No more need to dump metldr!!!
EDIT: I got this error
- CMAC-EID0 [CEX] : ** ** ** ** * ** ** ** ** ** ** ** ** ** ** *
- CMAC : FAIL!
I was going to write more information on my post, but there wasn't an edit button so here it goes.
I will explain the two main options the program has.
Extract METLDR - This extracts the metldr from your flash dump so you can use this in the metldrpwn exploit and dump your root key. The dump file created by the metldrpwn exploit can then be loaded into the program (METLDR Dump).
CEX -> DEX - This creates a modified flash dump to convert your CEX into a DEX, the dump created can then be used to be flashed back to your PS3.
I assume you are getting those CMAC errors because you are attempting to use the extracted metldr as the metldr dump. These are two completely different files, the METLDR Dump is the dump file produced by the metldrpwn exploit. Could you show me part of your root key so I can get a better understanding of what you're actually loading.
You're right, i was loading the metldr i extracted from my flash
If it save to install linux on the ps3 could you link us a page that explain how to use the metldrpwn exploit with the dump? I'd like to use ubuntu on the pc if it is possible
The software works perfectly with partial (without bootloader) or full dump of NAND!
What's the point of converting a retail until into a debug unit?
CEX is only DEX to 3.55??
Randalajoe if you're having -8 errors, you may want to check out: ps3devwiki.com/wiki/OtherOS%2B%2B#Scripts
so does it mean anything that i still have the 4.10 dev firware from febuary..still stuck now stuck at cmac gosh dangit
Interesting , I wish Gunner54 released the source code.
btw, If Gunner54 is reading, you can actually link the C/C++ runtime libraries statically by doing this in your project:
Configuration Properties -> C/C++ -> Code Generation -> Runtime Library
Then select: Multi-threaded (/MT)
This will save users the need to install any runtime libraries to their PCs to use this.
Oh and please consider releasing the source code, so that this method can be documented easily. Anyway, thanks
[Register or Login to view code]
The 6th byte in IDPS (can be found in EID0 and EID5, see Flash) represents your Target ID.
Speaking of TargetID, the holy grail of the Debug units is 0×81, the DECR unit which apparently can also decrypt anything we want. Those are suspected to require specific hardware and firmwares however... and the legend says that some scene devs own one.
Until this week, people who legitimately wanted to stay on a Custom Firmware for homebrew reasons could not play recent PS3 games they owned. With such a technique, they now have a possibility to run their 3.6+ blu rays without sacrificing homebrew. As far as I can tell, this does not “bring more piracy to the PS3″, for now. It just allows more legitimate use of the PS3 for honest homebrew users.