PS4 News on Facebook! PS4 News on Twitter! PS4 News on YouTube! PS4 News RSS Feed!

Home PS4 News - Latest PlayStation 4 and PS3 News

218w ago - Today PS3 hacker Mathieulh reports finding a PlayStation 3 Firmware 3.56 exploit, although he states he has no plans to give any further details about it.

To quote from PSX-Scene (linked above): Well-known hacker Mathieu Hervais has reportedly found a bug that allows exploiting metldr, the bootloader and firmware version 3.56. Unfortunately, he refuses to release it.

Originally Posted by Mathieulh (via Twitter):

I hesitated a lot before tweeting about it, but a bug allows exploiting metldr, the bootloader and 3.56+. I don't intent to ever unveil it.

So much for "unhackable" PS3s though... I am not giving any further details about it. Sorry.

Actually the revocation list exploit doesn't allow you to exploit isoldr, you could however sign a revoke list if you had the revocation list keys and knew the sign fail, and use that to dump isoldr. Metldr does not load revocation lists.

This has been tested, how do you think I could release the lv2ldr and appldr keys ? (about 24hrs before Geohot showed up with metldr keys) This has been tested, how do you think I could release the lv2ldr and appldr keys ? (about 24hrs before Geohot showed up with metldr keys)

You can also dump any loader using a signed metadata (including metldr) though that means you need to have the keys for it in the first place (kinda kills the purpose)

Your entire purpose is to get the isolated process (the code running inside the spu) to jump to your instructions

For exemple the following instructions will dump the isolated LS to the SPU mailbox:

loop:
rdch $3, ch29
lqd $3, 0($3)
wrch ch28, $3
rotqbyi $3, $3, 4
wrch ch28, $3
rotqbyi $3, $3, 4
wrch ch28, $3
rotqbyi $3, $3, 4
wrch ch28, $3
up_one:
br loop
br up_one

Of course you'll need a ppu payload to fetch the mailbox data. Metldr is trivial to dump now that you can sign your loader, but I wont say anything more on this.

Finally the problem with isoldr and the revoke list exploit isn't so much that the exploit doesn't work (it actually does) It's that the payload from the crafted revoke list overwrites isoldr keys (which kinda kills the whole purpose), You can however get the revoke list keys from lv2ldr or appldr using the revoke list exploit and then sign a revoke list metadata to exploit isoldr later on. (There are other ways to get isoldr though, including the 3.60+ exploit I have (but there is at least another I know of) Again, good luck in your endeavor.

There is more than one npdrm key. It's not been released because the ones who have the skills to do it do not remotely care about pirating PlayStation store games (obviously).

Finally, in related PS3 homebrew news today a PS3 FW Downloader application has been released which includes Official PS3 Firmware 2.50 - 3.55 and has Geohot, Kmeaw, Wutangraz PS3 Custom Firmware and 3.55 Downgrader support.


PS3 Hacker Mathieulh Finds PlayStation 3 Firmware 3.56 Exploit

PS3 Hacker Mathieulh Finds PlayStation 3 Firmware 3.56 Exploit

Follow us on Twitter, Facebook and drop by the PS3 Hacks and PS3 CFW forums for the latest PlayStation 3 scene and PS4 Hacks & JailBreak updates with PlayStation 4 homebrew PS4 Downloads.


  • Sponsored Links




#351 - cfwprophet - 170w ago
cfwprophet's Avatar
The scene isn't dead it is stuck. I know from some underground dev on what they are working on but i have no permission to call it here. One big problem the ps3 scene have is to hint information. Nabnab talked to kaka via twitter about turning a 4.0 ps3 into a full debug one and guess what ? Kakaroto knows that !!!

Yea sure and what about the 360 scene ? Is C4E (hail to you man) not working on piracy stuff ? Or all others they have made backups and a hacked con eg via gligli possible not working on piracy ?

The so called dev's in ps3 scene seems to have the EGO HOT syndrome. Hinting infos for them an not give out to the scene. Some one said they are afraid of that sony will patch the possibility of using the debugger as a mode for games and among other stuff when they release. Does the average user really believe this ?

Hell sony have developed this sys and know better then some one else in this stuck scene how it make those games work. So why hinting this infos ? = EGO HOT syndrome. Just to have it for them self and laughing about the scene or just for them self and how good they are.

I can't really say whats the reason for but for sure not in case of being afraid off that sony will patch it. If they want to patch then they do and not in case of it gets public released.

They patched things in past without something useable was released. Also nabnab got a message from some one not to be called here that he should stop his work. Yea sure we will stop only in case of this person tell us/him to do so.

On some points a lot of dev's in the ps3 scene think they are god's or better then the average user. We are all the same it's not a matter of the color of your skin and also it's not a matter if you're a normal user or a hacker or a coder, scriptor, modder or what ever.

We all deserve the same and no one have the right's to milk some one other with stuff that should be free.

Hail to grafchockolo and shame to the one that use his work to milk the average user and also shame to all others that hinting informations.

#350 - Bartholomy - 170w ago
Bartholomy's Avatar
Hail.. Was it useful for a progress? Culturally talking, amazing to read. But.... So? What he meant is "scene is dead, if you're a dev feel free to go M$" or what?

#349 - sharks - 170w ago
sharks's Avatar
Great effort by KaKaRoToKS to write this guide for everyone! The scene seriously needs more people like him!! All Hail KaKaRoToKS!!

#348 - huseen9 - 170w ago
huseen9's Avatar
thanks for the update.

#347 - Nabnab - 170w ago
Nabnab's Avatar
I didn't judge KaKaRoToKS, i said maybe that he have the own reason to stop, i don't want to judge him or anyone else but too much PS3 users want to see the new keys etc... and it's not the only way to exploit the PS3 and have also better alternative and more interesting when you know that we don't need this keys... the PS3 Scene have more tools and more information about the PS3 than the XBOX/Wii Scene...

I know that i repeat many times Graf offer big stuff about the PS3, the only one who was thinking release public the work (a person recently contact me to tell me some interesting stuff about PS3dev wiki and other dev on the PS3 scene, that they like to keep secret or share work from other), even Sony offer the best door to exploit the PS3 but it look like that some devs prefer to make business with free stuff and after we ask why Sony make some bad action (actually i didn't see anyone going to the jail and it would never happen for that)

I know it's so annoying to wait something you are waiting for a long time but unfortunately some dev don't know the definition share and like to make business with that, also they make crappy code or steal code from other dev that share for free and put on a dongle with stupid drm to hide the crappy work and scared to see the PS3 users complaining about that.

You know i stop some my work not related to the PS3, just to come give help and i saw the last few weeks many insult from the PS3 users and even the PS Vita users lol, also see some dev good lie to distract the PS3 users and said don't trust him to hide the real information from different website of the PS3 hack, i saw some website respectful and other website that judge a person they don't even know and try to make some fire for nothing...

The Truth Behind the Lie

I always try to do my best to help people on the PC community, i make alternative driver, patch for games, mods... many of this work was released for free and i was working alone on it, i received so many thanks than i didn't expected that much and also some good insult... but the world is like that and you can't change it, you can make it better but don't change it .

I keep working and let you know all what i'm trying to do.

#346 - BookofEli - 170w ago
BookofEli's Avatar
That's not entirely true, I'm following your posts and it is very interesting, still KaKaRoToKS did a great Job explaining ECDSA which was interesting.

Considering your statements you won't have to get any keys and thus it's still possible to run homebrew/backups on PS3 FW >3.55 by bypassing any key requirements with "devtools".

#345 - Nabnab - 170w ago
Nabnab's Avatar
Actually the PS3 Scene are too concentrate to the Keys and too blind to see what is the best way about all that, we don't need any Keys, we have enough stuff and tool for that.

Look like that nobody read the my post about a possible 4.0 alternative... also this is more a leave the scene and check somewhere else.

#344 - CS67700 - 170w ago
CS67700's Avatar
Lets face it guys, might not be totally impossible but almost impossible at the moment. Meaning we wont see this scene moving forward anytime soon.

I'm packing my 3.55 in a corner, buying a new one soon, you never know. I'm not hoping anymore, it was obvious seeing the inertia of the scene that nothing was gonna happen for some time.

Maybe in a few years when PS4 will be here someone will find another way in.

#343 - drphuz - 170w ago
drphuz's Avatar
Not without the proper keys. The Keys are the answer to everything, both good and evil.

#342 - Bartholomy - 170w ago
Bartholomy's Avatar
Amazing post, about ECDSA.