CECHA01 + Infectus

[yayo]

Yes, keep in mind though that only the coreos (ros) areas have to be modified, the EID, metldr, bootloader, vtrm.... areas of the nor/nand have to be the one from your ps3, if they are imported from another console your ps3 won't be able to boot.

Ok thanks for the that!!
But how do you remove these areas from the dump?(i don't have one yet to look at)
And thanks for all the work you've done!
I would like to have a better understanding of the binary should be really interesting.

[boarder1042]

I think the real question is where is the pinout for the infectus. As i remember, they dropped support for the ps3 in 2009 or something once xbox jtagging became popular.

Ive contemplated about ordering one for about a year but i dont see the point if i cant connect it to the ps3.

There are waaayyyy too many models of the ps3 and i doubt the 1 pinout they have will work for all of them.

[Mistawes]

@ Boarder: Link to Infectus for PS3 NAND Pinout.

If your PS3 is a CECHA - CECHG then you want Infectus, if it's CECHH+ (newer phat or slim) then you have a NOR and wanna go that route.

[Pipo]

[quoute]Like I stated, each time you post about math, he is winning. Like Charlie Sheen winning. [/quote]

[mrdrifta]

RMS spoke about a similar procedure for nand consoles with infectus.

What was involved was dumping the nands and intergrating them via Flow rebuilder. This method was used to fix 'Wanikoko Bricks'

Once you have a full flash image, you need to op it in hex edit and search for "6F FF E0".
This is where your core_os is stored. From here you need to have an unpacked core_os from a lower firmware ie 3.41 or 3.55 and copy that into the next 7,340,000 bytes after the second "6F FF E0".

Once thats done you need to split the flash dump again and reflash it to your console. But your not done yet.

Because the hash checks in syscon still need 3.56+ hashes so you need to boot the ps3 into service mode where you reinstall the hackable firmware from pup.

Then after you exit service mode you should be able to load your now jailbreakable ps3 firmware =)

Also you have to be careful when using the infectus software. Someone in the IRC (cant remember who sorry(Xorloser and another person)) said that they were having issues with the program.
It wouldn't have the ps3 nand dumping option on the latest update. You needed to be on a lower version to keep the options. (that may need to be verified by others?)

This method was outlined back in February, Ill see if i can find the link

Links here: How to fix the Wankybrick for NAND consoles

[mrdrifta]

I think the real question is where is the pinout for the infectus. As i remember, they dropped support for the ps3 in 2009 or something once xbox jtagging became popular.

Ive contemplated about ordering one for about a year but i dont see the point if i cant connect it to the ps3.

There are waaayyyy too many models of the ps3 and i doubt the 1 pinout they have will work for all of them.

They 'dropped support' because sony changed the flash memory from NAND to NOR, therefore they could not interface with the chips via the infectus any longer

[Yo123]

Ok thanks for the that!!
But how do you remove these areas from the dump?(i don't have one yet to look at)
And thanks for all the work you've done!
I would like to have a better understanding of the binary should be really interesting.

hex editor.. binary replacement.

[Flym4n]

I was wondering, is it possible to use marcan's noralizer without chips? I'm on 3.55, but I just wonder...

And is there any reason it doesn't work for 3.6x+ versions?

Thanks a lot math, and all the other

[DeadPixel99]

Math ... isn't this the same idiot that made a youtube video with a fake 3.60 firmware mod, then disappeared for a long time so he wouldn't look like the tard he is, probably hoping people would forget? Just because you claim something with no proof just because you released trivial thing's in the past still doesn't prove you have anything.

[anos]

Nothing new, infectus downgrade was blocked by using syscon hash check, but now we got access to service mode (that skips hash checks). So you can dump your actual 3.56 NAND, save all necessary, important and univocal files (EID, a_secure_ldr etc etc) and replace them in a working 3.55 NAND dump (or if you got a previus 3.55 NAND Backup with your own files you don't need to modify it). Than you can put PS3 in Service Mode (you cannot exit from Service Mode on 3.56, but hey! we will flash 3.55!!!). Be sure PS3 it's still in Service Mode (try to use dongle after flashing too). At the reboot every hash check it's skipped, and you can restore your 3.55 or dongrade to a 3.41 than update again (to re-hash syscon)
PS: it will work with 3.56, 3.60, 3.61, 3.65 etc etc nothing can stop us from hw donwgrading