User talk:Zecoxao: Difference between revisions

From PS3 Developer wiki
Jump to navigation Jump to search
(→‎To wikify: - a couple more if you don't mind euss)
Line 33: Line 33:
|+ ebootroms [[Template:Prototype_models:CEB|CEB-1000/CEB-2000/CEB-20xx]]
|+ ebootroms [[Template:Prototype_models:CEB|CEB-1000/CEB-2000/CEB-20xx]]
|-
|-
! CEB !! Filename                    !! MD5                              !! SHA1                                    !! CRC32
! Type !! Filename                    !! MD5                              !! SHA1                                    !! CRC32
|-
|-
| rowspan="8" | [https://mega.co.nz/#F!0klXXCYZ!ik6_Ds_GQdFNcmfTgl96AQ CEB1000] || ebootrom.[[030.001]]            || 7ae573c73b66409ccbc8d2772643b3be || ee83d08f8c619db0de0cc2f917b8010411fb6a64 || 9eb273c4
| rowspan="8" | [https://mega.co.nz/#F!0klXXCYZ!ik6_Ds_GQdFNcmfTgl96AQ CEB1000] || ebootrom.[[030.001]]            || 7ae573c73b66409ccbc8d2772643b3be || ee83d08f8c619db0de0cc2f917b8010411fb6a64 || 9eb273c4
Line 118: Line 118:
|-
|-
| [[EBOOTROM_E|ebootrom_E]]_to_8.out          || f05d5f037580f1ec1d94857338ce2444 || a9d133d6469b10b104f8933f68bd98f1a168f097 || e39040f3
| [[EBOOTROM_E|ebootrom_E]]_to_8.out          || f05d5f037580f1ec1d94857338ce2444 || a9d133d6469b10b104f8933f68bd98f1a168f097 || e39040f3
|-
| rowspan="4" | [https://mega.co.nz/#F!YhdhBYCD!uLWdhlhZywqdPQb88m1NdA Internal] || ebootrom2_I || 73d6c09dca7395890628592e55378b81 || 14cda2ad0faaffbf5918b826efe424ca7ae44f5d || 6f2d4ed8
|-
| ebootrom_I.r009.spu_to_6 || 45608c79758d57d76597663714518fb2 || ef755af30626619e8782a9e77e5ab6669d689888 || 37b614f9
|-
| ebootrom_I.r009.spu_to_8 || 0f4160049a24d125300be6a2fb6ded01 || 734799341b7157c87f6528bc460dd12382241566 || f029a038
|-
| ebootrom_mini_I.ceb || 39f7259ae04904b5ea982fe78d779b54 || 760b02283721e6b557808b81edcf5530343382e8 || e3a0432e
|-
|-
|}
|}
https://mega.co.nz/#F!YhdhBYCD!uLWdhlhZywqdPQb88m1NdA

Revision as of 16:40, 27 May 2015

The Last Piece of the Puzzle

How

  • By enabling diagnostic mode on the ps3, we can enable the use of JTAG again (it's temporarily disabled when diag mode isn't set)
  • It is possible to dump the syscon firmware using this method (in unencrypted state)
  • The JTAG registers/TAP-controllers need to be bruteforced / reverse engineered
  • The leaked service manuals present information about the pins connected to the JigPin
  • The ObjectiveSuite contains an object (DIAGSERVICE) used to diagnose the ps3 using JTAG
  • Using a DIY JigPin would facilitate the task, but we still need more info about the hardware and software interface used by ObjectiveSuite to handle this.
  • This would probably work on ps4 too (provided that the diag pin and the JTAG pins still exist)

To wikify