Introducing PL3 and 3.01 Firmware News - PS3Hax Network

GregoryRasputin · 09-29-2010

KaKaRoTo via his blog has announced PL3 and that he is working on implementing PSGroove on firmwares between 3.01 and 3.15, this is what he said:

I?ll announce two things, first, let?s talk about PL3.. PL3 is a new project I started in order to have a common repository of payloads that can be used by any ?jailbreak? implementation. I got tired of copying payloads from PSGroove, and I had some nice changes in mine that I thought the PSGroove project could benefit from, so I thought I?d create a single repository that both projects, PSFreedom and PSGroove (or any other similar projects) could use.

You can find it in github, so don?t hesitate to submodule it and use it.

Second important news? I?ve bought a new PS3 just for homebrew. Thanks to all who donated money so I can buy it (I didn?t get enough donations to pay for it, but enough to help me). I bought this PS3 used and it came with firmware 3.01! This is good and bad news : I can?t use PSFreedom to jailbreak it, so i?ve put on hold any improvements for it, however, it will allow me to actually port PSFreedom to older firmwares! My plan is to get the jailbreak working on 3.01, then move on to 3.10 and 3.15 (depending on how hard it is, i might skip 3.10).

Another good news is that after 4 days of work, I was finally able to dump the LV2 memory from the 3.01 firmware, and now all that remains is to find the right offsets to patch, and port PSFreedom to 3.01, so all those who are still using this firmware version, you will soon be able to jailbreak it! Once I?m done with that, I?ll try to do the same with the 3.10/3.15 firmware versions!

To dump LV2, I used a trick and algorithms found by marcan42, so big thanks goes to him, as well as many other people who helped me out, RichDevX and Aaron in particular. I used RichDevX?s idea of ignoring the JIG and bruteforcing the address in which the port1 descriptor gets stored until I get a hit, then use that payload to dump lv2, then find the right JIG offset for that particular firmware from the dump. Marcan?s trick was to send the data through the ethernet cable by using LV1 only hypercalls, and it worked!

Now the latest git version of PL3 has a new ?dump_lv2? payload which you can use, it is firmware independent, and only uses LV1 hypercalls, so it should just work? It will dump all the lv2 memory through ethernet, so fire up wireshark, save the dump to a .pcap file, and use the tool in PL3/tools to extract the memory dump from the .pcap file.

In other news, I will soon upload to Ps3utils an .idc script that will search and find the syscall table, and correctly resolve all of its functions and name them properly.. maybe even have it automatically find all functions of a dump in order to save time creating procs in IDA. I?ll let you know once I?m done with it.

KaKaRoTo

Source Download PL3 Via Github Just a note, ps3hax.net are not associated nor hold responsibility with files hosted off forum, you download at your own risk.

Acci · 09-29-2010

sounds promesing

itdario · 09-29-2010

O_O coooll

whitelightnig · 09-29-2010

haha, "ps3hax.net are not associated nor hold responsibility with files hosted off forum". scared of sony calling you to court huh?

GregoryRasputin · 09-29-2010

Originally Posted by whitelightnig

haha, "ps3hax.net are not associated nor hold responsibility with files hosted off forum". scared of sony calling you to court huh?

No but there is nothing wrong with being careful, also telling people to be careful when downloading files not from the forum, has nothing to do with Sony.

Also, stay on topic in future.

YungClipze · 09-29-2010

Now People Who Didn't Update Can Join In On The Fun Too xD.

Bassflower · 09-29-2010

Yeah just in time...was thinking of killing my other os with an update to 3.41 on my Third PS3....One for online, one for Jailbreak and One for other os is One WITHOUT jailbreak to much ;-)

TheRealChicken · 09-29-2010

he better should try to port it to fw 3.50+

J-panic · 09-29-2010

Nice Idea but i think it is better to make a Firmware 3.40 with linux support.

0amadeus0 · 09-29-2010

Originally Posted by TheRealChicken

he better should try to port it to fw 3.50+

It's up to him what he does.
Sony closed the hole after 3.41 anyway so probably isn't possible at this stage.

Originally Posted by J-panic

Nice Idea but i think it is better to make a Firmware 3.40 with linux support.

You're asking for a custom firmware. Thats not what he's working on.

Why not just say "well done mate for all your hard work" instead of telling him what he should do?

09-29-2010	#1
GregoryRasputin Join Date: Jan 2008 Posts: 14,481 Likes: 8,219 Liked 14,604 Times in 5,595 Posts Mentioned: 1327 Post(s) Tagged: 3 Thread(s)	Introducing PL3 and 3.01 Firmware News KaKaRoTo via his blog has announced PL3 and that he is working on implementing PSGroove on firmwares between 3.01 and 3.15, this is what he said: I?ll announce two things, first, let?s talk about PL3.. PL3 is a new project I started in order to have a common repository of payloads that can be used by any ?jailbreak? implementation. I got tired of copying payloads from PSGroove, and I had some nice changes in mine that I thought the PSGroove project could benefit from, so I thought I?d create a single repository that both projects, PSFreedom and PSGroove (or any other similar projects) could use. You can find it in github, so don?t hesitate to submodule it and use it. Second important news? I?ve bought a new PS3 just for homebrew. Thanks to all who donated money so I can buy it (I didn?t get enough donations to pay for it, but enough to help me). I bought this PS3 used and it came with firmware 3.01! This is good and bad news : I can?t use PSFreedom to jailbreak it, so i?ve put on hold any improvements for it, however, it will allow me to actually port PSFreedom to older firmwares! My plan is to get the jailbreak working on 3.01, then move on to 3.10 and 3.15 (depending on how hard it is, i might skip 3.10). Another good news is that after 4 days of work, I was finally able to dump the LV2 memory from the 3.01 firmware, and now all that remains is to find the right offsets to patch, and port PSFreedom to 3.01, so all those who are still using this firmware version, you will soon be able to jailbreak it! Once I?m done with that, I?ll try to do the same with the 3.10/3.15 firmware versions! To dump LV2, I used a trick and algorithms found by marcan42, so big thanks goes to him, as well as many other people who helped me out, RichDevX and Aaron in particular. I used RichDevX?s idea of ignoring the JIG and bruteforcing the address in which the port1 descriptor gets stored until I get a hit, then use that payload to dump lv2, then find the right JIG offset for that particular firmware from the dump. Marcan?s trick was to send the data through the ethernet cable by using LV1 only hypercalls, and it worked! Now the latest git version of PL3 has a new ?dump_lv2? payload which you can use, it is firmware independent, and only uses LV1 hypercalls, so it should just work? It will dump all the lv2 memory through ethernet, so fire up wireshark, save the dump to a .pcap file, and use the tool in PL3/tools to extract the memory dump from the .pcap file. In other news, I will soon upload to Ps3utils an .idc script that will search and find the syscall table, and correctly resolve all of its functions and name them properly.. maybe even have it automatically find all functions of a dump in order to save time creating procs in IDA. I?ll let you know once I?m done with it. KaKaRoTo Source Download PL3 Via Github Just a note, ps3hax.net are not associated nor hold responsibility with files hosted off forum, you download at your own risk. __________________ ★☆Click For Live Help On PS3HaX IRC☆★ ★☆Forum Rules☆★ ★☆Console Histories☆★ ★☆F.A.Q - Complete PS3 Help☆★ PS3 Dev Wiki Vita Dev Wiki TransAMGrafx Are Scam Artists(G+ Group) http://about.me/GregoryRasputin KOTD Store(Battle Rap) Last edited by GregoryRasputin; 09-29-2010 at 04:30 AM.

09-29-2010	#6
YungClipze Member Join Date: Sep 2010 Location: On A Different Planet :). Posts: 90 Likes: 19 Liked 3 Times in 3 Posts Mentioned: 0 Post(s) Tagged: 0 Thread(s)	Great! Now People Who Didn't Update Can Join In On The Fun Too xD.

09-29-2010	#9
J-panic Apprentice Join Date: Mar 2008 Posts: 15 Likes: 2 Liked 1 Time in 1 Post Mentioned: 2 Post(s) Tagged: 0 Thread(s)	...... Nice Idea but i think it is better to make a Firmware 3.40 with linux support.

		PS3Hax Network - Playstation 3 Hacks and Mods > News > PS3Hax News
Introducing PL3 and 3.01 Firmware News

09-29-2010	#2
Acci Apprentice Join Date: Sep 2010 Posts: 3 Likes: 0 Liked 0 Times in 0 Posts Mentioned: 0 Post(s) Tagged: 0 Thread(s)	sounds promesing

09-29-2010	#3
itdario Apprentice Join Date: Aug 2010 Location: manhattan newyork Posts: 10 Likes: 0 Liked 0 Times in 0 Posts Mentioned: 0 Post(s) Tagged: 0 Thread(s)	O_O coooll

09-29-2010	#4
whitelightnig Apprentice Join Date: Aug 2007 Posts: 12 Likes: 1 Liked 0 Times in 0 Posts Mentioned: 0 Post(s) Tagged: 0 Thread(s)	haha, "ps3hax.net are not associated nor hold responsibility with files hosted off forum". scared of sony calling you to court huh?

09-29-2010	#7
Bassflower Member Join Date: Feb 2008 Posts: 38 Likes: 0 Liked 22 Times in 10 Posts Mentioned: 3 Post(s) Tagged: 0 Thread(s)	Yeah just in time...was thinking of killing my other os with an update to 3.41 on my Third PS3....One for online, one for Jailbreak and One for other os is One WITHOUT jailbreak to much ;-)

09-29-2010	#8
TheRealChicken Apprentice Join Date: Sep 2010 Posts: 20 Likes: 0 Liked 1 Time in 1 Post Mentioned: 0 Post(s) Tagged: 0 Thread(s)	he better should try to port it to fw 3.50+

User Name		Remember Me?
Password