For example, you are bored playing offline due to the PS3 Jailbreak but your firmware is 3.41, the latest version right now is 3.50. You got to update the firmware so that you can play online seamlessly. If you update your firmware, you cannot downgrade it back to the 3.41 version natively where you can get back the jailbreak ability. So, a downgrader will really come very handy for those who need that. Alright, let’s hear what Xcellerator had to say:
OK, well I got think after SKFU’s post when he said “We need to find a way to edit the flash directly…”
so I came up with this.
When the PS3 updates, it follows 2 main steps:
1) It copies data from PS3UPDAT.PUP to the HDD.
2) It then sets a boot flag to an “Update Phase/Mode” and then restarts and updates the flash.
If we copy our own update data to HDD, in the correct spot (I assume, it would be the contents of the PUP file, but this will need further research…), and if we can then get the PS3 to change it’s boot flag, we could get it to install any Firmware we like. The spoofing side of things comes from editing the SDKHeader.bin in the PUP contents.
So, how do edit the bootflags, is the main question?
It wouldn’t be a kind of PS3 GParted LiveCD…
We know that users ‘could’ edit bootflags (or certain ones) through the DefaultOS option in Firmwares 3.15 and below. They must be stored in the Registry (xRegistry.sys in /dev_flash2/). I’ll need someone with Firmware 3.15 or below to tell me the Registry ‘Key’, so it can be added to a PS3 registry over 3.15…
If we can get the bootflag setting for this update phase/mode, we could make our PS3 write whatever firmware we wanted to the flash, including 3.41 on top of 3.41 with the firmware ID of 3.50, so the PS3 can go online. Does this mean that we could, in theory make the PS3 boot a OS from External HDD? Possibly boot our own flash from it (already done with JaiCraB’s Firmware Loader, but still could have interesting possibilities!)
But how do we know the PS3 uses bootflags?
When I was messing with JaiCraB’s Firmware Loader, when it messed up, it gave the HDD error message (anyone who’s used it will know what I’m talking about!). Anyway, first time this happened to me, I switched off my PS3 and turned it on. The message still came up! Once I followed it through and restarted how it told me to, the PS3 booted up GameOS normally. At the time I thought nothing of it, but when I started thinking about this method, this makes bootflags of some sort seem like an obvious conclusion…
So, to recap!
I need someone with firmware 3.15 or below with jailbreak abilities, to tell me the ‘Key’ in xRegistry.sys for the DefaultOS menu, so it can be changed on firmware ABOVE 3.15…
All the best,
Xcellerator
0 comments:
Post a Comment