PS3 JailBreak Step-by-Step (ver3.55)
Tuesday, January 11, 2011 at 1:03PM I was chatting with @d1sc0rd1an today about PlayStation 3 and the latest EPIC Sony FAIL from that @fail0verflow had showcased at the 27th Chaos Communication Congress (27C3).
I got step by step instructions to run your your legally owned backups.
UPDATE as of 01/11/2010 7:20PM EST: Geohot was served with papers from Sony. The fail0verflow team has been served as well. Good luck geohot and fail0verflow. The info sec community is behind you. Also a good time to remind people to donate to the EFF.
Via- @d1sc0rd1an:
GeoHot Firmware:
Download jailbreak.zip
Copy PSUPDAT.PUP to USB drive at /PS3/UPDATE
**MAKE SURE ON STOCK 3.55 FW**
Disconnect fromthe network on PS3, insert USB drive, goto System Update via Storage
Update and wait for 9 beeps...then shuts off the console.
Reboot and you now can install packages via XMB
**Same process can be used to go back to Stock 3.55 FW** - You will notice homebrew packages left installed will still work when reverting back to stock firmware, be careful going online though...
GeoHot Tools:
cd ~
git clone https://github.com/geohot/ps3publictools
~/ps3publictools/make_package_npdrm/make linux && ~/ps3publictools/package_finalize/make linux
PATH=$PATH:~/ps3publictools/make_package_npdrm/:~/ps3publictools/package_finalize/
Fail0verflow PS3tools:
cd ~
git clone git://git.fail0verflow.com/ps3tools.git
~/ps3tools/make
PATH=$PATH:~/ps3tools/
Modifying EBOOTS and Repackaging:
• 1. copy EBOOT.BIN from USRDIR to new dir (name same as from SFO file usually BLUSXXXXX) and run unself EBOOT.BIN EBOOT.ELF {unself is from fail0verflow ps3tools}
• 2. with a Hex Editor search for 'dev_bdvd' and switch it with dev_hdd0 all entries that u can find in EBOOT.ELF {should be about 5 or so make sure to write over and not insert}
NOTE: I found some games spaced dev_bdvd as d.e.v._.b.d.v.d; If you find references to a PS3_GAME path (:/PS3_GAME/USRDIR) must overwrite PS3_GAME with your own named dir and then transfer files into that directory (:/GAME1234/USRDIR & transfer data to /dev/hdd0/game/GAME1234/USRDIR)
• 3. open PARAM.SFO with SFO EDITOR and change category to HG (hard disk game). Also write down BLUSXXXXX info - could also be BLES or BLJP etc
• 4. Copy everything from PS3_GAME/ except USRDIR to BLUSXXXXX/ {everything but USRDIR dir gets copied; copy TROPDIR, LICDIR, etc just not USRDIR}
• 5. make_self_npdrm EBOOT.ELF EBOOT.BIN BLUSXXXXX {make_self_npdrm from GeoHot Tools}
• 6. make dir USRDIR in your BLUSXXXXX dir; copy modded npdrm'd EBOOT.BIN into USRDIR {should be only file in USRDIR}
• 7. run 'pkg.py --contentid UP0001-BLUSXXXXX_00-0000000000000000 /BLUSXXXXX' to pkg {pkg.py from PSL1GHT SDK; pkg.py should automatically name pkg from Content-ID}
• 8. run 'package_finalize UP0001-BLUSXXXXX_00-0000000000000000.pkg' {package_finalize from GeoHots tools}
• 9. then install package via XMB using GeoHot FW. Don't run yet though, copy the original USRDIR contents except for the old EBOOT.BIN (of course) to /hdd0/game/BLUSXXXXX/USRDIR. After installing the package the directory will have been created. You can copy over using blackb0x ftp which also can be installed via geohots fw.
Links:
http://psl1ght.com/ - PSL1GHT SDK
http://rebug.me/?cat=6 - PSL1GHT VM by evilsperm
http://geohot.com/jailbreak.zip - GeoHot FW
https://github.com/geohot/ps3publictools - GeoHot Tools git
git://git.fail0verflow.com/ps3tools.git - Fail0verflow ps3tools
Geohot, PS3, d1sc0rd1an in Hacking
Reader Comments (3)
i ran the pkg.py --contentid UP0001-BLUSXXXXX_00-0000000000000000 /BLUSXXXXX after doing everything step by step and i got this
/usr/bin/env: python: no such file or directory. any help?
I just got my 3.55 ps3 jailbroken <3 It took me a while to get it your site has helped me alot though thanks!
I will check back with future firmware releases
http://www.youtube.com/watch?v=gpVR8MDwIhU