[zecoxao]

Originally Posted by jarmster What are you talking about? Im confused...The eid4 from running libeeid is a decrypted dump. The 3dump.bin is exactly the same. The eEID_Dumper.pkg dumps the encrypted eid4. And from the wiki EID4 is of size 0x30 bytes: 0x0-0xf bytes = 1st key, 0x10-0x1f - 2nd key, 0x20-0x2f - CMAC-OMAC1 of EID4 so i dont follow your thinking

oooooooooooooooooooh, i see, so the ODE dumper package dumps the DEcrypted eid4, correct? now i understand. i was confused because i thought you said the eid4 ENcrypted was the same as 3Dump.bin.

then it's clarified xD

[haz367]

lol...lol.....


uhm..

Code:

eid4 offset 303A0 - 303CF full nordump

eid4 only:

first key = 0-f (key1?)
sec key = 20-2f omac hash(required just as cex2dex convert to calculate usin omac's)


now for 3dump.bin: (= encrypted eid4(0-2f)+eid_root_key(30-5f)

3dump.bin

offset 0-1f = match original full nordump = offset 303a0-303bf (encrypted eid4)
offset 20-2f = sec key = match full nordump-encrypted eid4 = omac hash key
offset 30-5f = root_key per console key (also required to calculate+omac hash... real bdkey?

then we have zecoxao's program, it gives an erro on eid3 of missing stuff but it dumps also an "eid4d.bin"

offset 0-1f = decrypted eid4?! >>omac hash is match original nordump/encrypted eid4/3Dump.bin
should be different..correct..?

where is the real per console bdkey in all this..must be missing some..

[jarmster]

k now i dont know.....im confused even more than i was before
i just compared the encrypted eid4 and its the same too.....lol

ok i think i undestand, i've confused which keys are decrypted in the libeeid folder.
There is 2 eid4 files in the eid folder. 1 is eid4d. This will be the decrypted key.
The other key (the eid4), will be the encrypted key. It matches the 3dump file, and so
it matches the encrypted Eid4 dump from the nathens Eeid_dumper.
The omac hash info is the same in both files but the keys are obviously different

My bad...lol....i hope that is clear....i guess that makes me wrong about the 3dump.bin being a decrypted dump
And if the 3dump app is supose to dump the rootkey out too,it didnt. The ps3 froze running this app aswell..maybe the app has issues.
Other people have said it froze up thier ps3...maybe its freezing when it tries to dump the rootkey....idk..:/

[zadow28]

Originally Posted by DEFAULTDNB Was @zadow28 s code for 1.00 or 1.02 of the ripper? Have they "crypted the crypter" in 1.02?

It was version 1.02 i puplished

[haz367]

Originally Posted by jarmster guess that makes me wrong about the 3dump.bin being a decrypted dump And if the 3dump app is supose to dump the rootkey out too

the 3kdumper worked alright on 3.55.4

it seems to dump (default) encrypted "EID4" + the eid_root_key and plus the OMAC1 Hash key, we are supposed to calculate anohter value(like cex2dex dex values/omac has)...then the eid4d.bin got 2 "decrypted" first lines, omac the same, are those the key's?...one day we will know...it's a little vaguonce again..the ps3 scene right..

[jarmster]

Originally Posted by haz367 then the eid4d.bin got 2 "decrypted" first lines, omac the same, are those the key's?...one day we will know..

i believe so...

[zadow28]

http://rghost.net/43464674 ripper manual
manual is only version 1.0 but was with the ripper version 1.02

[zecoxao]

if i had a hacked ps3 i'd know instantly what the hell is in that dump xD.
but it looks like @haz367 does know. you need the root key, plain and simple. it's not about auth, they can already do that provided they have the drive keys and the necessary hardware to accomplish that.

[jarmster]

i believe your right aswell.....
thats cheese...i already had the rootkey and the encrypted eid4 before they released their dumper...

[haz367]

right....its just eid4(u can find in original dump)+rootkey, with that u'll need to calculate or some...always getting a brainfart in the process.. and i have no hacked ps3's either xD

let's hope something good comes from this 3k3y ripper project..