Editing ReDRM / Piracy dongles

Jump to navigation Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 1: Line 1:
{{Wikify}}
[[Category:Software]][[Category:Hardware]]{{Wikify}}
=Description=
=Description=
TrueBlue dongles are USB dongles for the PS3 which enable custom firmware 'special' functionality to launch resigned game backups. These dongles are themselves a form of DRM, as the particular format of these backups will not work without the TB dongle. Contentdisc's contain fself'ed eboot.bin's. <br />
TrueBlue dongle is DRM to make sure you have the dongle, the firmware 'special' functionality will not work without it.
Hardware-wise, there are many similarities with [[PS3Cobra_Payload_Reverse_Engineering#Hardware_Dongle|PS3Cobra]]
Contentdisc's contain fself'ed eboot.bin's. <br />
Hardwarewise, there are many similarities with [[PS3Cobra_Payload_Reverse_Engineering#Hardware_Dongle|PS3Cobra]]


== Clarifications ==
== Debunking ==
* '''If the content works with the dongle, that means the original content also works (without the dongle) if resigned for Firmware v3.55!'''
* '''If the content works with the dongle, that means the original content if resigned for 3.55 also works (without the dongle)!'''
* TrueBlue dongles/firmware do not support PSN (OFW and [[KaKaRoTo Kind of ´Jailbreak´]] do)
* No PSN (OFW and [[KaKaRoTo Kind of ´Jailbreak´]] do)
* Special features for PS Vita are not usable (OFW and [[KaKaRoTo Kind of ´Jailbreak´]] can)
* Cannot use special features for PS Vita (OFW and [[KaKaRoTo Kind of ´Jailbreak´]] can)
* TrueBlue cannot play Firmware 3.6x+/3.7x+/4.x+ original content (it does not have the keys for it).
 
* It can only play such content which is re-encrypted/resigned with the key supported by the dongle.
* It does not play 3.6x+/3.7x+/4.x+ original content (it does not have the keys for it).
** Such content was limited to already decryptable and debug eboot.bin's.
* It can only play such content which is re-encrypted/resigned with their donglekey.
*** Titles in the wild were almost entirely released by PARADOX (patches) & PARADiSO (full pirated releases) between November 2011 and June 2012 - with groups like BORG and EHRGEIZ appearing from May through June of 2012. There was also lighttake, which sold full pre-patched pirated Blu-ray discs. It seems possible that they were involved in the TrueBlue production/distribution. Profiting from or otherwise receiving money for re-applying DRM could likely be considered a scam.
** Such content will be limited to those already decryptable and debug eboot.bin's.
*** No public tools exist for 'converting' to TB format (re-encrypting/resigning) - making TB dongle users completely dependent on warez release groups like PARADOX/PARADiSO/BORG/EHRGEIZ.
*** At this moment, only a few titles in the wild released:
* Content for Firmware v3.55 and lower still works (after all, its just a MFW 3.55) - with some exceptions (in some cases it will even brick the dongle when running certain pieces of homebrew).
**** all by PARADOX (patches)/PARADiSO (full pirated releases) and lighttake that sells full prepatched pirated BD-discs, which makes it seem they are into the money/DRM scam or otherwise profiting from releasing for it.
* Needs the MFW (and cannot work on OFW's, that is why there is no 'power/eject trick')
**** Because the resellers profit from selling discs, those titles will not be released by PARADOX (patches)/PARADiSO (full pirated releases)
**** You can hear daily 'more games today' and still see nothing released for 5+ days in a row
** no public tools exist for 'converting' to TB format (re-encryption/resigning) - making you completely dependant of releasegroups like PARADOX/PARADiSO.
* Content for 3.55 and lower still work (after all, its just a MFW 3.55) - with some exceptions (in some cases it will even brick the dongle when running those homebrew)
* Needs the MFW (and cannot work on OFW's, that is why there is 'no power/eject trick')
* Cannot be used for downgraded consoles (which rely on lv1 syscon hashcheck patches)
* Cannot be used for downgraded consoles (which rely on lv1 syscon hashcheck patches)
* If you are using special firmware now, they will not be compatible with this one. e.g. Incompatible with:
* If you are using special firmwares now, they will not be compatible with this one. e.g. Incompatible with:
** OtherOS++
** OtherOS++
** Proper MFW's
** Proper MFW's
Line 257: Line 262:
==== AMS1117  2.851049 - Low Dropout Linear Regulator ====
==== AMS1117  2.851049 - Low Dropout Linear Regulator ====
Datasheet:  
Datasheet:  
* https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Datasheets/AMS1117-.pdf
* http://www.ps3devwiki.com/files/reDRM/TrueBlue/Datasheets/AMS1117-.pdf
* https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Datasheets/AMS1117.pdf<!--// http://www.sltdigital.com/product/product_pdf/AMS1117.pdf / http://home1.cyber-labo.co.jp/board/goods/pdf/AMS1117.pdf //--> <br />
* http://www.ps3devwiki.com/files/reDRM/TrueBlue/Datasheets/AMS1117.pdf<!--// http://www.sltdigital.com/product/product_pdf/AMS1117.pdf / http://home1.cyber-labo.co.jp/board/goods/pdf/AMS1117.pdf //--> <br />
[[:File:AMS1117 - SOT-223.png]]
[[:File:AMS1117 - SOT-223.png]]


Line 305: Line 310:


=== JB-King ===
=== JB-King ===
* JB-King is a "copy-cat" clone by dongle makers in China. (some have claimed by the makers of PS3Go). Its poetic, piracy and theft of the "intellectual property" of pirates and thieves.
* JB-King is a "copy-cat" clone by dongle makers in China. (some have claimed by the makers of PS3Go)


<gallery>
<table width="100%" align="left"><tr>
File:Jb-king-front.jpg|JB-King clone dongle front
<td align="left">[[File:Jb-king-front.jpg|200px|thumb|left|JB-King clone dongle front]]<br />[[File:JB-King BACK.jpg|200px|thumb|left|JB-King clone dongle - BACK]]</td>
File:JB-King BACK.jpg|JB-King clone dongle - BACK
<td align="left">[[File:JB-King_Dongle_Abkarino_DVD4Arab_01.png|200px|thumb|left|tb-king clone dongle overview]]</td>
File:JB-King_Dongle_Abkarino_DVD4Arab_01.png|tb-king clone dongle overview
<td align="left">[[File:JB-King_Dongle_Abkarino_DVD4Arab_02.png|200px|thumb|left|tb-king clone dongle board]]</td></tr></table>
File:JB-King_Dongle_Abkarino_DVD4Arab_02.png|tb-king clone dongle board
 
File:JBKing-1.jpg
Its poetic, piracy and theft of the "intellectual property" of pirates and thieves.
File:JBKing-2.jpg
</gallery>


=== Components ===
=== Components ===
Line 328: Line 331:
I - Temperature Range: Industrial (-40'C ~ 85'C)
I - Temperature Range: Industrial (-40'C ~ 85'C)
G - Environment: Green Package (Lead-free, RoHS Compliant, Halogen-free (TBBA), Antimony-Oxie-free)</pre>
G - Environment: Green Package (Lead-free, RoHS Compliant, Halogen-free (TBBA), Antimony-Oxie-free)</pre>
datasheet: [http://www.winbond.com/NR/rdonlyres/C6366616-2CB7-49F8-A1F9-3BC363DF9480/0/W25X16A.pdf W25X16A.pdf (1.3 MB)] / https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/Datasheets/W25X16A.pdf <br />
datasheet: [http://www.winbond.com/NR/rdonlyres/C6366616-2CB7-49F8-A1F9-3BC363DF9480/0/W25X16A.pdf W25X16A.pdf (1.3 MB)] / http://www.ps3devwiki.com/files/reDRM/Datasheets/W25X16A.pdf <br />
Note: can use [http://blog.hodgepig.org/busninja/ Bus Ninja] or [http://flashrom.org/Bus_Pirate Bus Pirate] and [http://flashrom.org/Flashrom FlashROM] - <abbr title="In-System Programming (ISP)">ISP</abbr> is possible, so long as no other devices on the SPI bus are trying to access the device (in that case, you might want to cut Vcc to the FPGA or the regulator for it).  
Note: can use [http://blog.hodgepig.org/busninja/ Bus Ninja] or [http://flashrom.org/Bus_Pirate Bus Pirate] and [http://flashrom.org/Flashrom FlashROM] - <abbr title="In-System Programming (ISP)">ISP</abbr> is possible, so long as no other devices on the SPI bus are trying to access the device (in that case, you might want to cut Vcc to the FPGA or the regulator for it).  


Line 360: Line 363:
==== STM32 F103C8T6 : U2 ====
==== STM32 F103C8T6 : U2 ====
U2 <br />
U2 <br />
datasheet: [https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Datasheets/stm32_f103c8t6.pdf stm32_f103c8t6.pdf (1.38 MB)]
datasheet: [http://www.ps3devwiki.com/files/reDRM/TrueBlue/Datasheets/stm32_f103c8t6.pdf stm32_f103c8t6.pdf (1.38 MB)]
===== Pinout STM32 F103C8T6 LQFP48 =====
===== Pinout STM32 F103C8T6 LQFP48 =====
<div style="float:right">[[File:STM32 F103C8T6 - LQFP48.png|200px|thumb|left|STMicroelectronics STM32 F103C8T6 - LQFP48 package]]</div>
<div style="float:right">[[File:STM32 F103C8T6 - LQFP48.png|200px|thumb|left|STMicroelectronics STM32 F103C8T6 - LQFP48 package]]</div>
Line 702: Line 705:
= Downloads =
= Downloads =
== First release (1.0/2.1) ==
== First release (1.0/2.1) ==
* MFW: [https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Firmware/Jailbreak2.CFW.rar Jailbreak2.CFW.rar (172.34 MB)]<!--//http://www.filesonic.nl/file/2688912531/Jailbreak2.CFW.zip (password: whyudie)//-->
* MFW: [http://www.ps3devwiki.com/files/reDRM/TrueBlue/Firmware/Jailbreak2.CFW.rar Jailbreak2.CFW.rar (172.34 MB)]<!--//http://www.filesonic.nl/file/2688912531/Jailbreak2.CFW.zip (password: whyudie)//-->
** Alternative FW compatible with the PSJB2/TrueBlue dongle DRM lock-in : [http://rebug.me REBUG 3.55.2 TB EDITION] / [https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Firmware/3.55.2_TBE_Links.rar 3.55.2_TBE_Links.rar]
** Alternative FW compatible with the PSJB2/TrueBlue dongle DRM lock-in : [http://rebug.me REBUG 3.55.2 TB EDITION] / [http://www.ps3devwiki.com/files/reDRM/TrueBlue/Firmware/3.55.2_TBE_Links.rar 3.55.2_TBE_Links.rar]
* Dongle Updater v2.1: [https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.1/dongle-updater.pkg dongle-updater.pkg (2.1 MB)]<!--//http://www.filesonic.nl/file/2689038911/JB2.Dongle.Updater.zip (password: whyudie)//-->
* Dongle Updater v2.1: [http://www.ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.1/dongle-updater.pkg dongle-updater.pkg (2.1 MB)]<!--//http://www.filesonic.nl/file/2689038911/JB2.Dongle.Updater.zip (password: whyudie)//-->


== Update 2.2 ==
== Update 2.2 ==
* Dongle Updater v2.2: https://web.archive.org/web/*/http://ps3devwiki.com/files/TrueBlue/Updates/TrueBlueUpdate-2.2/
* Dongle Updater v2.2: http://www.ps3devwiki.com/files/TrueBlue/Updates/TrueBlueUpdate-2.2/


== FW Info (1.0/2.1) ==
== FW Info (1.0/2.1) ==
Line 776: Line 779:
http://www.ps3hax.net/2012/03/finally-jb-king-cracks-v2-5-update/
http://www.ps3hax.net/2012/03/finally-jb-king-cracks-v2-5-update/


https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/JBKing/Updates/JBKing%202.5/
http://www.ps3devwiki.com/files/reDRM/JBKing/Updates/JBKing%202.5/


=Content discs=
=Content discs=
Line 849: Line 852:
== Paradox TB ==
== Paradox TB ==
Note: Releases seen in the wild are full BD content prepatched for TrueBlue. We are only interested in documenting/reversing, so please don't post full links (only stripped).
Note: Releases seen in the wild are full BD content prepatched for TrueBlue. We are only interested in documenting/reversing, so please don't post full links (only stripped).
* [https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Patches/portal_2_BLUS30732_TB.rar portal_2_BLUS30732_TB.rar (78.04 MB)]
* [http://www.ps3devwiki.com/files/reDRM/TrueBlue/Patches/portal_2_BLUS30732_TB.rar portal_2_BLUS30732_TB.rar (78.04 MB)]


=== EBOOT.BIN details ===
=== EBOOT.BIN details ===
Line 857: Line 860:
== FW Changes (1.0/2.1) ==
== FW Changes (1.0/2.1) ==
Compared to OFW 3.55:
Compared to OFW 3.55:
[https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Firmware/analysis/ofw-vs-jb2.rar ofw-vs-jb2.rar (4.18 MB)]
[http://www.ps3devwiki.com/files/reDRM/TrueBlue/Firmware/analysis/ofw-vs-jb2.rar ofw-vs-jb2.rar (4.18 MB)]
====EULA.xml====
====EULA.xml====
<pre> <str id="msg_updater_10">This update will install PS3 system software version 3.55, modified to support homebrew software and the disc dongle.</str> </pre>
<pre> <str id="msg_updater_10">This update will install PS3 system software version 3.55, modified to support homebrew software and the disc dongle.</str> </pre>
Line 885: Line 888:
only 1 function change, and a section added <br />
only 1 function change, and a section added <br />
sub_28fe30 is replaced <small>1)</small><br />
sub_28fe30 is replaced <small>1)</small><br />
the new section is loaded at 0x80000000007f0000 (which is where those payloads are being loaded) [https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Firmware/analysis/lv2_kernel.bin lv2_kernel.bin (6.41 KB)]
the new section is loaded at 0x80000000007f0000 (which is where those payloads are being loaded) [http://www.ps3devwiki.com/files/reDRM/TrueBlue/Firmware/analysis/lv2_kernel.bin lv2_kernel.bin (6.41 KB)]


<small>note 1) : * ''the 28fe30 function is replaced with OFW code during exploit execution (which is why it is OFW, when there is no dongle). That 28fe30 function mounts dev_flash, so they are in control before even dev_flash loads. When lv2 loads dev_flash, the exploit is triggered which, among the things it does, is replace the function with the proper one to mount dev_flash, then branchs to it and boot continues.''</small>
<small>note 1) : * ''the 28fe30 function is replaced with OFW code during exploit execution (which is why it is OFW, when there is no dongle). That 28fe30 function mounts dev_flash, so they are in control before even dev_flash loads. When lv2 loads dev_flash, the exploit is triggered which, among the things it does, is replace the function with the proper one to mount dev_flash, then branchs to it and boot continues.''</small>
Line 920: Line 923:


== 2.1 ==
== 2.1 ==
[https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.1/dongle-updater.pkg TrueBlueUpdate-2.1/dongle-updater.pkg]
[http://www.ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.1/dongle-updater.pkg TrueBlueUpdate-2.1/dongle-updater.pkg]


Dongle is released with 1.0, this PKG is used to update the dongle to 2.1
Dongle is released with 1.0, this PKG is used to update the dongle to 2.1
Line 935: Line 938:
   002084E0  001FFFF0  EB 3B 01 F7 6F A9 CF 3C B6 EB 89 82 7D E6 7D 3B  ë;.÷o©Ï<¶ë‰‚}æ};
   002084E0  001FFFF0  EB 3B 01 F7 6F A9 CF 3C B6 EB 89 82 7D E6 7D 3B  ë;.÷o©Ï<¶ë‰‚}æ};


[https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.1/TB_dongle_payload.bin TrueBlueUpdate-2.1/TB_dongle_payload.bin (2 MB)]
[http://www.ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.1/TB_dongle_payload.bin TrueBlueUpdate-2.1/TB_dongle_payload.bin (2 MB)]
     SHA1: 43402D6FE2ECE43EBE91531EFA07C366D46DD121 // MD5: BA5AFAB174BF6003D41AC8951301B822 // CRC32: 248284D2 // CRC16: 8C78
     SHA1: 43402D6FE2ECE43EBE91531EFA07C366D46DD121 // MD5: BA5AFAB174BF6003D41AC8951301B822 // CRC32: 248284D2 // CRC16: 8C78


Line 1,422: Line 1,425:
True Blue Dongle Update v2.2 - Initial worldwide release
True Blue Dongle Update v2.2 - Initial worldwide release


[https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.2/TrueBlueUpdate-2.2.pkg TrueBlueUpdate-2.2/TrueBlueUpdate-2.2.pkg]
[http://www.ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.2/TrueBlueUpdate-2.2.pkg TrueBlueUpdate-2.2/TrueBlueUpdate-2.2.pkg]
     SHA1: 504D53CD6EDFA3382510CCB40CE49F802073FBD4 // MD5: A09CBCD5B3AEC31B07D974BEB4AC21FE // CRC32: 82F977CC // CRC16: 92D4
     SHA1: 504D53CD6EDFA3382510CCB40CE49F802073FBD4 // MD5: A09CBCD5B3AEC31B07D974BEB4AC21FE // CRC32: 82F977CC // CRC16: 92D4


Line 1,433: Line 1,436:
   0007B588  00072EF0  99 0A 4C 65 2A CE DE D6 0D C8 D2 73 FC B3 85 E2  ™.Le*ÎÞÖ.ÈÒsü³…â
   0007B588  00072EF0  99 0A 4C 65 2A CE DE D6 0D C8 D2 73 FC B3 85 E2  ™.Le*ÎÞÖ.ÈÒsü³…â


[https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.2/TB_payload_2.2.bin payload2-2.bin (459.75 KB)]
[http://www.ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.2/TB_payload_2.2.bin payload2-2.bin (459.75 KB)]
     SHA1: 69953C9CF60E67E798A22C1016ABCB44A1D42CDF // MD5: F0826BA059B352BC6100647DB7EFDE5F // CRC32: 4B3C2132 // CRC16: 8181
     SHA1: 69953C9CF60E67E798A22C1016ABCB44A1D42CDF // MD5: F0826BA059B352BC6100647DB7EFDE5F // CRC32: 4B3C2132 // CRC16: 8181


Line 2,229: Line 2,232:


== 2.3 ==
== 2.3 ==
True Blue Dongle Update v2.3 - [https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.3/TrueBlueUpdate-2.3.pkg /TrueBlueUpdate-2.3/TrueBlueUpdate-2.3.pkg]
True Blue Dongle Update v2.3 - [http://www.ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.3/TrueBlueUpdate-2.3.pkg /TrueBlueUpdate-2.3/TrueBlueUpdate-2.3.pkg]
* Fixed games requiring "BD Mirror"
* Fixed games requiring "BD Mirror"
* True Blue firmware version is now displayed on the XMB "System Information" screen
* True Blue firmware version is now displayed on the XMB "System Information" screen
Line 2,245: Line 2,248:
   0007BD88  000736F0  99 0A 4C 65 2A CE DE D6 0D C8 D2 73 FC B3 85 E2  ™.Le*ÎÞÖ.ÈÒsü³…â
   0007BD88  000736F0  99 0A 4C 65 2A CE DE D6 0D C8 D2 73 FC B3 85 E2  ™.Le*ÎÞÖ.ÈÒsü³…â


[https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.3/payload_2.3.bin payload_2.3.bin (461.75 KB)]
[http://www.ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.3/payload_2.3.bin payload_2.3.bin (461.75 KB)]
   SHA1: DD8C3302F5F2394B2A0D907DE972AFB8E94DB0B5 // MD5: 7E4C3C6D7BA24375D3BE83074D882E0A // CRC32: 7D748CE8 // CRC16: 4A3B
   SHA1: DD8C3302F5F2394B2A0D907DE972AFB8E94DB0B5 // MD5: 7E4C3C6D7BA24375D3BE83074D882E0A // CRC32: 7D748CE8 // CRC16: 4A3B


Line 2,274: Line 2,277:


== 2.4 ==
== 2.4 ==
[https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.4/TrueBlueUpdate-2.4.pkg TrueBlueUpdate-2.4/TrueBlueUpdate-2.4.pkg]
[http://www.ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.4/TrueBlueUpdate-2.4.pkg TrueBlueUpdate-2.4/TrueBlueUpdate-2.4.pkg]
 
=== Payload (2.4) ===
=== Payload (2.4) ===
located in unself'ed eboot.bin @ offset:
located in unself'ed eboot.bin @ offset:
Line 2,283: Line 2,287:
   000A3620  0009AEFF  99 0A 4C 65 2A CE DE D6 0D C8 D2 73 FC B3 85 E2  ™.Le*ÎÞÖ.ÈÒsü³…â
   000A3620  0009AEFF  99 0A 4C 65 2A CE DE D6 0D C8 D2 73 FC B3 85 E2  ™.Le*ÎÞÖ.ÈÒsü³…â


[https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.4/payload_2.4.bin payload_2.4.bin (619.75 KB)]
[http://www.ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.4/payload_2.4.bin payload_2.4.bin (619.75 KB)]
   SHA1: C062057BFBE4A0DF6C6C6E1B33C7561BC859C23F // MD5: 69FC4CE04DD4255A0BEEF4C2168F0AB0 // CRC32: 1C9EE18 // CRC16: 85DE
   SHA1: C062057BFBE4A0DF6C6C6E1B33C7561BC859C23F // MD5: 69FC4CE04DD4255A0BEEF4C2168F0AB0 // CRC32: 1C9EE18 // CRC16: 85DE


IDA DB: [https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.4/EBOOT_SHT_fixed.i64 EBOOT_SHT_fixed.i64 (3.01 MB)]
IDA DB: [http://www.ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.4/EBOOT_SHT_fixed.i64 EBOOT_SHT_fixed.i64 (3.01 MB)]


== 2.5 ==
== 2.5 ==
=== Payload (2.5) ===
start: 8600, end: 63e00, size: 5b800
start: 8600, end: 63e00, size: 5b800


[https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.5/EBOOT,BIN.elf TrueBlueUpdate-2.5/EBOOT,BIN.elf]
[http://www.ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.5/EBOOT,BIN.elf TrueBlueUpdate-2.5/EBOOT,BIN.elf]


[https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.5/update_data_2.5.bin TrueBlueUpdate-2.5/update_data_2.5.bin]
[http://www.ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.5/update_data_2.5.bin TrueBlueUpdate-2.5/update_data_2.5.bin]


== 2.61 ==
== 2.61 ==
[https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.61/TrueBlueUpdate-2.61.pkg TrueBlueUpdate-2.61.pkg]
[http://www.ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.61/TrueBlueUpdate-2.61.pkg TrueBlueUpdate-2.61.pkg]
 
=== Payload (2.61) ===
=== Payload (2.61) ===
located in unself'ed eboot.bin @ offset:
located in unself'ed eboot.bin @ offset:
Line 2,306: Line 2,310:
   00066F58  0005E7F0  99 0A 4C 65 2A CE DE D6 0D C8 D2 73 FC B3 85 E2  ™.Le*ÎÞÖ.ÈÒsü³…â
   00066F58  0005E7F0  99 0A 4C 65 2A CE DE D6 0D C8 D2 73 FC B3 85 E2  ™.Le*ÎÞÖ.ÈÒsü³…â


[https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.61/payload_2.61.bin payload_2.61.bin (378 KB)]
[http://www.ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.61/payload_2.61.bin payload_2.61.bin (378 KB)]
   SHA1: 7CEA46601B717912D6A434CA2C164E0A9B890825 // MD5: 1114BC3061581FC592A3797B340FD545 // CRC32: B66F50FD // CRC16: B685
   SHA1: 7CEA46601B717912D6A434CA2C164E0A9B890825 // MD5: 1114BC3061581FC592A3797B340FD545 // CRC32: B66F50FD // CRC16: B685


IDA DB: [https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.61/TrueBlueUpdate-2.61.idc TrueBlueUpdate-2.61.idc (203 KB)]
IDA DB: [http://www.ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.61/TrueBlueUpdate-2.61.idc TrueBlueUpdate-2.61.idc (203 KB)]
 
== 2.62 ==
=== Payload (2.62) ===
located in unself'ed eboot.bin @ offset:
 
  Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
  00000000  E0 AE 1B 14 9D 24 05 8A D0 BB 65 D8 7F CC 1C 24  à®...$.ŠÐ»eØ.Ì.$
    ...
  0005E7F0  99 0A 4C 65 2A CE DE D6 0D C8 D2 73 FC B3 85 E2  ™.Le*ÎÞÖ.ÈÒsü³…â
 
[https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.62/payload_2.62.bin payload_2.62.bin (378 KB)]
  SHA1: C5D37456FD5E59CFB648C82BBBE3FD95875E7C49 // MD5: 870C58F2CEC6BDB0ACF43EDD459ECD1C // CRC32: 35B2B2CA // CRC16: E3DE
 
== 2.7 ==
=== Payload (2.7) ===
located in unself'ed eboot.bin @ offset:
 
  Offset(h)  Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
  000087c8  00000000  E0 AE 1B 14 9D 24 05 8A D0 BB 65 D8 7F CC 1C 24  à®...$.ŠÐ»eØ.Ì.$
    ...
  00067fc8  0005F7F0  D9 5A C0 45 E8 78 E6 C6 16 0A 98 10 1B CA 52 3B  ÙZÀEèxæÆ..˜..ÊR;
 
[https://web.archive.org/web/*/http://ps3devwiki.com/files/reDRM/TrueBlue/Updates/TrueBlueUpdate-2.7/TB_payload_27.bin TB_payload_27.bin (382 KB)]
  SHA1: 107A4E37471D58E79B6F8A884FF09DD3A5F83DD0 // MD5: 495970F92139F966BF78E43509BB7C38 // CRC32: FBA0FCEB // CRC16: AD81
 
 
{{Reverse engineering}}<noinclude>[[Category:Main]]</noinclude>
Please note that all contributions to PS3 Developer wiki are considered to be released under the GNU Free Documentation License 1.2 (see PS3 Developer wiki:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!

To protect the wiki against automated edit spam, we kindly ask you to solve the following hCaptcha:

Cancel Editing help (opens in new window)