Editing Talk:Downgrading with NOR flasher
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
=NOR patches= | =NOR patches= | ||
== | == 355checkoff.PUP == | ||
[http://www.megaupload.com/?d=BNC7EC38 PS3 CFW Kmeaw by dospiedra - 355checkoff.PUP] <br /> | [http://www.megaupload.com/?d=BNC7EC38 PS3 CFW Kmeaw by dospiedra - 355checkoff.PUP] <br /> | ||
([http://pastie.org/private/ayacg9ng3xeop78viscdya 'kmeaw'] + lv1 nocheck (see V1/V2 etc) | ([http://pastie.org/private/ayacg9ng3xeop78viscdya 'kmeaw'] + lv1 nocheck (see below, V1/V2 etc) | ||
Patches | Patches included (using [[PS3MFW Builder]] and [[Patches]] naming) : | ||
* Patch LV1 hypervisor (lv1_function_114 mmap) lv1.self | * Patch LV1 hypervisor (lv1_function_114 mmap) lv1.self | ||
Line 652: | Line 27: | ||
===Extracting pup and comparing=== | ===Extracting pup and comparing=== | ||
to see the actual patches/changes done | to see the actual patches/changes done: | ||
====CORE_OS_PACKAGE.pkg==== | ====CORE_OS_PACKAGE.pkg==== | ||
Line 659: | Line 34: | ||
lv1.self | lv1.self | ||
lv2_kernel.self | lv2_kernel.self | ||
emer_init.elf | |||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
0005B5A0 79 27 F0 82 y'ð‚ | |||
Patched 355checkoff | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
0005B5A0 38 E9 FF F8 8éÿø | 0005B5A0 38 E9 FF F8 8éÿø | ||
lv1.elf | |||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
00093490 39 20 00 4F 7C 00 F8 9 .O|.ø | 00093490 39 20 00 4F 7C 00 F8 9 .O|.ø | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
00093490 39 20 00 5F 7C 00 F8 9 ._|.ø | 00093490 39 20 00 5F 7C 00 F8 9 ._|.ø | ||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
000F5A40 39 20 00 00 38 60 00 9 ..8`. | 000F5A40 39 20 00 00 38 60 00 9 ..8`. | ||
Patched 355checkoff | |||
Patched 355checkoff: | |||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
000F5A40 39 20 00 01 38 60 00 9 ..8`. | 000F5A40 39 20 00 01 38 60 00 9 ..8`. | ||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
000F5EB0 41 DA 00 54 AÚ.T | 000F5EB0 41 DA 00 54 AÚ.T | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
000F5EB0 60 00 00 00 `... | 000F5EB0 60 00 00 00 `... | ||
Original ofw355: | Original ofw355: | ||
Line 707: | Line 81: | ||
000FD5D0 E9 5E 00 20 E9 1E 00 28 E8 FE 00 30 EB EB 00 50 é^. é..(èþ.0ëë.P | 000FD5D0 E9 5E 00 20 E9 1E 00 28 E8 FE 00 30 EB EB 00 50 é^. é..(èþ.0ëë.P | ||
000FD5E0 F8 01 00 ø.. | 000FD5E0 F8 01 00 ø.. | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
Line 712: | Line 87: | ||
000FD5D0 E9 5E 00 28 E9 1E 00 30 E8 FE 00 38 EB FE 00 18 é^.(é..0èþ.8ëþ.. | 000FD5D0 E9 5E 00 28 E9 1E 00 30 E8 FE 00 38 EB FE 00 18 é^.(é..0èþ.8ëþ.. | ||
000FD5E0 F8 01 00 ø.. | 000FD5E0 F8 01 00 ø.. | ||
Original ofw355: | Original ofw355: | ||
Line 717: | Line 93: | ||
000FD850 E8 1E 00 18 E9 3E 00 20 E9 5E 00 28 E9 1E 00 30 è...é>. é^.(é..0 | 000FD850 E8 1E 00 18 E9 3E 00 20 E9 5E 00 28 E9 1E 00 30 è...é>. é^.(é..0 | ||
000FD860 E8 FE 00 38 E8 DE 00 40 EB EB 00 50 90 A1 00 70 èþ.8èÞ.@ëë.P.¡.p | 000FD860 E8 FE 00 38 E8 DE 00 40 EB EB 00 50 90 A1 00 70 èþ.8èÞ.@ëë.P.¡.p | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
000FD850 E8 1E 00 20 E9 3E 00 28 E9 5E 00 30 E9 1E 00 38 è.. é>.(é^.0é..8 | 000FD850 E8 1E 00 20 E9 3E 00 28 E9 5E 00 30 E9 1E 00 38 è.. é>.(é^.0é..8 | ||
000FD860 E8 FE 00 40 E8 DE 00 48 EB FE 00 18 90 A1 00 70 èþ.@èÞ.Hëþ...¡.p | 000FD860 E8 FE 00 40 E8 DE 00 48 EB FE 00 18 90 A1 00 70 èþ.@èÞ.Hëþ...¡.p | ||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
000FDCF0 E8 1E 00 18 E9 3E 00 è...é>. | 000FDCF0 E8 1E 00 18 E9 3E 00 è...é>. | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
000FDCF0 E8 1E 00 20 E9 3E 00 è.. é>. | 000FDCF0 E8 1E 00 20 E9 3E 00 è.. é>. | ||
Original ofw355: | Original ofw355: | ||
Line 734: | Line 114: | ||
000FDD00 E9 1E 00 30 E8 FE 00 38 E8 DE 00 40 EB EB 00 50 é..0èþ.8èÞ.@ëë.P | 000FDD00 E9 1E 00 30 E8 FE 00 38 E8 DE 00 40 EB EB 00 50 é..0èþ.8èÞ.@ëë.P | ||
000FDD10 90 A1 00 .¡. | 000FDD10 90 A1 00 .¡. | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
Line 739: | Line 120: | ||
000FDD00 E9 1E 00 38 E8 FE 00 40 E8 DE 00 48 EB FE 00 18 é..8èþ.@èÞ.Hëþ.. | 000FDD00 E9 1E 00 38 E8 FE 00 40 E8 DE 00 48 EB FE 00 18 é..8èþ.@èÞ.Hëþ.. | ||
000FDD10 90 A1 00 .¡. | 000FDD10 90 A1 00 .¡. | ||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
00103CF0 38 00 00 0B 7F E9 00 8....é. | 00103CF0 38 00 00 0B 7F E9 00 8....é. | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
00103CF0 38 00 00 0F 7F E9 00 8....é. | 00103CF0 38 00 00 0F 7F E9 00 8....é. | ||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
00112670 10 39 20 00 09 E9 43 00 .9 ..éC. | 00112670 10 39 20 00 09 E9 43 00 .9 ..éC. | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
00112670 10 39 20 FF FF E9 43 00 .9 ÿÿéC. | 00112670 10 39 20 FF FF E9 43 00 .9 ÿÿéC. | ||
Original ofw355: | Original ofw355: | ||
Line 759: | Line 145: | ||
001225F0 60 00 FF EC F8 03 00 C0 4E 80 00 20 38 00 00 00 `.ÿìø..ÀN€. 8... | 001225F0 60 00 FF EC F8 03 00 C0 4E 80 00 20 38 00 00 00 `.ÿìø..ÀN€. 8... | ||
00122600 64 00 FF FF 60 00 FF EC F8 03 00 C0 4E 80 00 d.ÿÿ`.ÿìø..ÀN€. | 00122600 64 00 FF FF 60 00 FF EC F8 03 00 C0 4E 80 00 d.ÿÿ`.ÿìø..ÀN€. | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
Line 764: | Line 151: | ||
001225F0 E8 84 00 00 F8 83 00 C8 4E 80 00 20 38 00 00 00 è„..øƒ.ÈN€. 8... | 001225F0 E8 84 00 00 F8 83 00 C8 4E 80 00 20 38 00 00 00 è„..øƒ.ÈN€. 8... | ||
00122600 E8 A3 00 20 E8 83 00 18 F8 A4 00 00 4E 80 00 è£. èƒ..ø¤..N€. | 00122600 E8 A3 00 20 E8 83 00 18 F8 A4 00 00 4E 80 00 è£. èƒ..ø¤..N€. | ||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
0021D0B0 9E 00 48 48 00 D7 15 2F 83 00 ž.HH.×./ƒ. | 0021D0B0 9E 00 48 48 00 D7 15 2F 83 00 ž.HH.×./ƒ. | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
0021D0B0 9E 00 48 38 60 00 00 2F 83 00 ž.H8`../ƒ. | 0021D0B0 9E 00 48 38 60 00 00 2F 83 00 ž.H8`../ƒ. | ||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
0021D260 38 60 00 00 48 01 8E AD 8`..H.Ž | 0021D260 38 60 00 00 48 01 8E AD 8`..H.Ž | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
0021D260 38 60 00 01 48 01 8E AD 8`..H.Ž | 0021D260 38 60 00 01 48 01 8E AD 8`..H.Ž | ||
Original ofw355: | Original ofw355: | ||
Line 783: | Line 175: | ||
00222260 60 64 00 00 3B F9 3F 01 C8 60 00 F7 EE `d..;ù?.È`.÷î | 00222260 60 64 00 00 3B F9 3F 01 C8 60 00 F7 EE `d..;ù?.È`.÷î | ||
00222270 F8 1F 01 ø.. | 00222270 F8 1F 01 ø.. | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
00222260 60 64 00 FF FF F9 3F 01 C8 60 00 FF FE `d.ÿÿù?.È`.ÿþ | 00222260 60 64 00 FF FF F9 3F 01 C8 60 00 FF FE `d.ÿÿù?.È`.ÿþ | ||
00222270 F8 1F 01 ø.. | 00222270 F8 1F 01 ø.. | ||
Original ofw355: | Original ofw355: | ||
Line 792: | Line 186: | ||
002C5030 1B 00 00 ... | 002C5030 1B 00 00 ... | ||
002C5040 41 9D 00 A8 7B FD 00 A..¨{ý. | 002C5040 41 9D 00 A8 7B FD 00 A..¨{ý. | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
002C5030 1B 00 00 ... | 002C5030 1B 00 00 ... | ||
002C5040 60 00 00 00 7B FD 00 `...{ý. | 002C5040 60 00 00 00 7B FD 00 `...{ý. | ||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
002C7A20 02 B7 01 E8 18 00 08 2F A0 00 .·.è.../ . | 002C7A20 02 B7 01 E8 18 00 08 2F A0 00 .·.è.../ . | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
002C7A20 02 B7 01 38 00 00 00 2F A0 00 .·.8.../ . | 002C7A20 02 B7 01 38 00 00 00 2F A0 00 .·.8.../ . | ||
Original ofw355: | Original ofw355: | ||
Line 808: | Line 206: | ||
002DC410 38 00 00 09 8... | 002DC410 38 00 00 09 8... | ||
002DC420 41 9D 00 4C 48 00 05 A..LH.. | 002DC420 41 9D 00 4C 48 00 05 A..LH.. | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
002DC410 38 00 00 09 8... | 002DC410 38 00 00 09 8... | ||
002DC420 60 00 00 00 48 00 05 `...H.. | 002DC420 60 00 00 00 48 00 05 `...H.. | ||
Original ofw355: | Original ofw355: | ||
Line 817: | Line 217: | ||
00340790 38 00 00 0D 8... | 00340790 38 00 00 0D 8... | ||
003407A0 7C 63 00 38 4E 80 00 |c.8N€. | 003407A0 7C 63 00 38 4E 80 00 |c.8N€. | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
00340790 38 00 00 0D 8... | 00340790 38 00 00 0D 8... | ||
003407A0 38 60 00 00 4E 80 00 8`..N€. | 003407A0 38 60 00 00 4E 80 00 8`..N€. | ||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
003787E0 00 01 C0 80 00 00 00 00 00 01 C0 80 00 00 00 00 ..À€......À€.... | 003787E0 00 01 C0 80 00 00 00 00 00 01 C0 80 00 00 00 00 ..À€......À€.... | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
003787E0 00 01 D0 00 00 00 00 00 00 01 D0 00 00 00 00 00 ..Ð.......Ð..... | 003787E0 00 01 D0 00 00 00 00 00 00 01 D0 00 00 00 00 00 ..Ð.......Ð..... | ||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
00378830 00 00 00 01 C0 80 00 00 00 01 ....À€.... | 00378830 00 00 00 01 C0 80 00 00 00 01 ....À€.... | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
00378830 00 00 00 01 D0 00 00 00 00 01 ....Ð..... | 00378830 00 00 00 01 D0 00 00 00 00 01 ....Ð..... | ||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
00378BD0 00 01 C0 80 00 00 00 00 00 01 C0 80 00 00 00 00 ..À€......À€.... | 00378BD0 00 01 C0 80 00 00 00 00 00 01 C0 80 00 00 00 00 ..À€......À€.... | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
00378BD0 00 01 D0 00 00 00 00 00 00 01 D0 00 00 00 00 00 ..Ð.......Ð..... | 00378BD0 00 01 D0 00 00 00 00 00 00 01 D0 00 00 00 00 00 ..Ð.......Ð..... | ||
Original ofw355: | Original ofw355: | ||
Line 847: | Line 255: | ||
003895C0 33 78 3x | 003895C0 33 78 3x | ||
003895D0 48 00 03 E1 EB A2 80 H..á뢀 | 003895D0 48 00 03 E1 EB A2 80 H..á뢀 | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
003895C0 33 78 3x | 003895C0 33 78 3x | ||
003895D0 48 01 B6 1D EB A2 80 H.¶.뢀 | 003895D0 48 01 B6 1D EB A2 80 H.¶.뢀 | ||
Original ofw355: | Original ofw355: | ||
Line 858: | Line 268: | ||
0038EF40 48 00 5A 71 7F A4 EB 78 7F 85 E3 78 4B FF F0 E5 H.Zq.¤ëx.…ãxKÿðå | 0038EF40 48 00 5A 71 7F A4 EB 78 7F 85 E3 78 4B FF F0 E5 H.Zq.¤ëx.…ãxKÿðå | ||
0038EF50 54 63 06 Tc. | 0038EF50 54 63 06 Tc. | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
Line 864: | Line 275: | ||
0038EF40 48 00 5A 71 7F A4 EB 78 7F 85 E3 78 38 60 00 01 H.Zq.¤ëx.…ãx8`.. | 0038EF40 48 00 5A 71 7F A4 EB 78 7F 85 E3 78 38 60 00 01 H.Zq.¤ëx.…ãx8`.. | ||
0038EF50 54 63 06 Tc. | 0038EF50 54 63 06 Tc. | ||
Original ofw355: | Original ofw355: | ||
Line 869: | Line 281: | ||
0038EFC0 7F 84 E3 78 38 A1 00 70 9B E1 00 70 48 00 5F A5 .„ãx8¡.p›á.pH._¥ | 0038EFC0 7F 84 E3 78 38 A1 00 70 9B E1 00 70 48 00 5F A5 .„ãx8¡.p›á.pH._¥ | ||
0038EFD0 2F 83 00 00 /ƒ.. | 0038EFD0 2F 83 00 00 /ƒ.. | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
0038EFC0 7F 84 E3 78 3B E0 00 01 9B E1 00 70 38 60 00 00 .„ãx;à..›á.p8`.. | 0038EFC0 7F 84 E3 78 3B E0 00 01 9B E1 00 70 38 60 00 00 .„ãx;à..›á.p8`.. | ||
0038EFD0 2F 83 00 00 /ƒ.. | 0038EFD0 2F 83 00 00 /ƒ.. | ||
Original ofw355: | Original ofw355: | ||
Line 957: | Line 371: | ||
003A50D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | 003A50D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ | ||
003A50E0 00 00 00 00 00 00 00 00 00 00 .......... | 003A50E0 00 00 00 00 00 00 00 00 00 00 .......... | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
Line 963: | Line 378: | ||
003A4C00 FB 61 00 E8 FB 81 00 E0 FB A1 00 D8 FB C1 00 D0 ûa.èû..àû¡.ØûÁ.Ð | 003A4C00 FB 61 00 E8 FB 81 00 E0 FB A1 00 D8 FB C1 00 D0 ûa.èû..àû¡.ØûÁ.Ð | ||
003A4C10 FB E1 00 C8 F8 61 00 C0 F8 81 00 B8 F8 A1 00 B0 ûá.Èøa.Àø..¸ø¡.° | 003A4C10 FB E1 00 C8 F8 61 00 C0 F8 81 00 B8 F8 A1 00 B0 ûá.Èøa.Àø..¸ø¡.° | ||
003A4C20 48 00 00 05 7F E8 02 A6 3B FF FF C8 E8 1F 04 A0 H....è.¦;ÿÿÈè.. | 003A4C20 48 00 00 05 7F E8 02 A6 3B FF FF C8 E8 1F 04 A0 H....è.¦;ÿÿÈè.. | ||
003A4C30 F8 01 00 88 E8 1F 04 A8 F8 01 00 90 E8 1F 04 B0 ø..ˆè..¨ø...è..° | 003A4C30 F8 01 00 88 E8 1F 04 A8 F8 01 00 90 E8 1F 04 B0 ø..ˆè..¨ø...è..° | ||
003A4C40 F8 01 00 98 E8 1F 04 B8 F8 01 00 A0 38 00 00 00 ø..˜è..¸ø.. | 003A4C40 F8 01 00 98 E8 1F 04 B8 F8 01 00 A0 38 00 00 00 ø..˜è..¸ø.. 8... | ||
003A4C50 F8 01 00 78 F8 01 00 80 38 60 00 01 38 81 00 88 ø..xø..€8`..8..ˆ | 003A4C50 F8 01 00 78 F8 01 00 80 38 60 00 01 38 81 00 88 ø..xø..€8`..8..ˆ | ||
003A4C60 38 A1 00 78 3B C0 00 00 67 DE 80 01 63 DE 2F D0 8¡.x;À..gÞ€.cÞ/Ð | 003A4C60 38 A1 00 78 3B C0 00 00 67 DE 80 01 63 DE 2F D0 8¡.x;À..gÞ€.cÞ/Ð | ||
003A4C70 7F C9 03 A6 4E 80 04 21 2F A3 00 00 40 9E 00 18 .É.¦N€.!/£..@ž.. | 003A4C70 7F C9 03 A6 4E 80 04 21 2F A3 00 00 40 9E 00 18 .É.¦N€.!/£..@ž.. | ||
003A4C80 E8 01 00 78 78 00 06 20 2F 80 00 FF 3B 60 00 0F è..xx.. /€.ÿ;`.. | 003A4C80 E8 01 00 78 78 00 06 20 2F 80 00 FF 3B 60 00 0F è..xx.. /€.ÿ;`.. | ||
003A4C90 40 9E 03 54 E8 1F 04 A0 F8 01 00 88 E8 1F 04 A8 @ž.Tè.. | 003A4C90 40 9E 03 54 E8 1F 04 A0 F8 01 00 88 E8 1F 04 A8 @ž.Tè.. ø..ˆè..¨ | ||
003A4CA0 F8 01 00 90 E8 1F 04 C0 F8 01 00 98 E8 1F 04 C8 ø...è..Àø..˜è..È | 003A4CA0 F8 01 00 90 E8 1F 04 C0 F8 01 00 98 E8 1F 04 C8 ø...è..Àø..˜è..È | ||
003A4CB0 F8 01 00 A0 38 00 00 00 F8 01 00 78 F8 01 00 80 ø.. | 003A4CB0 F8 01 00 A0 38 00 00 00 F8 01 00 78 F8 01 00 80 ø.. 8...ø..xø..€ | ||
003A4CC0 38 60 00 01 38 81 00 88 38 A1 00 78 3B C0 00 00 8`..8..ˆ8¡.x;À.. | 003A4CC0 38 60 00 01 38 81 00 88 38 A1 00 78 3B C0 00 00 8`..8..ˆ8¡.x;À.. | ||
003A4CD0 67 DE 80 01 63 DE 2F D0 7F C9 03 A6 4E 80 04 21 gÞ€.cÞ/Ð.É.¦N€.! | 003A4CD0 67 DE 80 01 63 DE 2F D0 7F C9 03 A6 4E 80 04 21 gÞ€.cÞ/Ð.É.¦N€.! | ||
003A4CE0 2F A3 00 00 40 9E 00 18 E8 01 00 78 78 00 06 20 /£..@ž..è..xx.. | 003A4CE0 2F A3 00 00 40 9E 00 18 E8 01 00 78 78 00 06 20 /£..@ž..è..xx.. | ||
003A4CF0 2F 80 00 FF 3B 60 00 0F 40 9E 02 EC E8 1F 04 A0 /€.ÿ;`..@ž.ìè.. | 003A4CF0 2F 80 00 FF 3B 60 00 0F 40 9E 02 EC E8 1F 04 A0 /€.ÿ;`..@ž.ìè.. | ||
003A4D00 F8 01 00 88 E8 1F 04 A8 F8 01 00 90 E8 1F 04 D0 ø..ˆè..¨ø...è..Ð | 003A4D00 F8 01 00 88 E8 1F 04 A8 F8 01 00 90 E8 1F 04 D0 ø..ˆè..¨ø...è..Ð | ||
003A4D10 F8 01 00 98 E8 1F 04 C8 F8 01 00 A0 38 00 00 00 ø..˜è..Èø.. | 003A4D10 F8 01 00 98 E8 1F 04 C8 F8 01 00 A0 38 00 00 00 ø..˜è..Èø.. 8... | ||
003A4D20 F8 01 00 78 F8 01 00 80 38 60 00 01 38 81 00 88 ø..xø..€8`..8..ˆ | 003A4D20 F8 01 00 78 F8 01 00 80 38 60 00 01 38 81 00 88 ø..xø..€8`..8..ˆ | ||
003A4D30 38 A1 00 78 3B C0 00 00 67 DE 80 01 63 DE 2F D0 8¡.x;À..gÞ€.cÞ/Ð | 003A4D30 38 A1 00 78 3B C0 00 00 67 DE 80 01 63 DE 2F D0 8¡.x;À..gÞ€.cÞ/Ð | ||
003A4D40 7F C9 03 A6 4E 80 04 21 2F A3 00 00 40 9E 00 18 .É.¦N€.!/£..@ž.. | 003A4D40 7F C9 03 A6 4E 80 04 21 2F A3 00 00 40 9E 00 18 .É.¦N€.!/£..@ž.. | ||
003A4D50 E8 01 00 78 78 00 06 20 2F 80 00 FF 3B 60 00 0F è..xx.. /€.ÿ;`.. | 003A4D50 E8 01 00 78 78 00 06 20 2F 80 00 FF 3B 60 00 0F è..xx.. /€.ÿ;`.. | ||
003A4D60 40 9E 02 84 E8 1F 04 A0 F8 01 00 88 E8 1F 04 A8 @ž.„è.. | 003A4D60 40 9E 02 84 E8 1F 04 A0 F8 01 00 88 E8 1F 04 A8 @ž.„è.. ø..ˆè..¨ | ||
003A4D70 F8 01 00 90 E8 1F 04 D8 F8 01 00 98 E8 1F 04 C8 ø...è..Øø..˜è..È | 003A4D70 F8 01 00 90 E8 1F 04 D8 F8 01 00 98 E8 1F 04 C8 ø...è..Øø..˜è..È | ||
003A4D80 F8 01 00 A0 38 00 00 00 F8 01 00 78 F8 01 00 80 ø.. | 003A4D80 F8 01 00 A0 38 00 00 00 F8 01 00 78 F8 01 00 80 ø.. 8...ø..xø..€ | ||
003A4D90 38 60 00 01 38 81 00 88 38 A1 00 78 3B C0 00 00 8`..8..ˆ8¡.x;À.. | 003A4D90 38 60 00 01 38 81 00 88 38 A1 00 78 3B C0 00 00 8`..8..ˆ8¡.x;À.. | ||
003A4DA0 67 DE 80 01 63 DE 2F D0 7F C9 03 A6 4E 80 04 21 gÞ€.cÞ/Ð.É.¦N€.! | 003A4DA0 67 DE 80 01 63 DE 2F D0 7F C9 03 A6 4E 80 04 21 gÞ€.cÞ/Ð.É.¦N€.! | ||
Line 1,001: | Line 416: | ||
003A4E60 3B 60 00 10 3B C0 00 00 67 DE 80 01 63 DE 3D B8 ;`..;À..gÞ€.cÞ=¸ | 003A4E60 3B 60 00 10 3B C0 00 00 67 DE 80 01 63 DE 3D B8 ;`..;À..gÞ€.cÞ=¸ | ||
003A4E70 7F C9 03 A6 4E 80 04 21 7F A3 C8 00 40 9E 01 34 .É.¦N€.!.£È.@ž.4 | 003A4E70 7F C9 03 A6 4E 80 04 21 7F A3 C8 00 40 9E 01 34 .É.¦N€.!.£È.@ž.4 | ||
003A4E80 3B 60 00 14 38 7F 04 60 E8 81 00 A8 38 A0 00 10 ;`..8..`è.. | 003A4E80 3B 60 00 14 38 7F 04 60 E8 81 00 A8 38 A0 00 10 ;`..8..`è..¨8 .. | ||
003A4E90 3B C0 00 00 67 DE 80 01 63 DE 39 E0 7F C9 03 A6 ;À..gÞ€.cÞ9à.É.¦ | 003A4E90 3B C0 00 00 67 DE 80 01 63 DE 39 E0 7F C9 03 A6 ;À..gÞ€.cÞ9à.É.¦ | ||
003A4EA0 4E 80 04 21 2F A3 00 00 40 9E 01 08 E8 A1 00 A8 N€.!/£..@ž..è¡.¨ | 003A4EA0 4E 80 04 21 2F A3 00 00 40 9E 01 08 E8 A1 00 A8 N€.!/£..@ž..è¡.¨ | ||
Line 1,012: | Line 427: | ||
003A4F10 7F A3 C8 00 40 9E 00 9C E8 1F 04 E0 F8 01 00 88 .£È.@ž.œè..àø..ˆ | 003A4F10 7F A3 C8 00 40 9E 00 9C E8 1F 04 E0 F8 01 00 88 .£È.@ž.œè..àø..ˆ | ||
003A4F20 E8 1F 04 E8 F8 01 00 90 E8 1F 04 F0 F8 01 00 98 è..èø...è..ðø..˜ | 003A4F20 E8 1F 04 E8 F8 01 00 90 E8 1F 04 F0 F8 01 00 98 è..èø...è..ðø..˜ | ||
003A4F30 E8 1F 04 F8 F8 01 00 A0 38 00 00 00 F8 01 00 78 è..øø.. | 003A4F30 E8 1F 04 F8 F8 01 00 A0 38 00 00 00 F8 01 00 78 è..øø.. 8...ø..x | ||
003A4F40 F8 01 00 80 38 60 00 01 38 81 00 88 38 A1 00 78 ø..€8`..8..ˆ8¡.x | 003A4F40 F8 01 00 80 38 60 00 01 38 81 00 88 38 A1 00 78 ø..€8`..8..ˆ8¡.x | ||
003A4F50 3B C0 00 00 67 DE 80 01 63 DE 2F 88 7F C9 03 A6 ;À..gÞ€.cÞ/ˆ.É.¦ | 003A4F50 3B C0 00 00 67 DE 80 01 63 DE 2F 88 7F C9 03 A6 ;À..gÞ€.cÞ/ˆ.É.¦ | ||
Line 1,040: | Line 455: | ||
003A50D0 69 6F 73 00 61 74 61 00 00 00 00 00 72 65 67 69 ios.ata.....regi | 003A50D0 69 6F 73 00 61 74 61 00 00 00 00 00 72 65 67 69 ios.ata.....regi | ||
003A50E0 6F 6E 30 00 61 63 63 65 73 73 on0.access | 003A50E0 6F 6E 30 00 61 63 63 65 73 73 on0.access | ||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
003B1420 00 00 0C F0 00 00 ...ð.. | 003B1420 00 00 0C F0 00 00 ...ð.. | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
003B1420 00 00 1C 70 00 00 ...p.. | 003B1420 00 00 1C 70 00 00 ...p.. | ||
lv2_kernel.elf | |||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
Line 1,075: | Line 480: | ||
00029360 3C 60 80 01 60 63 00 03 4E 80 00 20 3C 60 80 01 <`€.`c..N€. <`€. | 00029360 3C 60 80 01 60 63 00 03 4E 80 00 20 3C 60 80 01 <`€.`c..N€. <`€. | ||
00029370 60 63 00 03 4E 80 00 20 3C 60 80 01 60 `c..N€. <`€.` | 00029370 60 63 00 03 4E 80 00 20 3C 60 80 01 60 `c..N€. <`€.` | ||
Patched 355checkoff | |||
Patched 355checkoff: | |||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
00029330 E8 63 00 00 èc.. | 00029330 E8 63 00 00 èc.. | ||
Line 1,082: | Line 488: | ||
00029360 4B FE 83 CC 60 00 00 00 60 00 00 00 4B FE 83 E0 KþƒÌ`...`...Kþƒà | 00029360 4B FE 83 CC 60 00 00 00 60 00 00 00 4B FE 83 E0 KþƒÌ`...`...Kþƒà | ||
00029370 60 00 00 00 60 00 00 00 3C 60 80 01 60 `...`...<`€.` | 00029370 60 00 00 00 60 00 00 00 3C 60 80 01 60 `...`...<`€.` | ||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
003591D0 E8 CF èÏ | 003591D0 E8 CF èÏ | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
003591D0 D6 94 Ö” | 003591D0 D6 94 Ö” | ||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
003592F0 E8 CF èÏ | 003592F0 E8 CF èÏ | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
003592F0 D6 94 Ö” | 003592F0 D6 94 Ö” | ||
Original ofw355: | Original ofw355: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
00359380 A0 40 36 6B 2D 8A 50 99 1E B3 0C 53 E5 9B 5D 6E | 00359380 A0 40 36 6B 2D 8A 50 99 1E B3 0C 53 E5 9B 5D 6E @6k-ŠP™.³.Så›]n | ||
00359390 61 2C AC B8 a,¬¸ | 00359390 61 2C AC B8 a,¬¸ | ||
Patched 355checkoff: | Patched 355checkoff: | ||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | ||
Line 1,107: | Line 521: | ||
====dev_flash_010.tar.aa.2010_11_27_051337==== | ====dev_flash_010.tar.aa.2010_11_27_051337==== | ||
dev_flash\vsh\module\nas_plugin.sprx | dev_flash\vsh\module\nas_plugin.sprx | ||
====dev_flash_016.tar.aa.2010_11_27_051337==== | ====dev_flash_016.tar.aa.2010_11_27_051337==== | ||
dev_flash\vsh\resource\explore\xmb\category_game.xml | dev_flash\vsh\resource\explore\xmb\category_game.xml | ||
===== | == V1 == | ||
=== Tasks === | |||
[http://git.gitbrew.org/repos/?p=ps3/ps3mfw/tasks.git;a=blob;f=patch_lv1.tcl MFW Task::patch_lv1.tcl] with the following patches selected: | |||
* --patch-lv1-storage-skip-acl-check | |||
* --patch-lv1-sysmgr-disable-integrity-check | |||
=== Patches === | |||
http://pastebin.com/aNehMfGi : | |||
Downgrade patches | |||
| |||
http://www.multiupload.com/O0TZGNP92M | |||
| |||
DIFF: | |||
| |||
------------- | |||
patch-lv1-storage-skip-acl-check : Patching LV1 to enable skipping of ACL checks for all storage devices | |||
| |||
ORIGINAL | |||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | |||
0007B340 54 63 06 3E Tc.> | |||
| |||
PATCHED | |||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | |||
0007B340 38 60 00 01 8`.. | |||
| |||
----- | |||
patch-lv1-storage-skip-acl-check : Patching LV1 to enable skipping of ACL checks for all storage devices (continued) | |||
| |||
ORIGINAL | |||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | |||
0007B340 E8 01 00 70 è..p | |||
| |||
PATCHED | |||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | |||
0007B340 38 00 00 01 8... | |||
| |||
----- | |||
patch-lv1-sysmgr-disable-integrity-check: Disable integrity check in System Manager | |||
| |||
ORIGINAL | |||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | |||
0021D0B0 48 00 D7 15 H.×. | |||
| |||
PATCHED | |||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | |||
0021D0B0 38 60 00 00 8`.. | |||
| |||
------------- | |||
| |||
Reference: http://www.ps3devwiki.com/index.php?title=Talk:Dual_Firmware | |||
---- | |||
=== Combining patches === | |||
There is a difference between the patches on the [[Talk:Downgrading with NOR flasher]] and [[Talk:Downgrading with NAND flasher]] | |||
what if you combine those together? 1st try: selecting both patch tasks manually: | |||
<keperfear> eussnl http://www.multiupload.com/6AZN5DOCM9 | |||
<keperfear> could you check if i patched everything correctly | |||
<keperfear> anyway i really need to sleep now | |||
<keperfear> good luck everyone | |||
* keperfear left | |||
<eussNL> oh dear, keperfear is already gone ... anyhow, this was my version : [http://www.multiupload.com/3KW1IZ45E0 patched355coreos.rar (4.84 MB)] (no "Patch In product mode erase standby bank skipped" selected) | |||
---- | |||
<keperfear> Eussnl try with this one | |||
<pre> | |||
# In product mode erase standby bank skipped | |||
log "Patch In product mode erase standby bank skipped" | |||
set search "\x41\x9E\x00\x0C\xE8\xA2\x8A\x38\x48\x00\x00\xCC\x7B\xFD\x00\x20" | |||
set replace "\x60\x00\x00\x00\xE8\xA2\x8A\x38\x48\x00\x00\xCC\x7B\xFD\x00\x20" | |||
catch_die {::patch_elf $elf $search 0 $replace} "Unable to patch self [file tail $elf]" | |||
</pre>(difference is \x41\x9E\x00\x0C\xE8\xA2\x8A\'''x38''' instead of \x41\x9E\x00\x0C\xE8\xA2\x8A'''\x30''')<br /> | |||
==== Combined TCL ==== | |||
2nd try, Combined single TCL "patch-lv1checks.tcl" : | |||
<pre> | |||
#!/usr/bin/tclsh | |||
# | |||
# ps3mfw -- PS3 MFW creator | |||
# | |||
# Copyright (C) PsiColeO | |||
# Copyright (C) glevand ([email protected]) | |||
# Copyright (C) Anonymous Developers (Code Monkeys) | |||
# | |||
# This software is distributed under the terms of the GNU General Public | |||
# License ("GPL") version 3, as published by the Free Software Foundation. | |||
# | |||
# Priority: 300 | |||
# Description: Patch LV1 checks | |||
# Option --patch-lv1checks: Disables many checks in lv1 | |||
# Type --patch-lv1checks: boolean | |||
namespace eval ::patch_lv1checks { | |||
array set ::patch_lv1checks::options { | |||
--patch-lv1checks true | |||
} | |||
proc main { } { | |||
set self "lv1.self" | |||
::modify_coreos_file $self ::patch_lv1checks::patch_self | |||
} | |||
proc patch_self {self} { | |||
if {!$::patch_lv1checks::options(--patch-lv1checks)} { | |||
log "WARNING: Enabled task has no enabled option" 1 | |||
} else { | |||
::modify_self_file $self ::patch_lv1checks::patch_elf | |||
} | |||
} | |||
proc patch_elf {elf} { | |||
if {$::patch_lv1checks::options(--patch-lv1checks)} { | |||
log "Patching LV1 Checks" | |||
# ss_server1 | |||
# Patch core OS Hash check // product mode always on | |||
log "--------------- Patching ss_server1.fself ----------------------------" | |||
log "Patch core OS Hash check // product mode always on" | |||
set search "\x41\x9E\x00\x1C\x7F\x63\xDB\x78\xE8\xA2\x85\x68\x38\x80\x00\x01" | |||
set replace "\x60\x00\x00\x00\x7F\x63\xDB\x78\xE8\xA2\x85\x68\x38\x80\x00\x01" | |||
catch_die {::patch_elf $elf $search 0 $replace} "Unable to patch self [file tail $elf]" | |||
" | # Patch check_revoke_list_hash check // product mode always on | ||
log "Patch check_revoke_list_hash check // product mode always on" | |||
set search "\x41\x9E\x00\x1C\x7F\xA3\xEB\x78\xE8\xA2\x85\x68\x38\x80\x00\x01" | |||
set replace "\x60\x00\x00\x00\x7F\xA3\xEB\x78\xE8\xA2\x85\x68\x38\x80\x00\x01" | |||
catch_die {::patch_elf $elf $search 0 $replace} "Unable to patch self [file tail $elf]" | |||
---- | |||
# In product mode erase standby bank skipped | |||
log "Patch In product mode erase standby bank skipped" | |||
set search "\x41\x9E\x00\x0C\xE8\xA2\x8A\x38\x48\x00\x00\xCC\x7B\xFD\x00\x20" | |||
set replace "\x60\x00\x00\x00\xE8\xA2\x8A\x38\x48\x00\x00\xCC\x7B\xFD\x00\x20" | |||
catch_die {::patch_elf $elf $search 0 $replace} "Unable to patch self [file tail $elf]" | |||
# Patching System Manager to disable integrity check | |||
log "Patching System Manager to disable integrity check" | |||
set search "\x38\x60\x00\x01\xf8\x01\x00\x90\x88\x1f\x00\x00\x2f\x80\x00\x00" | |||
set replace "\x38\x60\x00\x00" | |||
catch_die {::patch_elf $elf $search 0 $replace} "Unable to patch self [file tail $elf]" | |||
# Patching LV1 to enable skipping of ACL checks for all storage devices | |||
log "Patching LV1 to enable skipping of ACL checks for all storage devices" | |||
set search "\x54\x63\x06\x3e\x2f\x83\x00\x00\x41\x9e\x00\x14\xe8\x01\x00\x70\x54\x00\x07\xfe" | |||
append search "\x2f\x80\x00\x00\x40\x9e\x00\x18" | |||
set replace "\x38\x60\x00\x01\x2f\x83\x00\x00\x41\x9e\x00\x14\x38\x00\x00\x01" | |||
catch_die {::patch_elf $elf $search 0 $replace} "Unable to patch self [file tail $elf]" | |||
} | |||
} | |||
} | |||
</pre>download: [http://www.multiupload.com/H61RYAPLHQ patch_lv1checks.rar (1.29 KB)] (2.88-3.42 / 3.50-3.55)<br /> | |||
<br /> | |||
==== PreAlpha v1 smoketest - offsets ==== | |||
'''patch-lv1checks''' (Modifying CORE_OS file lv1.self - Patching LV1 Checks) | |||
{|class="wikitable" | |||
|- | |||
! No. !! Description !! 2.80 !! 3.00 !! 3.01 !! 3.10 !! 3.15 !! 3.20 !! 3.21 !! 3.30 !! 3.40 !! 3.41-BAD !! 3.41-FIX !! 3.42 !! 3.50 !! 3.55 | |||
|- | |||
| 1 || Patch core OS Hash check // product mode always on || 2958632 || 2958452 || 2958452 || 2958984 || 2958984 || 2959072 || 2891632 || 2891556 || 2891596 || 2891596 || 2891596 || 2891596 || 2891684 || 2891684 | |||
|- | |||
| 2 || Patch check_revoke_list_hash check // product mode always on || 2961708 || 2961528 || 2961528 || 2962060 || 2962060 || 2962148 || 2894708 || 2894632 || 2894672 || 2894672 || 2894672 || 2894672 || 2894836 || 2894836 | |||
|- | |||
| 16 || Patch In product mode erase standby bank skipped || ''2977960'' || ''2977780'' || ''2977780'' || ''2978324'' || ''2978324'' || ''2978412'' || ''2910972'' || ''2910896'' || ''2910936'' || ''2910936'' || ''2910936'' || ''2910936'' || 2911100 || 2911100 | |||
|- | |||
| 23 || Patching System Manager to disable integrity check || 2211164 || 2211424 || 2211424 || 2217608 || 2217608 || 2218192 || 2218120 || 2215760 || 2216052 || 2216052 || 2216052 || 2216052 || 2216096 || 2216096 | |||
|- | |||
| 24 || Patching LV1 to enable skipping of ACL checks for all storage devices || 498208 || 500212 || 500212 || 505304 || 505420 || 506032 || 506032 || 505112 || 504568 || 504568 || 504568 || 504568 || 504640 || 504640 | |||
|- | |||
|} | |||
<keperfear> coreos 3.55 with above 1,2,16,23,24 combined patches: [http://www.multiupload.com/4FEHWKT2ZN coreos355nandandnordowngradepatches.rosx (7 MB)] | |||
==== Status ==== | |||
MFW patch_lv1checks.tcl seems to work fine. | |||
Needs testing in the field by people with hardware flasher only. | |||
Update: | |||
[01:43:10] <Ryd3R> RSOD x_x | |||
[01:44:41] <Ryd3R> i hate when it show up | |||
[01:45:20] <Ryd3R> @eussNL: are you there ? | |||
[01:46:41] <eussNL> I am, but also alot of sidestuff going on, whats the problem all of the sudden | |||
and what did you do to make it bitch like that? | |||
[01:47:36] <Ryd3R> i did the 3.70 downgrade using a teensy++ | |||
[01:48:42] <Ryd3R> it works well when i revert back to 3.70 | |||
[01:49:23] <Ryd3R> i think it have something to do whith the fuckin syscon | |||
[01:49:37] <eussNL> ok, did you patch lv1 ? | |||
[01:49:43] <Ryd3R> yeah | |||
[01:50:09] <Ryd3R> the No hash check patch right ? | |||
[01:51:50] <Ryd3R> for some fuckin reason any version perior 3.70 gave me an rsod | |||
[01:52:41] <Ryd3R> i tried using the recovery menu to update to 3.60 from 3.55 (lv1 patched) still rsod | |||
[01:53:15] <eussNL> yes and then some... Ryd3R> the No hash check patch right ? | |||
[01:53:46] <eussNL> http://www.ps3devwiki.com/index.php?title=Talk:Downgrading_with_NOR_flasher#Combined_TCL | |||
[01:55:47] <Ryd3R> i'll give it a try | |||
[02:16:19] <Ryd3R> thanks eussNL you'r the man, the patch works like charm | |||
[02:22:53] <eussNL> good to hear, hope it stays flawless now :) | |||
== | == V2 == | ||
http://darkconsoles.com/foro/viewtopic.php?f=7&t=16 | |||
=== NOR offsets used === | |||
{|class="wikitable sortable" | {|class="wikitable sortable" | ||
|- | |- | ||
! target area !! patch no. !! NOR Offset !! Paste length !! Remarks | ! target area !! patch no. !! NOR Offset !! Paste length !! Remarks | ||
|- | |- | ||
| ROS0 || patch1 || 0x0C0010 || 0x6FFFE0 || | | ROS0 || [http://www.multiupload.com/RJVZP6CKZ5 patch1 (7 MB)] || 0x0C0010 || 0x6FFFE0 || version string not changed? | ||
|- | |- | ||
| ROS1 || patch2 || 0x7C0010 || 0x6FFFE0 || | | ROS1 || [http://www.multiupload.com/DGVUPMNDQU patch2 (7 MB)] || 0x7C0010 || 0x6FFFE0 || same as patch1? | ||
|- | |- | ||
| trvk_pkg0 || patch3 || 0x80000 || 0x20000 || | | trvk_pkg0 || [http://www.multiupload.com/Z7424DXPLJ patch3 (128 KB)] || 0x80000 || 0x20000 || | ||
|- | |- | ||
| trvk_pkg1 || patch4 || 0xA0000 || 0x20000 || | | trvk_pkg1 || [http://www.multiupload.com/74GLX7XFDG patch4 (128 KB)] || 0xA0000 || 0x20000 || | ||
|- | |- | ||
| trvk_prg0 || patch5 || 0x40000 || 0x20000 || | | trvk_prg0 || [http://www.multiupload.com/HHJ3GDGL7X patch5 (128 KB)] || 0x40000 || 0x20000 || | ||
|- | |- | ||
| trvk_prg1 || patch6 || 0x60000 || 0x20000 || | | trvk_prg1 || [http://www.multiupload.com/4SP4DIK1ZM patch6 (128 KB)] || 0x60000 || 0x20000 || | ||
|- | |- | ||
|} | |} | ||
=== LV1 patches used === | |||
Downgrade patches v2 | |||
http://www.multiupload.com/DVFD9AZGO5 | |||
DIFF: | |||
------------- | |||
patch-lv1-storage-skip-acl-check : Patching LV1 to enable skipping of ACL checks for all storage devices | |||
ORIGINAL | |||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | |||
0007B340 54 63 06 3E Tc.> | |||
PATCHED | |||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | |||
0007B340 38 60 00 01 8`.. | |||
----- | |||
patch-lv1-storage-skip-acl-check : Patching LV1 to enable skipping of ACL checks for all storage devices (continued) | |||
ORIGINAL | |||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | |||
0007B340 E8 01 00 70 è..p | |||
PATCHED | |||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | |||
0007B340 38 00 00 01 8... | |||
----- | |||
???? Patch sys_mgr integrity lv1 and lv0 integrity check ???? | |||
ORIGINAL | |||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | |||
0021D0B0 48 00 D7 15 H.×. | |||
PATCHED | |||
Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F | |||
0021D0B0 38 60 00 00 8`.. | |||
----- | |||
==== Combined TCL V2==== | |||
Combined single TCL "patch-lv1checks.tcl" with added new patch : | |||
<pre> | |||
#!/usr/bin/tclsh | |||
# | |||
# ps3mfw -- PS3 MFW creator | |||
# | |||
# Copyright (C) PsiColeO | |||
# Copyright (C) glevand ([email protected]) | |||
# Copyright (C) Anonymous Developers (Code Monkeys) | |||
# | |||
# This software is distributed under the terms of the GNU General Public | |||
# License ("GPL") version 3, as published by the Free Software Foundation. | |||
# | |||
# Priority: 300 | |||
# Description: Patch LV1 checks | |||
# Option --patch-lv1checks: Disables many checks in lv1 | |||
# | |||
# Type --patch-lv1checks: boolean | |||
# | |||
namespace eval ::patch_lv1checks { | |||
array set ::patch_lv1checks::options { | |||
--patch-lv1checks true | |||
} | |||
proc main { } { | |||
set self "lv1.self" | |||
::modify_coreos_file $self ::patch_lv1checks::patch_self | |||
} | |||
proc patch_self {self} { | |||
if {!$::patch_lv1checks::options(--patch-lv1checks)} { | |||
log "WARNING: Enabled task has no enabled option" 1 | |||
} else { | |||
::modify_self_file $self ::patch_lv1checks::patch_elf | |||
} | |||
} | |||
proc patch_elf {elf} { | |||
if {$::patch_lv1checks::options(--patch-lv1checks)} { | |||
log "Patching LV1 Checks" | |||
# ss_server1 | |||
# Patch core OS Hash check // product mode always on | |||
log "--------------- Patching ss_server1.fself ----------------------------" | |||
log "Patch core OS Hash check // product mode always on" | |||
set search "\x41\x9E\x00\x1C\x7F\x63\xDB\x78\xE8\xA2\x85\x68\x38\x80\x00\x01" | |||
set replace "\x60\x00\x00\x00\x7F\x63\xDB\x78\xE8\xA2\x85\x68\x38\x80\x00\x01" | |||
catch_die {::patch_elf $elf $search 0 $replace} "Unable to patch self [file tail $elf]" | |||
# Patch check_revoke_list_hash check // product mode always on | |||
log "Patch check_revoke_list_hash check // product mode always on" | |||
set search "\x41\x9E\x00\x1C\x7F\xA3\xEB\x78\xE8\xA2\x85\x68\x38\x80\x00\x01" | |||
set replace "\x60\x00\x00\x00\x7F\xA3\xEB\x78\xE8\xA2\x85\x68\x38\x80\x00\x01" | |||
catch_die {::patch_elf $elf $search 0 $replace} "Unable to patch self [file tail $elf]" | |||
# In product mode erase standby bank skipped | |||
log "Patch In product mode erase standby bank skipped" | |||
set search "\x41\x9E\x00\x0C\xE8\xA2\x8A\x38\x48\x00\x00\xCC\x7B\xFD\x00\x20" | |||
set replace "\x60\x00\x00\x00\xE8\xA2\x8A\x38\x48\x00\x00\xCC\x7B\xFD\x00\x20" | |||
catch_die {::patch_elf $elf $search 0 $replace} "Unable to patch self [file tail $elf]" | |||
# Patching System Manager to disable integrity check | |||
log "Patching System Manager to disable integrity check" | |||
set search "\x38\x60\x00\x01\xf8\x01\x00\x90\x88\x1f\x00\x00\x2f\x80\x00\x00" | |||
set replace "\x38\x60\x00\x00" | |||
catch_die {::patch_elf $elf $search 0 $replace} "Unable to patch self [file tail $elf]" | |||
# Patching LV1 to enable skipping of ACL checks for all storage devices | |||
log "Patching LV1 to enable skipping of ACL checks for all storage devices" | |||
set search "\x54\x63\x06\x3e\x2f\x83\x00\x00\x41\x9e\x00\x14\xe8\x01\x00\x70\x54\x00\x07\xfe" | |||
append search "\x2f\x80\x00\x00\x40\x9e\x00\x18" | |||
set replace "\x38\x60\x00\x01\x2f\x83\x00\x00\x41\x9e\x00\x14\x38\x00\x00\x01" | |||
catch_die {::patch_elf $elf $search 0 $replace} "Unable to patch self [file tail $elf]" | |||
# LV1 0021D0B4@355 patch (?Patch sys_mgr integrity lv1 and lv0 integrity check?) | |||
log "?Patch sys_mgr integrity lv1 and lv0 integrity check?" | |||
set search "\x48\x00\xD7\x15\x2F\x83\x00\x00\x38\x60\x00\x01" | |||
set replace "\x38\x60\x00\x00\x2F\x83\x00\x00\x38\x60\x00\x01" | |||
catch_die {::patch_elf $elf $search 0 $replace} "Unable to patch self [file tail $elf]" | |||
} | |||
} | |||
} | |||
</pre>download: [http://www.multiupload.com/IU061G4J69 patch_lv1checks.rar (1.53 KB)] (3.40-3.42 / 3.50-3.55)<br /> | |||
<br /> | |||
==== PreAlpha v2 smoketest - offsets ==== | |||
'''patch-lv1checks''' (Modifying CORE_OS file lv1.self - Patching LV1 Checks) | |||
{|class="wikitable" | |||
|- | |||
! No. !! Description !! 2.80 !! 3.00 !! 3.01 !! 3.10 !! 3.15 !! 3.20 !! 3.21 !! 3.30 !! 3.40 !! 3.41-BAD !! 3.41-FIX !! 3.42 !! 3.50 !! 3.55 | |||
|- | |||
| 1 || Patch core OS Hash check // product mode always on || 2958632 || 2958452 || 2958452 || 2958984 || 2958984 || 2959072 || 2891632 || 2891556 || 2891596 || 2891596 || 2891596 || 2891596 || 2891684 || 2891684 | |||
|- | |||
| 2 || Patch check_revoke_list_hash check // product mode always on || 2961708 || 2961528 || 2961528 || 2962060 || 2962060 || 2962148 || 2894708 || 2894632 || 2894672 || 2894672 || 2894672 || 2894672 || 2894836 || 2894836 | |||
|- | |||
| 16 || Patch In product mode erase standby bank skipped || ''2977960'' || ''2977780'' || ''2977780'' || ''2978324'' || ''2978324'' || ''2978412'' || ''2910972'' || ''2910896'' || ''2910936'' || ''2910936'' || ''2910936'' || ''2910936'' || 2911100 || 2911100 | |||
|- | |||
| 23 || Patching System Manager to disable integrity check || 2211164 || 2211424 || 2211424 || 2217608 || 2217608 || 2218192 || 2218120 || 2215760 || 2216052 || 2216052 || 2216052 || 2216052 || 2216096 || 2216096 | |||
|- | |||
| 24 || Patching LV1 to enable skipping of ACL checks for all storage devices || 498208 || 500212 || 500212 || 505304 || 505420 || 506032 || 506032 || 505112 || 504568 || 504568 || 504568 || 504568 || 504640 || 504640 | |||
|- | |||
| 25 || ?Patch sys_mgr integrity lv1 and lv0 integrity check? || no pattern || no pattern || no pattern || no pattern || no pattern || no pattern || no pattern || no pattern<br />''2215780''? || ''2216072'' || ''2216072'' || ''2216072'' || ''2216072'' || 2216088 || 2216116 | |||
|- | |||
|} | |||
==== Status ==== | |||
MFW patch_lv1checks.tcl seems to work fine. | |||
Needs testing in the field by people with hardware flasher only. | |||
Rogero and VAL_ tested, no problems with games/trophy's and bluray movies | |||
==== Premade MFW ==== | |||
[http://www.multiupload.com/IAGZEX5Q75 Rogero MFW355_370_spoof_Internet_Blocked_LV1_Checks_Patched.PUP (170.59 MB)] |