and in it ask for format.

[carldenning]

thought i let u know ive tried homebrew signed for 4.31 cfw before on ofw 4.31 and 4.21 and they didnt boot . came up error cant rememeber the error code but its the same code as if u try to run a fself eboot on cfw

[alexsius]

It s interesting the problem is how to add a homebrew in the hdd (it should be signed with 3.55 keys but i think this is not a problem) i don't know if ps3 can check what is installed in the console...

[CaptainCPS-X]

Thanks for your informative posts guys! I just wanted to know if this was possible, but I see there are still complications.

Thanks to @zecoxao for the technical details too

SeeYa!

[zecoxao]

@carldenning they're bad-signed, it wouldn't work either ways because you'd need to know the private keys. since newer custom firmwares have the checks disabled , naturally they'd work on the cfw environment.

[pereb27]

Originally Posted by zecoxao ps3_hdd poc works like this: you get your per_console_key you get the dumped sectors (aka an hdd dump) swaped with bswap16 you compile the app you run it voilá decrypted sectors. stick some kpartx from linux with ps3 patches from glevand and you can browse the insides of your hdd from linux like it was nothing. i don't see any problem here, since 4.21.1 REX can run otheros++. but, the problem would be to swap the hdd, since that when we put the hdd of another console into a different one. it'll ask for format. or am i wrong here?

I do see a problem. You can't get your per console key on OFW.