Yesterday was a rollercoaster. First, we have been terribly shot with the release news of Flukes1 patching of lv2 with the peek/poke on the 3.55 CFW only to find out that the backups, peek poke in the patch are bugged with some issues. Some serious issues that is which they working for it last night with Dean of multiMAN fame.
Then, they found out about geohot’s anti lv2 patching which disrupted whatever they are doing on the lv2 of PS3 security. It is quite expected after what Geohot has mentioned about the lv2 all this time. Afterward, Mathieulh came to help to share some info about the PS3 security, then we had to bear a needless drama from him that makes him leaving without further help. Moment later, we heard about Hermes wanting to help. Nothing heard about that since then. In the end, Flukes1 ends the game unsuccessfully and promised to look on the lv1 next.
Well, what we can conclude from this is that, the previous patched PUP that is reportedly should be working with backups and the homebrews with peek poke syscalls are useless after all. So, i had to take a hard lesson from all of this and had to confirm myself if Flukes1 & Co. ever come up with the new PUP. Which they possibly should considering the situation they are facing. Let’s just hope that will be the final one.
< @geohot> if you have a good reason…
< @geohot> my anti lv2 patching isn’t just anti piracy
< @flukes1> 0×8000000000332980 -> 0x8000000000464d60 loaded as rw
< @flukes1> if thats enforced, it makes things more difficult
< +Mathieulh> so yeah the best sc to use are 200/201
< +Mathieulh> though I have to check if they didn’t somehow implement them in 3.55
< +Mathieulh> if you have him though, you could add some peek and poke hypercalls to lv1 while you are at it xD
< +Mathieulh> yes dev_usb000 would work but that’s just one restriction, now I am going to stop talking about it cause it’ll piss flukes1 otherwise
< +Mathieulh> and it’s not like it’s my chan (or many people talk in it right now xD)
< @flukes1> i’m not saying it to be a dick, just want to keep this channel focused on 1 thing at a time
< +Mathieulh> they wouldn’t want some lamer at sony to actually encrypt a lv2 with control flags allowing hackers like us to pwn it eh ? xD
< +BazGee> http://pastie.org/1446598
< +Mathieulh> BazGee
< +Mathieulh> here is the whole thing
< +Mathieulh> http://pastie.org/1446610
< @flukes1> shut the **** up please
< @flukes1> take the drama elsewhere
< +Mathieulh> he started it and he is pissing me off
< +Mathieulh> I am half hesitating to leave that chan already because he has voice on it
< +Mathieulh> well niak as long as this ******bag can speak here I am off that chan, later…
< @evilsperm> krosk� Hermes wants to help flukes1, but he won’t get in on the chan. https://github.com/hermesEOL < - his web, he's asking to flukes1 to leave a comment
<@netkas> flukes1, there could be some help on peek/poke https://github.com/hermesEOL
< @flukes1> ive been getting spammed about hermes for the past hour
< @flukes1> its not lv1_shutdown_logical_partition
< @flukes1> we just need to figure out which one is causing the shutdown
< +ps3sx> flukes1 try to send me LV2 kernel i will add all jailbreak patch correctely and send you back the files
< +c0de90e7> flukes1: this maybe obvious but it cannot be comparing original self file data to the in mem
< @flukes1> well no
< @flukes1> it must compute the hash when the self is loaded
< @flukes1> it must hash itself on startup
< @flukes1> that or lv1 is responsible
< @flukes1> i think we should be looking at hvcalls
< @flukes1> we know any shutdown has to go through hv
< @flukes1> i am pretty sure that lv1_write_virtual_uart is whats causing the shutdown
< @flukes1> 16bd8 = hvsc instruction which causes shutdown
< @flukes1> time for sleep
< @flukes1> tomorrow we patch peek/poke into lv1
News
VIA DUKIOdotCOM
