Can you say sector #0 on the hard drive which contains a partition table was encrypted with ATA keys only? Or with ENCDEC keys too? Because I tried to decrypt it on my PC with no success. I grabbed the individuals data from sb_iso_spu_module, then I encrypted them with my eid root key and then I ran AES-XTS-128 over the whole sector.
--Flatz 01:10, 16 August 2012 (MSK)
HDD sector#0 is encrypted with ATA keys only.
Hmm, thanks, this is weird then. Because I think that encrypting individual seeds with your root key is the same as dumping them from custom sb_iso_spu_module.
--Flatz 01:20, 16 August 2012 (MSK)
Thanks, glevand for the tip with the endianness hell! I successfully decrypted my HDD now.
--Flatz 14:13, 16 August 2012 (MSK)
How can compile from your posted asm_code our dump_ata_keys.self and dump_encdec_keys.self?
It's easy, i'll write a tutorial on psdevwiki how to do it on Linux.
-I've a PS3 Slim model (CECH-3000 serie) with 4.21 firmware so i can't install custom firmware on it and also can't get keys. Is there, however, a means to decrypt my HDD (by using it on another ps3 with custom firmware for example)?
Nope, you can't do this. Because you lack of original keys from your 3K console and keys are not on HDD.
--Flatz 17:33, 13 September 2012 (MSK)
You can use gitorious for managing your coded stuff - highly recommended
Debian Live CD
Hey! maybe we should update the debian installation and live CD suff to wheezy since it has now reached a feature freeze! see: http://wiki.debian.org/DebianWheezy
tks for your time man...
Oh and btw for those of us without ss patches back in the 2.6 days there was dispmanager_access.sh whats the way to go now?
Not sure about Wheezy, i prefer to wait till release. Then i will update my livecd.
Regarding dispatcher manager script now. It's no problem, i see what i can do and upload a new script which works with new drivers.
Hi! I have a question about this driver. I've a NAND console (a really old one), and if I dump /dev/ps3flasha (with dd, for example), the output is not how it's suposed to be, I can't recognise anything, neither in Gentoo with 3.5.3 kernel nor in petitboot with 18.104.22.168 kernel. Recently, I tested a kernel with the old patches (/dev/ps3vflash* instead of /dev/ps3flash*), and this time in a /dev/ps3vflasha dump I could recognise some things like the 0FACE0FF DEADBEEF header, file tables... The size of both ps3vflasha and ps3flasha is exactly the same: 239M. I would like to know if it's correct or not. Maybe I miss some configuration... I don't know. Thanks!
McKea 19:24, 15 September 2012 (MSK)
The problem is wrong region flags on NAND. The new driver is used for both FLASH types: NAND and VFLASH.
Default region flags are for VFLASH because i have VFLASH.
You can change region flags when you load the kernel module like this:
insmod ps3flash region_flags=0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0
Default region flags are: 0x6, 0x2, 0x4, 0x4, 0x4, 0x0, 0x2, 0x0
I think for NAND the first region flag is not 0x6 but 0x2.
You can also pass the region flags at boot, add the following string to your kboot.conf kernel options:
Yes! /dev/ps3flasha seems to be OK using 0x2 as the first region flag. Thank you again!
Loading firmware from linux kernel module
I have a question regarding external firmware, can we load firmwares lower/higher to our firmware? tnx btw nice work.
Elaborate pls what firmware do you mean.
Hello there :) I have a page here on wiki about Seeds and i'd like you to help me getting the two last seeds/keys. Would you be interested on finding them? They're the EID3 static key and EID3 keyseed. They should be located around CPRM isoself module. Thank you for your time :)
hi, what about implementing the lv0ldr (bootldr) exploit into your spu ldr fs? it would be a very nice fearture. thx in advance.
gitbrew forums back online
hey. the gitbrew forums are back :) it'd be nice if you and the others went there for a little bit of linux chat, we'd like to see your awesome contributions :D
Hello. Im compiled your new bd-tools. Please tell me how to use bd_enable_sacd properly?
First, update it again, i changed some stuff. And then do this:
./bd_enable_sacd -m 1
were you ever able to find out what 0x8000 is for? http://www.psdevwiki.com/ps3/Hypervisor_Reverse_Engineering#Function_ID_-_Port_ID_mapping