02-28-2012 #21Griever2kx Guest
The problem on CFW 3.55 are the Vita Drivers. I don't know much about FW's above 3.70 and if there's a way to extract the Drivers and install them to 3.55. I ask KaKaRoTo by Time if there any Possibility... but what i read, this is useless as you already sait PS3 = just Host.
And if you have fully access to the Vita there should be a way, because as you say, the Vita control the transfer more than the PS3. Or we could work on an custom File Manager.
Okay but you've mentioned the Netflix app. I've already read some articles and people say that the App is buggy. It sometimes slow down ect... Have you take a closer look on the App already ?
Yeah, but you give us some hints how to probably get the Keys...
And Dualboot/Bootstrapping....hmm sounds good. I hope to see something soon from you
I take a look on my Vita tomorrow
02-28-2012 #22cfwprophet Guest
First you cant port a driver from higher fw's without having the keys for it. Then i allready asked some REAL dev's from scene which working on interesting stuff like psx and psp games for ps3 and they sayed that this is totally useless. They also have a vita and for sure are more skilled so peoples don't be too exited. About sony cant patch... uhmmm... what does team overflow sayed about there exploits and what have sony done ?
If some one of you really think sony cant patch this then well just wait.
And if you now want to know of which dev's i talk well... some one off the old gitbrew crew
02-28-2012 #23Nabnab Guest
First step of an exploit ? this is more than a first step of an exploit, i didn't start to work on it from yesterday. You would have any homebrew you want after exploiting the bootloader with for example a bootstrap. Sony can't fix and will never fix, because is under ARM architecture not even related to the software. Actually the CMA only work under a monitor mode.
I'm not teasing, i'm explaining and release my research and my works that you can find on pastebin most part can help
dev to figure out how to exploit the PS Vita under USB dev.
The USB debug trick ? you mean the key buttons was used for technical testing, they fix the trick, like the one for the hidden information, etc.. but i'm not talking about a trick in here.
Everyone will help me ? if you talk about the dev, i know some that don't want because too busy for that or other that with big ego and business don't know how to work together, the fact is that for a simple user you can't understand what going on my research, for a dev it's more than useful (big deal) that help a lot on for exploit the PS Vita system.
that don't change that much than a priority encryption with ARM architecture from smartphone.
02-28-2012 #24Griever2kx Guest
I really appreciate your work. And yeah..the Dev's nowadays... there just want Fame or teasing other People the whole time. Where's the Time with Dark Alex... where Dev's work together and sharing things because we all have the same goal. To free the PS3 or Vita.
Thanks for your Infos
Off-Topic Question. Do you have some experiences in hacking the 3DS. Because it's hard to find an useful exploit...
02-28-2012 #25D3mone Guest
Hi again Nabnab,
About my previous messages, if I was talking about dev it's because I'm a software engineer and I would like to participate and help if I can. I have lots of free time these days (no more work, long story and not the place to talk about it). Please try to reach me or give me a way to talk to you (live messenger, gtalk, etc).
See you soon,
02-28-2012 #26Nabnab Guest
Don't pay any attention to the fame or teasing, i still think that from the beginning have a misunderstood about what i said and what i did, what is the big deal, to lie ? to be famous ? etc ? i mean what is so important doing this ? doesn't make any sense and it will lead nothing than losing time.
I always said that i try to do my best for help and i'm not calling me a hacker but enough out of thread
I didn't try anything on the 3DS and i can't give any help to this (i know where is my limit, still need to learn), the only stuff i found on it, it's launching 3DS game that is not the same region with a swapping method but is not big deal and nothing to do with hacking or exploit 3DS , i'm not sure i could help on it.
the PS Vita is not the same, the PS Vita you can exploit with the connection with have, the 3DS is not that easy (well have the SD Card port) but it's not enough (you would probably need more material), i still think that we would be more stuck on the 3DS than the PS Vita (nothing related but i still prefer the PICA of the 3DS that have more potential to offer than the
SGX543 of the PS Vita, have too much power on a GPU don't mean you can't do all)
I would like to help for the 3DS maybe in the future, if i learn more about the 3DS.
Let me think about it D3mone, have already few person who contact me recently to help me but like i said to them, for now i feel uncomfortable after trying to work with somebody that didn't deserve any attention, i was working more alone than with the person.
I don't want this repeat again but anyway i would update my pastebin when is necessary that to help other dev (people like you) (somebody ask me why you don't make a blog) i don't want, pastebin and PS3news it's enough to communicate
I would let you know if i change my mind, just take time to read all my pastebin
Also if you want to make a app that to exploit the PS Vita (if you are on MacOS) i recommend using Xcode -> I/O Kit framework
About Windows is different, it's more easy to work under MacOS and write a driver that load stuff like that than on Windows, even i release a libusb driver windows for PS Vita, i still prefer working on MacOS that use a hybrid kernel -> BSD/XNU (the CMA MacOS have clearly more access comparetely to the Win version)
02-28-2012 #27D3mone Guest
Impossible to reach you in private so let's talk here.
I'm going to summarize what I understand and what I don't understand of each of your pastebin
1 - http://pastebin.com/xM5TiXHY, it's only the description of the Vita's USB interface. We learn that there is only one configuration and 3 endpoints for it. The first 81 is a bulk input, the 02 a bulk output and the 83 a interrupt in. And like every usb we maybe have a spare control endpoint which is never listed in this kind of output.
2 - http://pastebin.com/W3Z2j2uQ, here you talk about the old button trick to enable the debug mode and blabla. No more information...
3 - http://pastebin.com/hk6nigZz, here we have a list of things... Don't know exactly what it is... but it's funny that you talk about things like "SavedataSubFolder.cpp", "SavedataSubFolder.o".
I can understand that you found .h inside the Vita filesystem but .o and .cpp ?! I don't get the point, how would you find source code directly inside the Vita filesystem ?
Can you explain exactly what is this list ? From where are coming those source files ?
4 - http://pastebin.com/M2Y40JRG, You talk about IOCTL to call the debug usb mode. IOCTL can be used to performe file and I/O control and everything is based on file descriptor (I guess the USB file descriptor). So you are saying that we will need IOCTL to communicate with the USB (but the small python code you released use PYUSB and not IOCTL)... Why not giving us the complete explanation about what to do to enter in debug mode ?
5 - http://pastebin.com/k3TD4Dph, You said that you are exploiting USB transmission/CMA program. I have a complete log of the USB communication between my computer and my Vita. But there isn't usefull information (maybe I need to check it more deeply?). I see the talk between the PC and the vita on endpoint 82 and 02, but nothing interesting. They only use bulk transmissions and don't know what to learn from that...
6 - http://pastebin.com/HPWN3wSK, this is the man page of ioctl. Nothing more to say.
7 - http://pastebin.com/Wrz5Gn7S, it's an execution task (from CMA under Mac Os -that why there are some functions starting by "mach_" -). I don't understand how this can be useful ? I understand that CMA calls can be ended by IOCTL call by the Mac OS, but I still don't understand how this can be usefull ? Could you explain me that ?
8 - http://pastebin.com/hU1M9eWH, you explain what is the debug and monitor mode. Ok. You say that we need CMA and IOCTL to enter un debug mode. But still nothing clearly explaned about of to trigger the USB mode. Please stop to be evasive and give us more info. It will help everyone.
02-28-2012 #28Griever2kx Guest
About the 3DS there are new thoughts around of hacking the E-Shop app..but first we need a dump of the internal memory...and so on. It's like we stuck on something because the 3DS won't boot if the 3DS recognized that something changed...
And you don't answer my last question about the netflix app... should i download the app from the US SEN, and do we really need them.
What i read, we don't need the facebook-app, because we can get into the Debug-Mode and have fully access to the CPU... with a little bit of reverse engineering we've got everything we need and the Vita should be fully ''open''...and even Sony can't patch it then, because from this point we should have full control over the Vita and find workarounds for Sonys FW-Updates...
correct me if i'm wrong, because i haven't got a Vita yet. I hope my Vita arrives tomorrow.
02-28-2012 #29Nabnab Guest
About the 3DS i can't answer that i don't work on it, i heard about the E-Shop App and also spydump log though the wifi (air packet)
About Netflix app, it's a question of time, still available on the US Sen and it's better to take every revision of this App now before any update but i would be usefull only for who know how to exploit them
i know that i can write inside the app without any problem but i'm not good for that and it's not what i want to use, pretty useless for me to use this way.
We can go into Debug-mode (don't need anymore the debug key tricks) and have a full access to the CPU, the PS Vita fully open is a question of time (for the rest, it would depend of some dev, that want to exploit this one) you are not wrong but don't wait a isoloader or something like that related, what i'm doing to use a bootstrap that let you to load something else
Read this http://www.khmere.com/freebsd_book/html/ch02.html
Also i forget to recommend this for the dev who want to exploit the PS Vita/ARM
02-29-2012 #30D3mone Guest
Could you please answer to my previous questions this will help everyone. Thx.