Editing Talk:Dumping Metldr

Jump to navigation Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 1: Line 1:
The exact steps should work on a CECH250.A shouldn't they? I first did the steps manually, then ran the script but both resulted in seemingly encrypted garbage (no strings found and nor were erk or the riv saved on 0x00-0x20), I'm using the 3.55checkoff.pup from the "Downgrading with NOR flasher" talk page which seemed to have the SS patches because that is how I retrieved my eid0. --[[User:Afiser|Afiser]] 01:46, 2 January 2012 (CST)
The exact steps should work on a CECH250.A shouldn't they? I first did the steps manually, then ran the script but both resulted in seemingly encrypted garbage (no strings found and nor were erk or the riv saved on 0x00-0x20), I'm using the 3.55checkoff.pup from the "Downgrading with NOR flasher" talk page which seemed to have the SS patches because that is how I retrieved my eid0. --[[User:Afiser|Afiser]] 01:46, 2 January 2012 (CST)
<br /><br />
<br /><br />
-----------------------------------------------------------------------------------
Metldr dump can be achieved without using Otheros++:
Metldr dump can be achieved without using Otheros++:
* Install Red Ribbon (even on external HD).
* Install Red Ribbon (even on external HD).
* Enable SS patches.
* Enable SS patches.
* Follow the rest of steps.
* Follow the rest of steps.
--[[User:granberro|granberro]] 00:00 17 January 2012 (GMT)
--[[User:granberro|granberro]] 00:00 17 January 2012 (GMT)
-----------------------------------------------------------------------------------
You need:
1 CFW 3.55 Otheros Special ++ [http://www.megaupload.com/?d=Y6BF6NBD]
2 A Linux like Red Ribb0n. [http://sourceforge.net/projects/redribbon/files/red_ribbon_rc5.rar/download]
3 Graf Chokolo´s latest kernel.
--DUMP--
3.1 You can use this app in GAMEOS.
Then dump your flash and save in a usb device.
3.2 Unpack the dump, you´ll need ps3tools (NORUNPACK and PUPUNPACK)[http://gotbrew.org/ps3tools.tar.gz]
When you have compiled only have to run and use (this omitted and assumes that you already have configured the keys):
NORUNPACK TU_DUMP.BIN FOLDER-WHERE-UNPACK
You´ll need a unpacked copy of OFW to extract other files you can use this fw (3.55)
[http://www.multiupload.com/EF6WZ6PU4K]
like this:
PUPUNPACK PS3UPDATE.PUP FOLDER
3.3 Now you´ve unpack your flash´dump & FW. These are the files you must depart.
NAND/NOR FLASH:
METLDR inside of Asecure Loader.
eEID (Need to use the eid splitter to separate the eEID in 0,1,2,3,4,5) and we need the EID0 so also I explain how to do:
First, when you have your eEID it´s time to download "eid splitter"tool from RMS [http://www.megaupload.com/?d=OJ4C4CE1] (You´ll need GCC version "gcc eEID-SPLIT.c")
when downloaded and compiled, now you can use to your eEID.
"eEID-SPLIT Your_eEID"


-----------------------------------------------------------------------------------
At finish you´ve "0,1,2,3,4,5", six files i.e. six files have to rename them respectively EID0,EID1,EID2,EID3,EID4,EID5 and READY!.
 
I recommend: you must save all your EID in a safe. It´s your insurance as brick.
 
----------------------------
 
Now you need:
 
isoldr
RL_FOR_PROGRAM.img
default.spp
 
And of course We need tools that allow us to make the dump.
spp_verifier.self >[http://gotbrew.org/git/spp_verifier_direct.tar.gz]
 
 
appldr-metldrexploit350.self >[http://gotbrew.org/metldr838exploit.tar.gz]
 
Well, now in the directory where you unpacked metldr838exploit.tar.gz you have to use these commands:
 
<code>insmod ./metldrpwn.ko ''(Install Mathieulh´s Exploit Module)''
 
cat metldr > /proc/metldrpwn/metldr
 
cat appldr-metldrexploit350.self > /proc/metldrpwn/mathldr
 
cat RL_FOR_PROGRAM.img > /proc/metldrpwn/rvkprg
 
cat eid0 > /proc/metldrpwn/eid0
 
echo 1 > /proc/metldrpwn/run
 
cat /proc/metldrpwn/debug</code>


Partial sauce: http://pastie.org/private/n5sircpme0xklnlrdhmlpg
Congratulations! Now you have a unique dump of your system METLDR.


== dumps ==
cp /proc/metldrpwn/dump /home/user/"DUMP´s NAME"


metldr CECH-C: https://mega.co.nz/#!BkUiBSRJ!O03LDdg79NzlbXLF0W3U4Fbupv35mKYwaH551CDd26s
Now yo can find yoy famoys private keys in the first 3 offsets.
Please note that all contributions to PS3 Developer wiki are considered to be released under the GNU Free Documentation License 1.2 (see PS3 Developer wiki:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!

To protect the wiki against automated edit spam, we kindly ask you to solve the following hCaptcha:

Cancel Editing help (opens in new window)