[WARN] QA: use set_token instead of write_eprom!

**user** · 06-23-2011,08:56 PM

i've seen some nice tutorials and tools around, but...

if you're going to flag your ps3 via linux, i'd recommend using set_token instead of write_eprom!
set_token will set the flag and write the token, if the token you specified is valid. if not, it won't write anything to the eprom (unlike write_eprom).

btw: another way to generate valid tokens

Code:

#include <sys/types.h>
#include <sys/mman.h>
#include <stdio.h>
#include <fcntl.h>
#include <unistd.h>
#include <sys/stat.h>
#include <string.h>
#include <stdarg.h>
#include <stdlib.h>
#include <zlib.h>
#include <dirent.h>

#include "tools.h"
#include "aes.h"
#include "sha1.h"

static u8 *token_encrypted = NULL;

static u8 key[] = {0x34, 0x18, 0x12, 0x37, 0x62, 0x91, 0x37, 0x1C, 0x8B, 0xC7, 0x56, 0xFF, 0xFC, 0x61, 0x15, 0x25, 0x40, 0x3F, 0x95, 0xA8, 0xEF, 0x9D, 0x0C, 0x99, 0x64, 0x82, 0xEE, 0xC2, 0x16, 0xB5, 0x62, 0xED};
static u8 iv[] = {0xE8, 0x66, 0x3A, 0x69, 0xCD, 0x1A, 0x5C, 0x45, 0x4A, 0x76, 0x1E, 0x72, 0x8C, 0x7C, 0x25, 0x4E};

static u8 hmac_key[] = {0xCC, 0x30, 0xC4, 0x22, 0x91, 0x13, 0xDB, 0x25, 0x73, 0x35, 0x53, 0xAF, 0xD0, 0x6E, 0x87, 0x62, 0xB3, 0x72, 0x9D, 0x9E, 0xFA, 0xA6, 0xD5, 0xF3, 0x5A, 0x6F, 0x58, 0xBF, 0x38, 0xFF, 0x8B, 0x5F,0x58, 0xA2, 0x5B, 0xD9, 0xC9, 0xB5, 0x0B, 0x01, 0xD1, 0xAB, 0x40, 0x28, 0x67, 0x69, 0x68, 0xEA, 0xC7, 0xF8, 0x88, 0x33, 0xB6, 0x62, 0x93, 0x5D, 0x75, 0x06, 0xA6, 0xB5, 0xE0, 0xF9, 0xD9, 0x7A};

static FILE *out = NULL;



int main(int argc, char *argv[])
{
	u8 tmp[0x50];
	if (argc != 3)
		fail("usage: gen_qa encrypted_dummy_token.bin out.bin");

	token_encrypted = mmap_file(argv[1]);

	//decrypt
	aes256cbc(key, iv, token_encrypted, 0x50, tmp);

	//set qa
	memset(tmp+0x2f,0x02,1);

	//recalc digest
	sha1_hmac(hmac_key, tmp, 0x3c, tmp+0x3c);

	//encrypt
	aes256cbc_enc(key, iv, tmp, 0x50, tmp);

	out = fopen(argv[2], "w+");
	fwrite(tmp, 0x50, 1, out);

	fclose(out);

	return 0;
}

compile together with f0f tools...

**barnhilltrckn** · 06-23-2011,11:29 PM

Good job user!! This might save a few ps3's from a brick if someone makes a mistake.

Im still holding out on doing this because i still have no need for QA Flag. There has to be more to it though if you think about it. Why would all the devs that knew about/how to do it be so against releasing it to the public?? They say it would only allow warez but i have yet to see anything in it that would(not that i would need it because all i honestly care about is homebrew, i only play like 2 or 3 ps3 games). If you think about it all warez that can happen is allready going on so i must be missing something. Time will tell if it ends up being useful in any way though. Hopefully it can lead to a proper dev/debug enviroment.

Sorry for that OT paragraph but anywhoo thanks for this and im sure it will help alot of users.

User Tag List

Thread: [WARN] QA: use set_token instead of write_eprom!

Tweet

LinkBack

Thread Tools

Display


	Would you like to get all the new info from PSX-Scene in your email each day? Subscribe to our Daily Digest! Want to learn more about the team keeping you up to date with the latest scene news? Read about them now! Check out our Developer bios, too!