PSGroove Modified for PS3 Backups Without a Disc in the Drive!
Today Spanish PS3 developer Hermes at Elotrolado.net (linked above) has shared a modified payload version of PSGroove, which allows users to run PS3 backups without requiring a disc in the PlayStation 3 drive.
To quote, roughly translated: Taking advantage that I have my AT90USBKEY, I used the disassembly of the payload (made by me), the descriptions in ps3wiki.lan.st and part of AerialX source, with the following objective:
1) Have a damn once the source of the exploit, with amendments, etc, enough is enough for us to pass an array and pulling miles.
2) I used to make some changes, with a very interesting result.
The first thing to tell, is that the payload is loaded into a memory area (700 000) and ends up turning part of your code into an area that is too full. Just add four things we can and in fact, for my change I had to relocate a table with patches (do not think you are having problems in the position you are).
The second is that I managed to enable loading of backups with the amendment introduced AerialX by his side, in order to launch applications from a flash drive (HDD) attached on / dev_usb000 (of the four ports, which is more to the right, in my case). My directly AerialX code did not work and removed much of what makes this load backups.
The fact is that you can put in root folder PS3_GAME with the appropriate structure (see the readme.txt of the package) to launch a EBOOT.BIN selecting the menu "/ app_home/PS3_GAME"
But it is not here: thinking that this could throw the EBOOT.BIN of a game, I thought about making a communication, so that by granting syscall36 (or directly, as I saw it), could "see" the game to launch in "/ apps_home/PS3_GAME" when no disc.
Surprisingly, it works. I do not know if there are games that are problems or not, but I've tried, they all without having to have the disc.
The problem is that the original manager asks you to drive before launching game balls, but the manager does not have to do anything that can run games, except set the path of the game by syscall 36.
In doing so, memory is allocated to a pointer, which is what I use to switch between "/ apps_home/PS3_GAME" to launch an application without installing the console (same in development) or redirect the game to run.
This is a string of code development and here I'll upload the full psgroove with lufalib and my modifications, the source of the payload is ready to compile. If you are a using a PIC, you just have to change the payload (replacing the array of payload. H that is generated when compiling and also provide) and have no space problems, or anything else, because it takes what same
If you have not understood a word, this is a thread of development which is offered as a heading, the code that makes the "magic" disassembled and modified to provide a way to run homebrew without installing the console and on the other hand, load your backups using that trick, they do not need a disc in (the bad is that it requires a new manager or patch the old hard not to ask to leave).
- You can also launch backups using a manager. The original manager needs a Bluray disc to exit and run games, but i have added a new feature to create a shortcut between "/app_home/PS3_GAME" and /dev_bdvd. So, it is possible to launch games without a bluray disc in the tray, using this path (but you needs other manager or you needs eject the disc after leaving the original manager).
I have tested some games, as Uncharted 2, Heavently Sword and others, mounting it directly (in payload the code) and it works without any disc
Te syscall 36 is used to indicate the game path and it is used to create the shortcut detecting a pointer in the payload . I have relocated "memory_patch_table" because the dedicated area is full and it hang if you copy more code.
To compile the PPU code you needs the compilers created by the ps3toolchain and fix the path in PS3_COMPILERS from Makefile.payload. You needs also the AVR compilers (i use an AT90USBKEY) and maybe gcc compiler (for raw2payload utility in others system)
If you are using a PIC or other method, use port1_config_descriptor.h to replace the same thing.
I have compiled hermes code for PIC boards. Here you go and enjoy. This hex is for PIC18f2550/4550 , 16MHz, LVP, LED on RB1. Of course you can change some of these spec before programming the hex yourself. Tested it myself, works flawlessly.
Posted this on psx-scene with the name of "moh.sakhaii", that's my name of course
It would be interesting to see if this helps games like Modern Warfare 2 This along with Lvl1 Access is very good progress in such a short amount of time. I wonder if psjailbreak are going to bother anymore or if they have something bigger and better up their sleeves. I am beginning to wonder if they are a clever scam.... Send out some samples take some bulk orders, take the money and run...