• Steam recently changed the default privacy settings for all users. This may impact tracking. Ensure your profile has the correct settings by following the guide on our forums.

PSP-3000 - CFW possible now?

silvertang

New Member
Dark Alex said a while back that booting CFW on the PSP3000 depended on breaking the PSP pre ipl. The extra security measure put in by sony was an extra checksum in the remaining 0x20 bytes. The security of it depended on the secrecy of this checksum.

Summary: basically, all security of newest PSP cpu's rely on the secrecy of the calculation of those 0x20 bytes. If pre-ipl were dumped somehow, the security would go down TOTALLY.

So if ChickHEN provided the kernel exploit, then Dark Alex could dump the pre ipl via ChickHEN right? The HEN would also provide a flashing interface right?

So doesn't that mean that CFW on the PSP3000 could be a possibility in the near future?

Source: http://www.dark-alex.org/forum/viewtopic.php?f=44&t=1194
 
So if ChickHEN provided the kernel exploit, then Dark Alex could dump the pre ipl via ChickHEN right? The HEN would also provide a flashing interface right?

The pre-ipl cannot be accessed by conventional means. Having HEN and a kernel exploit and all that doesn't change a thing.
 
The preIPL isn't accessible during system runtime and can not made accessible (again).

The IPL "hides it away" once it starts, so the only way to dump the preIPL is a custom flash IPL - that needs an exploit in the preIPL, but to dump that.... .... ....well you get my point :D
 
so psp 3000 = no iso??? FTW!!!!!!!!!!
 
but i would rather say "not yet"
 
how about a homebrew that loads itself before
the ipl check comes up
so when the hmebrew is loaded onto flash
and is programed to run on startup
then we may be able to dump the ipl thing
iam i right?:huh:
 
how about a homebrew that loads itself before
the ipl check comes up
so when the hmebrew is loaded onto flash
and is programed to run on startup
then we may be able to dump the ipl thing
iam i right?:huh:

How would you load homebrew before the System Software loads?

Its like saying to try and launch firefox before windows starts up =\
 
WOW,
no need to get angry it was just a idea.:confused:

he wasn't getting angry. Hes just making a point that you can't load a program without having the base program (i.e the operating system or firmware) running.
 
How would you load homebrew before the System Software loads?

Its like saying to try and launch firefox before windows starts up =\

This sounds awfully like BootMii on the Wii. Boot1 and Boot2, both un-updatable sections of the NAND with a bug in Boot1 allowing Boot2 to be edited. Nintendo patched this in later Wiis (The 2000s of the Wii world) and eventually patched everything in the LU64+ Wiis (The Wiis 3000).

BootMii replaces Boot2 and so logically the same thing can happen with the PSP (similar system...). BootMii loads before ANY system software has loaded besides the Boots. It is certainly possible.

They have fixed the LU64s and we will fix the 3000, just give it time.

Oh and you can load Firefox before Windows, use Ubuntu Linux :)
 
you just loaded an OS, to load firefox...

i think it's quite different in the PSP than the wii...

if you read the faqs about the pre ipl, it sould give you the idea thats it's not like the wii security.. i don't even know i can call that security for the wii.

still reading faqs about the pre ipl makes my head burst..
 
Ive read a summary, and it is the same boot sequence as the Wii, but utilizing totally different code.

Wii PSP
Boot0 Pre-IPL
Boot1 Pre-IPL
Boot2 IPL

Basically if Boot1/Pre-IPL is fixed with the Fakesign bug/ PSP equivalent patched you cannot access the Boot2/IPL. They need to crack the Pre-IPL first.

I read about IPL, and it seems the same.
 
Dark_AleX has had full kernel access to the 3000 since it came out, He's had HEN running on it as well, (I assume). Since he was able to get the keys needed to dump the 3000 files with psardumper.

The exploit he used is the one that HellDashX Miriam? whatever her name is was using to put HEN on with the gripshift exploit. This is the reason why he didn't want that HEN to be put out.

If it was possible to dump the pre-ipl D_A would have done it by now. The only way the older pre-ipl was dumped was with a modchip. Get one of those for the 3000 and the pre-ipl will be dumped.

I'm sure that if he wanted to he could put up a CFE for 3000 but he's letting everyone else shine, like Davee, at the moment. Let everyone else show what type of skills they have.

If D_A comes out with something it won't be until after the PSP2 comes out this Christmas. This way he gets them both in one shot or proves that the PSP2 has a different security all together.
 
Dark_AleX has had full kernel access to the 3000 since it came out, He's had HEN running on it as well, (I assume). Since he was able to get the keys needed to dump the 3000 files with psardumper.

The exploit he used is the one that HellDashX Miriam? whatever her name is was using to put HEN on with the gripshift exploit. This is the reason why he didn't want that HEN to be put out.

If it was possible to dump the pre-ipl D_A would have done it by now. The only way the older pre-ipl was dumped was with a modchip. Get one of those for the 3000 and the pre-ipl will be dumped.

I'm sure that if he wanted to he could put up a CFE for 3000 but he's letting everyone else shine, like Davee, at the moment. Let everyone else show what type of skills they have.

If D_A comes out with something it won't be until after the PSP2 comes out this Christmas. This way he gets them both in one shot or proves that the PSP2 has a different security all together.

Really? Can D_A actually put CFE in psp3k? well, I'm not that surprised, It's the great D_A after all but it will be breakthrough for the m33 team again if he really can put CFE on a 3k, I mean, don't he think that the agony of the 3k users is too long already and put a halt on it and add CFE on our precious 3k's?

Other dev's can shine by creating other homebrews of their own.
 
Well DA cant be the only one who is capable.Im sure they is someone else who knows how.
 
There aren't many to choose from as not many dev's know the insiode workings of the 3k and btw D_A's gone into temporary retirement and Alek sated tha D-A nor hm would be helping with CFWe on Alek's blog
 
There aren't many to choose from as not many dev's know the insiode workings of the 3k and btw D_A's gone into temporary retirement and Alek sated tha D-A nor hm would be helping with CFWe on Alek's blog

why cant he just give the other devs the 3k codes and let the devs figure out. i am blasting DA got bribed into sony just like TPB judge....
 
Back
Top