HOw to dump the lv0 - Page 6 - PS3Hax Network

autechre · 12-03-2011

Originally Posted by munky875821417

there are data sheets of the ram

I see, then it would be a "live feed" dump, so to speak ?

mcmrc1 · 12-03-2011

he spoke in the beginning that "lv0 has been copy the ldrs to the Ram" and then "Now if you use a kernal module you can map out the ps3 real memory" maybe nothing interesst but what is the difference between Ram and real memory ?

autechre · 12-03-2011

Originally Posted by mcmrc1

he spoke in the beginning that "lv0 has been copy the ldrs to the Ram" and then "Now if you use a kernal module you can map out the ps3 real memory" maybe nothing interesst but what is the difference between Ram and real memory ?

As far as I know real memory would be RAM. And if you use a module then would you have to connect the linux box running the module to the RAM dumping hardware ?

landon · 12-03-2011

The big question still, who will do that ??? who has all the necessary software/hardware to make this possible ?? then after that who had the courage to share the 3.6+/3.7+ keys with "the poor" PS3 scene ??

After all, thank you so much RealPsDev

V6ser · 12-03-2011

Originally Posted by landon

The big question still, who will do that ??? who has all the necessary software/hardware to make this possible ?? then after that who had the courage to share the 3.6+/3.7+ keys with "the poor" PS3 scene ??

After all, thank you so much RealPsDev

A lot of persons have these software/hardware to do that.

We need a person with skills, like @PsDev

munky875821417 · 12-03-2011

anyone want to help me out with binary2elf thing?? I have some tools my output file keeps coming out weird. I think I need to align the hex.

V6ser · 12-03-2011

Originally Posted by munky875821417

anyone want to help me out with binary2elf thing?? I have some tools my output file keeps coming out weird. I think I need to align the hex.

put this tools for download and i see if i can do something

TizzyT · 12-03-2011

Originally Posted by pereb27

@TizzyT something is wrong in what you said.
Hypervisor is lv1 and is loaded by metldr, lv0 has even highber privileges than hypervisor and I don't think compromising lv1 is enough to get lv0 access. And since lv1 is loaded by metldr, lv1 cannot load metldr, lv0 does that.
Also the CPU is obviously initialized before bootldr is loaded, if it wasn't what would process it?

Yes I do realize that lv0 is higher then hyper-visor I was saying that compromising lv1 would even go before using a kernel just as an example. Exactly compromising just lv1 isn't going to, and that exactly what I'm trying to make a point out of. So like you said lv1 cannot get lv0 access so according to his method how did he get a kernel to get lv0 access when kernel is on lv2.

Also the CPU is obviously initialized before bootldr is loaded, if it wasn't what would process it?

I guess I worded that wrong, it starts off getting the cpu, then getting a spu from the cpu to load metldr. But before all of this even before bootldr the ondie-bootROM is first to get accessed and gets instruction from there first.

Newtown · 12-03-2011

try to dump the PS3 RAM at offset 0x11000, dump about 60k, and look what you have(encripted) no complication

by psn_hypervisor

TizzyT · 12-03-2011

Originally Posted by PsDev

Sorry i fell asleep I am a human. But you did not ready very well cause the ps3 is the one the copys all the ldrs into the ram before feeding them to the metldr we dont need the lvokey to dump the lv0 we can do this. you use a kernal MODULE to map out the real memory of the ps3 so we can dump the ram you dont use a kernal to copy the ldrs into the ram that is done. you have to get these loaders from a ram with dual nor and you may need a signed lv1 still. But once you map out the real memory by all mean dumping the ram is the next step and once that done you have the keys basically. but as of know the lv0 has all they keys into it as a ppu binary. Side note- The lv0 is not perconsle encrypted and can be updated. The lv0 also is decrypted by the bootldr as mentioned in my thread. if your a commen user messing with all this could result in a ylod/brick + sorry for spelling grammer ect: i was typing fast and hurrying

Is said kernel module already made??? or does it already exist??? did you make it??? Hmm if the loaders are already in ram but haven't touched metldr yet doesn't that mean the the loaders in ram are still encrypted???
Sorry I have a lot of questions (and not all good ones lol).

12-03-2011	#56
munky875821417 Member Join Date: Jun 2011 Posts: 203 Likes: 34 Liked 87 Times in 40 Posts Mentioned: 6 Post(s) Tagged: 0 Thread(s)	anyone want to help me out with binary2elf thing?? I have some tools my output file keeps coming out weird. I think I need to align the hex. __________________

		PS3Hax Network - Playstation 3 Hacks and Mods > PS3 Support and Tutorials > PS3 \| Tutorials > PS3 Jailbreak and CFW Tutorials
HOw to dump the lv0

12-03-2011	#52
mcmrc1 Member Join Date: Jan 2011 Location: Gliese 581g Posts: 613 Likes: 531 Liked 346 Times in 176 Posts Mentioned: 17 Post(s) Tagged: 0 Thread(s)	he spoke in the beginning that "lv0 has been copy the ldrs to the Ram" and then "Now if you use a kernal module you can map out the ps3 real memory" maybe nothing interesst but what is the difference between Ram and real memory ?

12-03-2011	#54
landon Member Join Date: Oct 2011 Posts: 207 Likes: 125 Liked 39 Times in 34 Posts Mentioned: 14 Post(s) Tagged: 0 Thread(s)	The big question still, who will do that ??? who has all the necessary software/hardware to make this possible ?? then after that who had the courage to share the 3.6+/3.7+ keys with "the poor" PS3 scene ?? After all, thank you so much RealPsDev

User Name		Remember Me?
Password