(adsbygoogle = window.adsbygoogle || []).push({}); Hello NGU! Today I am going to be showing how to dump the metldr. If you don't know what you are doing, this could be a bad decision for you. It's possible to screw up the eid if you try to rehash it and flash or attempt to replace your EID. If you are going to try to rehash your EID, be sure to have a flasher and a backup or your flash. You can decrypt EID with root keys and static keys from the Ps3DevWiki Keys:Talk page. Here are the static keys: You must login or register to view this content.

Prerequisites:

1.) OtherOS++ on your Ps3 with SS patches
2.) Linux on your Ps3 (I use ubuntu 10.10)
3.) Unpacked copy of your flash (Which you can get by using glevands)

• metldr (asecure)
  

Unpacked copy of a OFW (e.g. 4.31 OFW-CEX) You will need file from these:

• isoldr
  
• spp_verifier.self
  
• default.spp
  
• And ofcourse appldr-metldrexploit350.self from these files
  

4.) Ps3Tools (To unpack your nor and the ofw ie norunpack and pupunpack) You must login or register to view this content.
5.) Latest gitbrew linux kernel
6.) A desire to quit (VERY HARD)
7.) Motivation (See #6)

Instuctions:

Precompiled metldrpwn : You must login or register to view this content.

You can do this over ssh or on a console

Don't forget to provide EID0 and RL_FOR_PROGRAM.img if you do this manually, instead or the fun.sh where they are commented out

1.) SSH into the Ps3
2.) Download the files:

wget You must login or register to view this content.


3.)Untar the files:

unzip metldrpwn.zip


4.)Enter the directory and compile:

cd metldrpwn && make


5.)Now run the commands:

ins ./metldrpwn.ko
cat metldr > /proc/metldrpwn/metldr
cat appldr-metldrexploit350.self > /proc/metldrpwn/mathldr
cat RL_FOR_PROGRAM.img > /proc/metldrpwn/rckprg
cat eid0 > /proc/metldrpwn/eid0
echo 1 > /proc/metldrpwn/run
cat /proc/metldrpwn/debug


Now you have a dump, check it out:

hd /proc/metldrpwn/dump


Copy the dump somewhere else so you don't lose it:

cp /proc/metldrpwn/dump /home/username


Now you have a copy in your home directory for safe keeping
Congrats you have completed about 10 min or working on this!

Keys are in 0x00 to 0x20 (First 3 Lines)


Example:

    

00000000 66 4d ee 51 65 6f 68 28 38 98 83 ea df ea 90 04 |fM.Qeoh(8.......|    // erk/key

00000010 01 f3 79 09 d6 a6 52 d9 ea 6d ef 04 51 69 ec 7b |..y...R..m..Qi.{|    // erk/key

00000020 7d 6a 3a e5 37 ba 48 4c fe bd 26 5c f5 b1 28 1f |}j:.7.HL..&\..(.|    // riv

The first 2 lines are erk as you see and the 3rd line is the riv
Together they are the EID0 root key!

BTW this does not mean you get 3.60 keys etc or newer games but it will help you get some nifty things to do some
new stuff.... also please be advised that if you are on 3.60+ you will need to downgrade with a flasher to
do this, also if you have a unit that shipped from the factory with the metldr.2 (new metldr) your sol at
the moment there is also a nifty program on the dev tools page to turn your hex into key its called hex2key.

Math's Part:

How to pwn metldr the "easy" way:
This is most likely how geohot exploited it in the first place, this takes (give or take) about 10 minutes to be performed. (yeah, not so much of a "I hacked the ps3 all on my own work", especially not when it partially relies on Segher's work, one of the reason geohot never shared the way he exploited metldr to anyone)

I will assume here, that you do not have the loader keys that were made readily available by geohot. This little tutorial also assumes that you have a working .self generating tool

Now You want to gain code execution to metldr, you know that metldr loads loaders to its own space, but you cannot run a loader because the loader needs to be signed and even though you know about the sign fail that Segher introduced at the CCC, you cannot use it because you don't have decrypted signatures to calculate a private key and to get signatures you need keys which you are currently trying to dump, so far you are stuck in a chicken and egg scenario.

The question is, do you really need keys to get a decrypted signature ? Well the real answer is no, thanks to a nifty fail that sony left in in metldr (and the bootloader), you can have the ldr to decrypt the metadata for you, isn't that neat ?

Here's how it works:

STEP I)

In a self file, at address 0x0C a value is used to calculate where the metadata is going to be decrypted, the "offset" is at self header + 0x0C its the "meta header offset" in the SCE structure, it takes the SCE offset + that value, so what you have to do is to have a calculation that is equal to 0x3E1F0 which happens to be where metldr copies over the shared metadata from the mailbox (which is sent over by the ppu), the trick is to have metldr to decrypt the metadata located at. So basically you have to
1) set the offset += 0x2000
dump shared lsa
and keep increasing 0x2000
until somewhere in the shared lsa changes 0x40 byte
2) when it changes 0x40 bytes, you can add/subtract the proper amount to make it decrypt the proper locations
3) then dump shared lsa and we have decrypted header
knowing that metldr uses SCE header 0xECF0, you could calculate it knowing the address 0x3E1F0 - 0xECF0 = the value you would patch at SCE header + 0x0C

ROM:0000F6C0 D2 68 87 E6 metadata_erk: .int 0xD26887E6 ; DATA XREF: ROM:0000F178o
for example in CECHA , the address you want to decrypt it to is 0x3E1F0
so it should be 0x3E1F0 - 0xF6C0

Once you get the decrypted header, you have the key to decrypt the rest of the metadata. Here you go, you have your decrypted signature.

So far so good, now what's next ?

STEP II)

Contrary to popular beliefs, you do not need to know the public key to calculate the private key, you just need two decrypted signature, you now know how to dump these, so let's assume you just did, now all you have to do is to bruteforce the curve type by constantly reloading a self to metldr, the curve type being only 1 byte, that would be 64 possibilities.
CONGRATULATION, you just signed a loader !

Now what ?

Well Your first reflex would be to sign a loader and use it to dump whatever is in your Isolated Local Store, the first thing you will notice is that you have a bit of metldr's code as a leftover, after a few seconds of disassembly you will figure it's actually some piece of code that clears metldr's code and registers and jumps to some address which is matches your signed loader's entrypoint.
This seems like a more than likely candidate to exploit, as in your goal would be to overwrite that piece of code with your own, that way you would have the whole metldr code right before the point where everything gets cleared out.
Let's try to do just that, from your previous dump, you obviously know that the clear code is located from 0x400 to 0x630, (0x410 being where metldr jumps when it clears) your first attempt would naturally be to have a loader section to load at 0x400, well not so surprisingly, it fails, because you are not without a brain (at least you aren't supposed to be if you're reading and understanding this), you will assume that it is likely that metldr checks if you aren't loading your loader/self section below a certain address, which considering you know the loaders' entrypoint is most likely to be 0x12C00, this assumption is in fact correct as metldr will make sure you cannot load any loader at 0x12BFF and below, seems like a huge let down...
Well, maybe not, because yet again, you are not without a brain, you check out the hardware properties for the Local Store, and you find out that the memory wraps around (memory is a donut as someone once said at some ccc conference).
So what happens when you load your loader at let's say from 0x3F000 to 0x40000+some address? (like 0x40410 for example) ?

Well, it WORKS!
You could put the section at 0x3F000, if you made the length 0x1414 and the last instruction branches "up" to the dump code

ROM:000008AC 33 7F 6C 80 brsl lr, cleanup_and_jump_entry
ROM:000008B0 32 00 11 80 br loc_93C
ROM:00000410 cleanup_and_jump_entry: ; CODE XREF: main+4Cp
ROM:00000410 32 7F FF 80 br sub_40C

this is what the exploit that got leaked (yeah that's not really their work eh but you figured that much by now did you not? ) does.
It overwrites from 0x000 to 0x480 because I originally loaded the section o size 0x880 to 0x3FC00

So now you get code execution on metldr at the best time possible because your code executes right after metldr copies the root keys from 0x00 to 0x30, which means you get to dump these too. (Although they are hardcoded in metldr's code anyway)

Here you go, you have a metldr dump !
Now as a final line, I'd like to say screw leakers, screw the scene, and this is my last contribution to it EVER. It seems I can't even trust fellow developers to keep my work safe and not leaking it. (Not like any of them would have been able to tell you how all this even works in the first place)
So long, everyone.
Remember, don't ever bite the hands that feed you.

P.S. Oh! and btw, if you talented enough to make hardware to dump the shared lsa, you can decrypt any lv0 using this technique. (No, you can't)

Old partial/incomplete source: You must login or register to view this content.

This is so old its not funny plus isnt lan st no longer used as math left the scene but good cooy past anyways

I know it's old but I just wanted to point this way out :troll: Plus some people still have OtherOS++

How was i troling didnt neg u or groned u did i just stating a fact would you have liked dereck to do it again to you

this is news to me - that little prick doesnt help anyone but himself so i find it strange that hes helping the 'scene' out. also the little shit always said he hated the scene and was gonna leave - i guess he never did, which sux.

Sorry since the smiles are back, I just like to use them... That wasn't a troll lol