PS4 News on Facebook! PS4 News on Twitter! PS4 News on YouTube! PS4 News RSS Feed!

Home PS4 News - Latest PlayStation 4 and PS3 News

November 17, 2011 // 5:19 am - Following up on the True Blue PS3 JB2 v2.2 Payload, today PlayStation 3 developers on the Wiki (linked above) have started a preliminary Q&A work-in-progress for hacking the True Blue (TB) PS3 JailBreak 2 (JB2) USB dongle.

To clarify the initial reports, after examining the PS3 JailBreak 2 (JB2) / True Blue (TB) CFW PARADOX Game Releases they now state the EBOOT used on the True Blue (TB) released 3.6+ PS3 games are not a Debug ones. Below is the complete text thus far, as follows:

True Blue (TB) PS3 JailBreak 2 (JB2) Q&A

Q: Is this possible on other dongles from the FW3.41 days like Blackcat and Teensy?
A: Dongles are bad and obsolete, mkay (once you have the key/algo, you don't need any dongle at all)

Q: Are they (TB team) just stealing the dev eboots?
A: First we thought that too but today the first TB game was released Dirt 3 and it's working and it isn't a dev eboot so it maybe is really worth something so it's time to search why and how to use it.

You can only rumor which source they use to resign the content to lock-in their DRM. But ofcourse those very same DRM-less files can be resigned for 3.55 too (as has been done numerous times in the past). Piracy is bad, but pirates using DRM to make sure they get the money and not genuine developers is even worse (especially when they lock you into a single firmware that has even less to offer than generic MFW and makes you loose OtherOS++ too).

It seems the ps3jb2 loads masterdiscs with fself, with the algo provided and the right key (which is not provided) you can decrypt said masterdiscs images right on pc and grab the fself files.

[an0nym0us] TB is just a clone, blame cobra
[walsid] TB is a clone?
[an0nym0us] yes, its a clone of the cobra dongle
[an0nym0us] I really enjoy saying that ... especially since it is true
[an0nym0us] look at the lv2_kernel.self for cobra pup and tb pup
[an0nym0us] Its the same hook with different "payloads" at 0x80000000007f0000
[an0nym0us] so either cobra decided to "update" without "updating" the existing dongles, or they just wanted more money from you pir8s

[Register or Login to view code]

That's the algo for masterdiscs, ps3gen dll has the static keys for masterdiscs you can also get it from sv_iso the crappy sdk tool that generates masterdisc images for dex.

Files to strip:

rootfolder, LICDIR + content, TROPDIR + content, USRDIR (EBOOT.BIN + other signed binaries like .SPRX, .sdat)

example (portal_2_BLUS30732) :

[Register or Login to view code]

More talk:

Folks I looked a little more and it seems the psjb2 just runs masterdiscs with fself, kinda lame. very lame. npdrm encrypted but labeled as fself, it's an fself but I dunno what it does, I never looked at it. I don't really care on doing more if you use the masterdisc algo I provided and the proper key which I am not supplying you can decrypt all the psjb2 disc images right on pc, grab the fself and use them to run them on a regular 3.55 fw.

Basically security == LAME, still interesting to see how they patched the firmware to allow masterdiscs, they also do some auth with the dongle which involves crypto to make sure the firmware does not load without it, but if you don't need the firmware to load the games... they could have added some extra keys in appldr and encrypted the damn eboots at least. I guess they didn't have enough time or enough spu skills

Regarding FSELF from "RikuKH3":

Real FSELFs are never encrypted. You can extract it with official unfself tool from SDK. But, in this FSELF I looked into (driver sf) ELF inside IS encrypted. You can say this because it's masterdisc fself, but I really doubt it. It doesn't look like a proper fself to me at all, in header it says that sections unecrypted, but it's not true. Another thing - Masterdisc Generator tool from Sony gives errors with this EBOOT (if it's a masterdisc eboot as stated, why?).

More details will be posted as they become available, and below is another PS3 JailBreak 2 (True Blue) HDD Review video from MrDjbubba2002, one of Batman Arkham City with the True Blue PS3 JB2 dongle from leksetengah and True Blue booting NFS The Run on PS3 CFW 3.55 from MrSenaxx.

Finally from TheNaughtyD (via comes a few videos on installing TB CFW over Kmeaw followed and updating the TB dongle followed by replacing TB Eboots over your PS3 Backup with a guide below:

  • Make sure you are on 3.55 FW or lower
  • Plug your USB drive into your PC
  • Create a new folder on it called "PS3" (must be in capitals without quotes)
  • Inside that PS3 folder, create a new folder called "UPDATE" (must be in capitals without quotes)
  • Save the file “PS3UPDAT.PUP” into the UPDATE folder on your USB storage device (this is provided by the TB team)
  • Unplug the flash drive from your PC and plug into any free USB slot on your PS3
  • Go to the “Settings” XMB menu, choose “System Update”
  • Choose “Update via storage media”
  • The USB drive will be scanned. If you get an error that no update file was found, ensure that the folder structure is correct
  • Select “OK” to copy the update file to the PS3′s hard disk
  • Wait for the file to be copied and the PS3 should reboot automatically (leave the USB drive plugged in during this phase)
  • When the PS3 has started up again you should be presented with a screen showing the version of the system software ready to install. Press the PS button
  • Wait for the “Checking for update data” to complete
  • Accept the user agreement
  • Press X button to confirm the installation
  • The update will be installed and the PS3 should be rebooted!
  • Now transfer TrueBlueUpdate-2.2.pkg file to the root of your flash drive on your pc and plug it in your ps3 console
  • Open Install Package Files and install the TrueBlueUpdate-2.2.pkg file
  • At this point make sure nothing is plugged in the ps3's usb ports
  • Open PlayStation folder and run the True Blue Updater
  • Follow the on screen instructions to complete the dongle update

True Blue (TB) PS3 JailBreak 2 (JB2) USB Dongle Q&A WIP Begins

Follow us on Twitter, Facebook and drop by the PS3 Hacks and PS3 CFW forums for the latest PlayStation 3 scene and PS4 Hacks & JailBreak updates with PlayStation 4 homebrew PS4 Downloads.

#812 - Youkia - August 15, 2012 // 6:54 am
Youkia's Avatar
I want to request something for most of the japanime guys and people who LOVE Dragonball Z Please do DragonballZ Ultimate Tenkaichi or BLUS-30823

#811 - lolong - August 15, 2012 // 6:50 am
lolong's Avatar
TB is TAKING TOO LONG, for releasing their NEW GAMES EBOOT and NEW PATCH for their dongle. This is a stupid method, WHY ?

Because DUPLEX get the first to CRACK new GAMES such as DARKSIDERS2 and SLEEPING DOGS.

Honesty, I hate with TB, they should work together to make new games with mod eboot so it can play it with their dongle.

NOW it's too late, DUPLEX beats DONGLE!

#810 - Neo Cyrus - August 15, 2012 // 6:38 am
Neo Cyrus's Avatar
I thought this would have happened a lot sooner... oh well, better late than never.

#809 - PS4 News - August 15, 2012 // 6:35 am
PS4 News's Avatar
Currently the ones that get re-released with the DRM removed, whether this will change only time will tell... at the moment there are 2 games released above and most likely a slew more incoming from various scene release groups.

#808 - tickford - August 15, 2012 // 6:31 am
tickford's Avatar
Does this mean if your ps3 is on kmeaw cfw 3.55 you can play ALL the TB cracked games, or only the ones that get cracked (eg max payne 3)?

#807 - stingray1059 - August 15, 2012 // 6:24 am
stingray1059's Avatar
i'm glad i sold my dongle.

i hope all unfixed trueblue games will be patched tomorrow. like ghost recon FS, dragons dogma, mass effect 3 and tales of graces f.

#806 - master32820 - August 15, 2012 // 6:10 am
master32820's Avatar
I have a TB but i'm happy that duplex fcked them up

I got a question though! can we go back from TB CFW 2 to normal kmeaw 3.55 just they way we went to tb cfw 2?

#805 - spark32 - August 15, 2012 // 5:43 am
spark32's Avatar
This is awesome! Now all I need to wait for is a fixed eboot for Jak and Daxter collection, Twisted Metal, and Mass Effect 3.

#804 - PS4 News - August 15, 2012 // 5:16 am
PS4 News's Avatar
Not long after the release of the PS3 3.60 Keys comes the first of several PlayStation 3 releases with the TrueBlue PS3 USB dongle DRM-infected protection now removed by scene group DUPLEX!

Download: DUPLEX PS3 Releases - Ongoing thread, add new game releases here guys!

Below is the release information, from their Max Payne 3 Eboot Patch READNFO PS3 DUPLEX PS3 NFO as follows:

Release Name: Max.Payne.3.Eboot.Patch.READNFO.PS3-DUPLEX
Date: August 2012
Languages: English
Platform: PS3 CFW 3.55
Genre: Action

[Register or Login to view code]

Max Payne 3 TB Eboot Patch *CRACKED*

Release Info:

When we first read about the TrueBlue USB Dongle we were excited about it. Finally having a way to play FW 3.60+ games on CFW 3.55 again. What a great asset to the scene everyone thought .. until people found out that this USB Dongle was solely made for cashing in! Its only purpose was to check on the DRM the TrueBlue Team added to their 3.55 Eboots. What a shame!

DUPLEX to the rescue! Finally bury your TB dongle because we removed their unnecessary DRM and their Patches will now work on Cfw 3.55 without any dongle or special TB CFW.


Copy the files inside the rars into your games usrdir and replace existing ones Tested on Kmeaw CFW 3.55 with Max.Payne.3.PROPER.PS3-DUPLEX more to come ...

Enjoy This Fine DUPLEX Release

From anonymous also comes another Max Payne 3 Update v1.05 [FW 4.0] Patched for CFW 3.40+ workaround as follows:

Max Payne 3 BLES / BLUS Test EBOOT and Param.sfo:


  • Max Payne 3 BLES / BLUS Test EBOOT and param.sfo
  • The rar has an embedded readme with the pkg links
  • Its probably best if they have the common.sdat from the duplex release, though I am not positive.
  • They need to backup files, preferable that person has spoofing
  • Game update sfo's, don’t replace the Game sfo!!!!

From CaptainCPS-X: Here you have the PKG files for easy install of this awesome “Anonymous” collaboration! (thanks to hellsing9 to for providing with the files) This is really cool since maybe more 4.0 FW games will be patched in the future by this Anonymous person! Thanks!

US Patch [BLUS-30557]

FIX_340_UP1004-BLUS30557_00-MP3PATCH00000003-A0104-V0100-PE.pkg (51 MB)

Europe Patch [ BLES-00942 ]

FIX_340_EP1004-BLES00942_00-MP3PATCH00000004-A0105-V0100-PE.pkg (51 MB)

Installation instructions:

1- Download your specific PKG (US / EU)
2- Install normally from XMB.
3- Replace the original “common.sdat” from your untouched backup with DUPLEX’s one (duplex-mp3ebootpatch.part1.rar / duplex-mp3ebootpatch.part2.rar).
4- Load with multiMAN normally.

Enjoy! SeeYa!

In related PS3 news today, pr0p0sitionJOE has released several new PlayStation 3 fixes both HERE and HERE for those interested.

Update: A second PlayStation 3 scene group named NRP has also followed suit and released Kidou Senshi Gundam Extreme VS EBOOT PATCH READNFO JPN PS3 NRP. Below are the details from the PS3 NFO to the release as well:

Release Name: Kidou_Senshi_Gundam_-_Extreme_VS_EBOOT_PATCH_READNFO_JPN_PS3-NRP

NoRePack Presents. It's NoT a repack !

FiLENaME ------ nrp-exvsp
PlaTForM ------ PS3 CFW 3.55
Region ------ Japan
Language ------ Japanese
Supplier ------ Team NoRePack
rlz.Date ------ 2o12-o8-15
Serial ------ BLJS10131

Finally, a hero comes to kick the fcking TB'sass, cheers! And now we want to support dear DUPLEX with this release. Gundam stands on the ground without any dongle or special TB CFW. Works with our release: Kidou_Senshi_Gundam_-_Extreme_VS_JPN_REPACK_JB_PS3-NRP

Let's be the witness of the ruin of TB dynasty. Love & Peace! Enjoy! iF u LOvE or HATe THiS GAmE, BuY iT ;]

Other related PS3 releases from today:

  • Neverdead.Eboot.Patch.DirFix.PS3-DUPLEX
  • Tiger.Woods.PGA.Tour.13.Eboot.Patch.PS3-DUPLEX
  • Dirt.Showdown.Eboot.Patch.PS3-DUPLEX
  • Devil.May.Cry.HD.Collection.Eboot.Patch.PS3-DUPLEX
  • Sniper.Elite.V2.Eboot.Patch.PS3-DUPLEX
  • Syndicate.Eboot.Patch.PS3-DUPLEX
  • Twisted.Metal.Eboot.Patch.PS3-DUPLEX
  • Snipers.Invisible.Silent.Deadly.Eboot.Patch.PS3-DUPLEX
  • Assassins.Creed.Revelations.Eboot.Patch.PS3-DUPLEX
  • Kidou_Senshi_Gundam_-_Extreme_VS_EBOOT_PATCH_READNFO_JPN_PS3-NRP
  • Max.Payne.3.Eboot.Patch.READNFO.PS3-DUPLEX
  • Kidou_Senshi_Gundam_UC_EBOOT_PATCH_JPN_PS3-NRP

Here is a list of the TB releases for those who need to remove the dongle patched games and overwrite them with the PS3 scene release (Duplex, NRP, etc) fixes as they become available.

In related PS3 hacking news SGuerrini97 made available a CoreDump BLES00025 NBA2K7 (Password: BySGuerrini97) stating: Here is the Core Dump + Original self of NBA 2K7 (BLES00025). I made the dump from the original disk, i think that i can dump ALL the originals games.

Also below harryoke has outlined how he did a PS3 full core dump, as follows:

Download: PS3 Core Dump / PS3 Core Dump (Mirror)

Hello there my friends... as you may or may not know i have been looking into the possibility to get a full core dump from my ps3... a few hours ago i was sent a pm from ANON ... here it is....

Hey mate, yeh cfwprophet told something about the ram dump too. you can make a core dump on a dex. here is a quote from him:

'I say it now for the last time: There is NO fself for new games !! TrueBlue use the CoreDump function and a RSX exception to dump the games like i told the scene for over a half year.'

'Take MultiMan 04.02 which is a Retail NPDRM >> enable core dump function >> start MultiMan >> exit to XMB and be surprised'

'The Coredump function is a embended system of the debug FW and get handled of liblv2dbg. The send signal call aka send_signal_to_coredump_handler() and the trigger function are always running and CAN NOT be deactivated.'

He also said that you will get one 250MB file. there you have to search the decrypted file(s). it would be pretty sure that they use this method, because newer games wouldnt have debug eboots or fselfs.

If you open a tb eboot with a hex editor, you will see near at the end , that they stand right after the codes some passages with 'liblv2'. if you open a original eboot , you cant find passages with 'liblv2'. like cfwprophet said, the core dump get handled of 'liblv2dbg' and you can find 'liblv2' passages in tb eboots. so they use coredump pretty sure.

But the problem is to trigger a crash or so. i really dont know. i'm not a dev and dont have an idea. i just wanted to tell you this infos because i saw your post about coredump.

Here you can read more infos:

And here about liblv2dbg:

Well i now have a few core dumps ...some were 250mb and a 500mb dump which i have uploaded including the log is in rar format & compressed to 45mb

Hopefully this will lead us to the magic decrypted eboots that we all want. i hope someone with a bit more knowledge than me can use this info.

Just done a quick search of dump for USRDIR found this at address 002530E0

[Register or Login to view code]

And at 05D87600
00 00 00 3C 00 00 03 86 2F 64 65 76 5F 62 64 76 64 2F 50 53 33 5F 47 41 4D 45 2F 55 53 52 44 49 52 2F 45 42 4F 4F 54 2E 42 49 4E 00 33 B0 37 60 33 B0 37 F0 33 B0 38 70 33 B0 38 F0 33 B0 39 80 33 B0 3A 10 33 B0 3A 90 33 B0 22 B0 33 B2 A5 80

#803 - Daveyshamble501 - August 12, 2012 // 1:50 pm
Daveyshamble501's Avatar
The video explains how to open the dongle by grabbing the plastic lip behind the usb connector with pliers an pulling towards you, Thus exposing the plastic casing... Check out the video.

How to take apart your True Blue dongle to see if you have a real or a fake one. Real easy guide to make sure is worth it. Fake dongles have a green pcb with medium size LEDs at the bottom, we're as a Real TB has a blue pcb with tiny LEDs an a actel chip (like the one in the video, if yours resembles that then its real.)