1. Forums /
  2. Gaming Lounge /
  3. PS3 /
  4. PS3 Mods and Cheats /
  5. PS3 {Partial} Hacking Program
Post: PS3 {Partial} Hacking Program
01-25-2012, 11:38 PM #1
BriceC's Avatar
BriceC
Computer Programmer
(adsbygoogle = window.adsbygoogle || []).push({}); I wanted to encourage you to code some software to decrypt the PS3 FW update file. So stop searching metldr/trying to dump lv2 and code that program. According to geohot's blog. It IS possible to load metldr into a SPU and from that load the loader of your wish and decrypt everything you want!
See if you can finish Geohot's Unfinished program...

Originally posted by another user

volatile int init_module() {
unsigned long priv2_addr, problem_phys, local_store_phys, context_addr, shadow_addr, spe_id, vas;

lv1_get_virtual_address_space_id_of_ppe(0, &vas);

printk(KERN_ERR "die kernel %d\n", lv1_destruct_logical_spe(0xb));

printk(KERN_ERR "construct SPE: %d\n", lv1_construct_logical_spe(0x10,0x10,0x10,0x10,0x10, vas, 0, &priv2_addr, &problem_phys, &local_store_phys, &context_addr, &shadow_addr, &spe_id));
boom_lpar(shadow_addr);
printk(KERN_ERR "make SPE id: %d\n", spe_id);
printk(KERN_ERR "enable SPE: %d\n", lv1_enable_logical_spe(spe_id, 0));


unsigned long *problem_mapped, *privileged_mapped, *local_mapped;

problem_mapped =__ioremap((unsigned long)problem_phys, 0x20000, PAGE_SHARED_X);
privileged_mapped =__ioremap((unsigned long)priv2_addr, 0x20000, PAGE_SHARED_X);
local_mapped =__ioremap((unsigned long)local_store_phys, 0x40000, PAGE_SHARED_X);

printk(KERN_ERR "status: %lx\n", problem_mapped[0x4020/8]);
printk(KERN_ERR "privileged control: %lx\n", privileged_mapped[0x4040/8]);
privileged_mapped[0x4040/8] |= 4;
printk(KERN_ERR "privileged control: %lx\n", privileged_mapped[0x4040/8]);

struct file* fd;
mm_segment_t old_fs = get_fs();
set_fs(KERNEL_DS);
fd = filp_open("/work/pwned/metldr", O_RDONLY, 0);
if(!IS_ERR(fd)) {
printk(KERN_ERR "file is open\n");
printk(KERN_ERR "read %d\n", fd->f_op->read(fd, local_mapped, 0x40000, &fd->f_pos));
filp_close(fd, NULL);
} else {
printk(KERN_ERR "file open failed!!!!\n");
}
set_fs(old_fs);
printk(KERN_ERR "read in metldr\n");

problem_mapped[0x4018/8] |= 3;

int i;
for(i=0;i<0x20;i++) {
printk(KERN_ERR "status: %lx\n", problem_mapped[0x4020/8]);
}
printk(KERN_ERR "destruct SPE: %d\n", lv1_destruct_logical_spe(spe_id));

return 0;
}
(adsbygoogle = window.adsbygoogle || []).push({});

The following 4 users say thank you to BriceC for this useful post:

gamer89117, ILovePie24!!, ryantehninja, sonny356

The following 2 users groaned at BriceC for this awful post:

Alexis Rhodes, CodingNation
01-26-2012, 08:13 PM #11
LeGiiT_xFlaMeZz's Avatar
LeGiiT_xFlaMeZz
Haxor!
he prob has bad englishh
01-26-2012, 10:51 PM #12
GUESS_HU's Avatar
GUESS_HU
< ^ > < ^ >
Has nobody heard what geohot's are? It's a new pokemon :P :fyea:

The following user thanked GUESS_HU for this useful post:

CodingNation
01-26-2012, 11:32 PM #13
scarfaceinhd's Avatar
scarfaceinhd
Little One
Geohot also was the first person to jailbreak the very first IPHONE ... kinda off topic but still freaking BEAST!
01-27-2012, 01:43 AM #14
VAMP!RE's Avatar
VAMP!RE
Banned
not only is he a legend.. he is the reason there are thread like this one right here... he is the reason little kids all over the world are pying 10$ to this site in hopes there is some secret CFW in the premium fourms... he is the reason we have people STILL trying to JB a ps3 firmware past 3.55.... if he truely wanted to he could come back to the PSN and Jailbreak it again... its not "impossible" nothing is.. but it takes a man like him self to do things that easily.
01-27-2012, 10:48 AM #15
PIINC's Avatar
PIINC
Grunt
He jailbreak ps3 not psn
01-27-2012, 10:56 AM #16
Xx--AIDAN--xX's Avatar
Xx--AIDAN--xX
One Man Army
and geohot has quit facebook and looks set to go bk to his hacking Smile
01-27-2012, 11:38 AM #17
TopRamen's Avatar
TopRamen
Gym leader
if your code give a place to look to learn about coding i could try 2 help...
Originally posted by TheEliteSoldier View Post
I wanted to encourage you to code some software to decrypt the PS3 FW update file. So stop searching metldr/trying to dump lv2 and code that program. According to geohot's blog. It IS possible to load metldr into a SPU and from that load the loader of your wish and decrypt everything you want!
See if you can finish Geohot's Unfinished program...
01-27-2012, 11:55 AM #18
Colonel Shepard's Avatar
Colonel Shepard
Do a barrel roll!
Originally posted by racecar12 View Post
actually was KaKaRoToKs and the reason we no longer have the other os option is because of geohot... that said im still glad he made the 3.55 jailbreak

lol i see now that two others posted this..... fail

Lol its not because of geohot that the other OS was removed :dumb:
01-27-2012, 09:06 PM #19
Default Avatar
WOLF
Guest
Originally posted by racecar12 View Post
actually was KaKaRoToKs and the reason we no longer have the other os option is because of geohot... that said im still glad he made the 3.55 jailbreak

lol i see now that two others posted this..... fail

You can't be serious. Hotz let out an exploit to ALLOW OtherOS on higher firmwares after Sony took it off. The entire point of hacking the PS3 (in the beginning) was to re-enable the option... And to those of you saying GeoHot is a legend, wrong again. He took most of the credit for the hacking when he really didn't do much work when you think about it. He just simplified the work of others, which was going to be done anyway. He stepped in the spotlight when others didn't really want the attention. Personally I think he is done with the PS3. Sony scared him with the lawsuit.

The following user thanked WOLF for this useful post:

AMNE

Copyright © 2026, NextGenUpdate.
All Rights Reserved.

Gray NextGenUpdate Logo