Algo no cuadra, eso es un sniffer, vamos, me da que es
el metodo con
el que saco la root key. Tal y como dijo en su conferencia ya no hacia falta nada de hard para firmar las aplicaciones al tener las claves de Sony, sino... habeis pensado que con cada juego iria una placa de esas para instalarlos?
Tambien prometio
el instalable de linux, preparadito y listo para meter sin necesidad de hard, y por si fuera poco,
el conecto por ssh arrancando la consola sin nada conectado.
Vamos... esto me da que viene a todo
el follon montado por las claves, la publicacion de geohot sin reconocimiento a marcan y demas.
Tuto :
1 This is the NOR flasher tool that was used to flash AsbestOS onto the demo PS3
2 at 27C3, and for experimentation.
3
4 Contents:
5 hdl - Verilog code (for Xilinx Spartan3E XC3S500E) for the flasher
6 hdl-sniffer - Verilog code (same board) for the sniffer
7 loader - bitfile loader for the board (parallel 8bit mode, really fast)
8 also includes code to program the FTDI's EEPROM (required)
9 sniffer - C client for the sniffer
10 noralizer.py - Python client for the
11 nor_testpoints.png - diagram of the NOR testpoints (for CECH-2504A)
12 norinfo.py - simple NOR parser, prints the main sections of the NOR and their offsets.
13
14 Examples:
15 $ make -C hdl run
16 $ python noralizer.py dump foo.bin # dump the NOR
17 $ python noralizer.py write foo.bin # write the entire NOR
18 $ # write something at 0x123456, doing read-modify-write if necessary
19 $ python noralizer.py write lv2.self 0x123456
20 $ # same, but prepend a 16-byte length header
21 $ python noralizer.py writeimg rvk_prg0.sce 0x40000
22 $ python noralizer.py release # release NOR interface, so the PS3 can boot
23
24 $ make -C hdl-sniffer run
25 $ make -C sniffer
26 $ sniffer/sniffer > log.txt # log NOR address ranges accessed
27
28 Dependencies:
29 ISE WebPACK to build the HDL
30 python-libusb1 (
https://github.com/vpelletier/python-libusb1)
31
32 Unfortunately, the exact board that I used was an internal project originally
33 developed for DSi hacking and is not commercially available. However, it's just
34 an FPGA and a FT2232H USB bridge with a ton of IOs on the board. You should be
35 able to retarget this to pretty much any other FPGA board with a FT2232H fairly
36 easily. There is more info on the expected connections in the .ucf files.
@Fail0verflow:
Quote:
Pushed a repo with the PS3 NOR flasher stuff we used at 27C3:
http://goo.gl/LTD1p (sadly you need to adapt it to your own board)
@Marcan: **OLD TWEETS BUT STILL RELEVANT AFAIK** (12/21)
Quote:
Confirmed that NOR dumps made with AsbestOS NetRPC are 1:1 and complete.
Quote:
I'm not sure how I managed it, but I didn't screw up any of the 50 wires on the flasher. It all works! I can brick & unbrick the PS3 now
Source: git.fail0verflow.com Git
Readme:
http://bit.ly/eIp4RcSources:
@fail0verflow +
@marcan42Pictures from Marcan's twitter regarding his own Nor flasher board: **NOTE THESE PICTURES ARE OLD, BUT SEEM APPROPRIATE**
-
http://bit.ly/i8xPMd-
http://bit.ly/hg6xEK-
http://bit.ly/emQ41N-
http://bit.ly/hsUJPu-
http://bit.ly/gMmxE9-
http://bit.ly/fE01zM