[RELEASE] New psardumper with support for PSPgo update - Page 3

bbtgp · #21 06-07-2010, 01:26 PM

Quote:

Originally Posted by hrimfaxi

I wonder if it's stored in nandipl part1/2/3 or else?

Quote:

Originally Posted by bbtgp

u8 keysGoUpdater[0x10] =
{
0xE2, 0x03, 0x8A, 0x8C, 0x33, 0x81, 0x4B, 0x56,
0x52, 0x4E, 0x1D, 0xE5, 0xA4, 0x24, 0x04, 0xFF
};

u8 keysGoUpdater_internal_modules[0x10] =
{
0xF1, 0xBC, 0x17, 0x07, 0xAE, 0xB7, 0xC8, 0x30,
0xD8, 0x34, 0x9D, 0x40, 0x6A, 0x8E, 0xDF, 0x4E
};

{ 0xA6E328F0, keysGoUpdater, 0x5F },
{ 0x4C9428F0, keysGoUpdater_internal_modules, 0x43 },

I'll post the kernel key if i ever find it. I believe its stored here 0xBFC00200 in its xor'd form and can be decrypted using memlmd_8450109f at 0x88059CF0. (probably wrong) I dont own a psp go so i doubt ill ever know.

u8 keys620_2[0x10] =
{
who knows?...
};

{ 0x4C942AF0, keys620_2, 0x43 },

Where did you find it? Care to share please?

A kernel dump released on k0 k1 something forum and ida pro. i wont link to the site because of ads.

coyotebean · #22 06-07-2010, 02:20 PM

Quote:

Originally Posted by hrimfaxi

I wonder if it's stored in nandipl part1/2/3 or else?
Where did you find it? Care to share please?

Take a look at the HBL project

"user" keys are in mesg_ledXXX.prx, "kernel/internal" keys are in memlmdXXX.prx

The critical "kernel" key are stored in 2 parts, 1 part in kernel space 0x88nnnnnn, the other part in 0xBFC0nnnn. There are functions in "memlmd" to prepare (XOR the 2 parts to form the actual key and stored in 0xBFC0nnnn area) / clear the key.

The IPL since, 3000/brite, cannot be directly decrypted by Kirk command 1....

Edit:
I may have the kernel keys now...

bbtgp · #23 06-07-2010, 03:07 PM

Quote:

Edit:
I may have the kernel keys now...

You must be moonlight's reincarnate ;]

coyotebean · #24 06-07-2010, 04:04 PM

Quote:

Originally Posted by coyotebean

I may have the kernel keys now...

6.20 PSPgo "kernel" key confirmed
Haven't tested 5.70 PSPgo "kernel" key

Release updated.

**Davee** · #25 06-07-2010, 04:58 PM

Congrats on your kernel exploit.

bbtgp · #26 06-07-2010, 05:01 PM

Wonderful.

pyroesp · #27 06-07-2010, 06:05 PM

nice !

//10 char's

npt · #28 06-07-2010, 08:55 PM

Congrats! Good job! Keep up the good work.

Regards,

npt

coolprize · #29 06-07-2010, 09:58 PM

HOLY [DELETED]!!!!!!!! I love you!!!!! amazing job

never thought Id see a kernal exploit for the GO!

;_; this is a great day.

so what next?

hrimfaxi · #30 06-08-2010, 08:08 AM

Quote:

Originally Posted by coyotebean

Quote:

Originally Posted by hrimfaxi

I wonder if it's stored in nandipl part1/2/3 or else?
Where did you find it? Care to share please?

Take a look at the HBL project

"user" keys are in mesg_ledXXX.prx, "kernel/internal" keys are in memlmdXXX.prx

The critical "kernel" key are stored in 2 parts, 1 part in kernel space 0x88nnnnnn, the other part in 0xBFC0nnnn. There are functions in "memlmd" to prepare (XOR the 2 parts to form the actual key and stored in 0xBFC0nnnn area) / clear the key.

The IPL since, 3000/brite, cannot be directly decrypted by Kirk command 1....

Edit:
I may have the kernel keys now...

Thanks for that useful tip! I have already reimplemented mesg_led_02g.prx in my project called PSPCipher. Now I will reimplement memlmd for now. Once my job is done, I will release my source.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
psardumper 6.XX	bbtgp	Sony PlayStation Portable	79	08-13-2010 04:40 AM
Pause game hole in PSPgo?	jace2	Sony PlayStation Portable	23	03-19-2010 04:41 PM
PSPGo 6.20 OFW Cod3r-D Crash Working.	blue1ce	Sony PlayStation Portable	1	01-30-2010 02:09 AM
PSARdumper question...	Dr. Soup	Sony PlayStation Portable	16	12-02-2009 12:35 PM
PSARDumper with 3.10 Support.	kompas	Sony PlayStation Portable	0	01-31-2007 06:28 AM