Dumping Bootldr: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| Line 5: | Line 5: | ||
* OtherOS++ with SS Patches | * OtherOS++ with SS Patches | ||
* Linux Kernel with glevand's/graf's patches (red ribbon rc6 will do the trick, since it has the embedded kernel) | * Linux Kernel with glevand's/graf's patches (red ribbon rc6 will do the trick, since it has the embedded kernel) | ||
* [[https:// | * [[https://mega.co.nz/#!VlEgTCbC!Vc56inunzm-iJpveobZbRBnwp35gvu67-VuwjYtwwOA | ||
the exploit]] | |||
* NOR console with a NOR dump (the exploit isn't adapted to NAND consoles yet) | * NOR console with a NOR dump (the exploit isn't adapted to NAND consoles yet) | ||
Revision as of 15:25, 11 March 2013
| This article is marked for rewrite/restructuring in proper wiki format. You can help PS3 Developer wiki by editing it. |
Requirements
- OtherOS++ with SS Patches
- Linux Kernel with glevand's/graf's patches (red ribbon rc6 will do the trick, since it has the embedded kernel)
- [[https://mega.co.nz/#!VlEgTCbC!Vc56inunzm-iJpveobZbRBnwp35gvu67-VuwjYtwwOA
the exploit]]
- NOR console with a NOR dump (the exploit isn't adapted to NAND consoles yet)
How to
- Start a normal session from red ribbon (or any other distro you might have)
- Extract the contents of bootldrexploit to your home folder
- Open your terminal and type as root:
- Compile the lv1 peek poke kernel module:
- Insert the lv1 peek poke kernel module:
- Change directory to the exploit dir
- Compile the exploit
- Make a nor dump by typing
- Execute the exploit
- It should show the status as status A0082. This means you've succeeded. check your dump for the keys.
cd bootldrexploit/ps3peekpoke
make
insmod ps3peekpoke.ko
cd ../btldr8
make
dd if=/dev/ps3nflasha of=nor.bin bs=1024
./lv0Decrypt 0 nor.bin buffer.bin
hexdump -C dump.bin > test
nano test