34 thoughts on “PS3 Exploit Setup”

1. Can you do an helloworld?

2. GREAT!!!!!!!
   XORLOSER :D:D:D

3. First :p

   Thanks for the pic 😉

4. Keep up the great work! You are gods!

5. I see that you do have 2 other ps3. Did you broke them by trying to hack ps3 or something ??

6. Also got a Dev-PS3 since you write “Retail” on one of your other PS3s?

7. Pingback: xorloser passe au Hardware

8. Michele: software to use with the exploit is the next planned post

   WonderMan: I have multiples of all consoles I play around. This lets me keep different firmware versions such as the v1.10 PS3 and the v3.15 PS3. Sony also changes the hardware inside a PS3 many times over it’s life, even when it appears to be the same externally. This is another reason I have multiples, to be able to play around on the different hardware. I have not broken any yet…

9. so just to know are u working for a way to get homebrew on the ps3 or getting geohot exploit easier to run????

10. so we can say virtually you have control over lv1 and have rootkey.

    another nab question as you have mentioned in your reply you have multiple ps3’s with different firmware can you tell us little bit about your experience of a same exploit on diffrent ps3’s? or you have only tried it on one.

11. 1rfan:

    No, he doesn’t have the root key and he will not get it this way. Read the IBM papers and you will understand why. This might lead to homebrew but not pirated games.

    Paradox is a total joke but this guy seems okay.

12. no rootkey and the main ps3 security is still not broken. i think i have to write a post sometime about what this hack means and does as many people don’t understand it.

13. Great Work. I understand more how the hack actually works when I read your posts. But GeoHot is a crazy guy I know he is secretly working on the PS3, cause that dude never gives up.

    I hope someone someday will get the rootkeys. Would love to be able to use Linux on Ps3’s maximum potential.

14. @xorloser

    Even if you write a post explaining what this exploit does and does not do, people will still not understand, for some reason people just want an ISO loader, with no real understanding on why not or willing to work and design their own programs.

    My hat is off to you, in picking up were Geohot left after his quick 15 minutes of worldwide ‘net fame.

15. You should do it, noobs like me would be interesting in the knowledge of how the lv2 basically work and what will their future now. New questions will appear, but the olders will be solucionated.

    Thanks for all your work, you are really helping the spanish sceners here.

16. @tom: thanks for the reply
    @Xorloser: thanks for the reply too, and I would appreciate if you can take out some time and write something about the outcome of what you doing, I been tracking informations about this since I heard about geohotz and his blog but still not very much clear as to what this whole experiments leading us to?

    and as Tom said “this might lead us to homebrew” what exactly would we (the general public) be getting as final product?

17. As I keep saying there are future posts to come that will talk more about usage of the exploit and what it can do. I have to first prepare the software to a stage where it is good enough to release. I also have to work and live my life 😉 Patience people, there is more to come.

18. Hello Xorloser can you mail me?

19. Question: the homebrew, if happens, will be on the Other OS side, right? it will be limited to linux/ppc code like a ubuntu installed on ordinary G5 mac with nvidia drivers, right?

20. GO man, we believe in you. Cheers from Italy.

21. Hi xorloser,

    the community is getting mad waiting for your next post…would like to donate ya.
    you are just g8. and also respects to geo 😉

22. Hi there Xorloser.

    I have contacted a person who’s working under the name Gaki. He claims he has the necessary drivers for the Zego RSX vga. He’s looking for people who were able to run this exploit. He’s goal is to mod the drivers so that they can work on the PS3-Linux. If you’re interested then please contact him on haxnetwork.net. Look for the IRC button on top.

    Thanks for reading my post and keep up the good work!
    Disane

23. The root key never leaves the isolated spu? You can only kick out the isolated spu?

    This means everything is encrypted inside the rom of the spu, which is not accessible?

24. Dear Xorloser,

    We are anxious to get more posts from you.

    Please let us know what you are doing and how your progress is going

    Thanks!

25. DON’T ASK UNNECESSARY THINGS!!
    LET HE WORK IN PEACE!!

26. In OtherOS, all 7 SPUs are idle. You can command an SPU(which I’ll leave as an exercise to the reader) to load metldr, from that load the loader of your choice, and from that decrypt what you choose, everything from pkgs to selfs. Including those from future versions.

    The PPU is higher on the control chain then the SPUs. Even if checks were to be added to, for example, verify the hypervisor before decrypting the kernel, with clever memory mappings you can hide your modified hypervisor.

    Ah, but you still didn’t get the Cell root key. And I/we never will. But it doesn’t matter. For example, we don’t have either the iPhone or PSP \root key\. But I don’t think anyone doubts the hackedness of those systems.

    I wonder if any systems out there are actually secure?

    From http://geohotps3.blogspot.com/

27. GeoHot further progress with the isolated SPU’s

    Today I verified my theories about running the isolated SPUs as crypto engines. I believe that defeats the last technical argument against the PS3 being hacked.

    In OtherOS, all 7 SPUs are idle. You can command an SPU(which I’ll leave as an exercise to the reader) to load metldr, from that load the loader of your choice, and from that decrypt what you choose, everything from pkgs to selfs. Including those from future versions.

    The PPU is higher on the control chain then the SPUs. Even if checks were to be added to, for example, verify the hypervisor before decrypting the kernel, with clever memory mappings you can hide your modified hypervisor.

    Ah, but you still didn’t get the Cell root key. And I/we never will. But it doesn’t matter. For example, we don’t have either the iPhone or PSP “root key”. But I don’t think anyone doubts the hackedness of those systems.

    I wonder if any systems out there are actually secure?

28. PS3 Memory Dump Download.

    *Link Removed by xorloser*
    [The copyright of these memory dumps is questionable so I would rather not share links to them on this blog.]

29. How do u guys learn about all this stuff? I would really like to help with this stuff(not saying its easy).

30. What does the memory dump?

31. its been more than 10 days we have not heard a word from you, please let us know whats going on what are the achievements by this time and hopefully when are we going to hear a good news.

    thanks in advance for the reply.

32. Any new progress ?

33. does this recent sony network/clock issue glitch have anything to do with HV exploits

34. to everyone who complained about me taking ages: new post is finally up 😛 sorry it took so long.

    ecko: from what i hear it is related to the date being the end of february in a leap year 😀 ehehe y2k10 bug?