You are viewing our Forum Archives. To view or take place in current topics click here.
New 3.56 Firmware Encryption Keys Already Found
Posted:

New 3.56 Firmware Encryption Keys Already FoundPosted:

rnglol
  • Challenger
Status: Offline
Joined: Oct 27, 201014Year Member
Posts: 114
Reputation Power: 4
Status: Offline
Joined: Oct 27, 201014Year Member
Posts: 114
Reputation Power: 4
It seems as though PS3 Dev's KakaRoTo, Rms and Adrianc have already located the new encryption keys Sony implemented in an attempt to combat Homebrew.

UPDATE: The keys have been pushed to KaKaRoTo's git repository and are now available for download.

Download here: [ Register or Signin to view external links. ]


Here's a snippit of their IRC converstion:

KaKaRoTo: nice... it's full of spkg files now .. probably a new crypted pkg format
KaKaRoTo: possibly with a new signature that only ps3swu.self can read, but without the ecdsa fail
KaKaRoTo: humm.. seems I was misled, there's no spkg files in 3.56
KaKaRoTo: ok, so they added a new .self file in the PUP
KaKaRoTo: and it seems it contains a key that we don't know about
KaKaRoTo: yeah, probably a newer ps3swu.self that is more secure
KaKaRoTo: but they kept the old one for people upgrading from older firmwares
KaKaRoTo: the new ps3swu.self probably decrypts and uses the new self
KaKaRoTo: ok, so we need new keys for everything now
KaKaRoTo: I just pushed to ps3tools and ps3utils, fixes to allow pup/puppack/pupunpack to identify the new files in the pup
rms: 000130e0 22 62 8a 9e c4 c4 14 d5 b3 2f 2b 4b a4 92 60 89 |"b......./+K..`.|
rms: 000130f0 de 9a 46 1b 19 0f b3 e4 39 2d 05 7c 52 55 35 de |..F.....9-.|RU5.|
rms: 00013100 d5 d4 b8 ed 62 b6 cc a0 24 9a 79 77 6e 13 69 75 |....b...$.ywn.iu|
rms: 00013110 51 75 1b 9f 1d a5 86 38 d2 d9 9f 67 e2 0a 1d 4a |Qu.....8...g...J|
rms: 00013120 45 4c 5b 04 2c d1 d0 a4 49 a2 98 98 08 00 2b a6 |EL[.,...I.....+.|
rms: 00013130 8f b5 b7 f4 b5 b4 e6 3b 00 00 00 00 00 00 00 00 |.......;........|
rms: try it.
KaKaRoTo: rms, what's that blob you pasted ?
adrianc: the new key
KaKaRoTo: ha, cool
KaKaRoTo: rms, if you know how and can extract all the new keys, please do and send them to me so I can upload to my ps3keys repo
adrianc: the new keys are all in there
rms: KaKaRoTo: i believe it's a lv2ldr key
rms: erk/riv/pub its all in one block
rms: i forgot the order its in though, it should be in that, its been a while
KaKaRoTo: I don't even know how you did to find those keys
adrianc: its in the data section of the elf usually
rms: its really simple
adrianc: after that look for references for blocks of data
rms: really KaKaRoTo, i think even you could do it
rms: adrianc: or something out of place
adrianc: helps to compare to older versions where you already know the key position
rms: and has a set of 8 00s
adrianc: KaKaRoTo 3.56 key works?
KaKaRoTo: adrianc, didn't try, not planning on trying atm
KaKaRoTo: not until I have ~/.ps3/ files prepared for me by someone

KaKaRoTo: lv2 3.56 decrypted
rms: keyset?
KaKaRoTo: pushing to github.com/kakaroto/ps3keys
KaKaRoTo: pushed
rms: ok
rms lv1 is also new
rms lv0 also
rms and also the spu stuff apparently
KaKaRoTo: humm.. I wonder who has the lv0 key
adrianc: i dont think lv0 is available

KaKaRoTo: iso keys are now pushed
KaKaRoTo: also, now, if we want to repackage things (unless they screwed up the ecdsa *again*), we'd have to change the keys in all the loaders... which means repackaging all the *ldr and iso selfs...
KaKaRoTo: so even more risk of bricking
KaKaRoTo: pushed spp keys
KaKaRoTo: the missing keys are for 'app', 'ldr' and 'rvk'
KaKaRoTo: btw.. where is that 'ldr' coming from ?
KaKaRoTo: and I can't figure out who decrypts lv0
KaKaRoTo: it can't be metldr since that one can't be changed
KaKaRoTo: and there's no lv0ldr
eussNL: bootldr decrypts lv0 afaik
KaKaRoTo: there's no bootldr either
adrianc: bootldr and lv0ldr arent in the pup
Matt_P: not part of coreos
Matt_P: and theres no such thing is lv0ldr
adrianc: apparently sony removed recovery mode







Looks like the Dev's win again. Ill try to keep this thread up to date as I find more news. [b]
#2. Posted:
Codes
  • TTG Addict
Status: Offline
Joined: Aug 21, 201014Year Member
Posts: 2,052
Reputation Power: 105
Status: Offline
Joined: Aug 21, 201014Year Member
Posts: 2,052
Reputation Power: 105
so this means new jailbreak soon?
#3. Posted:
rnglol
  • Challenger
Status: Offline
Joined: Oct 27, 201014Year Member
Posts: 114
Reputation Power: 4
Status: Offline
Joined: Oct 27, 201014Year Member
Posts: 114
Reputation Power: 4
-TTG_Ben- wrote so this means new jailbreak soon?
maybe, but without geohot.
#4. Posted:
Codes
  • TTG Addict
Status: Offline
Joined: Aug 21, 201014Year Member
Posts: 2,052
Reputation Power: 105
Status: Offline
Joined: Aug 21, 201014Year Member
Posts: 2,052
Reputation Power: 105
rnglol wrote
-TTG_Ben- wrote so this means new jailbreak soon?
maybe, but without geohot.
ooooohhhhhh whatever though as long as i can still host lobbies im cool with anyone finding a new jailbreak
Jump to:
You are viewing our Forum Archives. To view or take place in current topics click here.