Graf_Chokolo Owned The Hypervisor Of PS3!

What i can say about this guy, this man called Graf_Chokolo has stripped the PS3 even further that it needs to get the ESRB rating before the censorship

What i can say about this guy, this man called Graf_Chokolo has stripped the PS3 even further that it needs to get the ESRB rating before the censorship board does. To be frank, i am not a programmer guy, but i believed that Graf_Chokolo has made a similar attempt such as Geohot back in January although in much better away because Geohot needs the OtherOS for his hacking while Graf_Chokolo doing it right on the GameOS.

Yeah, the GameOS. The operating system that operates the PS3 system where you can play your PS3 games, Blu-ray movies, PSN etc. etc. It much better hacking this way because you don’t have to boot the Linux OtherOS to attempt any hacking. Unfortunately, we might expect this from Sony especially after what happened to OtherOS.

Quite scary huh? Well if CFW (or we can say a permanent jailbreak) on PS3 is possible, then i think we don’t have to worry about it since it is PERMANENT. Quite similar to the CFW hacking in the PSP community..Well..yeah, raise your hand if you think that Graf_Chokolo is the next Dark-Alex! icon biggrin Graf Chokolo Owned The Hypervisor Of PS3!

I have just exploited and dumped HV 3.15 from GameOS

I used memory glitching like Geohot to get dangling HTAB entry but 2nd and 3rd stages are quite different. I used my knowledge about HV internals and created a simpler exploit for stage2 and stage3.

I didn’t use second VAS like Geohot. I used lv1_undocumented_function_114 and lv1_undocumented_function_115 to exploit HV after i got a dangling HTAB entry

Now we don’t need Linux to exploit and dump HV. Furthermore, HV dump from GameOS is a lot better because when GameOS is running more features are activated in HV So, i can reverse now more C++ objects and understand better how HV works

I will make everything public very soon and i plan to dump HV 3.41 in the next days

Happy New Year guys!

Finally i will get access to SYSCON, EPROM, ENCDEC device and more icon smile Graf Chokolo Owned The Hypervisor Of PS3!

And now i dumped the real USB Dongle Master Key guys icon smile Graf Chokolo Owned The Hypervisor Of PS3! Noone needs it now but here it is. I tested it with HMAC SHA1 and dongle key 0xAAAA and got the same dongle key that was reversed by KaKaRoTo icon smile Graf Chokolo Owned The Hypervisor Of PS3!

Just as i said previously, use USB Dongle Authenticator, then dump HV and the decrypted USB Dongle Master Key will be in HV dump icon smile Graf Chokolo Owned The Hypervisor Of PS3! I extracted this key from my HV dump after i used USB Dongle Authenticator on GameOS. Then i rebooted GameOS but not HV and the key was still in HV and still decrypted icon smile Graf Chokolo Owned The Hypervisor Of PS3!

static u8 master_key[20] =
{
0×46, 0xDC, 0xEA, 0xD3, 0×17, 0xFE, 0×45, 0xD8, 0×09, 0×23,
0xEB, 0×97, 0xE4, 0×95, 0×64, 0×10, 0xD4, 0xCD, 0xB2, 0xC2,
};

Above, are what Graf_Chokolo has posted at PSX-Scene.

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Malaysia Cheat Laser Or Garuda Deserved The Beating?

Next Post

Download Fail0verflow’s PS3 Epic Fail 27C3 Presentation In Slides!

Related Posts