PSX-SCENE Forum Discussion for Sony PlayStation/PsOne/PS2/PS3/PSP/PS VITA

  • Previously Unplayable 3.50 Games Rebuilt to Run on 3.41

      
    by
    The Central Scrutinizer
    Published on 01-03-2011 09:22 AM
    68 Comments Comments
    Veritas?, of PSX-Scene, has written a handy guide, on getting previously unplayable 3.50 games, to work on 3.41 consoles. Games such as Tales of Graces, Need For Speed, Gran Tursimo, which previously did not work, are now functioning on 3.41 firmware. Prebuilt EBOOT's with the patches applied, are floating around the net, but we personally will not link to them. The video below, shows a console running the modified 3.41 Gran Turismo EBOOT.



    Posted by Veritas?:
    I've actually written this a few times and promptly lost it due to browser instability. Oops.

    Anyway, this guide requires you to have some knowledge of how the SELF and ELF file formats are laid out. I don't have a quick tool to do this for me, but it takes maybe 5 minutes of my time to do it by hand.

    1. Open EBOOT.BIN in a hex editor of your preference.
    2. In EBOOT.BIN, look at the SELF control info, if you see anything resembling the game titleid, it's an NPDRM SELF and this guide won't work, give up.
    3. Use readself on EBOOT.BIN to get information about the encrypted metadata sections.
    4. unself EBOOT.BIN eboot.elf
    5. Open eboot.elf in a hex editor of your preference.
    6. In eboot.elf, go to every encrypted metadata section (now decrypted), copy its data, and replace the encrypted data in EBOOT.BIN.
    7. In EBOOT.BIN, change SELF header to indicate it's FSELF.
    8. In EBOOT.BIN, change SELF section headers that are marked as encrypted to say they are not encrypted.
    9. If the game is a newer SDK version (like GT5, which is 3.50), in EBOOT.BIN, find the .sys_proc_param segment and change the SDK version to something earlier, such as 3.41. This will probably cause crashes in games that actually use newer SDK features that are not available in earlier SDK versions.
    10. Save EBOOT.BIN
    11. Cross fingers, run game, hope it works.
    Categories:
    1. Tutorials
    Comments 68 Comments
    1. theruler-PSG's Avatar
      theruler-PSG - 01-03-2011, 09:41 AM
      NFS HP *confirmed working* EBOOT.BIN for 3.41 - http://www.multiupload.com/5PUVRZWO28

      CREDIT: "Veritas?"
    1. varun037's Avatar
      varun037 - 01-03-2011, 09:45 AM
      thanks for the decryted eboot.bin

      kindly up the decrypted eboot files for GT5 and other unplayable games... have been waiting for this for such a long time....

      thanks once again.....
    1. KaMi SaMa's Avatar
      KaMi SaMa - 01-03-2011, 09:52 AM
      Quote Originally Posted by varun037 View Post
      thanks for the decryted eboot.bin

      kindly up the decrypted eboot files for GT5 and other unplayable games... have been waiting for this for such a long time....

      thanks once again.....
      i found this laying around, try it out GT5 US version, that's wht it said :P

      http://loadfiles.in/5xw0ql5x5j6g/BCU...[test].zip
    1. varun037's Avatar
      varun037 - 01-03-2011, 09:54 AM
      thanks for fast update... i cannot expect a faster reply
    1. Flores Ismael's Avatar
      Flores Ismael - 01-03-2011, 09:54 AM
      is their any sign of playing back ups os3up:n ps3 firmware 3.55
    1. straith's Avatar
      straith - 01-03-2011, 09:56 AM
      Quote Originally Posted by varun037 View Post
      thanks for the decryted eboot.bin

      kindly up the decrypted eboot files for GT5 and other unplayable games... have been waiting for this for such a long time....

      thanks once again.....
      Well it has nothing to do with decrypt-encrypt. Eboot.bin was just modified with an hex editor. It could have been done before all those key were released.

      Correct me if i wrong
    1. daudi's Avatar
      daudi - 01-03-2011, 09:58 AM
      hey can you tell a little about this ps3 hack,,? i am a newbie in it. will appreciate..
    1. grandy's Avatar
      grandy - 01-03-2011, 09:58 AM
      Quote Originally Posted by straith View Post
      Well it has nothing to do with decrypt-encrypt. Eboot.bin was just modified with an hex editor. It could have been done before all those key were released.

      Correct me if i wrong
      Thats incorrect they're getting data from the decrypted eboots and putting them into the encrypted ones.
    1. straith's Avatar
      straith - 01-03-2011, 10:19 AM
      Quote Originally Posted by grandy View Post
      Thats incorrect they're getting data from the decrypted eboots and putting them into the encrypted ones.
      I see

      Thanks all developers for the great work
    1. JohnnyCage2008-PSG's Avatar
      JohnnyCage2008-PSG - 01-03-2011, 10:33 AM
      Harry Potter And The Deathly Hallows: Part 1 - BLES00931
      http://www.fileserve.com/file/8JszRUB

      Gran Turismo 5 - BCUS98114 - Veritas
      http://www.fileserve.com/file/4EcN5ZP

      Need For Speed: Hot Pursuit - BLUS30566 - (All Versions) - Veritas
      http://www.fileserve.com/file/9mfMW3H

      Tales Of Graces F - BLJS10093 - Veritas
      http://www.fileserve.com/file/dk2xGbV
    1. bone's Avatar
      bone - 01-03-2011, 10:36 AM
      I can confirm that the new eboot for hot pursuit works with PAL EUR version BLES00949 I have just tested it myself on firmware 3.41 jailbreak. All you have to do is swap the old eboot for this one http://www.multiupload.com/5PUVRZWO28 I think its USA eboot but it works on my PAL console.
    1. KaMi SaMa's Avatar
      KaMi SaMa - 01-03-2011, 10:41 AM
      "SCEkrit, a tool for obtaining private Sony keys!" damn too much stuff is coming out
      already.... (lol that doesn't sound right ,does it ?) anywayz. brilliant stuff keep up the good
      work ppl ^^,
    1. Heden's Avatar
      Heden - 01-03-2011, 10:52 AM
      Quote Originally Posted by straith View Post
      Well it has nothing to do with decrypt-encrypt. Eboot.bin was just modified with an hex editor. It could have been done before all those key were released.

      Correct me if i wrong
      It's wrong.
      In order to modify the SDK version used, you need to decrypt the SELF.
      Then, the guy creates a F(ake)SELF where data are not encrypted.
      In brief:
      EBOOT.BIN (signed/encrypted) -> GAME.BIN (unsigned/decrypted) -> SDK change -> EBOOT.BIN (Fake signed)
      It only works (at the moment) because the game is not a real 3.50 game (using the SDK 3.50) nor DRM'ed.
      Anyway great works ! ;-)
    1. indecks-PSG's Avatar
      indecks-PSG - 01-03-2011, 01:15 PM
      Any chance of getting Splatterhouse's eBoot posted?
    1. Thanasis Xrisantzas's Avatar
      Thanasis Xrisantzas - 01-03-2011, 01:21 PM
      What about the EU GT5?I used the USA eboot but it doesn't work for the EU game...
    1. jon's Avatar
      jon - 01-03-2011, 01:26 PM
      Any chance someone gets Red Dead Redemption Undead Nightmare retail version working? I brought this game and it's been catching dust since I can't play it
    1. coltsfan4life-PSG's Avatar
      coltsfan4life-PSG - 01-03-2011, 01:29 PM
      I hope someone finds a way to modify game updates so we can actually update our games fully. I assume you just have to edit the update pkg file to make it run on 3.41 since most newer updates are created with the latest sdk. If I have some free time after work today, I might mess around with it to see if i can get it working lol.

      Oh, and could someone post Prince of Pursia (remix/ps3 updated) games? Thanks
    1. Anjaana Anil's Avatar
      Anjaana Anil - 01-03-2011, 01:37 PM
      can anyone pls give me decrypted eboot of prince of persia trilogy coz its getting me black screen im a newbie here dont know much pls help guyz !!!!
    1. Rage-PSG's Avatar
      Rage-PSG - 01-03-2011, 01:55 PM
      Is that a bluray led I see? Is it even possible to boot the jailbreak with a BR-Disc? So fare with mine its a nono.
    1. Daioz-PSG's Avatar
      Daioz-PSG - 01-03-2011, 02:07 PM
      So anyone tried/has GT5 working?
    Page 1 of 4 1 2 3 ... LastLast