Flukes1 veut porter le PL3 dans le FW 3.55
2 messages
• Page 1 sur 1
Flukes1 veut porter le PL3 dans le FW 3.55
Après Waninkoko voici une autre personne qui veut jailbreaker le FW 3.55, il s'agit cette fois de Flukes1
Greg Hughes, alias Flukes1 a donc décidé de porter le PL3 dans le kernel du lv2 du firmware 3.55. Flukes1 n'en ai pas à ses débuts en termes de programmation, en effet il est issue de la scène Iphone.
voici donc un extait des conversations sur IRC
< +flukes1> anyone know where the syscall table is in 3.55 lv2
< +flukes1> again, anyone got the TOC location in lv2_kernel.elf yet?
< +flukes1> im trying to find the TOC in lv2_kernel.elf
< +flukes1> found the syscall table
< +flukes1> but cant find the toc
< +flukes1> im working on incorporating the jailbreak payload into the lv2_kernel self and other files
< +flukes1> for 3.55
< +sorrowuk> flukes1 : did you find what was changed in 3.42 etc to remove jailbreak ?
< +flukes1> they just fixed the usb bug
< +sorrowuk> flukes1 : can you not just put the usb bug back in there
< +flukes1> well yes but that’s stupid
< +flukes1> you’d need a usb device as before
< +flukes1> this way is better – the jailbreak is directly incorporated into the firmware update
< +sorrowuk> flukes1 : but isnt it risky cause your messing with lv2 kernel
< @Nicksasa> flukes1, did you test if the makeself’ed lv2_kernel works ? lol
< +flukes1> Nicksasa: no its not done yet
< +flukes1> sorrowuk: somewhat risky yes but it has to be done
< @Nicksasa> well if you’re doing the same patches as a payload … but there’s always a chance that something fails
< +flukes1> all of the changes im making have been done on many other lv2 kernels
< +flukes1> this will take me a while
< +flukes1> im about 50% done
< +flukes1> homebrew can be signed extremely easily now though
< +flukes1> im nearly done
< +FoG> I’ll watch as you brick your PS3 flukes1
< +flukes1> FoG: not likely
< +flukes1> i’m basically taking the payload which we know works
< +flukes1> and permanently patching it into lv2
< +sorrowuk> flukes1 : but are you doing it for 3.55 ?
< +flukes1> yes
< +flukes1> 3.55
< +flukes1> nobody can run this until we have confirmation that lv2 signing works
< +flukes1> decibell: i am stuck on the last patch
< +flukes1> that dcc exploits a ‘protection’ feature in some routers
< +flukes1> netgear i think
< +flukes1> sven: you may not know this, but would the TOC be missing from an elf
< +flukes1> I’m not sure but its something to do with the syscall table
< @sven> no idea
< +flukes1> ok
< +flukes1> is anyone able to extract lv2_kernel.self from firmware 3.40 and upload it somewhere
< +flukes1> it doesnt just execute the self
< +flukes1> it will keep booting from it
< +flukes1> ive already ported everything
< +flukes1> each patch can be disabled/enabled
< +flukes1> I now have everything I need to compile the PL3 payload for 3.55
< +flukes1> next step is to add the payload as a section on lv2_kernel and write a jump into it somewhere
< +flukes1> so still some stuff to do
< +flukes1> i’ve had 5 or 6 people offer to test it though
< +flukes1> and i won’t release it to them until i’m pretty sure about it
< +vidarino> flukes1: wouldn’t it be easier to just add peek/poke to the kernel, and let an app do the rest of the job?
< +flukes1> vidarino: technically its probably better to use a previously tested payload
< +flukes1> without making changes to it
< +vidarino> flukes1: the peek’n'poke code alone is tiny enough to be hexedited into place. :]
< +flukes1> vidarino: i know but I wanted to make something more complete
< +flukes1> it’s possible, so why not
< +flukes1> hmm, just one hash left to find, but it’s not showing itself
< +flukes1> i may have a problem though, the PL3 payload uses hashes of 4 different elf/prx files
< +flukes1> to patch them
< +flukes1> hey math, do you know anything about how PL3 does its elf hashing
SOURCE
Greg Hughes, alias Flukes1 a donc décidé de porter le PL3 dans le kernel du lv2 du firmware 3.55. Flukes1 n'en ai pas à ses débuts en termes de programmation, en effet il est issue de la scène Iphone.
voici donc un extait des conversations sur IRC
< +flukes1> anyone know where the syscall table is in 3.55 lv2
< +flukes1> again, anyone got the TOC location in lv2_kernel.elf yet?
< +flukes1> im trying to find the TOC in lv2_kernel.elf
< +flukes1> found the syscall table
< +flukes1> but cant find the toc
< +flukes1> im working on incorporating the jailbreak payload into the lv2_kernel self and other files
< +flukes1> for 3.55
< +sorrowuk> flukes1 : did you find what was changed in 3.42 etc to remove jailbreak ?
< +flukes1> they just fixed the usb bug
< +sorrowuk> flukes1 : can you not just put the usb bug back in there
< +flukes1> well yes but that’s stupid
< +flukes1> you’d need a usb device as before
< +flukes1> this way is better – the jailbreak is directly incorporated into the firmware update
< +sorrowuk> flukes1 : but isnt it risky cause your messing with lv2 kernel
< @Nicksasa> flukes1, did you test if the makeself’ed lv2_kernel works ? lol
< +flukes1> Nicksasa: no its not done yet
< +flukes1> sorrowuk: somewhat risky yes but it has to be done
< @Nicksasa> well if you’re doing the same patches as a payload … but there’s always a chance that something fails
< +flukes1> all of the changes im making have been done on many other lv2 kernels
< +flukes1> this will take me a while
< +flukes1> im about 50% done
< +flukes1> homebrew can be signed extremely easily now though
< +flukes1> im nearly done
< +FoG> I’ll watch as you brick your PS3 flukes1
< +flukes1> FoG: not likely
< +flukes1> i’m basically taking the payload which we know works
< +flukes1> and permanently patching it into lv2
< +sorrowuk> flukes1 : but are you doing it for 3.55 ?
< +flukes1> yes
< +flukes1> 3.55
< +flukes1> nobody can run this until we have confirmation that lv2 signing works
< +flukes1> decibell: i am stuck on the last patch
< +flukes1> that dcc exploits a ‘protection’ feature in some routers
< +flukes1> netgear i think
< +flukes1> sven: you may not know this, but would the TOC be missing from an elf
< +flukes1> I’m not sure but its something to do with the syscall table
< @sven> no idea
< +flukes1> ok
< +flukes1> is anyone able to extract lv2_kernel.self from firmware 3.40 and upload it somewhere
< +flukes1> it doesnt just execute the self
< +flukes1> it will keep booting from it
< +flukes1> ive already ported everything
< +flukes1> each patch can be disabled/enabled
< +flukes1> I now have everything I need to compile the PL3 payload for 3.55
< +flukes1> next step is to add the payload as a section on lv2_kernel and write a jump into it somewhere
< +flukes1> so still some stuff to do
< +flukes1> i’ve had 5 or 6 people offer to test it though
< +flukes1> and i won’t release it to them until i’m pretty sure about it
< +vidarino> flukes1: wouldn’t it be easier to just add peek/poke to the kernel, and let an app do the rest of the job?
< +flukes1> vidarino: technically its probably better to use a previously tested payload
< +flukes1> without making changes to it
< +vidarino> flukes1: the peek’n'poke code alone is tiny enough to be hexedited into place. :]
< +flukes1> vidarino: i know but I wanted to make something more complete
< +flukes1> it’s possible, so why not
< +flukes1> hmm, just one hash left to find, but it’s not showing itself
< +flukes1> i may have a problem though, the PL3 payload uses hashes of 4 different elf/prx files
< +flukes1> to patch them
< +flukes1> hey math, do you know anything about how PL3 does its elf hashing
SOURCE
-
MachOne
- Gamer
- Messages: 726
- Inscription: Jeu 30 Sep 2010 09:22
- Sexe:
- Wi-Fi: Oui
- cIOS Wii: Aucun
- Firmware PS3: 4.00
- CFW PS3: CFW 3.55 KMEAW
- Type de PSP: Fat
-
salahpayne
- Master Gamer
- Messages: 2390
- Inscription: Lun 20 Oct 2008 00:55
- Sexe:
- Wi-Fi: Oui
- Firmware Wii: 4.2E
- cIOS Wii: Cios57 rev20 slot249
- Type de DS: DS
- Linker DS: R4 Clone
- Firmware PS3: 3.73
- CFW PS3: Waninkoko
- Type de PSP: Fat
- Firmware PSP: 6.39 Me
- Type de Xbox360: Fat
- Lecteur Xbox360: LiteOn
- Firmware Xbox360: Lt + 2.0
2 messages
• Page 1 sur 1
Articles en relation
-
- Sujets
- Réponses
- Vus
- Dernier message
-
- Le FBI veut maintenant surveiller les réseaux sociaux.
par sniper3d » Lun 30 Jan 2012 11:40 - 3 Réponses
- 863 Vus
- Dernier message par TGbot
Lun 30 Jan 2012 17:41
- Le FBI veut maintenant surveiller les réseaux sociaux.
-
- [Mod] Disque Dur Interne dans la Wii !!
par kyno » Lun 20 Avr 2009 11:24 - 0 Réponses
- 780 Vus
- Dernier message par kyno
Lun 20 Avr 2009 11:24
- [Mod] Disque Dur Interne dans la Wii !!
-
- La cabane dans les bois
par Oops » Mer 9 Mai 2012 22:37 - 0 Réponses
- 861 Vus
- Dernier message par Oops
Mer 9 Mai 2012 22:37
- La cabane dans les bois
-
- un ROOTKIT serait présent dans l'OFW 3.56
par MachOne » Dim 30 Jan 2011 17:44 - 1 Réponses
- 780 Vus
- Dernier message par arnauto
Dim 30 Jan 2011 18:18
- un ROOTKIT serait présent dans l'OFW 3.56
-
- Une blonde dans une Lamborghini de 1250 ch!
par TGbot » Ven 20 Jan 2012 15:27 - 9 Réponses
- 670 Vus
- Dernier message par Oops
Sam 21 Jan 2012 10:24
- Une blonde dans une Lamborghini de 1250 ch!
Qui est en ligne
Utilisateurs parcourant ce forum: Aucun membre et 29 invités