Editing Talk:Downgrading with NAND flasher

Jump to navigation Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 51: Line 51:
CTRL-F : <code>00 00 00 00 00 00 00 00 00 00 00 00 00 6F FF E0</code>
CTRL-F : <code>00 00 00 00 00 00 00 00 00 00 00 00 00 6F FF E0</code>


CECHC-04/COK-002 MFW 3.15 ([[User:Euss|Euss]]):
<pre>  Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
<pre>  Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
      
      
Line 58: Line 57:
   000C0020  00 00 00 00 00 00 00 00 00 00 00 00 00 6F FF E0  .............oÿà
   000C0020  00 00 00 00 00 00 00 00 00 00 00 00 00 6F FF E0  .............oÿà
   000C0030  00 00 00 01 00 00 00 17 00 00 00 00 00 6F FF E0  .............oÿà</pre>
   000C0030  00 00 00 01 00 00 00 17 00 00 00 00 00 6F FF E0  .............oÿà</pre>
<pre>  Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
<pre>  Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
      
      
Line 86: Line 86:
Note: CTRL-F : not <code>00 00 00 00 00 00 10 10 00 00 00 00 00 00 10 10 00 00 00 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 40</code> but <code>00 00 00 00 00 00 00 20 00 00 00 00 00 00 00 20 00 00 00 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 40</code>
Note: CTRL-F : not <code>00 00 00 00 00 00 10 10 00 00 00 00 00 00 10 10 00 00 00 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 40</code> but <code>00 00 00 00 00 00 00 20 00 00 00 00 00 00 00 20 00 00 00 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 40</code>


CECHC-04/COK-002 MFW 3.15 ([[User:Euss|Euss]]):
  Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
<pre>  Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
    
    
   00093800  00 00 00 00 00 00 00 20 00 00 00 00 00 00 00 20  ....... .......  
   00093800  00 00 00 00 00 00 00 20 00 00 00 00 00 00 00 20  ....... .......  
Line 93: Line 92:
   00093820  00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 40  ...............@
   00093820  00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 40  ...............@
   00093830  53 43 45 00 00 00 00 02 00 00 00 02 00 00 00 00  SCE.............
   00093830  53 43 45 00 00 00 00 02 00 00 00 02 00 00 00 00  SCE.............
   00093840  00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 40  ...............@</pre>
   00093840  00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 40  ...............@
 
 
CECHA-06/COK-001 datas from offset 0x00093800:<!--//bluemimmo//-->
 
  Offset (h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
     
  00093800  00 00 00 00 00 00 10 10 00 00 00 00 00 00 10 10 ................
  00093810  00 00 00 00 00 00 20 00 00 00 00 00 00 00 00 00 ................
  00093820  00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 40 ...............@
  00093830  53 43 45 00 00 00 00 02 00 00 00 02 00 00 00 00 SCE.............
  00093840  00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 40 ...............@
  00093850  F6 93 38 8E C8 46 D5 FF 34 53 9D 12 91 7E C6 96 ö“8ŽÈFÕÿ4S..‘~Æ–
 
 
'''revoke package:'''
for a 3.72 console it would be : 00 00 00 00 00 00 00 20 00 00 00 00 00 00 00 20 00 00 00 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 60
http://pastie.org/3006911
 
'''revoke program:'''
for a 3.72 console it would be : 00 00 00 00 00 00 10 10 00 00 00 00 00 00 10 10 00 00 00 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 E0
http://pastie.org/3006958
----
 
Example, copy ros1 to ros0 and overwrite (HxD):
 
* goto edit
* select block (CTRL-E) : start 7C0020 - length 6FFFE0
* copy (CTRL-C)
* goto (CTRL-G) : C0030
* overwrite (CTRL-B)
 
 
----
 
=== Simplyfied V2 NAND downgrade ===
====Patches to use====
{|class="wikitable"
|-
! Target area !! Patchfile !! NAND Offset !! Paste length !! Remarks
|-
| ROS0 || [http://www.multiupload.com/GB4LPBNJBY patch1&nbsp;(7&nbsp;MB)] || 0x0C0030 || 0x6FFFE0 || CoreOS (prepatched 3.55)
|-
| ROS1 || [http://www.multiupload.com/GB4LPBNJBY patch1&nbsp;(7&nbsp;MB)] || 0x7C0020 || 0x6FFFE0 || CoreOS (SAME as ros0)
|-
| trvk_prg0&nbsp;(0x91800)<br />trvk_prg1&nbsp;(0x92810)<br />trvk_pkg&nbsp;(0x93800) || [http://www.multiupload.com/RTIK2IUUCL patch2&nbsp;(16&nbsp;KB)] || 0x91800 || 0x4000 || one big patch overlapping several revoke area's
|-
|}
<!--// 3.55 did greenlight power off [http://www.multiupload.com/9Z5D080KLO patch2 (16 KB)] not work:avati//-->
<!--// 3.15 [http://www.multiupload.com/KT6BAXH8O5 patch2 (16 KB)] not work:avati//-->
 
==== PUP to use ====
[[Talk:Downgrading_with_NOR_flasher#Premade_CFW_Rogero_V2| Rogero V2]] or any firmware with prepatched lv1 (no syscon hash checks)
<!--//
downgrade and 3.41downgrader = manufacturing updating SUCCESS(0x8002f000) = YLOD http://mibpaste.com/WP3suB
downgrade and Rogero PUP = Bul-ray Disc Player Revoke done(0x8002f057) = YLOD http://mibpaste.com/oj8EL5
downgrade and Rogero NoBD PUP = manufacturing updating SUCCESS(0x8002f000) + autopower off = OK  http://mibpaste.com/sAguEj
//-->
 
====Different Factory Service Mode SELFs====
For factory Service Mode install:
* if using the normal lv2diag : Use a NoBD patched PUP (e.g. Rogero NoBD PUP) (to prevent error 0x8002f057)
* if using the jaicrab NoBD lv2diag : Use the Rogero normal PUP
 
{|class="wikitable"
! Filename !! Size !! Remarks !! <code>SHA1</code> !! <code>MD5</code> !! <code>CRC32</code> !! <code>CRC16</code>
|-
| [http://www.multiupload.com/Y0Z8WNY009 Lv2diag.self&nbsp;(227.38&nbsp;KB)] || 232832 || jaicrab noBD patched || <code>180823003B086D9D49BC7F83BEA9C769BF73A5EA</code> || <code>3615770407C0C3FA00D8CA49C8ADB362</code> || <code>25E85CFB</code> || <code>EDD0</code>
|-
| [http://www.multiupload.com/V1YTTWGKH0 Lv2diag.self&nbsp;(365.5&nbsp;KB)] || 374272 || 3.55 get in FSM || <code>1ED037740D67FEBACA6449CABFF4E95400C9E2EE</code> || <code>099F33A7967F99E91C07E870FD78B3DB</code> || <code>9338ABF2</code> || <code>4FCC</code>
|-
| [http://www.multiupload.com/ZHJMPSMLYR Lv2diag.self&nbsp;(365.5&nbsp;KB)] || 374272 || 3.50- get in FSM || <code>1E770010A3A6EF572AF39783A04DF792670998D3</code> || <code>90168C03B217CE775A7839D87BBFF2A3</code> || <code>D1F0AAFC</code> || <code>CD8D</code>
|-
| [http://www.multiupload.com/VGQTFV56CO Lv2diag.self&nbsp;(201.42&nbsp;KB)] || 206256 || get out FSM || <code>329877CBD47B994EC0AFCEA6AF98114FD9E5128B</code> || <code>7A20BFDAE65EEFB47A4425DB1B52DCDE</code> || <code>72740080</code> || <code>502A</code>
|-
|}
Please note that all contributions to PS3 Developer wiki are considered to be released under the GNU Free Documentation License 1.2 (see PS3 Developer wiki:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!

To protect the wiki against automated edit spam, we kindly ask you to solve the following hCaptcha:

Cancel Editing help (opens in new window)
Retrieved from "http://www.psdevwiki.com/ps3/Talk:Downgrading_with_NAND_flasher"