Welcome to PS3Hax, your official PS3 hacks, PS3 Homebrew, and PS3 Downloads scene. Check back daily to keep up with the latest PS3 Hacks and drop by our forums for more PS3 Hacks discussions.
  • Posted by GregoryRasputin , on 02/01/2011 , @ 07:20pm

     

    I have read quite a few histories on game consoles, they all have been greatly written by great authors, but they all seemed incomplete, they didn’t portray the full history, the full essence of the machine, so as i am involved in the PS3 scene and know quite a bit about it, i thought i would write a complete history, containing the good, the bad and the ugly and believe me the PS3 has quite an exciting history and future, i wanted to write a history that will be enjoyed by everyone, one where people like myself wouldn’t finish the story, thinking there is something missing, i would also like to mention, that this work is my creation, i have written it in my own words, most of it from memory, sourced from various places over the internet, but mostly from ps3hax.net, so without any more interruption, here is the history of the PS3:

    2005

    16th of May 2005
    The world was awoken, to the news of a brand new console, this wouldn’t be a console, but a super computer, it would have everything that you needed for your gaming/media/computing needs, for ten years at least, the original console which was showcased, was silver in colour and had what appeared to be a brand new control pad design, it resembled a boomerang, it had three 10/100/1000 Ethernet ports, two HDMI ports and six USB ports, though unfortunately that wouldn’t be the final design, here are the specs revealed at Sony’s E3 presentation 2005:

    Product Name: PlayStation 3

    Logo: PLAYSTATION(R)3

    CPU: Cell Processor

    PowerPC-base Core @3.2GHz
    1 VMX vector unit per core
    512KB L2 cache
    7 x SPE @3.2GHz
    7 x 128b 128 SIMD GPRs
    7 x 256KB SRAM for SPE
    * 1 of 8 SPEs reserved for redundancy
    Total floating point performance: 218 GFLOPS

    GPU: RSX @550MHz

    1.8 TFLOPS floating point performance
    Full HD (up to 1080p) x 2 channels
    Multi-way programmable parallel floating point shader pipelines

    Sound:

    Dolby 5.1ch, DTS, LPCM, etc. (Cell-based processing)

    Memory:

    256MB XDR Main RAM @3.2GHz
    256MB GDDR3 VRAM @700MHz

    System Bandwidth:

    Main RAM — 25.6GB/s
    VRAM — 22.4GB/s
    RSX — 20GB/s (write) + 15GB/s (read)
    SB — 2.5GB/s (write) + 2.5GB/s (read)

    System Floating Point Performance:

    2 TFLOPS

    Storage:

    Detachable 2.5″ HDD slot x 1

    I/O

    USB Front x 4, Rear x 2 (USB2.0)
    Memory Stick standard/Duo, PRO x 1
    SD standard/mini x 1
    CompactFlash (Type I, II) x 1

    Communication:

    Ethernet (10BASE-T, 100BASE-TX, 1000BASE-T) x 3 (input x 1 + output x 2)
    Wi-Fi IEEE 802.11 b/g
    Bluetooth 2.0 (EDR)

    Controller:

    Bluetooth (up to 7)
    USB 2.0 (wired)
    Wi-Fi (PSP)
    Network (over IP)

    AV Output

    Screen size: 480i, 480p, 720p, 1080i, 1080p
    HDMI: HDMI out x 2
    Analog: AV MULTI OUT x 1
    Digital audio: DIGITAL OUT (OPTICAL) x 1

    Disc Media:

    CD PlayStation CD-ROM, PlayStation 2 CD-ROM, CD-DA, CD-DA (ROM), CD-R, CD-RW, SACD, SACD Hybrid (CD layer), SACD HD, DualDisc, DualDisc (audio side), DualDisc (DVD side)
    DVD: PlayStation 2 DVD-ROM, PlayStation 3 DVD-ROM, DVD-Video, DVD-ROM, DVD-R, DVD-RW, DVD+R, DVD+RW
    Blu-ray Disc: PlayStation 3 BD-ROM, BD-Video, BD-ROM, BD-R, BD-RE

    Below, is 2005′s E3 PS3 Presentation, it is split into 14 minute segments for easier viewing:

    8th Of June 2005
    Gotou Shigehiro of Japan’s PC Watch, interviews Sony Computer Entertainment CEO Ken Kutaragi regarding the PS3, i screen capped the below images from the Beyond3D forums, clicking on the images, will enlarge them, making them more readable:

    Original Interview.
    Beyond3D Forum - Translated Version Of Interview.

    2006

    (more…)


  • Posted by GregoryRasputin , on 02/12/2010 , @ 10:15am

     

    PS3-World member iscary has made a very useful tutorial, for those having difficulties downgrading their PS3 console, using PS Downgrade.

    Finally PsJailbreak Team has released an update to its program Upgrader fully functional, we are talking about the 1.3 version downloaded from the official site.

    Now we turn to a step by step guide to perform this simple procedure.

    PsJailbreak

    Requirements:
    - Original PsJailbreak.
    - PsUpgrader 1.3.
    - Internet connection.

    Update process:
    1 - Downloaded from the official website PsUpgrader 1.3 and we start the installation of Setup.
    2 - Now connect the PsJailbreak to a USB port and expect to be recognized.
    3 - We initiate the program PsUpgrader.exe and soon you will see that the program will recognize the PSJ with a serial.

    4 - Now let’s move on the window Download Updates and click on the Download Updates button (in a few seconds a message will confirm that you have downloaded updates) is the program appeared in two new files will be called (Downgrader_SerialNamber.fla and prog_SerialNamber.fla)



    5 - Now let’s move on the window Update Now and click on the button (Click here to select file ….) and go to select the file Downgrader_SerialNumber.fla.

    6 - At this point we only have to click on Apply Updates and wait for the program updates the PsJailbreak (Key you’ll notice that on the following combination of devices: Red/Green, Red, And finally if the flash is going to succeed light Green fixed.) obviously the program will tell you that everything went well.

    7 - At this point you can unplug it and use it for the PSJ Downgrader because with this update works only to send the PS3 in Service Mode and Factory quini you can not use it to start the backup.
    Extras: In case you want to restore the PSJ, and then to use it as normal and then start the Backup Key will not have to do is repeat the procedure from step 3 onwards, but this time you need to select the file prog_SerialNumber.fla.

    Driver Installation & PsUpgrade program.

    Flash PsJailbreak with PsDowngrader


    PsDowngrade

    Requirements:
    - 1 PsJailbreak reprogrammed with PsDowngrade
    - 1 FAT32 formatted USB stick
    - Update Amended 3.41, if you want to go back to version 3.15, download the official PUP.
    - Lv2Dig.self (which are divided into two different files named File1 Downgrade while serving for the File2 serves to bring out the PS3 by the Service Factory Mode.)

    How to Downgrade:

    1 - Reprogrammed with the PSDowngrade PSJailbreak enter in your console
    2 - Start the console using the same method to initiate the Jailbreak - Press the Power button and then immediately press the eject button. (You will see your console that will light up with the first light PSJailbreak red & Green followed only light Green, Then turn off the light on both the PS3 PSJ.
    3 - Remove the PSJ and turn on the PS3 to make sure that everything goes well (just look to see the red box with srcitto Service Factory Mode)
    4 - Now we take a USB stick in FAT32 and formattiamola, we insert this fact in the Root of the two key files that will be used for the downgrade are (1) Update 3:41 amended and (2) Lv2Dig.self (file1)
    5 - Insert the USB stick in the console’s USB port (the important thing which should be included in the last door on the right, then click the Ps3FAT the 4th and the 2nd for Slim) turn on the PS3. Now you will see the PS3 is turned on the TV but you will not see anything (black screen)
    6 - The process takes about 3 / 4 minutes (this time the PS3 install the firmware you put on the USB key) when the process is about to end you will see the green LED on the PS3 that starts flashing and after a few seconds will turn off automatically
    7 - Remove the USB stick and turn on the PS3 (the PS3 will always be in Service Mode) go to system information and check that the firmware has become 3.41.
    8 - Take the USB stick and inseriamola your PC (you’ll notice a new file called UPDATER_LOG.TXT this is a log of everything that made the downgrade) delete the two files that we had entered earlier (LV2Diag.self and update 3.41) and insert Root always in the other file called LV2Diag.self (File2)
    9 - Always insert the USB stick in the last USB port of the PS3 and accendiamola normally after about 10 seconds will turn off the PS3 alone.
    10 - Remove the USB key and we start the PS3 and immediately start the initial configuration (language, date, time, etc. etc.) At this point you have completed the procedure and you Downgrade your PS3 with the firmware of your choice.
    Extra - If the vouchers to downgrade to a previous version you should do it this way:
    If you have a firmware 3.50, you will need to first downgrade to version 3:41 and then upgrade to version 3.15 (if you want to rehabilitate OtherOS) while if you have a firmware 3:41 you will not have to do is replace the update with 3:41 to 3.15 and do the procedure.

    Help and video guide created by me, I do not assume any responsibility in case of failure of your PS3 and all tested and fully functional.

    I hope I was helpful to the whole community.

    SOURCE

  • Posted by PS3Hax Member News , on 01/12/2010 , @ 01:48pm

     

    Some minutes ago the psjb team has released their new upgrader. It is confirmed this one is working !!!

    PSUpgrader V1.3 is now released!
    [2010.12.01]
    We have received numerous compatibility complaints across different windows platforms. We have repaired all issues concerning file save directory, 64 bit windows integration and file corruption. Now you just install fresh version, click receive updates and enjoy! We appreciate your feedback and support. Downgrading is now accessible and free to all past and future clients ;) Enjoy your original PS Jailbreak. We invented the industry and were also leading the way! Don’t get stuck with inferior products or clones, by now you should all know that PS Jailbreak leads and everyone else tries to copy. Wholesalers please contact us for new pricing, marketing material and Christmas specials.

    Source: http://www.psjailbreak.com/downloads

  • Posted by PS3Hax Member News , on 29/11/2010 , @ 02:44pm

     

    PS Downgrade is now officially free and provides unlimited uses for ALL users, past and future. Download PS Updater v1.1 and your PS Downgrade files and start enjoying TODAY!!!

    source: www.psjailbreak.com

  • Posted by GregoryRasputin , on 22/11/2010 , @ 04:45pm

     

    The Official PS Jailbreak/Downgrade team, have posted exciting news on their PS Downgrade site, in which they promise unlimited Downgrades and have lowered the price of the PS Jailbreak device, here is a quote from the site:

    As of today we would like to announce a couple huge changes not only to our product but also to the whole community. PS Downgrade is now unlimited… that right…. Update to play original 3.50 with 3D videos and Online play and Downgrade to play homebrew or Other OS.
    We would like to announce an official price drop. Our new MSRP is 99$ USD instead of 125$ making it more affordable for everyone. Next, as of today all new hardware shipped will come with PSdowngrade installed free of charge.
    Lastly, all existing customers can start receiving the free PS Downgrade as of 29th of November using PS Upgrader available on our downloads page.
    Remember that we are the original Jailbreak , the original Downgrade and we will continue to pave the way. By supporting us you are supporting the community and future developements.

    Source
    Via PSX Scene

  • Posted by GregoryRasputin , on 15/11/2010 , @ 05:13am

     

    The official PS Jailbreak team, have reported via their website that PS Jailbreak, now supports firmwares 3.42, 3.50 firmwares and claim that it will support higher, they also confirm the legibility of PS Downgrade, here is a quote from their news section:

    PS Jailbreak now supports firmware 3.42, 3.50 and beyond!
    [2010.11.15]
    Homebrew developers and software engineers we want to hear from you. If your looking for part time or full time work please contact us [email protected] Only Serious inquiries from people with experience.

    Again we revolutionize the world and show the disbelievers that we are the original source. We understand what we are doing and will continue to be at the forefront of support. Officially launched today is our sister site www.psdowngrade.com the worlds only downgrader. Allowing you to downgrade your new console to any previous firmware version. With a PS Jailbreak and PS Downgrade now all all 44 Million users and counting can enjoy Homebrew. We dont like new comers beeing singled out , so we ventured into the unknown once again and now brought you an out of the box USB solution.

    All dealers should contact us for new pricing schedules, as well as marketing material. We have just completed a new batch of product ready to ship immediately.

    Please beware PS Downgrade only installs on original PS Jailbreak devices. There are numerous inferior clones and copycats out on the market claiming to be compatable with our support. This is FALSE!!! Buy original from a trusted reseller or risk being stuck with a paperweight.

    Be aware though, this doesn’t really suggest that you can go ahead and upgrade to 3.50 and that your jailbreak device will work, rather it promotes PS Downgrade, so don’t be getting hasty and upgrading to 3.50.

    Thanks to Keytor69 for the tip
    SOURCE

  • Posted by GregoryRasputin , on 12/11/2010 , @ 07:22am

     

    When gliitch showed me the video, that was made by a reseller of the device, i immediately said fake, but that’s just sceptical me, a couple of minutes later, i noticed other sites were posting the story as news, here is some information on the PS Downgrader, which is brought to us by the original PS Jailbreak team:

    The wait is finally over! New users above 3.41 fw its time to join in on the fun. Thanks to PS Downgrade, PS Jailbreak is now available for all 44 million users.

    PS Downgrade is a software add on that connects with your existing PS Jailbreak device. In 1 minute or less you can downgrade your consoles firmware to any previous firmware.

    Simple to install; just plug PS Jailbreak into your pc and follow the gui to install PS Downgrade. Works with all past, present and future firmwares!

    Turn back your console to 3.41 to jailbreak with the worlds original PS Jailbreak, or even go as far back as 3.12 to enjoy Other OS (yes LINUX is back). Completely safe to use, and does not void your warranty. PS Downgrade is completely undetecable by manufacturer, there is no history or log of your downgrade.

    Please note: PS Downgrade is ONLY compatible with original PS Jailbreak, no clones or inferior USB dongles.

    FAQ from the site:

    Q: Can anyone install the PS Downgrade or PS Jailbreak?
    A: Yes! The PSJailbreak & PS Downgrade Modchips are a simple USB device. Simply Plug-and-Play. Plug in the USB PSJailbreak Modchip into the PS3 and follow the instructions. The whole process takes less than 3 minutes and is just as easy as loading a game, uploading pictures or any other of the simple tasks the PS3 can handle.

    NOTE THE PS JAILBREAK TEAM STATE THIS IS A ONE TIME DOWNGRADE

    OFFICIAL PS Downgrade Site

    Thanks to gliitch and OoZic for the tip.

    Other sources of the news:
    Eltorado
    PSGroove
    PSX Scene

    Apart from the obvious mistake of downgrading to 3.12 for OtherOS, is it possible that it is true ?
    And before everyone shouts fake, we all said the same about PS Jailbreak before it was confirmed to be real :)

    EDIT:
    I guess its real

    Well you can all stop calling it fake, it indeed is real and has been confirmed, by the guys behind PSGroove

    By Mathieulh via twitter

    To the people asking me if I know about the psdowngrader, yes I do, yes we know how it’s done, no I don’t intend on reproducing this.

  • Posted by Pirate , on 20/10/2010 , @ 03:21pm

     

    We have been reporting for the last few days about the PSJailbreak.com backup manager v1.1 and today it has been released. While what the complete changes of what the new version brings is unknown, we do know the following: (more…)

  • Posted by Pirate , on 07/10/2010 , @ 07:03pm

     

    It would seem that with all the legal activity going around, the official PSJailbreak just disappeared for a few days, but today they have updated their site with more information: (more…)

  • Posted by GregoryRasputin , on 06/10/2010 , @ 12:23am

     

    garyopa from PSX-Scene has reported, that SCEA has been granted a temporary restraining order against companies, selling PS3 Jailbreak Devices, here is a quote from his thread:

    In our on-going exclusive in-depth coverage of SCEA’s court-room battle with the PSJAILBREAK’ers, we have got another new court document, this one is signed order by Judge WILLIAM H ALSUP granting SCEA a Temporary Restraining Order against the named Defendants along with of course the currently un-named John Does #10 thru 100!

    The order basically states the following:

    Quote:
    1. Defendants and their officers, employees, attorneys and representatives, and all other persons or entities in privity or acting in concert or participation with defendants, are immediately temporarily restrained from selling, offering for sale, marketing, advertising, promoting, installing, distributing or otherwise trafficking in circumvention devices, including but not limited to any or all of the PS3 Jailbreak devices, any copies or versions of backup manager or any other hardware or software that bypasses technological copyright protection measures in SCEA’s PlayStation®3 computer entertainment system;

    2. Defendants shall preserve all communications, including email communications, and other documents relating to their purchase, sale, receipt or distribution of circumvention devices, including but not limited to the PS3 Jailbreak devices, the backup manager or any other hardware or software that bypasses technological copyright protection measures in SCEA’s PlayStation®3 computer entertainment system, and that defendants shall not delete, remove, transfer or in any way dispose of such communications and documents;

    3. This order shall be binding upon the parties to this action and all other persons or entities who receive actual notice of this order by personal service or otherwise;

    4. This order will be effective upon plaintiff’s posting of $5000 security with the court pursuant to FRCP 65(c);

    5. Plaintiff shall serve defendants, defendants’ resident agents or counsel with a copy of this order;

    6. This order shall remain in effect until the date the hearing on the order to show cause set forth below or until such further dates as set by the court or stipulated to by the parties.
    This order covers the currently named defendants:

    Quote:
    VLAD GAZOUNE doing business as ZOOMBA LDC; SHOPPSJAILBREAK.COM
    THAHN NGUYGEN doing business as USATECHCITY, LTD
    ARTHUR BATES II doing business as PSP PIT STOP
    TOM NOOKER doing business as BUYPS3JAILBREAK.WEBS.COM
    ALEX ESQUIVEL doing business as NDSGAMER
    BIN LE ZHONG aka BEN LEE doing business as PS3BREAKONLINE.COM
    FAI KING FONG doing business as PS3BREAKONLINE.COM
    HUANRAN LEE doing business as GETPS3BREAK.COM
    and currently unnamed JOHN DOES #10 through #100!
    The above people have until October 8, 2010 at 12 PM PDT to file a written reply to this court order in defense, and then SCEA has until October 12, 2010 at 9 AM PDT to file an update to their defense.

    The big showdown starts in front of Judge Vaughn R Walker for a hearing on the order to show cause on October 12, 2010 at 10 AM in Courtroom 6, 17th Floor, 450 Golden Gate Avenue, San Francisco CA 94102.

    For the full history to this story see our previous in-depth PS3 Wikileaks threads on this complete showdown between SCEA vs. PSJailbreak Hackers!

    Wikileaks - Part 2: http://psx-scene.com/forums/showthread.php?t=67646
    Wikileaks - Part 1: http://psx-scene.com/forums/showthread.php?t=67178
    The Original Start: http://psx-scene.com/forums/showthread.php?t=65284

    SOURCE

  • Posted by Pirate , on 01/09/2010 , @ 05:28pm

     

    phire, (and Matt_P, subdub and others for helping develop this theory) have a documented on how PSJailbreak works, it is now up and posted for your reading pleasure.

    To quote:

    Analysis of the PSJailbreak Exploit

    Intro

    The PSJailbreak dongle is a modchip for the PlayStation 3 that allows users to backup and play games off the harddrive. Unlike the modchips of the Previous generation, or the modchips so far for the Xbox360 and Wii, this modchip simply plugs into the USB port on the front of the PS3, avoiding the need for complex soldering and voiding of your warranty.

    As the time of writing this document, the final PSJailbreak has not been released, but a number of samples were given out and at least one fell into the hands of someone who owned a USB sniffer.

    This analysis of the exploit is based on those USB sniffer logs, issues encountered during the development of the opensource PSGroove version of the exploit and a number of educated guesses. It will probably be updated as new information comes in.

    The initial analysis by gamefreax.de suggested that it was a Stack overflow attack. After further analist it turns out that this exploit is a Heap Overflow attack. The exploit carefully manipulates the heap by plugging and unplugging fake usb devices with large device descriptors until the device on port 4 which misreports its size to overwrite one of malloc’s boundary tags.

    The state of the PS3

    The exploit takes place while the PS3 is looking for the Jig (triggered by pressing eject within 200ms of pressing power). It is suspected that the ps3 spends around 5 seconds doing nothing but initializing devices on the USB bus, so there is little extra code running to mess the exploit up.

    Setting up the heap

    The PSJailbreak dongle emulates a 6 port USB hub. By attaching and detaching fake devices to the ports of the hub the dongle has control over the mallocing and freeing of various blocks of memory that hold the device and configuration descriptors.

    Port one

    After the hub has been initialized, a device is plugged into port one with a pid/vid of 0xAAAA/0×5555, It has 4 configurations with each one is 0xf00 bytes long. This is just under the size of 4k page, so malloc will have probably have request a new page for each one, unless it already has enough free space, but at least one will be aligned at the start of a page.

    The ps3 also changes the configuration the 2nd time it is read so the configuration in the ps3 memory is only 18 bytes long.

    It just so happens that that this data contains the payload that the exploit will jump to after gaining control of the execution, but that is not important for the exploit.

    Port two

    After the PS3 has finished reading the port one device descriptors, the dongle switches back to the address of the hub and reports that a device has been plugged into port two.

    This device has a pid/vid of 0xAAAA/0xBBBB, and it has 1 configuration descriptor which is 22 bytes long. Only the first 18 bytes are real usb data and the remaining 4 bytes are:

    04 21 B4 2F

    With a length of 04 and an invalid type byte, anything interpreting it as USB descriptor will probably skip over it and the last 2 bytes. It is suspected that this is just here to make this descriptor take up an exact amount of heap space.

    Port Three

    The port three device has a pid/vid of 0xAAAA/0×5555, the same as port one. Unlike the port one device it has 2 configuration descirptors, each 0xa4d bytes long The data that fills them is junk but it may or may not be relevant that if you treat the data as descriptors they will have valid lengths. These descriptors will probably be allocated to the start of a fresh 4kb page that follows the page with the last port one descriptor and port three descriptors.

    Port Two Disconnect

    After port three is connected, port two will be disconnected, this will cause the port two descriptors to be freed, which frees up some space between the Port One and Port Three descriptors.

    The exploit

    The heap is now prepared for our exploit.

    Port Four Connection

    A device is connected to port 4, with a pid/vid of 0xAAAA/0×5555 and 3 configurations.

    Configuration A

    This is a normal configuration, 18 bytes long

    Configuration B

    This configuration is the same as Configuration A, except it changes its total length from 18 bytes to to zero bytes after the PS3 has read it the first time and allocated space for it.

    This is where things get vague, this is key to the exploit and will somehow cause the the extra data at the end of Configuration C to overwrite one of malloc’s boundary tag, most likely the one belonging to Port Three.

    But the exact reason for this buffer overrun is hard to guess without actually seeing the exploited code.

    Configuration C

    This starts the same as configuration A, but has 14 bytes of extra data at the end.

    .. .. 3e 21 00 00 00 00
    fa ce b0 03 aa bb cc dd
    80 00 00 00 00 46 50 00
    80 00 00 00 00 3d ee 70

    The first 6 are just padding (but the 3e might be important if this ever gets interpreted as a USB descriptor.) Then there are 3 u64 values, each 8 bytes long.

    The first two values are stored for use by the shell code later just before malloc’s boundary tag.

    The 3rd value overwrites the first value of the boundary tag, which is pointer to the next free section of memory. The replacement pointer will point to a function somewhere. This will cause a malloc to allocate memory in the wrong place, sometime in the future, allowing the exploit to overwrite an existing function.

    Port Five

    The dongle plugs the fake Jig into Port Five right after Port Four has done its job. It uses the same PID/VID that the original Sony Jig uses (0x054C/0x02EB) and probably the same configuration with the same end points.

    It is suspected that because the Jig is a known device that the PS3 was waiting for, it’s device and configuration descriptors will not be malloced into the heap.

    The PS3 sends a 64 byte challenge to the fake Jig to authenticate it, and the dongle replies with 64 bytes of static data. The PS3 will malloc space for this response, and because the boundary tags have been modified by Port Four, malloc will return a pointer to 24 bytes before a function that has something to do with free and the 64 bytes of data will be written over top of the function.

    At the point, no code has been patched yet, so the Jig’s static response will fail to authenticate the jig.

    Unplug Port Three

    The dongle now sends a message that port 3 has been unplugged. This will cause the PS3 to free the Port Three’s configuration data, the very same buffer which had its boundary tag overwritten by Port Four.

    So our shellcode gets called, with R3 pointing to the boundary tag before Port Three’s Configuration data.

    The Shellcode

    PPC Assembly:

    ROM:00000018 ld %r4, -0×10(%r3)
    ROM:0000001C ld %r3, -8(%r3)
    ROM:00000020
    ROM:00000020 loc_20: # CODE XREF: sub_18+14�j
    ROM:00000020 ld %r5, 0×18(%r3)
    ROM:00000024 addi %r3, %r3, 0×1000
    ROM:00000028 cmpw %r4, %r5
    ROM:0000002C bne loc_20
    ROM:00000030 addi %r6, %r3, -0xFE0
    ROM:00000034 mtctr %r6
    ROM:00000038 bctr

    This takes a pointer to the corrupted boundary tags in r3.

    r4 is loaded with the 0xFACEB003AABBCCDD tag, then r3 is loaded with 0×8000000000465000, both of these values are stored just before the boundary tag.

    The shell code then scans every 4KB block (0×1000 bytes) starting at 0×8000000000465000, checking for 0xFACEB003AABBCCDD tag in the u64 at 0×18 in each page.

    When it finds it, the shellcode will jump to offset 0×20 in the payload.

    After the exploit

    Cleanup

    The exploit is now completed: Port Five, Port Four then Port One will be unplugged.

    Hopefully the Payload will have copied itself out of the heap before Port One is unplugged.

    Port Six

    The device that gets plugged into Port Six has nothing to do with the exploit. It has a vid/pid of 0xAAAA/0xDEC0 (on the PPC, which is big endian, the pid is 0xC0DE).

    The payload sends it a single byte (0xAA) control transfer so that the dongle will know that the exploit was successful so it can turn the green LED on to signal the user.

    A function in the original PSJailbreak Payload will make sure that this device stays plugged in. If it is ever unplugged then it will call LV1_Panic and your PS3 will shutdown. PSGroove has removed this ‘feature’.

    The Payload

    The actual payload is outside the scope of this document (There might be a 2nd document discussing the original PSJailbreak payload), but we will discuss the environment.

    The payload will start in an unknown position, aligned to a 4KB boundary, it should either use position independent code, or copy itself to a known location. The payload has full control over the lv2 (aka gameos) kernel and anything below it. It doesn’t have any control over lv1 (aka the hypervisor) without a 2nd exploit (the original Geohot exploit should still work.)

    The Jig authentication code is most likely running in lv1 or an isolated SPU so it is not possible to patch it with this exploit.

    The lv2 kernel is loaded at the time of the exploit, perfect for patching or you could replace it with something better like a linux kernel. A linux kernel running in this environment would have all the privilege of the regular gameos kernel.

    [VIA PS3Wiki]

  • Posted by Pirate , on 31/08/2010 , @ 07:45pm

     

    Yesterday, we reported that Mathieulh and his team successfully cloned PSJailbreak, however he said he would not be releasing anything soon. Well according to his Twitter posts, and some questions asked at MaxConsole it seems that the PSJailbreak code MAY be released next week, and it can easily be flashed even by an “idiot”.

    To quote:

    We shot over Mathiuelh some questions about the activities of his group following various teasers that the team will release the exploit powering PSJailbreak. He indicated that the code could be ‘probably’ be released next week although the team doesn’t wish to be binded by any ETA due to the public pressure that amounts. Elsehere he confirmed that they will be providing the code to easily flash onto ‘Teensy’ boards and the ‘average idiot/dummy’ will be capable of making their own

    If Mathieulh and his team do release the code in the future, then we may be very well able to clone PSJailbreak ourselves with one of the following:

    • Teensy ++ USB Development Board ($24)
    • AT90USBKEY [US or UK] ($31 / £23)

    Feel free to post links to other places to purchase the Teensy/AT90 and we will keep the list updated here for different regions.

  • Posted by Pirate , on 30/08/2010 , @ 12:24pm

     

    Esteemed PSP/PS3 reverse engineer Mathieulh, has stated via his twitter that a member of his team has successfully cloned the PS3 Jailbreak device:

    Someone from our group just successfully cloned the psjailbreak dongle. Going to improve the shell code soon.

    Mathieulh also stated this too:

    We are not releasing anything, we didn’t just rip things off, we know how it works ,the clone is just a POC, we plan on documenting

  • Posted by Pirate , on 29/08/2010 , @ 10:53pm

     

    The folks over at PSX-SCENE were contacted by the PSJailbreak team today with a few updates. The team plans to launch Backup Manager v1.1 which will include new features and tweaks. They also wanted to clarify that the delay of the product was not delayed because of shortage, but rather they were finishing their retail packaging and finalizing the new software.

    They also have responded to the court case in Australia and are providing financial aid to their dealers/distributors (have already sent a donation to OzMods and Quantronics).

    [VIA PSX-SCENE]

    Thanks to Pocket69 for heads up.

  • Posted by Pirate , on 28/08/2010 , @ 03:22pm

     

    PS3HaX forum member Descrambler has sniffed his PS Jailbreak device, here are his results:

    The first 8 bytes are from the usb protocol left [09 02 ... ]

    The code Will be pushed four times onto ps3 usb stack:

    09 02 12 00 01 00 00 80 FA 09 04 00 00 00 FE 01
    02 00 00 00 00 00 00 00 FA CE B0 03 AA BB CC DD
    38 63 F0 00 38 A0 10 00 38 80 00 01 78 84 F8 06
    64 84 00 70 38 A5 FF F8 7C C3 28 2A 7C C4 29 2A
    28 25 00 00 40 82 FF F0 38 84 00 80 7C 89 03 A6
    4E 80 04 20 00 00 00 00 00 00 00 00 00 00 00 00
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    7C 08 02 A6 F8 21 FF 61 FB 61 00 78 FB 81 00 80
    FB A1 00 88 FB C1 00 90 FB E1 00 98 F8 01 00 B0
    3B E0 00 01 7B FF F8 06 7F E3 FB 78 64 63 00 05
    60 63 0B 3C 7F E4 FB 78 64 84 00 70 60 84 01 AC
    38 A0 04 FA 4B 97 BF 59 7F E3 FB 78 64 63 00 05
    60 63 0B 3C 38 63 00 20 4B 9D 22 01 7F E3 FB 78
    64 63 00 05 60 63 0B 3C 7F E4 FB 78 64 84 00 2E
    60 84 B1 28 38 63 00 10 F8 64 01 20 7F E5 FB 78
    64 A5 00 70 60 A5 01 50 80 65 00 00 28 03 00 00
    41 82 00 18 80 85 00 04 7C 63 FA 14 90 83 00 00
    38 A5 00 08 4B FF FF E4 48 00 05 88 F8 21 FF 51
    7C 08 02 A6 FB C1 00 A0 FB E1 00 A8 FB A1 00 98
    F8 01 00 C0 3B C0 07 D0 3B E0 00 C8 4B 90 A9 B8
    00 04 90 E0 E8 82 0F 08 00 04 90 E4 E8 7C 00 20
    00 04 90 E8 F8 64 00 00 00 04 F0 A8 48 00 1A 9D
    00 2A AF C8 4B DA 5B 80 00 04 ED 18 38 80 00 00
    00 04 ED 1C 90 83 00 00 00 04 ED 20 4E 80 00 20
    00 3B A8 90 01 00 00 00 00 05 05 D0 38 60 00 01
    00 05 05 D4 4E 80 00 20 00 00 00 00 38 60 00 01
    4E 80 00 20 48 00 02 78 48 00 01 EC 80 00 00 00
    00 05 0C A8 80 00 00 00 00 33 E7 20 80 00 00 00
    00 05 10 32 80 00 00 00 00 05 0B 7C 80 00 00 00
    00 05 0B 8C 80 00 00 00 00 05 0B 9C 80 00 00 00
    00 05 0B D4 80 00 00 00 00 33 E7 20 80 00 00 00
    00 05 0C 1C 80 00 00 00 00 33 E7 20 80 00 00 00
    00 05 0C 78 80 00 00 00 00 33 E7 20 80 00 00 00
    00 05 0C 84 80 00 00 00 00 33 E7 20 00 00 00 00
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    00 00 00 00 F8 21 FF 81 7C 08 02 A6 F8 01 00 90
    38 80 00 00 38 A0 00 01 48 08 1D B1 80 A3 00 08
    38 60 00 00 3C 80 AA AA 60 84 C0 DE 7C 04 28 40
    41 82 00 08 38 60 FF FF 7C 63 07 B4 E8 01 00 90
    7C 08 03 A6 38 21 00 80 4E 80 00 20 F8 21 FF 81
    7C 08 02 A6 F8 01 00 90 38 80 00 00 48 08 1D 99
    38 81 00 70 38 A0 00 00 F8 A4 00 00 38 C0 21 AA
    B0 C4 00 00 38 C0 00 00 B0 C4 00 06 38 C0 00 01
    78 C6 F8 06 64 C6 00 05 60 C6 0B AC 38 E0 00 00
    48 08 1C CD 38 60 00 00 E8 01 00 90 7C 08 03 A6
    38 21 00 80 4E 80 00 20 38 60 00 00 39 60 00 FF
    44 00 00 22 2C 03 00 00 40 82 00 1C 38 60 00 01
    78 63 F8 06 64 63 00 05 60 63 0B BC 38 80 00 01
    90 83 00 10 4E 80 00 20 F8 21 FF 31 7C 08 02 A6
    F8 01 00 E0 FB E1 00 C8 38 81 00 70 48 16 2E 81
    3B E0 00 01 7B FF F8 06 67 FF 00 05 63 FF 0B BC
    E8 7F 00 00 2C 23 00 00 41 82 00 0C 38 80 00 27
    48 01 17 E9 38 80 00 27 38 60 08 00 48 01 13 9D
    F8 7F 00 00 E8 81 00 70 4B FF C5 F9 E8 61 00 70
    38 80 00 27 48 01 17 C5 E8 7F 00 00 4B FF C6 0D
    E8 9F 00 00 7C 64 1A 14 F8 7F 00 08 38 60 00 00
    EB E1 00 C8 E8 01 00 E0 38 21 00 D0 7C 08 03 A6
    4E 80 00 20 F8 21 FF 61 7C 08 02 A6 FB 81 00 80
    FB A1 00 88 FB E1 00 98 FB 41 00 70 FB 61 00 78
    F8 01 00 B0 7C 9C 23 78 7C 7D 1B 78 3B E0 00 01
    7B FF F8 06 7F A3 EB 78 7F E4 FB 78 64 84 00 05
    60 84 10 28 38 A0 00 09 4B FF C5 CD 28 23 00 00
    40 82 00 34 67 FF 00 05 63 FF 0B BC 80 7F 00 10
    28 03 00 00 41 82 00 20 E8 7F 00 00 28 23 00 00
    41 82 00 14 E8 7F 00 08 38 9D 00 09 4B FF C5 45
    EB BF 00 00 7F A3 EB 78 48 25 A2 38 7C 08 02 A6
    F8 21 FE 61 FB 61 00 78 FB 81 00 80 FB A1 00 88
    FB C1 00 90 FB E1 00 98 F8 01 01 B0 7C 7D 1B 78
    7C 9E 23 78 3B E0 00 01 7B FF F8 06 EB 82 96 00
    EB 9C 00 68 EB 9C 00 18 EB 62 0F 08 E9 3D 00 18
    81 29 00 30 79 29 84 02 2C 09 00 29 40 82 00 58
    E8 9C 00 10 78 85 C1 E4 78 A5 46 20 2C 05 00 FF
    41 82 00 18 60 84 00 03 F8 9C 00 10 38 60 00 06
    90 7E 00 00 48 00 00 14 60 84 00 02 F8 9C 00 10
    38 60 00 2C 90 7E 00 00 80 BC 00 04 E8 9C 00 08
    E8 7B 00 00 7D 23 2A 14 F9 3B 00 00 48 02 B1 C1
    48 00 00 C4 7F A3 EB 78 7F C4 F3 78 4B FF D9 B1
    7F FD FB 78 67 BD 00 05 63 BD 0B D0 80 7D 00 00
    80 BC 00 04 7C 63 2A 14 90 7D 00 00 E8 9C 00 10
    78 85 C1 E4 78 A5 46 20 2C 05 00 FF 40 82 00 88
    E8 7B 00 00 38 80 00 00 38 C0 00 00 7C E3 22 14
    80 A7 00 00 7C C6 2A 78 38 84 00 04 28 24 04 00
    40 82 FF EC 80 7D 00 00 78 C6 07 C6 7C C6 1B 78
    38 60 00 00 90 7D 00 00 7F E7 FB 78 64 E7 00 05
    60 E7 0F 70 E8 67 00 00 28 23 00 00 41 82 00 38
    38 E7 00 10 7C 23 30 40 40 82 FF EC E8 A7 FF F8
    E8 FB 00 00 80 65 00 00 28 03 00 00 41 82 00 18
    80 85 00 04 7C 63 3A 14 90 83 00 00 38 A5 00 08
    4B FF FF E4 38 60 00 00 EB 61 00 78 EB 81 00 80
    EB A1 00 88 EB C1 00 90 EB E1 00 98 E8 01 01 B0
    38 21 01 A0 7C 08 03 A6 4E 80 00 20 F8 21 FF 51
    7C 08 02 A6 FB C1 00 A0 FB E1 00 A8 FB A1 00 98
    F8 01 00 C0 3B C0 0F A0 3B E0 00 C8 4B FB 9B 98
    A0 55 6F 3D 00 2C B8 FD 80 00 00 00 00 05 0F B8
    8C 0A 94 8C 00 0D 99 B1 80 00 00 00 00 05 0F E0
    A2 BC 1A 56 00 05 2A DC 80 00 00 00 00 05 10 04
    6B 70 28 02 00 02 00 17 80 00 00 00 00 05 0F D4
    00 00 00 00 00 00 00 00 00 30 53 54 38 60 00 82
    00 5F 3F C0 38 60 00 01 00 5F 3F C4 4E 80 00 20
    00 00 00 00 00 02 ED 0C 3B A0 00 01 00 00 00 00
    00 22 B8 88 5F 74 6F 6F 00 22 B8 8C 6C 32 2E 78
    00 22 B8 90 6D 6C 23 72 00 22 B8 94 6F 6F 74 00
    00 00 00 00 00 0D 68 B8 5F 74 6F 6F 00 0D 68 BC
    6C 32 2E 78 00 0D 68 C0 6D 6C 23 72 00 0D 68 C4
    6F 6F 74 00 00 00 00 00 2F 64 65 76 5F 62 64 76
    64 00 6D 6F 64 00 00 00 00 00 00 00 00 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90
    EB E1 00 98 E8 01 00 B0 38 21 00 A0 7C 08 03 A6
    38 60 00 01 78 63 F8 06 64 63 00 70 38 80 00 00
    38 A0 06 E8 4B 94 CA 60 60 00 00 00 60 00 00 00
    EB 61 00 78 EB 81 00 80 EB A1 00 88 EB C1 00 90

    After that they push this two times on the stack to run
    the code via disconnect/reconnect usb devices on the bus.

    09 02 4D 0A 01 01 00 80 01 09 04 00 00 00 FE 01
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00 00
    00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04
    00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00
    09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01
    FE 01 02 00 09 04 00 00 00 FE 01 02 00 09 04 00
    00 00 FE 01 02 00 09 04 00 00 00 FE 01 02 00 09
    04 00 00 00 FE 01 02 00 09 04 00 00 00 FE 01 02
    00 09 04 00 00 00 FE 01 02 00 09 04 00 00 00 FE
    00 FE 01 02 00 09 04 00 00 00 FE 01 02

    So what does this mean? Disane has summed it up below:

    This is the disassembled PPC code more like the shell code that is being injected. The best way would be to use the lv2 dump and this to figure out how the stack overflow exploit works in the USB buffer of the PS3 after that it can be reproduced on any FW. On both slim and fat PS3s.

    The JIG ID is probably passed to trigger some code pathern which the Configuration Descriptor overflows and injects the shell code after that the code gets executed. The shell code patches lv2 to run fselfs and all kinds of interesting flags which I haven’t noticed yet…

  • Posted by Pirate , on 28/08/2010 , @ 11:32am

     

    Consolewinkel.nl has spoken to the PSJailbreak creators and they basically told them that PSJailbreak is legal and it contains no copyright code - meaning OZmodchips and other retailers have a pretty good case against Sony in the next few days.

    To quote:

    PSjailbreak is legal and contains no copyright code, that’s what the makers of the device are claiming. In a conversation forwarded to us, a Dutch retailer reveals that the creators of the device are insisting that Sony is just using ‘scare tactics’ to try and make people think twice before selling it. Moreover the creators are claiming that the device was primarily produced for homebrew on the PS3 console.

    You can view the conversation image below, or view the transcript here.



  • Posted by GregoryRasputin , on 28/08/2010 , @ 07:16am

     

    Yesterday we posted here , that Sony has imposed an injunction against the sale and distribution, of the PS Jailbreak device in Australia, today both OzMods and Quantronics have responded to this.

    OzMods via their website:

    Hello Everyone. On Friday the 27/08/2010 we where given some documents from the Lawyers representing Sony. The documents are Federal Court orders for a temporary injunction.

    The Injunction states that from 24 hours of receiving the documents to the 31st of August OzModChips, Quantronics, Modsupplier and anyone else in Australia:

    * Give up all stock in our possession, including our sample

    I guess it was lucky that the device was delayed by a couple of days. While many people that have received their sample and sent it off to cloners….we sent ours to a well known homebrew developer. The developer we picked showed us various homebrew applications that he had already developed for ps3 dev units, that he wants to port over to retail units. Yes, PS3 homebrew is real and will start flowing through at a steady rate as soon as next week.

    * Give up any stock we get between now and the 31st

    We are not getting any between these times

    * Ozmodchips also cannot:
    o Import
    o distribute
    o Offer
    o provide
    o or deal with PS Jailbreak devices

    These are from the Federal Court of Australia.

    All 3 Australian stores we appear in court in some form on the 31st of August. On the 31st the court will decide if there will be a continuation of the “ban” or if we are allowed to sell them.

    Our views are the same as Quantronics who posted this info here. This is not OzModChips Vs Sony. This is not OzModChips, Quantronics, Modsupplier Vs Sony. We would go as far as saying that is not even everyone in Australia Vs Sony. This will effect everyone that plans to buy such a device world wide. It already sets a dangerous precedent. Everyone that was using OtherOS, everyone that has had a faulty PS3 laser….and those interested in PS3 custom firmware and homebrew applications. We cannot do it alone, we need the support of everyone the homebrew community, the media, engineers that understand the inner workings and anyone else that can provide support.

    Regarding orders:

    If the injunction becomes permanent we will refund everyone that has ordered from us. If it doesn’t then we will send all orders as originally planned. There will be no delay to the planned shipping date. We would ask everyone to wait until then. We have the money sitting in our account which will cover 100% refunds for everyone if that needs to happen. We kindly ask everyone to just hold off until the 31st, as we need all the time we can to prepare.

    Thank you for your support!

    -OzModChips Team

    Quantronics via PSX Scene:

    The order is for a continuation of the current emergency injunction that was granted yesterday.

    The injunction is baseless, and is very unlikely that it will be continued or become permanent.

    This makes absolutely no difference to those that have pre-orders as none of us will be receiving stock until the end of the week/next week anyway.

    OMC, Modsupplier and myself are all close friends, share lawyers and have sought senior counsel for this matter.

    We started in this industry as kids with a thought towards changing the countries views on copyright law, fair use and freedom.

    TO THIS DAY, we stand for the same beliefs, values and will at ANY COST fight for what we believe in, the rights we should have and in a david vs goliath battle, we will give it our best.

    Obviously now that the information is out, you will receive information straight from the horses mouth, as it were, and will know that we are the same as when we started, in my case 1998, someone who believes in the right to freedom.

    Source

  • Posted by Pirate , on 27/08/2010 , @ 07:38am

     

    Oh dear, this doesn’t bode well, most of us were wondering why Sony wasn’t responding to PS Jailbreak, it seems that they have, Oz Modchips and Quantronics, have been ordered not to sell or distribute PS Jailbreak, im not sure how this will affect the rest of the world, but i really hope the Australian courts vote in PS Jailbreaks favour, though that seems unlikely, i really do feel sorry for the Oz Modchips guys, it is reported that the remortgaged their houses to get as much stock as possible.

    Below is the application, filed with the Federal Court of Australia, Victoria Registry:

    SONY COMPUTER ENTERTAINMENT EUROPE LIMITED, SONY COMPUTER ENTERTAINMENT AUSTRALIA PTY LTD
    Vs
    OZMODCHIPS PTY LTD, RYAN EMMANUEL CARUANA, GLOBAL SOLUTIONS INTERNATIONAL PTY LTD T/A QUANTRONICS, KEN TOLCHER PTY LTD T/A MOD SUPPLIER.

    THE COURT ORDERS THAT:
    1. Upon the Applicants undertaking to the Court to:
    (a) submit to such order (if any) as the Court may consider to be just for the payment of compensation, to be assessed by the Court or as it may direct, to any person whether or not a party, adversely affected by the operation of Orders 3 to 5 set out below or any continuation (with or without variation); and
    (b) pay the compensation referred to in (a) to the person or persons there referred to.
    2. ORDERS that the Applicants’ Notice of Motion of 26 August 2010 be made returnable instanter and heard ex parte.
    3. ORDERS that up to and including 31 August 2010, the First to Fourth Respondents and each of them, whether by themselves, their servants or agents, be restrained from doing any of the following acts with respect to all and any Universal Serial Bus devices described as “PSJailbreak” in Exhibit PJC-1 of the affidavit of Peter John Chalk sworn on 26 August 2010 and filed herein, as packaged and distributed or threatened to be distributed by those Respondents (PSJailbreak Devices):
    (a) importing them into Australia with the intention of providing them to another person;
    (b) distributing them to another person;
    (c) offering them to the public;
    (d) providing them to another person; and/or
    (e) otherwise dealing in them.
    4. ORDERS that the First to Fourth Respondents and each of them deliver up to the solicitors for the Applicants, to be held up to and including 31 August 2010, any and all PSJailbreak Devices in those Respondents’ possession custody or control.
    5. ORDERS that, up to and including 31 August 2010, the First to Fourth Respondents and each of them continue to deliver up to the solicitors for the Applicants, to be held up to and including 31 August 2010, any and all PSJailbreak Devices that come into those Respondents’ possession custody or control, forthwith upon them doing so.
    6. ORDERS that the Applicants’ Notice of Motion of 26 August 2010 otherwise be stood over to 10.15 am on 31 August 2010 for the hearing of the Applicants’ application for:
    (a) each of orders 3, 4 and 5 to be made on the basis that they continue until further order;
    (b) an order that such limited number of PSJailbreak Devices as to the Court seems appropriate be released to the Applicants and their advisers (technical, legal or otherwise) for such analysis, including destructive analysis, as the Applicants think fit, upon the payment to the applicable respondent of its retail price for each such PSJailbreak Device.
    7. ORDERS that the Applicants’ Notice of Motion of 26 August 2010 be provided to, but need not be served on, the First to Fourth Respondents.
    8. ORDERS that the time by which the Applicants’ Application of 26 August 2010 and its accompanying documents be served on the First to Fourth Respondents be abridged to 5 pm on 27 August 2010.
    9. ORDERS that these Orders may be served, and are taken to be served with immediate effect:
    (a) on Ozmodchips Pty Ltd (ACN 136 734 186) and Ryan Emmanuel Caruana, upon the Applicants leaving a copy of these Orders at the shop located at 1137 Burke Road, Kew, Victoria 3101 between the hours of 10am and 5pm Monday to Friday and 10am and 3pm Saturday and the Applicants copying and pasting these Orders into the contact form at http://www.ozmodchips.com/contact/open.php; and
    (b) on Global Solutions International Pty Ltd T/A Quantronics (ACN 102 293 603), upon the Applicants leaving a copy of these Orders at its registered office and emailing a copy of these Orders to “[email protected]”; and
    (c) on Ken Tolcher Pty Ltd T/A Mod Supplier (ACN 054 914 126), upon the Applicants leaving a copy of these Orders at its registered office and emailing a copy of these Orders to “[email protected]”.
    10. RESERVES LIBERTY subject to order 11, to the parties to apply on 24 hours’ notice.
    11. RESERVES LIBERTY to any respondent served with these orders to apply before 31 August 2010 on six hours’ notice.
    12. ORDERS that entry of these Orders be expedited.
    13. COSTS reserved.

    Source

    Thanks to hailfire101 via Twitter and jaaSUmbra via IRC, for bringing this to my attention

    EDIT:
    jedix from IRC posted this quite interesting link, it speaks of the legality of mod chips in Australia, here is the important bit quoted.

    Mod chips are actually legal in Australia, on something of a technicality: by the time a mod chip allows a pirated game to be played, the copyright violation has already occurred. It’s the act of distributing or copying games that courts are worried about; without the content, the chips themselves are useless. In the US and much of Europe, the act of circumventing protection measures is itself illegal, making it easier to keep circumvention technology away from the public.

    This is a temporary injunction, but since this device allows the games themselves to be copied—much like mod chips from the Xbox-era— judges may not be so forgiving. The USB sticks don’t just allow pirated games to be played, they give you the ability to copy the games yourself.

    Sony has until August 31 to make its case for the continued ban against the sale of the devices. If they’re not able to make a compelling legal argument, the PS Jailbreak should be offered for sale yet again… although one could forgive Sony for dragging its feet in releasing the inventory.