PS4 News on Facebook! PS4 News on Twitter! PS4 News on YouTube! PS4 News RSS Feed!

Home PS4 News - Latest PlayStation 4 and PS3 News

385w ago - Our Resident DEVS have revised the PS3 Bootup procedure, with some more interesting information.

asecure_loader is not at start of the NAND. The first 512KB also is skipped, or actually any 512 block of FF is skipped.

Furthermore, the asecure_loader differs per box, possibly encrypted with a per-box key. Files of course are not in clear, that suggests that at every step an encryption/decryption is done.

The boot loader in IDA does not look microcode for IDL, maybe it's encrypted with cpu key (the IBM secure boot/asecure_loader), that can explain also why a NAND dump can be restored only on the PS3 from which it was taken.

asecure_loader ----> lv0 which start lv1ldr or lv2ldr depending on 0 or other number in NAND FS
lvldr ----> lv1.self ----> cell_ext_area partition NAND, boot compressed linux kernel for example

load trvk_prg
spu_pkg_rvk_verifier.self load trvk_pkg
lv2ldr load lv2_kernel.self
spp_verifier.self load default.spp (bluetooth ?)
isoldr (?)
appldr (?)
sc_iso.self (?)
LV2 KERNEL MODULE ----> spu_token_processor.self
LV2 KERNEL MODULE ----> aim_spu_module.self
LV2 KERNEL MODULE ----> mc_iso_spu_module.self
LV2 KERNEL MODULE ----> me_iso_spu_module.self
LV2 KERNEL MODULE ----> sv_iso_spu_module.self
LV2 KERNEL MODULE ----> sb_iso_spu_module.self

That is just a taste of some interesting information, expect more soon!

Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter, Facebook and drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene and PlayStation 4 scene updates and fresh homebrew PS3 Downloads. Enjoy!

  • Sponsored Links

#3 - Siptang - 381w ago
Siptang's Avatar
hey hacked2123.

i guess i have things to read here.

#2 - hacked2123 - 381w ago
hacked2123's Avatar
Will mess with this soon, sorry I haven't been around on irc; having trouble finding my ssh information and shell.

#1 - Ni0b - 381w ago
Ni0b's Avatar
If you install a Bootloader from the OtherOS.bld and OtherOS.self does he write himself to the MBR and will be booted before the XMB OS is booted.

The otheros.bld contains a vmlinux.bin or if u take the original sony bootloader a exoboot.bin- its a gzipped archiv and can be recreated by this way.

I tested that.

The Petit-Bootloader is a modification of the standart kboot-bootloader.
Are their any possibilities to create an own Bootloader who is able to boot the XMB with special parameters?

Can the XMB get surrounded by VMBRs (special Rootkits)?