Semi-Encrypted Self file

Hey guys,

at first, sorry that I let you in the dark with my Project. But you know how i think, don't hype something till it's finish! My new blog will be online around next week.

Yesterday ali gave me a very intersting file, its a Semi-Encrypted Self (elf file for the PS3), It gaves me a nice look into some cell functions, it also contains some new Hypervisons calls!

Here are a list of some functions in the file, which all can be reversed:

initGlobal()
NetClose()
MediusAssociateContextWithGame()
SavePlayerMet()
NpBasicAddPlayersHistory()
NetLANSendRawMessage()
MediusSendBinaryMessage()
SetMPViewports()
sceNpBasicTerm()
sceNpManagerTerm()
sceNpTerm()
Update()
GetCreateGameParamCallback()
FileDownloadHeaderCallback()
StartServer()
JoinGameHandler()
GetPlayerInfoHandler()
MediusVersionServer()
MediusSessionBegin()
MediusSessionCreate()
netMountVehicle()
netInCode5A06()
netInCode5B1F()
netInCode5B1B()
netInCode5B09()
netInCode5B1A()
netInCode5B20()
TaskScript()
UntaskScript()
cellKbEnd()
cellPadGetInfo()
cellkbGetData()
cellKbInit()
cellKbSetCodeType()
cellPadEnd()
cellPadGetData()
cellPadInit()
updateNetwork()
cellMsgDialogOpen2()
spawnGameDataThread()
gameDataStatCallback()
gameDataThread()
cellHddGameCheck()
gameDataThread()
cellGameDataCheckCreate()
debugCheckNan()
debugCheckNan()
removeLnchr()
shutdown()
handleCriticalError()
sceNpBasicAddFriend()
cellNetCtlNetStartDialogUnloadAsync()
getStackIndex()
sceNpBasicRegisterHandler()
cellNetCtlNetStartDialogLoadAsync()
sceNpManagerGetNpId()
sceNpManagerRegisterCallback()
sceNpManagerRequestGetTicket()
sceNpManagerGetTicket()
unloadPrxModules()
MemCheckOnStartup()
RequestFriendDRMSignature()
HttpGetHostByNameOnUpdate()
cellSysmoduleInitialize()
cellAudioOutConfigure()
cellSurMixerSetNotifyCallback()
parseDataNode()
cellNetCtlInit()

More news will follow when I finish my blog! Have a nice weekend around the world! And thank you for your support and trust you give me!

Waisted

Wanted : DEBUG PS3!!

Hey guys,

just some useless news for you =))
Sorry that I don't have updated my Blog for over a month now! But as you allready know, I have a lot to do!
I'll switch to a different server and get a totally new website in maybe 1-2 Weeks! Then I'll be ready to give you some infos about Project:Elisha!

And hey, If you have access to a Ps3 which looks like the one on the picture! Just PN me :P (Kidding)


Have a nice week!
Waisted/Placa

Project: ELISHA

Hey,

I'm not dead neither I stopped working on Ps3! I was busy with stuff like school and shit!
You maybe ask why does this post header is called "Project: Elisha"? This is my new project I've started with AJM and a lot of other good programmers I can not name here in the article!


The 3 questions about Project Elisha :

What? :
It's a new kind of exploit. Basically I can't tell you much because It is nothing more right now then a little test! But it looks very good to be true!
How? :
Well this is what I can't tell you know! I just put this post on because I really get toooooo much mails with question if I still working on the Ps3 ;)
When? :
It's done when It's done! So if it will not work, you will never hear anything about it ;)

So this is far enough for now!

Have a nice week

Takeing a look a the old RFOM swap trick!

Hey guys,

yesterday I had a bit of time to test some stuff. Maybe you remember the RFOM and F1 swap trick.

RFOM :
- Start the game
- Start Singleplayer
- When you in, press start eject your BR-D and insert a new one
- Wait some sec, and press exit
- The game you insert will now start

So do you ever wonder why? To be true it’s really easy. When you enter the Singleplayer game, the PS3 will close the EBOOT.BIN and start game.self. When you now exit the game, the .self will open the EBOOT.BIN again.

In the F1 game it is near the same. If you enter the online mode, the Ps3 will close EBOOT.BIN and will start ONLINE.BIN.

If you have the first update of RFOM on your Ps3, the swap trick will not work anymore. Now you ask why? All guys thought they might fixed this bug, but NO. It has nothing to do with it. Most updates are EBOOT.BIN files, so if you update the game, the EBOOT.BIN from the disc will start the boot.bin which exists on your HDD. Now when you start a singleplayer game, the boot.bin from HDD will start the game.self on the BD-R. When you exit, it will now start the boot.bin on hdd again. So you are not able to swap it ;)

Well at all this is not very useful right now, but I thought maybe some guys wonder how the swap trick works ;)

Have a nice weekend

The not existing exploit

Hey guys,

as you may already found out, ps3news.com found out a trick with a tif! But it's not new at all, you can use the same trick on a different way! I found it when I first tested my Warhawk exploit, some time ago! But well it's totally useless so I didn't released it :D

How to :

1. Start you Ps3, insert a original PS/PS2/Ps3 disc
2. Open the HDD cover on the side of you PS3
3. Start the game you insert.
4. Directly after you started the game, pull out your HDD, the Ps3 will now go into some kind of sleep mode
5. Insert your burned disc or original disc, I just tested it with Ps2/Ps3 discs, If you swap it with a original one it works, but not with a burned one.
6. Wait some seconds, insert the HDD again

Your swapped game should now start, ps2/ps3 burned games will exit with a error.

Have a nice day, oh and my ps3 works again after some hits with my hammer!

WaisteD

Stop hacking!

Hey guys,

ok well, I have to stop testing stuff with my Ps3. Why? Simple, my Ps3 got broken. How? Well I ejected a Game, and then put a different one in. The Blue LED was blinking and then just turned off, with the disc still inside. Now when I press eject, my PS3 makes really crazy noises. So I have to give it back to EBgames, so they can send it back to my best friends (Sony).

Today, I will get a second HDD, from my friend PYRS (thank you for your support :)), so I will test some stuff, before sending the Ps3 back.

I will give you more information in the next days! Well I have still over 7 hours to Work (Switch/Server configuration), but then it’s weekend again :)

So have a nice weekend out there ;)

Greets

Downgrade possiblity and PKG extracting!

Hi,
so I have some little news for you!

1. PKG extracting
Looks like I found a method to extract the whole PKG (which is encrypted for those who don't know). I will make some more test tomorrow when I get my new 120 GB 2.5" HDD :). (I destroyed my old one :D). If it works, we can take a much deeper look inside the demos and see If we can find some more stuff ;)

2. Downgrading
I have some theory's on how we could downgrade the ps3! For now it's nothing more then a theory! And to test it I need a second Ps3! But If it works, you can downgrade your Ps3 w/o any hardware modification ;)

So If you want more information, re-visit my site in the next days/weeks!
Have a nice weekend ;)

cYa
Waisted

my princess I LOVE YOU :)

Still alive!

Hi guys,
some of you asked, why I'm not updating my Blog anymore, to be true, I had to do a lot of stuff in the reallife (the life which doesn't need Internet, etc ... ;) ). But this does not mean, that I stopped working on the Ps3 Exploit stuff.
I've worked a lot with the "Netfront" Browser inside the PS3, after some test I found some glitches in the Flash and BMP lib. (the bmp one was not found by me, I just tested it!). Right now, nothing works like it should! There is still a long long way to go!

If you want, you can help me. Search the web for some BOF on the Netfront Browser, also I need some JS BOF POC and flash would be nice too! If you know some, you can send me a mail or leave me a post! I tested over 130 POC, so don't think I'm to lazy to search them for my self.


I know Dark_Alex is now over 2 weeks out the "scene", but I want to thank you for everything! Dark_Alex you know : LEGENDS MAY SLEEP, BUT THEY NEVER DIE

Have a nice summer ;)
Waisted

Irc Chan open & Update 1.82

Hey guys,
so today I started a Chan @ Efnet. For all you guys to hang around and share some ideas!

Join me If you want to : Efnet => #Waisted

Update 1.82 :
As you heard update 1.82 is out! Don't Update higher then 1.81 just a tipp from me ;)

Have a nice day
Waisted

PS3 Exploit 1.7 - 1.81 Tutorial (Win32)

Hey guys,
here we have a tutorial for my newest PS3 exploit. What do you need? :

- PS3 with 1.7 - 1.81

- Warhawk beta PKG file (http://zeus.dl.playstation.net/cdn/UP9000/NPUA80093_00/
EHv0qnj9BGMdKm5VCNGyCUPU7hMKMrKsctfEve7DWJS9o5gnxHhVVAf0OHhm2v47a
FAiFsT5Y7u7PsVmTAL6FV4OhyRp4MEGyO2E1.pkg?product=0084&country=us)

-Apache Server (http://www.apache.de/)

-Simple DNS Plus (http://www.simpledns.com/)

1st. Installing Apache Server :

Install your Apache Server on Windows, after that go into your Apache Install folder, you will find a Folder called "htdocs". Go in there, and make some new Folder so it looks like this :

"\htdocs\medius-patch\warhawk-pubeta\warhawk\20070608_r012\"

If you finished that, go back to the "htdocs" folder and create more new Folder so it looks like this :

"\htdocs\download\ps3\eu\fah\"

2.Setting up Files

We now have to copy all files we need. Go to the "20070608_r012" folder and download following files into it :

-http://download-prod.online.scea.com/medius-patch/warhawk-pubeta/
warhawk/20070608_r012/NPUA80093.cfg

-http://download-prod.online.scea.com/medius-patch/warhawk-pubeta/
warhawk/20070608_r012/NPUA80093_113_PARAM.sfo

-http://download-prod.online.scea.com/medius-patch/warhawk-pubeta/
warhawk/20070608_r012/NPUA80093_113_release.self

Next step is to copy the warhawk.pkg in to the "fah" folder and rename it to : fah.pkg.

3. Getting the DNS Server work

Download and install the Simple DNS Plus. When you are finished start it, and make a right mouse click on the icon and go to "EDIT DNS RECORDS".
Now you have to press "Quick Domain Wizard" Enter following data :

Domain Name : deu01.ps3.download.playstation.net (which is the server where the ps3 gets FAH)
Web ServerIP/Mail server IP/FTP serverIP/IPaddress : The IP of your apache server!

Now go once again on "Quick Domain Wizard" and enter this :
Domain Name : download-prod.online.scea.com (which is the server where the ps3 gets the Warhawk Update)
Web ServerIP/Mail server IP/FTP serverIP/IPaddress : The IP of your apache server!

4. Setting up the PS3 and installing Warhawk
Got to your PS3, and edit the Networksettings to you IP (DNS - Server). Now we need to Install Warhawk, for this you have to delete FAH (if you have installed it) and download it again! This time it will install Warhawk Beta on your PS3. If its finished start Warhawk.

5.Change Files to Update
Go to the Warhawk update folder, and open "NPUA80093.cfg",
this is the file in which Warhawk takes a look if there is
anything new. The original one contains this :

1.13 NPUA80093_113_release.self warhawkapp.self 8019192
1.13 NPUA80093_113_PARAM.sfo PARAM.SFO 1128
1.00 data00p.psarc data00p.psarc 3043387

Version Number / name of the File on the server
/ name of the file on PS3 / size (bytes)

The last row is not allowed to edit, because if you do, the
Update will fail! But you can change the first 2 rows.
E.g. if you want to swap the .png just put this into your .cfg :

1.13 NPUA80093_113_PIC0.png PIC0.PNG 4676
1.13 NPUA80093_113_PIC1.png PIC1.PNG 3031316
1.00 data00p.psarc data00p.psarc 3043387

Now press ONLINE in warhawk, if all works right, he will
see a new update and will download your files into the PS3
HDD. It is important that you just have 3 lines in the .cfg!
Also the files you want to replace in the ps3 have to exist!

Now have fun with this little exploit and check back for more
news!

cYa
Waisted(aka placasoft)