Dumping Bootldr

From PS3 Developer wiki

Revision as of 15:31, 8 November 2012 by Zecoxao (talk | contribs) (Attempt to create a good tutorial in how to make a bootldr dump)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

This article is marked for rewrite/restructuring in proper wiki format.
You can help PS3 Developer wiki by editing it.

Requirements

OtherOS++ with SS Patches
Linux Kernel with glevand's/graf's patches (red ribbon rc6 will do the trick, since it has the embedded kernel)
https://dl.dropbox.com/u/35197530/bootldrexploit.7z the exploit and the lv1 peek poke from Juan (already corrected in this case)
NOR console with a NOR dump (the exploit isn't adapted to NAND consoles yet)

How to

Start a normal session from red ribbon (or any other distro you might have)
Extract the contents of bootldrexploit to your home folder
Open your terminal and type as root:

cd bootldrexploit/ps3peekpoke

Compile the lv1 peek poke kernel module:

make

Insert the lv1 peek poke kernel module:

insmod ps3peekpoke.ko

cd ../btldr8

Compile the exploit

make

Make a nor dump by typing

dd if=/dev/ps3nflasha of=nor.bin bs=1024

Execute the exploit

./lv0Decrypt 0 nor.bin buffer.bin

It should show the status as status A0082. This means you've succeeded. check your dump for the keys.

hexdump -C dump.bin > test

nano test

copy your dump to a safe place

Retrieved from "http://www.psdevwiki.com/ps3/index.php?title=Dumping_Bootldr&oldid=15691"

Cookies help us deliver our services. By using our services, you agree to our use of cookies.