Talk:050.003: Difference between revisions

From PS3 Developer wiki
Jump to navigation Jump to search
 
(17 intermediate revisions by 3 users not shown)
Line 13: Line 13:
00 00 00 03 00 00 00 06 │ 00 00 00 07 00 00 00 01
00 00 00 03 00 00 00 06 │ 00 00 00 07 00 00 00 01
60 16 B2 9B 20 D7 09 84 │ 7B 2A 97 60 5F A3 56 AA
60 16 B2 9B 20 D7 09 84 │ 7B 2A 97 60 5F A3 56 AA
CE 10 25 50 00 00 00 00 │ 00 00 00 01 00 00 00 00
CE 10 25 50 00 00 00 00 │ 00 00 00 00 00 00 00 00
</pre>
</pre>


Line 153: Line 153:
== Lv1 ==
== Lv1 ==
<pre>
<pre>
key:  XX XX XX XX 7E 0B A8 27 D3 76 DC 93 0F 42 9A 5C
key:  F4 41 B3 8B 7E 0B A8 27 D3 76 DC 93 0F 42 9A 5C
      F4 41 B3 8B                                  5F
                            
                            
iv:  XX XX XX XX 75 A9 6D A9 64 26 F1 44 EF 7C CE BF
iv:  31 A2 E8 10 75 A9 6D A9 64 26 F1 44 EF 7C CE BF
                                              
                                              
</pre>
</pre>
Line 162: Line 161:
== Lv0/Updater ==
== Lv0/Updater ==
<pre>
<pre>
key:  XX XX XX XX ED A1 27 81 20 B4 F0 D8 3D 5D 00 D3  
key:  80 7D DE FF ED A1 27 81 20 B4 F0 D8 3D 5D 00 D3  
                            
                            
iv:  XX XX XX XX 82 85 54 C4 E5 1D 4E 93 AF 98 EB 67
iv:  B5 EA 43 1C 82 85 54 C4 E5 1D 4E 93 AF 98 EB 67
                            
                            
</pre>
</pre>
Line 181: Line 180:
13 4B 2E 18
13 4B 2E 18
* Signatures always start with 00
* Signatures always start with 00
* Sizes of sections can be found at the self header. in the case of two section selfs, offsets 0xEC and 0x11C will tell you the sizes.
* You can double check the first section hash of lv0! just go to the plaintext after the first encrypted section, select the decrypted one with size X bytes (0xEC) and calculate sha1sum


== Lv2 ==
== Lv2 ==
<pre>
<pre>
key: BE 56 02 4D 8C 05 1D 0X 54 FC BF 1X 11 EA 7F 9X
key: BE 56 02 4D 8C 05 1D 07 54 FC BF 10 11 EA 7F 9C


iv:  XX XX XX XX 4B AF D9 DX 27 3A FC 7X B2 9A 61 FX
iv:  46 0A AA 74 9A E2 C5 20 D0 C0 86 2A 28 D3 B5 3C
</pre>
</pre>


== Sys init selfs ==
== Sys init selfs ==
<pre>
 
key:    XX XX XX XX XX XX XX XX XX XX 86 2A 28 D3 B5 3C
Same as for LV2.
iv:      FE DC BA 98 76 54 32 10 01 23 45 67 89 AB CD EF
</pre>


= Possible Hashes (Meta) =
= Possible Hashes (Meta) =
== lv0 (clean) ==
* hash 1
<pre>6016b29b20da2e777b2a97605faa1e6bce102550</pre>
* hash 2
<pre>d43303bc90861ca3704ab17a54f592b5671346e9</pre>


== lv1 (clean) ==
== lv1 (clean) ==
Line 204: Line 213:
XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX
3F XX XX XX
3F XX XX XX
</pre>
* hash 3
<pre>
XX XX XX XX XX XX XX XX XX XX BF EF 95 60 18 90
AF D8 07 09
</pre>
</pre>


Line 221: Line 237:
S: 00 52 A7 31 DD 2E EF 04 25 51 97 08 0B 36 DB 4A 56 B3 17 5D D9
S: 00 52 A7 31 DD 2E EF 04 25 51 97 08 0B 36 DB 4A 56 B3 17 5D D9
</pre>
</pre>
== lv2_kernel.self  ==
<pre>
R: 00 2F 84 BC 4B AF D9 D7 27 3A FC 7B B2 9A 61 F2 BB A5 B3 30 B9
S: 00 13 A2 F5 3C 28 29 03 F4 EC 46 XX XX XX XX XX XX XX XX XX XX
</pre>
== lv1.self ==
<pre>
R: 00 6C 57 C0 A7 5A A4 A7 EE 33 77 54 09 72 10 F2 29 C4 BB DA C9
S1: 00 7A AD 2A E3 7E BC BC 55 52 E7 0E 60 0C 15 13 B8 69 29 C9 D0
S2: 00 81 C8 DD 03 19 A2 8B 8E 30 F9 F0 64 AB 98 50 8E D3 63 FE 42
</pre>
== lv0 ==
same R as lv1


= Meta List =
= Meta List =

Latest revision as of 02:21, 7 December 2014

Metadata Mapping[edit source]

Lv0 (clean)[edit source]

00 00 00 00 00 00 05 30 │ 00 00 00 01 00 00 00 02
00 00 00 08 00 00 00 30 │ 00 00 00 00 00 00 00 00
00 00 00 00 00 01 05 80 │ 00 00 00 00 00 00 03 68
00 00 00 02 00 00 00 00 │ 00 00 00 02 00 00 00 00
00 00 00 03 00 00 00 02 │ 00 00 00 03 00 00 00 01
00 00 00 00 00 02 07 A0 │ 00 00 00 00 00 03 4A F0
00 00 00 02 00 00 00 01 │ 00 00 00 02 00 00 00 04
00 00 00 03 00 00 00 06 │ 00 00 00 07 00 00 00 01
60 16 B2 9B 20 D7 09 84 │ 7B 2A 97 60 5F A3 56 AA
CE 10 25 50 00 00 00 00 │ 00 00 00 00 00 00 00 00

Metadata similarities[edit source]

Between lv1[edit source]

0000000 0000 0000 0000 0000 0000 0000 0000 0000
*
00000f0 6868 6868 6868 6868 6868 6868 6868 6868 <- hash 1
0000100 6868 6868 0000 0000 0000 0000 0000 0000
0000110 0000 0000 0000 0000 0000 0000 0000 0000
*
0000130 6868 6868 6868 6868 6868 6868 6868 6868 <- hash 2
0000140 6868 6868 0000 0000 0000 0000 0000 0000
0000150 0000 0000 0000 0000 0000 0000 0000 0000
*
0000170 6868 6868 6868 6868 6868 6868 6868 6868 <- hash 3
0000180 6868 6868 0000 0000 0000 0000 0000 0000
0000190 0000 0000 0000 0000 0000 0000 0000 0000
*
00001b0 7272 7272 7272 7272 7272 7272 7272 7272
00001c0 7272 7272 7372 7373 7373 7373 7373 7373
00001d0 7373 7373 7373 7373 7373 0000 0000 0000
00001e0 0000 0000 0000 0000 0000 0000 0000 0000
*
0000220

Between lv0/updater[edit source]

0000000 XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX
*
00000c0 HHHH HHHH HHHH HHHH HHHH HHHH HHHH HHHH <- Hash 1
00000d0 HHHH HHHH XXXX XXXX XXXX XXXX XXXX XXXX
00000e0 XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX
*
0000100 HHHH HHHH HHHH HHHH HHHH HHHH HHHH HHHH <- Hash 2
0000110 HHHH HHHH XXXX XXXX XXXX XXXX XXXX XXXX
0000120 XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX
*
0000140 RRRR RRRR RRRR RRRR RRRR RRRR RRRR RRRR <- R point
0000150 RRRR RRRR RRSS SSSS SSSS SSSS SSSS SSSS <- S point
0000160 SSSS SSSS SSSS SSSS SSSS XXXX XXXX XXXX
0000170 XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX
*
0000190

Between lv2[edit source]

0000000 0000 0000 0000 0000 0000 0000 0000 0000
*
0000090 6868 6868 6868 6868 6868 6868 6868 6868 <- hash 1
00000a0 6868 6868 0000 0000 0000 0000 0000 0000
00000b0 0000 0000 0000 0000 0000 0000 0000 0000
*
00000d0 6868 6868 6868 6868 6868 6868 6868 6868 <- hash 2
00000e0 6868 6868 0000 0000 0000 0000 0000 0000
00000f0 0000 0000 0000 0000 0000 0000 0000 0000
*
0000110 7272 7272 7272 7272 7272 7272 7272 7272 <- r
0000120 7272 7272 7372 7373 7373 7373 7373 7373 <- s
0000130 7373 7373 7373 7373 7373 0000 0000 0000
0000140 0000 0000 0000 0000 0000 0000 0000 0000
*
00001b0

Between sys_init selfs[edit source]

0000000 0000 0000 0000 0000 0000 0000 0000 0000
*
00000c0 6868 6868 6868 6868 6868 6868 6868 6868 <- hash 1
00000d0 6868 6868 0000 0000 0000 0000 0000 0000
00000e0 0000 0000 0000 0000 0000 0000 0000 0000
*
0000100 6868 6868 6868 6868 6868 6868 6868 6868 <- hash 2
0000110 6868 6868 0000 0000 0000 0000 0000 0000
0000120 0000 0000 0000 0000 0000 0000 0000 0000
*
0000140 6868 6868 6868 6868 6868 6868 6868 6868 <- hash 3
0000150 6868 6868 0000 0000 0000 0000 0000 0000
0000160 0000 0000 0000 0000 0000 0000 0000 0000
*
0000180 7272 7272 7272 7272 7272 7272 7272 7272 <- r
0000190 7272 7272 7372 7373 7373 7373 7373 7373 <- s
00001a0 7373 7373 7373 7373 7373 0000 0000 0000
00001b0 0000 0000 0000 0000 0000 0000 0000 0000
*
0000200

Between lv0/updater and lv1[edit source]

After proper cleanup it'll be put here

Structure (from first hash until signature)[edit source]

Size Description
0x14 Hash of Section
0x0C Padding?
0x10 Key?
0x10 Iv?

This repeats until signature which has the following structure...

Structure (signature)[edit source]

Size Description
0x15 R(Starts with 00, when xored in same position returns 00 due to crypto fail)
0x15 S(Starts with 00)
Remaining Padding?
  • Note: If the hashes of a section match (which usually happens with the data section between small revision changes) you'll see 00 in the xor

Possible Keys and IVs (Meta)[edit source]

Lv1[edit source]

key:  F4 41 B3 8B 7E 0B A8 27 D3 76 DC 93 0F 42 9A 5C
                           
iv:   31 A2 E8 10 75 A9 6D A9 64 26 F1 44 EF 7C CE BF
                                            

Lv0/Updater[edit source]

key:  80 7D DE FF ED A1 27 81 20 B4 F0 D8 3D 5D 00 D3 
                           
iv:   B5 EA 43 1C 82 85 54 C4 E5 1D 4E 93 AF 98 EB 67
                           

Notes:

  • xoring lv0 key with lv1 key will return delta of

74 3C 6D 74 93 AA 8F A6 F3 C2 2C 4B 32 1F 9A 8F

  • xoring lv0 iv with lv1 iv will return delta of

84 48 AB 0C F7 2C 39 6D 81 3B BF D7 40 E4 25 D8

  • xoring lv0 key with lv1 iv will return delta of

B1 DF 36 EF 98 08 4A 28 44 92 01 9C D2 21 CE 6C

  • xoring 00 00 00 00 00 00 00 00 00 00 00 00 with lv1 key returns

7E 0B A8 27 D3 76 DC 93 0F 42 9A 5C

  • xoring lv0 partial hash 2 with lv1 key returns delta of

13 4B 2E 18

  • Signatures always start with 00
  • Sizes of sections can be found at the self header. in the case of two section selfs, offsets 0xEC and 0x11C will tell you the sizes.
  • You can double check the first section hash of lv0! just go to the plaintext after the first encrypted section, select the decrypted one with size X bytes (0xEC) and calculate sha1sum

Lv2[edit source]

key: BE 56 02 4D 8C 05 1D 07 54 FC BF 10 11 EA 7F 9C

iv:  46 0A AA 74 9A E2 C5 20 D0 C0 86 2A 28 D3 B5 3C

Sys init selfs[edit source]

Same as for LV2.

Possible Hashes (Meta)[edit source]

lv0 (clean)[edit source]

  • hash 1
6016b29b20da2e777b2a97605faa1e6bce102550
  • hash 2
d43303bc90861ca3704ab17a54f592b5671346e9

lv1 (clean)[edit source]

  • hash 2
XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX
3F XX XX XX
  • hash 3
XX XX XX XX XX XX XX XX XX XX BF EF 95 60 18 90 
AF D8 07 09

Possible Signatures (Meta)[edit source]

sys_init_app.self (clean)[edit source]

R: 00 2F 84 BC 4B AF D9 D7 27 3A FC 7B B2 9A 61 F2 BB A5 B3 30 B9

S: 00 6C FB 58 A7 61 89 2A 67 BB 51 D5 55 84 DB B3 41 75 6D 89 47

sys_init_ios.self (clean)[edit source]

R: 00 2F 84 BC 4B AF D9 D7 27 3A FC 7B B2 9A 61 F2 BB A5 B3 30 B9

S: 00 52 A7 31 DD 2E EF 04 25 51 97 08 0B 36 DB 4A 56 B3 17 5D D9

lv2_kernel.self[edit source]

R: 00 2F 84 BC 4B AF D9 D7 27 3A FC 7B B2 9A 61 F2 BB A5 B3 30 B9

S: 00 13 A2 F5 3C 28 29 03 F4 EC 46 XX XX XX XX XX XX XX XX XX XX

lv1.self[edit source]

R: 00 6C 57 C0 A7 5A A4 A7 EE 33 77 54 09 72 10 F2 29 C4 BB DA C9
S1: 00 7A AD 2A E3 7E BC BC 55 52 E7 0E 60 0C 15 13 B8 69 29 C9 D0
S2: 00 81 C8 DD 03 19 A2 8B 8E 30 F9 F0 64 AB 98 50 8E D3 63 FE 42

lv0[edit source]

same R as lv1

Meta List[edit source]

Note: Some Metas are corrupt. Most lv1 and lv0 metas are perfect however. Contains extra metas

https://dl.dropboxusercontent.com/u/35197530/coolstuff/meta.zip