German website GameFreax has claimed to have successfully reverse engineered PS Jailbreak. They
bring out some important information that was
previously unknown. First off,PSJailbreak was apparently NOT a clone of Sony ’s JIG,
instead its a legitimate exploit that was developed. Second,we can NOT upgradePSJailbreak without the use of
additional hardware - maybe the company planned to sell another component to
upgrade the unit?Here is the translated post:
We have taken a closer look at this PSJailbreak dongle
We can confirm that the PSJailbreak is not a clone of Sony ’s “Jig” module.
PSJailbreak is a self-
developed exploit. The
chip is not a PIC18F444 but a ATMega is used with a software USB interface. This means the chip is internally capable of emulating any USB device. PSJailbreak emulates a 6 Port USB hub on which different devices will later be
connected and then
disconnected. One of
these devices has the
product:vendor ID of
Sony ’s “Jig” module,
which means this had
played a certain role
during the development of PSJailbreak role.But lets start from beginning: When the PS3 is powered on … A USB emulation device will be connected, which has a too large of a Configuration Descriptor.This Descriptor overrides
the stack with a PowerPC shellcode that gets executed. Now, various USB devices are connected to the emulation USB hub. One device has a large Descriptor with a size of 0xAD, which is part of the exploit and contains static data. A short time later (we are talking
milliseconds here) the jig module is connected, and encrypted data is transmitted to the jig
module. A few milliseconds later, the Jig module answers with 64 byte static data, all USB devices are then disconnected, and a new USB device is connected and the PS3 launches with ‘a new feature’.
PSJailbreak is NOT
software update-able.
The Update feature
which is mentioned, can be done just with
hardware modifications.
So by ‘update’ they mean ‘buy more of our stuff’
Source: gamefreax.de/psjailbreak-reverse-engineered.html
bring out some important information that was
previously unknown. First off,PSJailbreak was apparently NOT a clone of Sony ’s JIG,
instead its a legitimate exploit that was developed. Second,we can NOT upgradePSJailbreak without the use of
additional hardware - maybe the company planned to sell another component to
upgrade the unit?Here is the translated post:
We have taken a closer look at this PSJailbreak dongle
We can confirm that the PSJailbreak is not a clone of Sony ’s “Jig” module.
PSJailbreak is a self-
developed exploit. The
chip is not a PIC18F444 but a ATMega is used with a software USB interface. This means the chip is internally capable of emulating any USB device. PSJailbreak emulates a 6 Port USB hub on which different devices will later be
connected and then
disconnected. One of
these devices has the
product:vendor ID of
Sony ’s “Jig” module,
which means this had
played a certain role
during the development of PSJailbreak role.But lets start from beginning: When the PS3 is powered on … A USB emulation device will be connected, which has a too large of a Configuration Descriptor.This Descriptor overrides
the stack with a PowerPC shellcode that gets executed. Now, various USB devices are connected to the emulation USB hub. One device has a large Descriptor with a size of 0xAD, which is part of the exploit and contains static data. A short time later (we are talking
milliseconds here) the jig module is connected, and encrypted data is transmitted to the jig
module. A few milliseconds later, the Jig module answers with 64 byte static data, all USB devices are then disconnected, and a new USB device is connected and the PS3 launches with ‘a new feature’.
PSJailbreak is NOT
software update-able.
The Update feature
which is mentioned, can be done just with
hardware modifications.
So by ‘update’ they mean ‘buy more of our stuff’
Source: gamefreax.de/psjailbreak-reverse-engineered.html
