PS4 News on Facebook! PS4 News on Twitter! PS4 News on YouTube! PS4 News RSS Feed!

Home PS4 News - Latest PlayStation 4 and PS3 News

194w ago - Following up on his previous update, today Sony PlayStation 3 hacker No_One has made available some PDF documentation that details how Project PNM PS3 NOR Manager works including schematics, explanations, a bill of materials (BOM), and diagrams.

Download: Project PNM PS3 NOR Manager Schematics PDF

To quote: Hi mates, Here is the PDF documentation that explains how PNM works from an hardware point of view:

  • schematics
  • explanations
  • bill of materials (BOM)
  • diagrams

Coming soon:

  • A virtual SOCKET #3 to access (Read/Write) the PS3 NOR (on motherboard itself) It will give the ability to manage what others flashers around do without removing the embedded NOR.

Realtime tests on a PS3 in differents situations:

  • Static switching between 2 firmwares
  • Dynamic switching

Tasks finished these last 2 days:

  • serial link has been enhanced (speed) to 1Mbit/s
  • virtual SOCKET #3 instanciated in the FPGA
  • Teraterm macros to help managing DUMP/UPDATE (not yet fully functionnal)
  • automatic detection of the firmware flashed
  • some minor software updates

See ya very soon for more progress !

Cheers
No_One

Update: Let me give some clarifications. To make simple:

  • private keys are used to decrypt (and sign) files needed to build a firmware.
  • public keys are used to decrypt files like "EBOOT.BIN", SELF/SPRX files and so on.

If a new exploit is found to obtain privates keys then CFW will appear again.

Even if PNM project only aims to manage a TRUE dual firmware console, it may lead to public keys.
I won't explain it how.

What does that mean ?

It means devs will probably include public keys (ie 3.70) in a 3.55 CFW (like it has been done for 3.56 keys). But i would like to underline that there some tricks that could be used by SONY to prevent such methods. I won't explain them here.

Now, concerning the NOR flash. It only embeds a part of the firmware. The other part is stored in the internal HDD. To manage a TRUE dual firmware, it will be necessary to have both these parts (ie 3.41 HDD + 3.70 HDD).

I won't talk about the SYSCON in this post since most people reading won't understand what it is.
The lame method will consist to swap HDD. But good news, there are some identified tricks to keep everything in only ONE HDD

Again, to make things clear: PNM is NOT a project to promote piracy ! The main goal is to have a 3.41/3.55 CFW with Linux/homebrews and an OFW to continue enjoying last games, PSN... But like any "weapon", PNM can be used for nice perspectives but also in "bad hands" for obscure aims.

Cheers
No_One


Project PNM PS3 NOR Manager Schematics and More Arrive

Follow us on Twitter, Facebook and drop by the PS3 Hacks and PS3 CFW forums for the latest PlayStation 3 scene and PS4 Hacks & JailBreak updates with PlayStation 4 homebrew PS4 Downloads.


  • Sponsored Links




#21 - markb1 - 206w ago
markb1's Avatar
3.60 LV0 Keys
[code]
00000000: 36 2A 61 73 99 41 75 19 CC A7 42 22 FB F4 B5 CC |6*as.Au...B"....|
00000010: 0D A3 AC B9 0C 4A 99 47 F9 15 66 27 E9 03 12 06 |.....J.G..f'....|
00000020: 4E CD DD 67 8D A0 CE B5 0B D6 41 A2 12 E7 EB 92 |N..g......A.....|
00000030: DF 9E BD CF 22 FD 50 AE CA 82 16 E3 95 16 E4 AD |....".P.........|
00000040: A9 FE 2D 94 13 B1 72 B7 3A F1 7D 7D D2 D2 C9 8B |..-...r.:.****....|
00000050: F0 E8 84 27 8A 0F 48 B1 71 9E 42 37 57 FC 53 D5 |...'..H.q.B7W.S.|
00000060: F2 26 AE 08 52 D0 3B AF 95 CE CD 06 6C C8 FB B9 |.&..R.;.....l...|
00000070: 67 15 6E FB 7D B2 D1 B2 16 E7 FE 57 3C 5B 0F 8B |g.n.**......W

#20 - elser1 - 206w ago
elser1's Avatar
if anyone can seriously do something with this i have 3 original 60gig fats i am willing.. only if you can perform the work with me and im in autralia.. pm if you are the man.

#19 - GrandpaHomer - 206w ago
GrandpaHomer's Avatar
Quote Originally Posted by rumblpak View Post
Doing a software flash dump using linux is plausible but the switch from one to the other flash could leave both chips on for a millisecond with both driving a voltage on the output. Result: dead ps3.

You know why modchips take time to research? Because its not as easy as throwing a switch, some flash memory, and a resistor on it and calling it a day. Anyone could have looked up the public datasheets for the flash memory 5 years ago and done this. Wanna know why they didn't? Because its dumb and it won't work.

Indeed but surely in the real application you'd use more complex circuit - at leas some additional capacitors or logic flip circuit controlled by pushbutton with LED indication etc. etc. etc.

Also - in regards of various FWs on hard drive - if anyone would go through all the troubles piggybacking the flash they can also have two hardrives and switch those (most probably only while powered off) also by a "switch" ...

#18 - daivyphuong - 206w ago
daivyphuong's Avatar
good news and good job haha..

#17 - Xplic1T - 206w ago
Xplic1T's Avatar
I think its alright to kill a ps3 or two for the sake of the greater good.

#16 - rumblpak - 206w ago
rumblpak's Avatar
Wow... Does anyone have knowledge of circuits? You CANNOT do a NAND or NOR dump while the console is in operation using hardware. It requires the console be off and unplugged and doing so while on could seriously damage (if not immediately fry) your ps3.

Doing a software flash dump using linux is plausible but the switch from one to the other flash could leave both chips on for a millisecond with both driving a voltage on the output. Result: dead ps3.

You know why modchips take time to research? Because its not as easy as throwing a switch, some flash memory, and a resistor on it and calling it a day. Anyone could have looked up the public datasheets for the flash memory 5 years ago and done this. Wanna know why they didn't? Because its dumb and it won't work.

We know for a fact that there is a hole in that is possible to find by reversing how the spus work. Why can't we just get a couple of talented devs, who know how to reverse focused there instead?

#15 - Xplic1T - 206w ago
Xplic1T's Avatar
The only real use i see in this is just to obtain the 3.61+ keys in order to boot newer games under some cfw ... be it a cfw or a mfw. Joe Shmo won't want to do this solution considering how involved it is. In fact ... since you have to ruin a ps3 (or find a bricked one) to even do this ... why not just keep one on ofw and one on cfw ?

If this aids in getting new fw keys and if all of the offsets are patched during boot-time ... then we might have very completely pwnd the system ... considering someone actually goes through the lv0 flash to get the new keys (every time a new ofw is released).

Either way ... seems much simpler to perform on a fat than a slim. I hope to see a 3.61 flash somewhere in the wild within a few days.

#14 - makots - 206w ago
makots's Avatar
Is a software hack still going to be available for 3.6 or is it going to require an external hardware device?

#13 - NTA - 206w ago
NTA's Avatar
Hooray some more progress! Now just disappear before Sony finds you!

But its great to see some more progress towards the 3.6x firmwares.

Really something to look forward to especially for this upcoming psp remaster thingies.

#12 - alchybear - 206w ago
alchybear's Avatar
i took a review of this, think about it you need two ps3's (one to take apart n steel the flash) or find the same models flash memory and solder and make a switch on ur ps3, each flash can have its own firmware, BIG problem would be that a hdd that has lets say 3.55 cfw on the 3.55 first flash, the second flash 3.6+ will make you update threw that hdd.

BUT as an idea, spoofing the firmware on the hdd a possible compatibility will work., a big thought is since it is a theory, if the ps3 model and key is stored threw the flash/ then that will be the biggest problem since the ps3 key would be on the hdd, and the hdd would not match each flash. many possibilities and many chances of making the ps3 more hacked than the psp