Talk:IDPS: Difference between revisions
mNo edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
<pre> | <pre>00 00 00 01 00 81 00 01 03 FF FF FF 18 43 C1 4D | ||
00 00 00 01 00 85 00 0A 14 05 67 A0 79 37 DC 17 | |||
00 00 00 01 00 84 00 08 14 0B 80 7A 2E 4F AA C7 | |||
00 00 00 01 00 89 00 08 14 01 01 06 1B 91 1C 5C | |||
00 00 00 01 00 89 00 0B 14 00 EF DD CA 25 52 66</pre> | |||
You’re probably wondering: “What the hell is this sequence of bytes?”. This is the IDPS, a sequence of bytes which determine console type. This structure is relatively undocumented until now, anyway. The IDPS is contained in EID0. EID0 is on the console internal flash as the file eEID and has multiple sections. I had made a splitter application to make your life easier a long time ago. Now, EID is decrypted by metldr, and is passed over to the isolated loader, which may pass it to a self. We can see this in graf_chokolo’s original payload. The IDPS is also used in various other parts of the system which could be of interest to you, but I will not discuss those right now. The IDPS itself, isn’t decrypted. | You’re probably wondering: “What the hell is this sequence of bytes?”. This is the IDPS, a sequence of bytes which determine console type. This structure is relatively undocumented until now, anyway. The IDPS is contained in EID0. EID0 is on the console internal flash as the file eEID and has multiple sections. I had made a splitter application to make your life easier a long time ago. Now, EID is decrypted by metldr, and is passed over to the isolated loader, which may pass it to a self. We can see this in graf_chokolo’s original payload. The IDPS is also used in various other parts of the system which could be of interest to you, but I will not discuss those right now. The IDPS itself, isn’t decrypted. | ||
Revision as of 16:15, 11 September 2011
00 00 00 01 00 81 00 01 03 FF FF FF 18 43 C1 4D 00 00 00 01 00 85 00 0A 14 05 67 A0 79 37 DC 17 00 00 00 01 00 84 00 08 14 0B 80 7A 2E 4F AA C7 00 00 00 01 00 89 00 08 14 01 01 06 1B 91 1C 5C 00 00 00 01 00 89 00 0B 14 00 EF DD CA 25 52 66
You’re probably wondering: “What the hell is this sequence of bytes?”. This is the IDPS, a sequence of bytes which determine console type. This structure is relatively undocumented until now, anyway. The IDPS is contained in EID0. EID0 is on the console internal flash as the file eEID and has multiple sections. I had made a splitter application to make your life easier a long time ago. Now, EID is decrypted by metldr, and is passed over to the isolated loader, which may pass it to a self. We can see this in graf_chokolo’s original payload. The IDPS is also used in various other parts of the system which could be of interest to you, but I will not discuss those right now. The IDPS itself, isn’t decrypted.
The IDPS contains your target ID, motherboard? and BD? revision. The IDPS shown at the beginning of this article is the dummy IDPS, the one that’s used when your IDPS fails to be decrypted. That IDPS belongs to a DECR-1000A. The one below belongs to a European PS3, and the one below that belongs to a Australian/NZ PS3.
Source: http://rms.grafchokolo.com/?p=116
Note: The Reference Tool IDPS from above is static. aim_iso uses it. Retail/3.55 doesn't have it.
other example:
00000000 00 00 00 01 00 87 00 08 14 00 EF DD CA 25 52 66