May have signed a .pkg.. Wanna test?

[numero53]

So, now you can sign self, right?
And what about the .pkg? Your friend said that seems to be ok, right?
I'm working on a encryption tool for .pkg.. but I have not much time..

EDIT: I've seen geohot's video of jailbreak.. so my work stop here for now.. (because there is no need now)

I'm working on a tool that encrypt pkg... but now I'have only quite completed the first part of the program.... the part that repack files in an huge pkg file but decrypted.. so i have only to understand the crypto algorithm.... someone would help me?

[Bayron]

@Bayron
You don't need the key with a jailbroken ps3 with Geo's pup.
You need to reverse the process of that program (by Math) and you will be able to compress and encrypt packages for that ps3.
All IMHO obviously.

It's strange nobody has released an app to do the reverse from the decrypter/Extractor then, because the code is pretty straight forward and nicely commented.

[eclips3]

What did you try?

Look, I have of course verified that the encryption works.

For example, if I take a legit retail pkg and decrypt it and then re-encrypt it again with the same key, the encrypted data is 100% identical.

You can also check the files in the pkg I provied, if you extract them with the existing tools that are available you will see that they are identical to the ones in the original debug pkg.

I verified all this with CRC and md5.

If there is anything in the created retail pkg that is wrong, it is in the header (I don't know if signing is necessary or not).

What we should do next is find some signed homebrew and put it in an encrypted retail pkg file and test it on a console with Geohot's modification.

It is the same method as used for decryption, but backwards. I will provide tools to do the encryption, with source code, but I haven't had time yet. Please have patience.

[numero53]

yes but it's quite unuseful.... geohot will release a tool soon...

[15:37] <Mathieulh> an app that repacks ? not from me
[15:37] <Mathieulh> geohot will release one though

[diesel701]

@eclips3
I'm very interested in your source code.
Have you done in c#?
I'll wait for it

[moose123]

Look, I have of course verified that the encryption works.

For example, if I take a legit retail pkg and decrypt it and then re-encrypt it again with the same key, the encrypted data is 100% identical.

You can also check the files in the pkg I provied, if you extract them with the existing tools that are available you will see that they are identical to the ones in the original debug pkg.

I verified all this with CRC and md5.

If there is anything in the created retail pkg that is wrong, it is in the header (I don't know if signing is necessary or not).

What we should do next is find some signed homebrew and put it in an encrypted retail pkg file and test it on a console with Geohot's modification.

It is the same method as used for decryption, but backwards. I will provide tools to do the encryption, with source code, but I haven't had time yet. Please have patience.

I'm pretty sure GeoHot didn't actually help us. Rather.. laid out some stepping stones if you will. His tools will only allow you to sign homebrew that runs on his "MFW". So unless someone is tweaking his update .PUP...
I thought the idea was to sign homebrew that would work on ANY console. More over I refuse to update to 3.55. I'd rather suffer the use of a dongle. Hahah. It already does what's required.

[cookie42]

A dongle isn't required.
1. Update to official 3.55
2. Install geohot's cfw pup
3. Install homebrew once it's been encrypted and signed with his tools.(BM won't work. Multiman may, but unconfirmed.)
3.???
4.Profit?

[moose123]

A dongle isn't required.
1. Update to official 3.55
2. Install geohot's cfw pup
3. Install homebrew once it's been encrypted and signed with his tools.(BM won't work. Multiman may, but unconfirmed.)
3.???
4.Profit?

No, I mean there's no point. 3.41 will already do all of that there's no need to update. I'm almost 90% sure updating at this point would be a very bad idea.

EDIT; Geohot removed the download. He did leave the source up though.

[eclips3]

Here is the source code for a little tool called dpkg2rpkg. It takes a debug pkg file, decrypts it and encrypts it again as a retail pkg file.

C | // Decrypts PS3 debug pkg files and re-encrypts th - Dpkg2rpkg

It's a simple quick hack for testing purposes only. I have only tested it on a few pkg files. It may have severe bugs. It may cause problems. You have been warned.

Normally I wouldn't release software in this state, but people keep requesting it, so take it for what it is.

Furthermore, there are a lot of things I don't know about the pkg file format, so there are many things I might have screwed up here.

With that said, feel fre to try it and modify it as you wish. I use it in 64-bit Ubuntu Linux, but it should compile on any system where ps3tools from fail0verflow compile.

[moose123]

Here is the source code for a little tool called dpkg2rpkg. It takes a debug pkg file, decrypts it and encrypts it again as a retail pkg file.

C | // Decrypts PS3 debug pkg files and re-encrypts th - Dpkg2rpkg

It's a simple quick hack for testing purposes only. I have only tested it on a few pkg files. It may have severe bugs. It may cause problems. You have been warned.

Normally I wouldn't release software in this state, but people keep requesting it, so take it for what it is.

Furthermore, there are a lot of things I don't know about the pkg file format, so there are many things I might have screwed up here. With that said, feel fre to try it and modify it as you wish. I use it in 64-bit Ubuntu Linux, but it should compile on any system where ps3tools from fail0verflow compile.

I feel quite special. Hahah. I'll give it a shot :]. Much appreciated, sir.

EDIT; Compiled on Ubuntu Linux (32bit) keeps telling me "Failed to load the package key"
I assume it wants this? "gpkg-key"?

Edit2; Nope.. I'm just stupid /fixed. It did what it was supposed too :o

Is there anyway to verify a .pkg file? I'm not sure the one for .PUP Pkg's will work, but I will try it anyway.