Talk:Flash-Main

From PS4 Developer wiki
Jump to: navigation, search

proposal to put on Flash-Main[edit]

reference files:

Console C
(retail)
Other (not documented)
(nonretail)
Region CUH-1004A CUH-1004A DUH-T1000AA
System Firmware 1.06 1.610.000 1.010.031 1.500.101
Statistics:
00´s FF´s Rest
2.63917 % 11.8333 % < 0.376 %
00´s FF´s Rest
2.64108 % 11.8317 % < 0.377 %
00´s FF´s Rest
2.27889 % 23.4341 % < 0.3316 %
00´s FF´s Rest
2.65852 % 13.4016 % < 0.37 %
Entropy: 7.52796 (94.0995%) 7.52799 (94.0999%) 6.86775 (85.8469%) 7.4452 (93.065%)
Redundancy: 5.90047% 5.90007% 14.1531% 6.93503%
A. Mean: 131072
StdDev: 245712 245685 486941 278255

Strings: Flash-Main/strings

discussion[edit]

1) are the Statistics: / Entropy: / Redundancy: / A. Mean: / StdDev: of those listed recalculated and checked? Euss (talk) 00:01, 20 September 2014 (EDT)

2) there seem to be a naming conflict "A", "B", "C" as the "C" originally mentioned was Retail, not nonretail and only 1 retail console was shared as download (cfwprophet's) while SKU_Models_NonretailDUH-T1000AA was neither A/B/C/whatever. Euss (talk) 00:06, 20 September 2014 (EDT)

Labelname A B C T
Type CUH-1004A
(retail)
CUH-1004A
(retail)
CUH-1004A
(retail)
DUH-T1000AA
(nonretail)
System Firmware 1.05 1.510.000 1.01 1.05 1.510.000 1.06 1.610.000 1.010.031 1.500.101
Dump na na na na na [1] [2] [3]
SHA1 08CB6EC416768DD4B3990F477438C4DEC19FAFC0 (noncensored) A0604B241A7A9AA62921620F51E24DE0C2D7EFC6 (noncensored) 712D50D69CF470E319F544B32A901CD8DFC42FE8 (noncensored) E5028E34F1879B6B9924D1F91ABF21287CACD9DD 824531492194ABD87AA74B4F5064111FAD67D570 2F4B0A62C46AFB3268F420B703DDD3B326989446
93C6CBAD9BF046471794C37E1AD45A6F632A26F6 (noncensored)
BF59E348B19947BFD2F1A43F973C2750099E7FE4 AA51480B63D3DC39B8EF3D2915844304553C8C98 52A9B8F1A6A90C48A516D26A262B3EA28CC43214
Statistics: 00: 2.62% (878086)
FF: 11.83% (3971044)
rest: =<0.38%
00: 2.66% (893232)
FF: 11.83% (3970942)
rest: =<0.38%
00: 2.28% (765587)
FF: 21.87% (7337853)
rest: =<0.34%
00: 2.64% (885411)
FF: 11.83% (3970604)
rest: =<0.38%
00: 2.66% (893384)
FF: 11.83% (3970352)
rest: =<0.38%
00: 2.64% (885558)
FF: 11.83% (3970607)
rest: =<0.38%
00: 2.64% (886200)
FF: 11.83% (3970045)
rest: =<0.38%
00: 2.28% (764667)
FF: 23.46% (7863176)
rest: =<0.33%
00: 2.66% (892051)
FF: 13.40% (4496842)
rest: =<0.37%
Entropy:
Redundancy:
A. Mean:
StdDev:

example[edit]

nameblob1 nameblob2 nameblob3
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F

00093800  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00093810  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F

00093800  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00093810  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F

00093800  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00093810  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

jumps[edit]

SLB2 entry at 0x4000
second entry at 0x64000  (+ 0x60000)
third entry at 0xC4000   (+ 0x60000)
fourth entry at 0x144000 (+ 0x80000)
sony computer entertainment inc entry at 0x0
???? <- this should be second entry (+ 0x1000)
second entry at 0x2000 (+ 0x2000)
third entry at 0x3000 (+ 0x1000)
SCEVTRM entry at 0x380040
next entry 0x3A0040 (+0x20000)

(hidden) data[edit]

between 2nd and third SLB2 entries, 0xD0 bytes after the data

01 00 00 00 00 00 00 00 00 00 00 00 25 00 00 00 (supplied dump on wiki)
01 00 00 00 00 00 00 00 00 00 00 00 26 00 00 00 (other supplied dumps)

between third and fourth SLB2 entries, 0xE0 bytes after the data(0x60 on others)

little endianess so version is in reverse order?

01 00 00 00 00 00 00 00 05 01 [00 01] 00 00 00 00 -> 1.00 version
01 00 00 00 00 00 00 00 01 01 [50 01] 00 00 00 00 -> 1.50 version
01 00 00 00 00 00 00 00 01 01 [00 03] 00 00 00 00 -> 3.11 version
01 00 00 00 00 00 00 00 02 01 [50 02] 00 00 00 00 -> 2.50 or 2.51??? from BLOD ps4
01 00 00 00 00 00 00 00 01 01 [00 03] 00 00 00 00 -> 3.00 ps4 pro

much more reliable version identifier than 0x1CA600 
since a confirmed 3.11 console displays

FF 00 FF 00 00 00 62 01 FF FF FF FF FF FF FF FF

offset 0x1C6000/0x1C6010

FF 51 21 6D 66 1C 00 03
22 2F 1D 6D 66 1C 00 03

strings[edit]

bt_sdio.wlan.OSA.bt_hci.blembx
BT_SDIO
DIRECT
CUH-1004A B01X
Marvell Micro AP
Idle
TimerCbMsgQ
MacMgmtSMEMs
MAC Mgmt
OSA_Sema
SleepConfirmTmr
AP_NullPktDoneTmr
CBProcSMEMsgQ
CBProcMsgQ
CB Proc
MAC Tx Notify
ChipRev:
BB:
RF:
O.R.:
Cal O.R.:
$Id:

other dumps[edit]

chat[edit]

Bloody Hell you have risen from the dead!!! it's been so many years since we all heard from you!! nice to see you back dude!! come on discord

yes yes indeed! <3 i need help with updating my ps3 nor and nand validators but other than that im powering on with the ps4 one, if anybody even needs it... it will be good for the repair industry regardless. too risky to touch the flash without validating it. i found a lot more than whats on this main flash page, lots of dynamic sections which were missed by others.

I remember getting you to do a few proskeet PS3 downgrades for me back in the day like nearly 10 years ago before I took the next and started modding myself I still have a 40gb phat here in my collection that has your mark on it mate lol good to see your still active in the scene also great to see another Aussie Dev working on the PS4 scene

^_^ its a hobby slash job, so best of both worlds. I found all of my old templates to make a new loader for the ps4 validator, so it should look and sound the same (as annoying as it was before haha). What happened to all of the psx forums? I don't see the point in joining any if they're all empty and or full of crap.... anyways back to programming!

Offsets[edit]

  • 0x0 <- Header
  • 0x1000 <- Unk
  • 0x2000 <- MBR1
  • 0x3000 <- MBR2
  • 0x4000 <- sflash0s0x32
  • 0x64000 <- sflash0s0x32b
  • 0xC4000 <- sflash0s0x33
  • 0x144000 <- sflash0s0x34
  • 0x280000 <- sflash0s1.cryptx1
  • 0x204000 <- sflash0s1.cryptx2
  • 0x242000 <- sflash0s1.cryptx2b
  • 0x300000 <- sflash0s1.cryptx39
  • 0x380000 <- sflash0s1.cryptx6
  • 0x3C0000 <- sflash0s1.cryptx3
  • 0x1080000 <- sflash0s1.cryptx3b
  • 0x1D40000 <- sflash0s1.cryptx40