Post: How to get the 3.60 keys (Technical)
Options
09-12-2011, 11:17 AM
#1
-Daemon-
HELL IS HERE
You must login or register to view this content.
Hello demons
Well, this is a tutorial for discovering the keys of 3.6 + made by S0uL and DemonHades (thanks for the info and review Demon) for all guys who think it is easy to discover the keys.
Requirements:
- A brain;
- Electronic Hardware expensive:
- KNOWLEDGE plate design; <This long as it is to get through sockets>
- KNOWLEDGE SMD and BGA; <for desoldering or soldering smd components bga>
- Oscilloscopes High Frequency; <for to logging of the frecuencias>
- KNOWLEDGE ASM CFP <for to modify part of the lv and implement new funciones>
- KNOWLEDGE in the Architecture of the PS3; <for know what a lv>
- Patience.
Let’s go see the whole process:
To have the keys, we need to have the decryption LV0. The desempaquetea LV0 is in RAM, and is decrypted with the key bld. There, the keys are already in the SPU, which is like a safe, impossible to enter (are isolated from the outside).
When the loaders and lv are already loaded in the SPU, the lv1 clean all traces of the lv and loaders decompressed in memory. But who gives the order to clean? The lv1, so it is playable in an exploitable version!
To solve the problem, you need to make a lv1 modified to copy the area of interest, the memory of LV0 and put it somewhere else, to then remove it, thereupon continue its routine cleaning and mapping.Thus, we have the memory LV0 safe. And so the LV0 gets exposed to everything.From there, we have the appldr, which needs to be decrypted with the LV0, and with that we have “keystore”
Well, it’s so simple to discover the keys? I do not believe
1Saludo allS0ul
You must login or register to view this content.
The following 8 users say thank you to -Daemon- for this useful post:
09-12-2011, 06:36 PM
#20
MCPADDINGTON
Banned
Originally posted by Daemon
well the pkg need to be sign do they not so if we dont need the 3.60 keys then why do we not have pkg sign and working if we do not need the keys for them
The ps3 scene just got very lucky with Sony messing up and giving us an easy to implement hack, most hack scenes have to work hard to find an exploit which then allows them to run unsigned code.
09-12-2011, 06:42 PM
#21
ELITE xxmcvapourxx
Guest
Originally posted by Newelly
i groaned you because im sure the pkg doesnt use the same keys i know for a fact if not close enough to know so...
i have the 3.6X pkg keys...
There however is:
Hashes (believing SHA-1)
ECDSA (sony signature)
//there is a theory buc thought of that the whole pkg could be hashed but wasnt sure...
he however can decrypt/encrypt perfectly but when modifying a pkg file it errors at 14% ...
~Newelly
---------- Post added at 06:27 PM ---------- Previous post was at 06:25 PM ----------
No stop hinting... if you want to find the keys do the work = attempt some stuff yourself i cant see anyone releasing any CFW from now because of geohots's last problem.
your hinting for 3.70 cfw = work for it
not possible yet
i have the 3.6X pkg keys...
There however is:
Hashes (believing SHA-1)
ECDSA (sony signature)
//there is a theory buc thought of that the whole pkg could be hashed but wasnt sure...
he however can decrypt/encrypt perfectly but when modifying a pkg file it errors at 14% ...
~Newelly
---------- Post added at 06:27 PM ---------- Previous post was at 06:25 PM ----------
No stop hinting... if you want to find the keys do the work = attempt some stuff yourself i cant see anyone releasing any CFW from now because of geohots's last problem.
your hinting for 3.70 cfw = work for it
not possible yet
As you know Buc very well Just tell him use 3.60 with PS1LIGHT just saying...!! *cough...!!!
09-12-2011, 06:49 PM
#22
MCPADDINGTON
Banned
Originally posted by Daemon
Everyone has been eagerly anticipating for the 3.6x keys, and many of you probably are wondering why there have they not been released yet. Well obviously its a difficult process, but S0uL and DemonHades have outlined on how to get the 3.60 keys. Keep in mind that this is not newb friendly. I post this because hopefully this may be useful to the next “Dark Alex” of the PS3 scene looking for the right path.
You must login or register to view this content.
Hello demons
Well, this is a tutorial for discovering the keys of 3.6 + made by S0uL and DemonHades (thanks for the info and review Demon) for all guys who think it is easy to discover the keys.
Requirements:
- A brain;
- Electronic Hardware expensive:
- KNOWLEDGE plate design; <This long as it is to get through sockets>
- KNOWLEDGE SMD and BGA; <for desoldering or soldering smd components bga>
- Oscilloscopes High Frequency; <for to logging of the frecuencias>
- KNOWLEDGE ASM CFP <for to modify part of the lv and implement new funciones>
- KNOWLEDGE in the Architecture of the PS3; <for know what a lv>
- Patience.
Let’s go see the whole process:
To have the keys, we need to have the decryption LV0. The desempaquetea LV0 is in RAM, and is decrypted with the key bld. There, the keys are already in the SPU, which is like a safe, impossible to enter (are isolated from the outside).
When the loaders and lv are already loaded in the SPU, the lv1 clean all traces of the lv and loaders decompressed in memory. But who gives the order to clean? The lv1, so it is playable in an exploitable version!
To solve the problem, you need to make a lv1 modified to copy the area of interest, the memory of LV0 and put it somewhere else, to then remove it, thereupon continue its routine cleaning and mapping.Thus, we have the memory LV0 safe. And so the LV0 gets exposed to everything.From there, we have the appldr, which needs to be decrypted with the LV0, and with that we have “keystore”
Well, it’s so simple to discover the keys? I do not believe
1Saludo allS0ul
You must login or register to view this content.
You must login or register to view this content.
Hello demons
Well, this is a tutorial for discovering the keys of 3.6 + made by S0uL and DemonHades (thanks for the info and review Demon) for all guys who think it is easy to discover the keys.
Requirements:
- A brain;
- Electronic Hardware expensive:
- KNOWLEDGE plate design; <This long as it is to get through sockets>
- KNOWLEDGE SMD and BGA; <for desoldering or soldering smd components bga>
- Oscilloscopes High Frequency; <for to logging of the frecuencias>
- KNOWLEDGE ASM CFP <for to modify part of the lv and implement new funciones>
- KNOWLEDGE in the Architecture of the PS3; <for know what a lv>
- Patience.
Let’s go see the whole process:
To have the keys, we need to have the decryption LV0. The desempaquetea LV0 is in RAM, and is decrypted with the key bld. There, the keys are already in the SPU, which is like a safe, impossible to enter (are isolated from the outside).
When the loaders and lv are already loaded in the SPU, the lv1 clean all traces of the lv and loaders decompressed in memory. But who gives the order to clean? The lv1, so it is playable in an exploitable version!
To solve the problem, you need to make a lv1 modified to copy the area of interest, the memory of LV0 and put it somewhere else, to then remove it, thereupon continue its routine cleaning and mapping.Thus, we have the memory LV0 safe. And so the LV0 gets exposed to everything.From there, we have the appldr, which needs to be decrypted with the LV0, and with that we have “keystore”
Well, it’s so simple to discover the keys? I do not believe
1Saludo allS0ul
You must login or register to view this content.
Also this is only to get the decryption keys.
09-12-2011, 07:03 PM
#23
Newelly
Guest
Originally posted by xxmcvapourxx
As you know Buc very well Just tell him use 3.60 with PS1LIGHT just saying...!! *cough...!!!
we was on that but he isnt very good and advanced with python thats what held us back well him mainly
Thanks though!
:bro:
---------- Post added at 08:03 PM ---------- Previous post was at 08:02 PM ----------
Originally posted by Daemon
well the pkg need to be sign do they not so if we dont need the 3.60 keys then why do we not have pkg sign and working if we do not need the keys for them
like i said there hashed and does have a sony signature.. (ECDSA)
we're also unsure if the WHOLE pkg is hashed or just the start or end etc...
me and buc have the pkg keys!
09-12-2011, 07:37 PM
#25
ZombieGoBoom1
Finally premium, hell ya
09-12-2011, 08:09 PM
#27
Stack0verfl0w
Computer engineer
Originally posted by Daemon
Everyone has been eagerly anticipating for the 3.6x keys, and many of you probably are wondering why there have they not been released yet. Well obviously its a difficult process, but S0uL and DemonHades have outlined on how to get the 3.60 keys. Keep in mind that this is not newb friendly. I post this because hopefully this may be useful to the next “Dark Alex” of the PS3 scene looking for the right path.
You must login or register to view this content.
Hello demons
Well, this is a tutorial for discovering the keys of 3.6 + made by S0uL and DemonHades (thanks for the info and review Demon) for all guys who think it is easy to discover the keys.
Requirements:
- A brain;
- Electronic Hardware expensive:
- KNOWLEDGE plate design; <This long as it is to get through sockets>
- KNOWLEDGE SMD and BGA; <for desoldering or soldering smd components bga>
- Oscilloscopes High Frequency; <for to logging of the frecuencias>
- KNOWLEDGE ASM CFP <for to modify part of the lv and implement new funciones>
- KNOWLEDGE in the Architecture of the PS3; <for know what a lv>
- Patience.
Let’s go see the whole process:
To have the keys, we need to have the decryption LV0. The desempaquetea LV0 is in RAM, and is decrypted with the key bld. There, the keys are already in the SPU, which is like a safe, impossible to enter (are isolated from the outside).
When the loaders and lv are already loaded in the SPU, the lv1 clean all traces of the lv and loaders decompressed in memory. But who gives the order to clean? The lv1, so it is playable in an exploitable version!
To solve the problem, you need to make a lv1 modified to copy the area of interest, the memory of LV0 and put it somewhere else, to then remove it, thereupon continue its routine cleaning and mapping.Thus, we have the memory LV0 safe. And so the LV0 gets exposed to everything.From there, we have the appldr, which needs to be decrypted with the LV0, and with that we have “keystore”
Well, it’s so simple to discover the keys? I do not believe
1Saludo allS0ul
You must login or register to view this content.
You must login or register to view this content.
Hello demons
Well, this is a tutorial for discovering the keys of 3.6 + made by S0uL and DemonHades (thanks for the info and review Demon) for all guys who think it is easy to discover the keys.
Requirements:
- A brain;
- Electronic Hardware expensive:
- KNOWLEDGE plate design; <This long as it is to get through sockets>
- KNOWLEDGE SMD and BGA; <for desoldering or soldering smd components bga>
- Oscilloscopes High Frequency; <for to logging of the frecuencias>
- KNOWLEDGE ASM CFP <for to modify part of the lv and implement new funciones>
- KNOWLEDGE in the Architecture of the PS3; <for know what a lv>
- Patience.
Let’s go see the whole process:
To have the keys, we need to have the decryption LV0. The desempaquetea LV0 is in RAM, and is decrypted with the key bld. There, the keys are already in the SPU, which is like a safe, impossible to enter (are isolated from the outside).
When the loaders and lv are already loaded in the SPU, the lv1 clean all traces of the lv and loaders decompressed in memory. But who gives the order to clean? The lv1, so it is playable in an exploitable version!
To solve the problem, you need to make a lv1 modified to copy the area of interest, the memory of LV0 and put it somewhere else, to then remove it, thereupon continue its routine cleaning and mapping.Thus, we have the memory LV0 safe. And so the LV0 gets exposed to everything.From there, we have the appldr, which needs to be decrypted with the LV0, and with that we have “keystore”
Well, it’s so simple to discover the keys? I do not believe
1Saludo allS0ul
You must login or register to view this content.
You must login or register to view this content.
The following 3 users say thank you to Stack0verfl0w for this useful post:
The following user groaned Stack0verfl0w for this awful post:
Copyright © 2026, NextGenUpdate.
All Rights Reserved.
