PS3 Hypervisor Dumped via Parallel/LPT1 Port with XorHack!
Today JaicraB shared with the PlayStation 3 scene a PS3 Hypervisor 3.15 lv0/lv1 dumped via XorHack using a parallel / LPT1 port as a trigger alongside source code for the application used to send the pulse.
Shortly following, he redumped it possibly due to file corruption.
Download: PS3 Hypervisor 3.15 Dumped via Parallel/LPT1 Port with SRC / PS3 Hypervisor 3.15 Dumped via Parallel/LPT1 Port (ReDump)
To quote, roughly translated: Good. I've managed to make the Hyper Dump and BL. :D In the end I pulse generator echo PC using the search and the parallel port.
Software: (I AM NOT RESPONSIBLE for damage to the pileup, is a very simple, just polished. Q is unlikely to burn something, but also take into account q LPT1 port is very delicate. Good luck!)
Advisable to do so under MSDOS. Download the boot disk Windows 98, copy the executable and run it. No conecteis LPT1 port until q do not enter the program. The source was made with Turbo C + +.
The important thing is to share and not keep anything more if it is for the common good. Do not make bad use of my Mac and my PS3's own data ;)
Any questions or suggestions are welcome in the comments. The next "chapter" eviscerate the dump. Until next time!
More PlayStation 3 News...
"volvado" basically means "the returned thing". So, roughly he means the next step is to look at what he's obtained.
It looks like he's attempted to use a 555 to do the hv glitch, failed, and instead decided to use the printer port to provide the pulse instead.
I don't actually seem to be able to download any of the files to look more closely. I guess they're being hammered right now!
Seen the thread title and thought this was a breakthru! I was trying to understand what "volvado" means and i think its "volcado" that means in english allocate so i guess he means to strip the allocated memory...
I was looking for the meaning of "volvado" and it seems he meant Volcado that means allocate so i believe that he meant to say:
Any question or suggestion are welcome in the comments. The next "chapter" will be to strip the allocated memory. Until then!
This doesn't work for this archive. Perhaps it was mistyped creating the archive or incorrect altogether. Any ideas or guesses?
Thanks for the post.
Megaupload finally let me download them. I used 7zip to extract the files, maybe try that.
The CPP file basically pulses bits 1-7 of the parallel port high; the circuit causes this to sink current from the wire "punto de geo" (geo's point) to ground. Looks good (and cheap!)
All we need is LV2 now correct?
Can't help thinking sony's recent announcement about removing OtherOS might prompt MORE people to actually hack into their PS3's - the above appears to be a very very cheap way to acheive this! (Great find by the way!)
Sore foot sony? Maybe you shouldn't have shot yourself in it then eh!
p.s. Personally i won't be doing this (my soldering skills leave a lot to be desired - i'd probably have problems with the parrallel connector let alone the ps3!). But i will be keeping my linux thank you very much sony shame about the on-line stuff, but i guess i can try PS3Proxi again and if i get really desperate have a look into coding my own proxy!
I guess I understand, you run a program that sends pulses through your computers LPT1 port through the cable on pins 1 and 7 to the ram chip used, and then it will glitch the memory bus and allow the exploit to work?
I JUST REUPLOADED all files that included in Jaicrab's 40 ns program archive, it is without password and it was archived by WinRar.
Specially for you get it: http://www.megaupload.com/?d=J9TCC3M4