Editing Spuisofs
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
[[Category: | [[Category:Linux]] | ||
=Introduction= | =Introduction= | ||
Line 5: | Line 5: | ||
* spuisofs can execute only isolated SPU modules which are decrypted by isoldr. | * spuisofs can execute only isolated SPU modules which are decrypted by isoldr. | ||
* I used this driver e.g. to dump my EID0 key and my ATA keys. | * I used this driver e.g. to dump my EID0 key and my ATA keys. | ||
* | * spuisofs.tar.gz: http://www.multiupload.nl/0U1ZIZN6PG | ||
=Mounting= | =Mounting= | ||
Line 47: | Line 40: | ||
* Encrypt EID0 key seed2 with the dumped IV and key and you will get your EID0 AES-CBC-128 key. | * Encrypt EID0 key seed2 with the dumped IV and key and you will get your EID0 AES-CBC-128 key. | ||
* Use the computed EID0 key and the dumped IV to decrypt EID0 data at offset 0x7A0 of size 0xC0. | * Use the computed EID0 key and the dumped IV to decrypt EID0 data at offset 0x7A0 of size 0xC0. | ||
==EID0 Key Seed== | ==EID0 Key Seed== | ||
Line 175: | Line 166: | ||
==Result== | ==Result== | ||
<pre> | <pre> | ||
Line 212: | Line 200: | ||
... | ... | ||
glevand@debian:~$ cat ./ps3/eid0 | dd bs=1 skip=$((0x20)) count=$((0xc0)) | | glevand@debian:~$ cat ./ps3/eid0 | dd bs=1 skip=$((0x20)) count=$((0xc0)) | ./aes_cbc/aes_cbc -d -i <dumped IV> -k <your EID0 key1> | hexdump -C | ||
... | ... | ||
Here is your decrypted EID0 | Here is your decrypted EID0 | ||
Line 219: | Line 206: | ||
... | ... | ||
glevand@debian:~$ cat ./ps3/eid0 | dd bs=1 skip=$((0x20)) count=$((0xc0)) | | glevand@debian:~$ cat ./ps3/eid0 | dd bs=1 skip=$((0x20)) count=$((0xc0)) | ./aes_cbc/aes_cbc -d -i <dumped IV> -k <your EID0 key1> | dd bs=1 count=$((0xa8)) | ./aes_omac1_cmac/aes_omac1_cmac -k <your EID0 key1> | hexdump -C | ||
... | ... | ||
Here is CMAC-OMAC1 which should match data at offset 0xA8 | Here is CMAC-OMAC1 which should match data at offset 0xA8 | ||
... | ... | ||
glevand@debian:~$ cat ./ps3/eid0 | dd bs=1 skip=$((0x7a0)) count=$((0xc0)) | | glevand@debian:~$ cat ./ps3/eid0 | dd bs=1 skip=$((0x7a0)) count=$((0xc0)) | ./aes_cbc/aes_cbc -d -i <dumped IV> -k <your EID0 key2> | hexdump -C | ||
... | ... | ||
Here is your decrypted EID0 | Here is your decrypted EID0 | ||
Line 233: | Line 217: | ||
... | ... | ||
glevand@debian:~$ cat ./ps3/eid0 | dd bs=1 skip=$((0x7a0)) count=$((0xc0)) | | glevand@debian:~$ cat ./ps3/eid0 | dd bs=1 skip=$((0x7a0)) count=$((0xc0)) | ./aes_cbc/aes_cbc -d -i <dumped IV> -k <your EID0 key2>| dd bs=1 count=$((0xa8)) | ./aes_omac1_cmac/aes_omac1_cmac -k <your EID0 key2> | hexdump -C | ||
... | ... | ||
Here is CMAC-OMAC1 which should match data at offset 0xA8 | Here is CMAC-OMAC1 which should match data at offset 0xA8 | ||
... | ... | ||
</pre> | </pre> | ||