Alright we have been hearing about JFW-DH for a while now and a lot of speculation has been going on.  Well very soon it will be in a beta form for testers.  How do you get to be a tester, well you have to be a Demon friend on DH.org and meet the requirements for the group your ps3 falls into.  The return of online will be the openpsTore which is where you will be able to find and download homebrew for your ps3.  Also it looks like people will have to wait until October, if you don’t qualify to be a beta tester,  because they have said if the beta gets leak they will brick the tester who leaked it and anyone who is not a tester using it. The anti leak measure will not be in the final release. Also do not trust any leaked beta’s you find.

Quote from DH.org:

Hello friends of the Community DHorg, we know the impatience of many to JFW-DH.Teneis expected to know that the work we are doing is very tiring and among all those who compose the JFW-DH Team want to open the period beta testers.

The requirements are:

-Registered user community with the status DHorg “Friend devil”
_____________________________________________________________
____________________________Grupo A __________________________
User-Spanish speaking (in Spanish beta)
-Internet Connection on the PS3 (not psn)
Backward-Console PAL, NTSC FAT
Game-Original 3.56 (not dispensable)
-Console with Firmware 3.41 or less
Original game-PS2, PS1, PS3
-Backup of the above both PS3, PS2, PS1 (PS3 unpatched)
-Game store NPDRM 3.56 or 355 (not psone)
-Backup 341 / 355Kmeaw
Linux live cd-USB Red Ribon
_____________________________________________________________
____________________________Grupo B __________________________
User-Spanish speaking (in Spanish beta)
-Internet Connection on the PS3 (not psn)
Console not backwards-PAL, NTSC FAT
Game-Original 3.56 (not dispensable)
-Console with Firmware 3.41 or less
Original game-PS2, PS1, PS3
-Backup of the above both PS3, PS2, PS1 (PS3 unpatched)
-Game store NPDRM 3.56 or 355 (not psone)
-Backup 341 / 355Kmeaw
Linux live cd-USB Red Ribon
_____________________________________________________________
____________________________Grupo C __________________________
User-Spanish speaking (in Spanish beta)
-Internet Connection on the PS3 (not psn)
Console not backwards-PAL, NTSC Slim
Game-Original 3.56 (not dispensable)
-Console with Firmware 3.41 or less
Original game-PS2, PS1, PS3
-Backup of the above both PS3, PS2, PS1 (PS3 unpatched)
-Game store NPDRM 3.56 or 355 (not psone)
-Backup 341 / 355Kmeaw
Linux live cd-USB Red Ribon

The beta test shall undertake not to publish the beta, and have a mechanism that anti leaks, this means that not only would find the informer, but you use it the users activate the safety mechanism to make them shiny bricks (Forewarned is a traitor)
The beta testers inform the organizer of the bugs to be repaired.
The testing period will be from 2 weeks to address everything that contains the JFW-DH and so do not leave nothing out.

The estimated date for the publication of the JFW-DH is October 1, 2011 (after two weeks testing the above)

SOURCE

Your Ad Here

Yesterday, we reported here, that Spanish PS3 Scene Developer DemonHades had his website compromised and several of the files that resided on his server, were leaked and posted as one of his blog posts, unfortunately the files that were leaked were sensitive Sony files, that were illegal for DH to have, he claims that they weren’t his files, and stated that the hackers uploaded the files, to get him into trouble.
Nobody knows for sure who hacked the DemonHades blog/forum, some claim it was the other scene devs he was publicly blasting and others think it was DH himself, that hacked his own blog, these are all just queses though.
Long time PS3 Scene Dev SKFU(StreetskaterFU) has posted his theory/opinion, on his own blog, this is what it says:

DemonHades – Victim or Offender ?
Recently I talked to DemonHades, about the current situation of his blog and forum. As we all should know right now, it was hacked several times this month, the SQL DB of the forum was spread online and finally SONY internal LV3 documentation files were linked on the frontpage.

Did DemonHades leak those files because he was mad or did the hacker put the files online to lead the community in a wrong direction against DemonHades, to finally let him shut up?

DemonHades personally told me he had nothing to do with the leak. Neither I see a reason why he should do this. The forum/blog will be back as soon as he fixed his server issues.

So why this attacks, which seem to be a private conflict between someone who wants DemonHades to give up and Demonhades himself?

At the moment DH works together with Team Jungle (known in XBOX scene as drive hackers). The most recent conspicuous event was the PSJailbreak, which seems to be a direct enemy of team Jungle’s and DemonHades’ BD Drive Research. Maybe members of the PSJailbreak team are behind the attacks? Imagine your own opinion.

Similar fights were and will always be part of the scene. Not everybody can be friends, I guess.

Source

These are just one persons thoughts/opinions, they are not fact, so read of it as you may.

Your Ad Here

These must be the worst few days over at Sony. According to internet reports, a well known Spanish hacker Demonhades had his blog hacked yesterday (about 3 times), and his SQL publicly leaked. The hackers managed to wipe out his entire FTP, forcing his site to be temporarily shutdown (still closed as of now).

The leaked SQL however contained illegally obtained information for the PS3, such as service manuals, various of other documents and information, and programs/SDKs – all now spreading over the internet like a wild fire.

The leak may further hurt Sony as hackers begin to get their hands on this illegal data and may open up more doors for the PS3, especially with PSJailbreak just around the corner.

Files that were leaked:

• sm-bdd-0013e-01-0.rar
• sm-ps3-0013e-02-0.rar
• sm-ps3-0073e-05-0.rar
• sm-ps3-0093e-02-0.rar
• ta085.pdf
• scenefree.rar which contains PS3_Generator-1.20

We liked to remind our community that these files are considered illegal, so do NOT ask for them on these forums, do NOT ask for them via private messages. The issue will be treated like warez, and appropriate action will be taken against violators.

Unless you have been sleeping under the rock for the last 24 hours, you most likely heard about PSJailbreak modchip which allows backups to be booted on PS3. Demonhades and SKFU provide their thoughts on PSJailbreak below:

I just tested the software they uploaded and can confirm it works so far.

I can tell a bit about the backup manager. It seems the software uses bd_emu features to manage the backups. The HDD to use, should have a modified bd emu format, which sets all backups on first position, so the PS3 detects ‘em all. Then you can choose the image to boot via the manager.

To directly copy and boot a game, the software would need to decrypt all layers on the fly. Meaning it decrypts all executables somehow, else it won’t run. Even on a debug unit.

The hardware look like a copy of the original PS3 jigstick, used in SONY service centers to repair broken PlayStation3 SKU’s. Someone internal leaked or sold a stick, so they had the chance to reverse and clone the hardware.

The stick should boot before the normal firmware does, so it’s hard to patch it. Maybe SONY could update the bootcode to prevent it, set it to a revoke list.

By the way, in all videos they use debug PS3′s to run the software. There is no video showing the actual process booting on a retail PS3 afaik. So I do not confirm that this is true, yet!

If it’s as true as it looks this time, good job guys!

Demonhades(via Blog)

Well I see that recently raised a stir is mounted by a chip of course to load backups from a pendrive, at first glance one might say it’s fake if we did not know of studies conducted years ago and let us see many more hidden things that not all users can understand, in this case we speak of the card jig, the jig is used by the card sony sat for maintenance and restoration in ps3.

In short, this jig card has been removed from the payment sony sat.. so now try to expand the money spent only and once recovered the money spent in obtaining this device the reproduction and cloning of the device will be imminent.

When I saw the body of the above, first I noticed that the sample vsh known and used parts of a debug.. and of course if one is launching retail which does not make much sense, could only think one way quickly- THE CONVERTER RETAIL TO DEBUG.

This converter is thought to sony and service for devs have this jig card (aka USB dongle), allowing this USB is that:

Releasing the boot ini dev_usb0 and a sequence of buttons that change the state of syscon as we launch the initial boot usb dongle, then interprets the bootstrap and load the necessary files from the dongle itself temporarily leaving the ram doing a false reboot.

According to the store have told the seller, no residue on the PS3.. so it fits the above description.

The idea is quite clear gentlemen, emulates the fw of trm syscon and we have a debug interprets loading the kernel debug and providing all the features to debug vshmain time, this results in loading unsigned code.

This allows us as I mentioned months ago to launch pkgs from ubs, since it has a browser for managing them.

The official BDEMU disk loading before you activate the mediatype BD and then run the loader to the channel of communication with the real reader would be closed and only would use the BD-emu, emu and the bd can not share the same channel communication.

In this case to remove the layer is used to extract cellftp to an external source of filesystems without pre-decoded and converted to debug layer.

Executables can be created with the sdk, and generated their own loader which removes the layer of encryption (this if it will extract the discs, not linux), then the PS3Gen (published as a matter of 1 month) can be create iso patched with valid soft.esto itself mean that everything is made in the PS3 SDK (emulators, applications, etc) will be loaded without problems, as we are doing the same as the 360 with jtag hack it uses a core debug.

The loader is loaded by the execution path that recognizes the actual application manager, loaded via app.

TRUE GENTLEMEN OF THE NEWS WOULD BE A GREAT TIME AND NEWS bad news… Let me explain:

1. NO SERIOUS WORK DONE BY HACKERS OR RESEARCHERS.

2. MATERIAL IS MADE LIKE THE MAGIC BATTERY FOR PSP WITH SONY TOOLS.

In short, PS3 has fallen to the very tools you use in your SAT Sony… that if Sony can plug it into the next update.. just have to cancel the initial boot usb to close the bar, because the boss is syscon.

The folks over at Demonhades have managed to connect the PS3 bluray drive to the PC and have the PC recognize it as well.

To quote (translated):

“Our colleague has managed HadesTeam Calimba of connecting the PS3 BD player to the PC, as you all know the communication interface that uses the reader is bd flex belt so you do not have any type of connector for this work, so we have communicated BD reader to the pc to start to investigate more thoroughly. Jungleflasher as both dosflash recognize it.”

[VIA]

Rancid(o) from Demonhades.org has created a tutorial on how to build a Toolchain and Bootloader, this will only work if you have a fat PS3 on firmware 3.15 or below.

A translated quote from the site:

Rancid (o) leaves us this tutorial to build and make ready the toolchain Playstation 3, thus we can begin to create or BLD for homebrew applications and initiate us into the world of programming the PS3 linux distro without an installed .

Remember that the BLD generated may only be used on consoles less than 3.15, because as you know sony withdrawal otheros use in later versions.

To view the tutorial, click on this link:
Demonhades.org

Demonhades and JaicraB have managed to dump and release the PS3 Hypervisor LV2 (GameOS). This however won’t lead to any new exploits (especially on LV2), as some websites falsely claim, on retail PS3′s (probably debug units).

You can download the dumps here (Pass: jaicrab.jaicrab).

To quote:

“DHorg friends because that is in luck, and I DemonHades and JaicraB we have dump the LV2 (supervisor) thereby obtaining ps3 kernel very soon we detailed the dump.

Jaicrab a pleasure working with you friend.

Best to all! A week ago I started to dismount for the first time a PS3 and install Linux without any experience. My only goal was to teach people to change the cooling of a PS3. Gradually I was calling attention to the world of SCENE and a week I give the LV2.

This concludes a long afternoon with only one thought. DemonHades Thanks for sharing your experience with me and spend the whole evening with me and discuss check for teaching me everything you know in two hours. The truth is that without DemonHades would have been almost impossible. A great and wise person.

After an entire afternoon leading a project in mind, we could dump the LV2. We had read access of the last session before entering XMB Other.

I promised. It will explain the method to follow if you want to do you the same. Enjoy it!

Next step? The next step is Inmagine. First of all tomorrow if I can I will explain the process of how to do it.

It is not a simple dump LV2, but a dump of the entire session previously opened in XMB. What you need to debug the dump way to make things not to mix the session Other and so we can analyze everything that we run in XMB.

This dump was made with an upper size LV2, which contains trash otheros session mixed with XMB. The LV2 area is intact, are the first 36 megabytes, which is lv0, LV1, LV2.

You open a door and you find 50 more, each new door you can open 50 more doors. Choose your path to investigate and share it with everyone.”

Sorry for the not so detailed post just wanted to spread the news, someone from staff or anyone else feel free make a detailed post !

[VIA]

UPDATE: Another dump has been posted by JaicraB and promises a guide in future:

So,what is gonna be? One thing make me something.
That is,first geo hacked HV and released it.Then verification of PKG,SELF,loading mtldr.Then rco edit.Then sony remove otheros and then promises of CFW.And then a rapid update of jaicrab’s blog.All things is going to be very rapid after geo’s invention.

I bet to anyone that,in the end of 2010.
we will get:
1.Running code from XMB.
2.Probably linux for slim.
3.Hello world for ps3.
4.Isoloader for both ps3s.
5.Some way of safely(nt like 360) playing backups.
6.End of ps3′s DRM that ruled so long.

Demonhades has posted today progress/findings of the PS3 hypervisor and boostrap (lvl0/level1).

To quote:

For those who bear on our community and this study shall know the hypervisor and bootstrap, but for new and newcomers who want to know about the safety features on ps3, and is protected as it manages the hypervisor (hardware manager) believe that interesting reading this list.

Then I leave it here hypervisor dump that I have gone and published it to all make a good background paper on the hypervisor and the bootstrap

Here you will be added all the features you get in a list, if you see that are already discussed here, and exposed them to not only need to copy them from your valleys and fast

You can view the full (rough English translation) examination at the discuss in forums link, or the more organized version at the VIA link (in Spanish).

[VIA]

celld0wn over at DemonHades have found the JTag port on PS3′s BluRay drive board.

Rough translation from celld0wn below:

I found the JTag port for the Blu-ray Reader on the PlayStation 3. Last night after finishing the research meeting I went looking for information about BD integrated reader.

In and looking at the information that I found on the back of the plate reader I saw that there is no connector terminals, these terminals belong to a connector which connects ‘something’ via terminals and through the Internet I found the points used in a JTag, including the TDO, TDI, TMS etc.

Originally developed for printed circuit boards, it is currently used for test of submodules of integrated circuits, and is also useful as a mechanism for debugging embedded applications, as it provides a backdoor to within the system.

When used as a debugging tool, an in-circuit emulator that uses JTag as the transport mechanism allows the programmer to access the debugging module that is integrated into the CPU. The debug module enables the programmer to correct their errors and code logic of their systems.

There are consumer products that have a JTag port integrated, so that the connections are often available on the PCB as part of the prototype phase of the product. These connections can provide a simple way to reverse-engineer.

As you can see we have a door strike to try to get the firmware, decrypted data, and all that is able to control the Blu-ray reader.

[ViA DemonHades]

Thanks SCE for news tip.