Post: [NEWS] Mathieulh Explains The Loader Exploit To Obtain 3.60 Application Keys
04-21-2011, 03:29 PM #1
(adsbygoogle = window.adsbygoogle || []).push({});
You must login or register to view this content.



Mathieulh probably just let the cat out of the bag with his obvious hint to the much talked bug that practically owned future PS3 firmware updates and also the mass growth of warez leechers with the help of 3.60 app keys. Yes, we’re talking about the unstoppable 3.60+ CFWs, you bitch. Provided that Sony won’t release unhackable PS3 consoles in the near future, of course.

Originally posted by another user
X nah, not a single line of code, at least not for the implementation
but finding the exploit itself
is EASY
except no one has gone looking
I’ve seen lots of askings and whining, very little looking xD
if someone who remotely knows spu reversing starts looking
he’ll find it
at the very worse in a matter of hours
the bug is retardly stupid to begin with
LV0, EID0, anything with coreOS imo should not be done without a hardwareflasher. Atleast with that you can undo the mess.
yeah
I am a bit of a red head here xD
you keep saying that, but I suck at SPU assembly
you’d find it even if you fail at it
you just need to know where to look
just look at how selfs are processed by ldrs
and you’ll find it
hell, I’ll help you, it’s about overflowing a certain buffer
yes, that is what defyboy and I tried to document in the ps3devwiki : bootprocess and loader locations etc.
well if you know how selfs are processed by loaders, it’s easy
another hint
it happens before the ecdsa check
my earlier guess btw was that it was a header overflow, which gave access to the local storage
It’s a retarded exploit
if you want to know what it is, I’ll tell you
the function that copies the SCE header from the shared LS to the isolated Local Store
doesn’t check the header’s size
\o/
it’s just THAT retarded
implementing it isn’t easy though
cause loaders have failsafes and shit
header size fail
lol
?
but now that you know, you can try it on your own
X1 yes
you craft a self with a HUGE header
so it overwrites ldr code as it gets copied to the isolated LS
and you wait the loader to jump to it
lolol must try heh
X1 it’s a total bitch to implement
but feel free xD
if someone pwns the bl with this and gets the keys, he’ll have my kudos
cause finding the exploit is the easy part
Sony’ll fix it now, but it’s not like I care much
their “unhackable” ps3s are probably already on the way


Some of the tidbits explaining how big the exploit is in the eyes of SONY’s M.I.B.

Originally posted by another user
why would they care about bootldr keys?
ps3devnews etc. host metldr keys, appldr keys etc.
X1 cause you can get lv0 decrypted
once you get lv0 decrypted
you get appldr
once you get appldr
you get 3.60 application keys
once you get that
you warez
also, with those keys you can sign your own lv0, no ps3 fw update can beat you then
yah
you can have your 3.60+ custom firmware then
and warez even more
and mess with the psn again
and so on


Before you start bashing out on me, you need to understand that this could help in some way for those who are still trying to pwn the ldrs and eventually sharing the actual hacks in the process. We know how important the keys are to Sony, so expect an anon release in the future. Hopefully, it can be done.


The whole conversation can be read here (thanks to jeffers07): You must login or register to view this content.

You must login or register to view this content.
(adsbygoogle = window.adsbygoogle || []).push({});

The following 7 users say thank you to MCPADDINGTON for this useful post:

ahebah, AMNE, i--DanieL_, jeffers07, MewHD, The InvadeR, theycallmeryan
04-21-2011, 03:35 PM #2
IDontbreak
Cake is a lie
Unkn0wn, get to work :carling:
04-21-2011, 03:36 PM #3
Swade
The Brain Named Its Self
WoW Thanks 4 Da Info
04-21-2011, 03:37 PM #4
Joel
[move]Sal:madsal::laim:[/move]
Just come on, If there Gonna Release the jailbreak, They Release it. All They Do is Talk About The Key, If They Have The Key, Then y Dont They Make a custom filmware 4 the ps3? :\ But Thanks 4 The info, Keep Updating it! If theres a REAL* Jailbreak 4 The Ps3, Let me Know. I Just Want Too Back Up my Games.

The following 3 users say thank you to Joel for this useful post:

CodingNation, Implicit, theycallmeryan
04-21-2011, 03:48 PM #5
jeffers07
Climbing up the ladder
thanks hope a dev read's this a and get crack in on because i dont have a clue what that means .

---------- Post added at 04:48 PM ---------- Previous post was at 04:44 PM ----------

You must login or register to view this content. link to convo might wanna add it ?

The following 2 users say thank you to jeffers07 for this useful post:

MCPADDINGTON, theycallmeryan
04-21-2011, 03:57 PM #6
s0ph0r
it isnt m3
I doubt that one time Mathieulh posts the shit he took brings SOMETHING.

Mathieulh < pile of crap
04-21-2011, 03:59 PM #7
The InvadeR
Who’s Jim Erased?
Originally posted by MCPADDINGTON View Post
You must login or register to view this content.



Mathieulh probably just let the cat out of the bag with his obvious hint to the much talked bug that practically owned future PS3 firmware updates and also the mass growth of warez leechers with the help of 3.60 app keys. Yes, we’re talking about the unstoppable 3.60+ CFWs, you bitch. Provided that Sony won’t release unhackable PS3 consoles in the near future, of course.



Some of the tidbits explaining how big the exploit is in the eyes of SONY’s M.I.B.



Before you start bashing out on me, you need to understand that this could help in some way for those who are still trying to pwn the ldrs and eventually sharing the actual hacks in the process. We know how important the keys are to Sony, so expect an anon release in the future. Hopefully, it can be done.


You must login or register to view this content.

This info makes me think someone somewhere might try it and succeed and hopefully share it
04-21-2011, 04:04 PM #8
i--DanieL_
Edgier than an octagon
Originally posted by s0ph0r View Post
I doubt that one time Mathieulh posts the shit he took brings SOMETHING.

Mathieulh < pile of crap

Well actually Mathieulh has been helping a lot of people with hacking 3.60 lately so we shouldn't be too hard on him, and I don't see why he would lie as he has nothing to gain from lying.
04-21-2011, 04:05 PM #9
Quit bashing Matt you idiots. He is only trying to HELP US by giving the public as many hints as possible on how to create a CFW. Hopefully a dev out there can use this information and create a CFW or a downgrade Smile

Good on you Matt and thanks and don't mind these 12 year old kids crying and whining about how they "only want to back up their games" LOL yeah right.

The following user thanked dishguy06 for this useful post:

AMNE
04-21-2011, 04:11 PM #10
ahebah
Banned
Im wondering whether to beilive him or not he could be a guy who knows about this stuff but doesnt do anything... or he could be a guy who does do something and i dont see the point in giving us hints when he could just release the CFW and get it over with but then again i see why he making us want it more and more Winky Winky its like a chick playing hard to get xD

Copyright © 2026, NextGenUpdate.
All Rights Reserved.

Gray NextGenUpdate Logo