Talk:ReDRM / Piracy dongles

It seems the ps3jb2 loads masterdiscs with fself, with the algo provided and the right key (which is not provided) you can decrypt said masterdiscs images right on pc and grab the fself files.

   // do crypt
   unsigned char sector_key[16];
   memset(sector_key, 0, 16);
   sector_key[12] = (sector_num & 0xFF000000)>>24;
   sector_key[13] = (sector_num & 0x00FF0000)>>16;
   sector_key[14] = (sector_num & 0x0000FF00)>> 8;
   sector_key[15] = (sector_num & 0x000000FF)>> 0;
   
   // encrypt sector
   aes_context aes_ctx;
   aes_setkey_enc(&aes_ctx, G_DEBUG_KEY, 128);
   aes_crypt_cbc(&aes_ctx, AES_ENCRYPT, aligned_size, sector_key, buff, buff);
   
   // decrypt
   aes_context aes_ctx;
   aes_setkey_dec(&aes_ctx, G_DEBUG_KEY, 128);
   aes_crypt_cbc(&aes_ctx, AES_DECRYPT, aligned_size, sector_key, buff, buff);

that's the algo for masterdiscs
ps3gen dll has the static keys for masterdiscs
you can also get it from sv_iso
the crappy sdk tool that generates masterdisc images for dex

more talk:

folks

I looked a little more

and it seems the psjb2 just runs masterdiscs

with fself

kinda lame 

very lame

npdrm encrypted but labeled as fself

it's a fself but I dunno what it does

I never looked at it

I don't really care on doing more

if you use the masterdisc algo I provided

and the proper key

which I am not supplying

you can decrypt all the psjb2 disc images

right on pc

grab the fself

and use them to run them on a regular 3.55 fw 

ye oldnews :)

basically security == LAME

still interesting to see how they patched the firmware to allow masterdiscs

they also do some auth with the dongle

which involves crypto
 
to make sure the firmware does not load without it

but if you don't need the firmware to load the games...

they could have added some extra keys in appldr and encrypted the damn eboots at least 

I guess they didn't have enough time or enough spu skills