[ryant001]

Originally Posted by GraVoX959 The method without flasher/dual nor is hard.. takes a skilled individual to do Sent from my GT-I9100 using Tapatalk 2

As long as the instructions are clear enough i wouldn't mind to try something that needs a little more skills for a change.
I prefer to learn and try something until i get it right over forking over money for something that usually i wouldn't need.

[An_FiS]

you could get bootldr to hang with the wrong version of lv0.self in a 3.55 firmware..you can do this with a cex unit but with a dex unit you have more options but a duel nand/nor with a cex would also do the job.. the metadata exploit would work with bootldr as its very similar to metldr you just have to play with the offsets but the sce headers are all in the same offsets for all selfs i believe..so if you put in a huge header beyond what the ps3 is supposed to handle it hangs and you get an error dump... THEN you can get the proper entry points or offsets to pull off a bootldr exploit like the metldr exploit... with that you get the decrypted header, you have the key to decrypt the rest of the bootldr. Here you go, you have your decrypted signature.

and are now able to decrypt bootldr

this exploit will give you the missing offsets to pull off the metldr exploit on bootldr maybe more IDK
I think if you use a higher firmware version of lv0 into a 3.55 firmware it may give you more offset dumping and errors because it tries to access thing that are not there IDK

[cfwprpht]

The problem which i have with this theory is:

If you crash the console and need to reboot (regardless if you boot from orig flash or dual flash) everything get reseted and re-executed. So from that point of view after re-boot and booting the second flash you will loos that part you want to dump.

[JustThatDude]

Originally Posted by cfwprpht The problem which i have with this theory is: If you crash the console and need to reboot (regardless if you boot from orig flash or dual flash) everything get reseted and re-executed. So from that point of view after re-boot and booting the second flash you will loos that part you want to dump.

Well guess who can decrypt our Hard Drives with out Per Console Info? We can!! I believe either @euss did this or nawhert did (sorry if I spelt nawhert wrong haven't really followed his name in the scene because he isn't that well known). Anyway back on topic I'm sure who would share his method on decrypting the HDD.

[An_FiS]

Originally Posted by cfwprpht The problem which i have with this theory is: If you crash the console and need to reboot (regardless if you boot from orig flash or dual flash) everything get reseted and re-executed. So from that point of view after re-boot and booting the second flash you will loos that part you want to dump.

with a dex unit in dev boot mode doesn't it save a crash log/dump file even after a reboot?

[cfwprpht]

Nope ^^

Finally after 16 pages we have the question i waited for. Im sry don't hate me but you guys mix something up.

Yes you can do a core dump but that you also can do in system software or release mode not only in debugger mode.

Then the core dump only save the CORE of the game and the loaded correspotending sprx's like liblv2, liblv2coredump ect., ect.,. But you wont find any other fw file like lv1, lv2 or bootldr in it.

Bootldr run in isolated mode and is stored in local store of the spu. Just think guys,...after reseting the con isolated spu get cleared and bootldr reloaded and re-executed aspecially after a crash which make's the con unuseable.

If you now think i or neahrwert or any other is fooling you do you home work about the ps3 and how she works and at the end you will see that this can not work.

[An_FiS]

bluedick or bluedisc got it to work they resigned lv0? unless you pwn bootldr you cant resign lv0

also 3k3y just released their key dumper pkg 50 mins ago and sony just released 4.30
so bluedisc people already have to pay for an upgrade...lol

[cfwprpht]

If you need a crash on bootup on a dex just take a BD-Emu usb stick and set the con to BD-Emu. Turn off, put the usb stick in the ps3 and bootup. If it doesn't hang trie it a few times. Im sure that for 5 tries it will minimum hang one time.

[An_FiS]

Originally Posted by cfwprpht Nope ^^ Finally after 16 pages we have the question i waited for. Im sry don't hate me but you guys mix something up. Yes you can do a core dump but that you also can do in system software or release mode not only in debugger mode. Then the core dump only save the CORE of the game and the loaded correspotending sprx's like liblv2, liblv2coredump ect., ect.,. But you wont find any other fw file like lv1, lv2 or bootldr in it. Bootldr run in isolated mode and is stored in local store of the spu. Just think guys,...after reseting the con isolated spu get cleared and bootldr reloaded and re-executed aspecially after a crash which make's the con unuseable. If you now think i or neahrwert or any other is fooling you do you home work about the ps3 and how she works and at the end you will see that this can not work.

so even if a group did this exploit and added a small power pack to the nand/nor to keep memory after the reboot the dump would still be cleared from ram?

[JustThatDude]

Originally Posted by cfwprpht Nope ^^ Finally after 16 pages we have the question i waited for. Im sry don't hate me but you guys mix something up. Yes you can do a core dump but that you also can do in system software or release mode not only in debugger mode. Then the core dump only save the CORE of the game and the loaded correspotending sprx's like liblv2, liblv2coredump ect., ect.,. But you wont find any other fw file like lv1, lv2 or bootldr in it. Bootldr run in isolated mode and is stored in local store of the spu. Just think guys,...after reseting the con isolated spu get cleared and bootldr reloaded and re-executed aspecially after a crash which make's the con unuseable. If you now think i or neahrwert or any other is fooling you do you home work about the ps3 and how she works and at the end you will see that this can not work.

Yeah but then we have the ability to decrypt our HDD anyway I am going to bed its 11:30 and I have school tomorrow... Deuces